From Mageia wiki
Jump to: navigation, search

MGASA-2012-0234-2

Date: August 30th, 2012
Affected releases: 1


Description:
Updated udisks packages fix security vulnerability:

Sebastian Krahmer reported that the udisks service (via D-BUS) could
be used to load arbitrary Linux kernel modules (CVE-2010-4661).

Update August 30th, 2012:
The earlier fix for this CVE broke support for ntfs mounting,
which this update now corrects.


Updated Packages:
udisks-1.0.2-3.2.mga1
udisks-devel-1.0.2-3.2.mga1


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4661
http://lists.opensuse.org/opensuse-updates/2011-04/msg00082.html
https://bugs.mageia.org/show_bug.cgi?id=7073
https://bugs.mageia.org/show_bug.cgi?id=7221