Bug 366913

Summary:	[sys-fs/udev] Fedora has issued an update for udev. This fixes a vulnerability, which can be exploited by malicious users to disclose sensitive information.
Product:	Gentoo Security	Reporter:	taaroa <taaroa>
Component:	Default Configs	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://secunia.com/advisories/42451
Whiteboard:
Package list:		Runtime testing required:	---

Description taaroa 2011-05-11 18:54:58 UTC

Original Advisory
FEDORA-2010-17912:
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051755.html

see also http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html


Reproducible: Always

Steps to Reproduce:
1. see http://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html
2.
3.

Comment 1 Markos Chandras (RETIRED) gentoo-dev

2011-05-11 19:38:29 UTC

Let security team handle the bug pretty please

Comment 2 Alex Legler (RETIRED) archtester

2011-05-11 20:25:15 UTC

The issue fixed in fedora is a fedora-specific issue. We don't have any /dev/systty device.

The second link seems to be rather unrelated and does not contain any specific issue either.