Many thanks to Pat and team, I have applied the libuser pre-release patch on a SL 6.6 system.
The yum update is okay, but not too sure how to test the vulnerability. Did try - chfn and embedded the literals "\n xxx" to Office prompt, and that included into /etc/passwd and not regarded as control-N. Presumably this has fixed the issue. Thanks again. Regards, Peter -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 28 July 2015 08:51 To: [email protected]; [email protected] Subject: RE: libuser security update for SL 6 Many thanks, Pat, It is good to know they are forthcoming. Regards, Peter -----Original Message----- From: Patrick Riehecky [mailto:[email protected]] Sent: 28 July 2015 00:44 To: Chiu, Peter (STFC,RAL,RALSP); scientific-linux-users Subject: RE: libuser security update for SL 6 The libuser security packages (along with the rest of the 6.7 security errata) have been pushed into SL6's testing repo. A formal announcement will be forthcoming, but we are still evaluating our build of 6.7. Pat -- Pat Riehecky Scientific Linux developer Fermi National Accelerator Laboratory www.fnal.gov www.scientificlinux.org ________________________________________ From: Mailing list for Scientific Linux users worldwide [[email protected]] on behalf of Peter C. Chiu [[email protected]] Sent: Monday, July 27, 2015 11:25 AM To: scientific-linux-users Subject: [SCIENTIFIC-LINUX-USERS] libuser security update for SL 6 Hello, I wonder if there is any news on the security update on libuser for SL 6? Thanks a lot. Peter
