commit b7103bdb54dfccc57d464664243126b4df6a4271
Author: Miklos Vajna <>
Date:   Sun May 3 13:27:04 2009 +0200


diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index bfbbd55..f2dfd50 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -26,6 +26,20 @@

+               <id>596</id>
+               <date>2009-05-03</date>
+               <author>Miklos Vajna</author>
+               <package>udev</package>
+               <vulnerable>139-1</vulnerable>
+               <unaffected>141-1anacreon1</unaffected>
+               <bts></bts>
+               <cve>
+              </cve>
+               <desc>Some vulnerabilities have been reported in udev, which 
can be exploited by malicious, local users to cause a DoS (Denial of Service) 
or gain escalated privileges.
+                       1) A vulnerability is caused due to udev not properly 
verifying the credentials of received NETLINK messages. This can be exploited 
to gain escalated privileges by sending multicast NETLINK messages.
+                       2) A vulnerability is caused due to a boundary error 
within the "util_path_encode()" function in udev/lib/libudev-util.c. This can 
be exploited to cause a crash by providing specially crafted input.</desc>
+       </fsa>
+       <fsa>
<author>Miklos Vajna</author>
Frugalware-git mailing list

Reply via email to