Fedora 12 : systemtap-1.3-3.fc12 (2010-17868)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

Fedora 13 : systemtap-1.3-3.fc13 (2010-17873)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

RHEL 4 : systemtap (RHSA-2010:0895)

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 5 / 6 : systemtap (RHSA-2010:0894)

Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

systemtap security update

CentOS Errata and Security Advisory CESA-2010:0895 Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...

Systemtap: Insecure loading of modules

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

Moderate: Red Hat Security Advisory: systemtap security update

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

systemtap security update

CentOS Errata and Security Advisory CESA-2010:0894 Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...

Systemtap: Ability to remove unused modules by unprivileged user

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

Systemtap: Insecure loading of modules

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBEOPTIONS environment variable to specify a malicious configuration file...

Important: Red Hat Security Advisory: systemtap security update

Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings,...

systemtap security update

1.2-11.0.1.el60 - rebuild without docs - remove doc/SystemTapBeginnersGuide/en-US in tarball 1.2-11 - CVE-2010-4170 - CVE-2010-4171...

PT-2010-1047 · Red Hat · Systemtap-Server +9

Name of the Vulnerable Software and Affected Versions: systemtap versions 1.1 through 1.2 systemtap-client versions 1.1 through 1.2 systemtap-initscript version 1.1 systemtap-server version 1.1 systemtap-sdt-devel version 1.1 systemtap-runtime version 1.1 systemtap-testsuite version 1.1...

PT-2010-1046 · Red Hat · Systemtap-Server +9

Name of the Vulnerable Software and Affected Versions: systemtap versions 0.6.2 through 1.3 systemtap-runtime versions 0.6.2 through 1.1 systemtap-testsuite versions 0.6.2 through 1.1 systemtap-client versions 1.1 through 1.2 systemtap-server versions 1.1 systemtap-initscript versions 1.1...

systemtap security update

0.6.2-2.3.0.1.el48.3 - Detect enterprise-release 0.6.2-2.3 - CVE-2010-4170, n/a - CVE-2010-4171...

Fedora 13 : java-1.6.0-openjdk-1.6.0.0-42.b18.fc13 (2010-12759)

S6678385, RH551835: Fixes jvm crashes when window is resized. Produces the 'expected' behavior for full screen applications, when running the Metacity window manager. PR453, OJ100142: Fix policy evaluation to match the proprietary JDK. IcedTeaNPPlugin. RH524387: javax.net.ssl.SSLKeyException: RSA...

Fedora 11 : systemtap-1.1-2.fc11 (2010-1373)

Add systemtap-1.1-cfi-cfaops-fixes.patch - Resolves RHBZ 564429 - Add systemtap-1.1-getargv.patch - Resolves CVE-2010-0411 - Add systemtap-1.1 -tighten-server-params.patch excluding testsuite - Resolves CVE-2010-0412, CVE-2009-4273 Note that Tenable Network Security has extracted the preceding...

Fedora 12 : systemtap-1.1-2.fc12 (2010-1720)

Add systemtap-1.1-cfi-cfaops-fixes.patch - Resolves RHBZ 564429 - Add systemtap-1.1-getargv.patch - Resolves CVE-2010-0411 - Add systemtap-1.1 -tighten-server-params.patch excluding testsuite - Resolves CVE-2010-0412, CVE-2009-4273 Note that Tenable Network Security has extracted the preceding...

Fedora 11 : systemtap-1.1-1.fc11 (2010-0671)

Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...

Fedora 12 : systemtap-1.1-1.fc12 (2010-0688)

Fixes CVE-2009-4273 Bugzilla 550172: https://bugzilla.redhat.com/showbug.cgi?id=CVE-2009-4273 New upstream release containing new features and bug fixes: better support for gcc 4.5 richer DWARF debuginfo, new preprocessor conditional for kernel 'CONFIG' testing, improved experimental unprivileged...