drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerhafte Zugriffsrechte in grub2
| Name: |
Fehlerhafte Zugriffsrechte in grub2 |
|
| ID: |
FEDORA-2012-7579 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 16 |
|
| Datum: |
Fr, 11. Mai 2012, 06:25 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2314 |
|
Originalnachricht |
Name : grub2
Product : Fedora 16
Version : 1.99
Release : 13.fc16.3
URL : http://www.gnu.org/software/grub/
Summary : Bootloader with support for Linux, Multiboot and more
Description :
The GRand Unified Bootloader (GRUB) is a highly configurable and customizable
bootloader with modular architecture. It support rich varietyof kernel
formats,
file systems, computer architectures and hardware devices.
-------------------------------------------------------------------------------
-
Update Information:
Don't allow non-root users to view contents of /etc/grub.d (CVE-2012-2314)
-------------------------------------------------------------------------------
-
ChangeLog:
* Mon May 7 2012 Peter Jones <pjones@redhat.com> - 1.99-13.3
- Work around #819031 .
* Mon Mar 12 2012 Adam Williamson <awilliam@redhat.com> - 1:1.99-13.2
- Build with -Os for both grub2-efi and regular grub2 (complete fix for
782144) (thanks Ian Collier)
* Fri Feb 17 2012 Orion Poplawski <orion@cora.nwra.com> - 1:1.99-13.1
- Build with -Os (bug 782144)
* Thu Dec 8 2011 Adam Williamson <awilliam@redhat.com> - 1.99-13
- fix hardwired call to grub-probe in 30_os-prober (rhbz#737203)
* Mon Nov 7 2011 Peter Jones <pjones@redhat.com> - 1.99-12
- Lots of .spec fixes from Mads Kiilerich:
Remove comment about update-grub - it isn't run in any scriptlets
patch info pages so they can be installed and removed correctly when renamed
fix references to grub/grub2 renames in info pages (#743964)
update README.Fedora (#734090)
fix comments for the hack for upgrading from grub2 < 1.99-4
fix sed syntax error preventing use of $RPM_OPT_FLAGS (#704820)
make /etc/grub2*.cfg %config(noreplace)
make grub.cfg %ghost - an empty file is of no use anyway
create /etc/default/grub more like anaconda would create it (#678453)
don't create rescue entries by default - grubby will not maintain them
anyway
set GRUB_SAVEDEFAULT=true so saved defaults works (rbhz#732058)
grub2-efi should have its own bash completion
don't set gfxpayload in efi mode - backport upstream r3402
- Handle dmraid better. Resolves: rhbz#742226
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #819031 - CVE-2012-2314 anaconda: Weak permissions by writing
password configuration file in bootloader configuration module
https://bugzilla.redhat.com/show_bug.cgi?id=819031
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update grub2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
