Summary: | sys-apps/kexec-tools Multiple security flaws by management of kdump core files and ramdisk images (CVE-2011-{3588,3589,3590}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Michael Harrison <n0idx80> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | minor | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=716439 | ||
Whiteboard: | B4 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
Michael Harrison
2011-10-05 07:15:17 UTC
Changed CVE per: http://www.openwall.com/lists/oss-security/2011/10/10/1 I am pretty sure this doesn't apply to us. We don't have any support for kdump through initscripts. Could someone please cross check that this is really only about the redhat/fedora init scripts of kdump? This only applies to redhat/fedora and kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209. None of these are in Portage. Per previous comment we do not even support the initscripts referenced in RHEL. |