Fedora 9: 2009-3453 Moderate: Device-Mapper-Multipath Sock Fix

device-mapper-multipath provides tools to manage multipath devices by instructing the

device-mapper multipath kernel module what to do.

The tools are :

* multipath : Scan the system for multipath devices and assemble them.

* multipathd : Detects when paths fail and execs multipath to update things.

Fix insecure permissions on multipathd.sock (CVE-2009-0115)

* Tue Apr 7 2009 Milan Broz - 0.4.8-17

- Fix insecure permissions on multipathd.sock (CVE-2009-0115)

* Mon Jun 23 2008 Benjamin Marzinski -0.4.7-16

- Fix for bz #451415

- /sbin/multipath.static in no longer a symlink to the non-static version.

However, it still dynamically loads all libraries except libsysfs.

libsysfs is now statically linked.

* Wed May 21 2008 Benjamin Marzinski -0.4.7-15

- Switch multipath to check "subsystem" instead of "bus"

- Make static versions of multipath and kpartx symlinks to non-static versions

* Fri Feb 29 2008 Tom "spot" Callaway - 0.4.7-14

- fix sparc64

- fix license tag

* Tue Feb 19 2008 Fedora Release Engineering - 0.4.7-13

- Autorebuild for GCC 4.3

* Wed Nov 14 2007 Benjamin Marzinski - 0.4.7-12

- Fixed the dist tag so building will work properly.

[ 1 ] Bug #493330 - CVE-2009-0115 device-mapper-multipath: insecure permissions on multipathd.sock

https://bugzilla.redhat.com/show_bug.cgi?id=493330

su -c 'yum update device-mapper-multipath' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/