[Ksplice][Fedora-13-Updates] New updates available via Ksplice (FEDORA-2010-11462)
Greg Price
price at ksplice.com
Tue Aug 3 21:05:54 PDT 2010
Synopsis: FEDORA-2010-11462 can now be patched using Ksplice
CVEs: CVE-2010-2524
Systems running Fedora 13 can now use Ksplice to patch against the
latest Fedora security update, FEDORA-2010-11462.
INSTALLING THE UPDATES
We recommend that all Ksplice Uptrack Fedora 13 users install these
updates. You can install these updates by running:
# uptrack-upgrade -y
DESCRIPTION
* CVE-2010-2524: False CIFS mount via DNS cache poisoning
The dns_resolver upcall used by CIFS was susceptible to cache
poisoning. An unprivileged user could insert a false entry into the
keyring, and then trick the system into mounting a server of their
choosing.
SUPPORT
Ksplice support is available at support at ksplice.com or +1 765-577-5423.
More information about the Fedora-13-Updates
mailing list