New util-linux packages are available that fix a problem with /bin/login’sPAM implementation. This could, in some non-default setups, cause users toreceive credentials of other users. It is recommended that all usersupdate to the fixed packages.
The initscript distributed with the setserial package (which is not installed or enabled by default) uses predictable temporary file names, and should not be used. setserial-2.17-4 and earlier versions are affected.
A security hole has been found that does not affect the default configuration of Red Hat Linux, but can affect some custom configurations of Red Hat Linux 7.1 only. The bug is specific to the Linux 2.4 kernel series.
Several buffer overflows were found which allow an attacker to make tcpdump crash.
Sebastian Krahmer found a problem in the modprobe utility that could beexploited by local users to run arbitrary commands as root if themachine is running a kernel with kmod enabled.
50 queries. 8.75 mb Memory usage. 0.681 seconds.