Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 479518 (CVE-2012-6548)

Summary: <sys-kernel/openvz-sources-2.6.32.79.4 : two vulnerabilities
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: andreis.vinogradovs, proxy-maint, pva, vserver-devs+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://secunia.com/advisories/54304/
Whiteboard: B1 [noglsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2013-08-02 13:50:43 UTC 
From ${URL} :

Description

OpenVZ has issued an update for kernel. This fixes two vulnerabilities, which can be exploited by 
malicious, local users to gain escalated privileges.

For more information:
SA54212


Solution:
Update kernel branch RHEL6 to version 042stab079.4.

Original Advisory:
OpenVZ:
http://wiki.openvz.org/Download/kernel/rhel6/042stab079.4




@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Andreis Vinogradovs ( slepnoga ) 2013-08-02 20:16:37 UTC 
version in tree
Comment 2 Andreis Vinogradovs ( slepnoga ) 2013-08-09 06:52:21 UTC 
Package is ready for stabilization.
Peter, please, stabilize.
Comment 3 Sergey Popov (RETIRED) gentoo-dev 2013-08-29 06:27:55 UTC 
2.6.32.79.{5,6} was stabilized by pva, vulnerable versions are punted from tree. Nothing for arch teams to do here...
Comment 4 Sergey Popov (RETIRED) gentoo-dev 2013-08-29 06:29:27 UTC 
We do not do GLSAs for kernels, thus - fixed