Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 479518 (CVE-2012-6548) - <sys-kernel/openvz-sources-2.6.32.79.4 : two vulnerabilities
Summary: <sys-kernel/openvz-sources-2.6.32.79.4 : two vulnerabilities
Status: RESOLVED FIXED
Alias: CVE-2012-6548
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://secunia.com/advisories/54304/
Whiteboard: B1 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2013-08-02 13:50 UTC by Agostino Sarubbo
Modified: 2013-08-29 06:29 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2013-08-02 13:50:43 UTC
From ${URL} :

Description

OpenVZ has issued an update for kernel. This fixes two vulnerabilities, which can be exploited by 
malicious, local users to gain escalated privileges.

For more information:
SA54212


Solution:
Update kernel branch RHEL6 to version 042stab079.4.

Original Advisory:
OpenVZ:
http://wiki.openvz.org/Download/kernel/rhel6/042stab079.4




@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Andreis Vinogradovs ( slepnoga ) 2013-08-02 20:16:37 UTC
version in tree
Comment 2 Andreis Vinogradovs ( slepnoga ) 2013-08-09 06:52:21 UTC
Package is ready for stabilization.
Peter, please, stabilize.
Comment 3 Sergey Popov gentoo-dev 2013-08-29 06:27:55 UTC
2.6.32.79.{5,6} was stabilized by pva, vulnerable versions are punted from tree. Nothing for arch teams to do here...
Comment 4 Sergey Popov gentoo-dev 2013-08-29 06:29:27 UTC
We do not do GLSAs for kernels, thus - fixed