Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Red Hat: RHSA-2007:1176-01 Critical: Autofs Remote Access Issue

red hat
Calendar Grey December 20, 2007
Dist Redhat Esm H88
Essential autofs improvement for Red Hat tackles remote file retrieval weaknesses to bolster protection.
Updated autofs packages that fix a security issue are now available for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

426218 - CVE-2007-6285 autofs default doesn't set nodev in /net

6. RPMs required:

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS: 5f5504a6ca34b5f5c1bf957d6dae5887 autofs-5.0.1-0.rc2.55.el5.2.src.rpm

i386: 2777273dbfe56fe6949958b003c7a536 autofs-5.0.1-0.rc2.55.el5.2.i386.rpm d316563c861ea92642fe9220fec3268b autofs-debuginfo-5.0.1-0.rc2.55.el5.2.i386.rpm

x86_64: 382f81f678643f3ef989007ef9023110 autofs-5.0.1-0.rc2.55.el5.2.x86_64.rpm fb511a6ab5a5acdcae2c460aa5fe95e1 autofs-debuginfo-5.0.1-0.rc2.55.el5.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: 5f5504a6ca34b5f5c1bf957d6dae5887 autofs-5.0.1-0.rc2.55.el5.2.src.rpm

i386: 2777273dbfe56fe6949958b003c7a536 autofs-5.0.1-0.rc2.55.el5.2.i386.rpm d316563c861ea92642fe9220fec3268b autofs-debuginfo-5.0.1-0.rc2.55.el5.2.i386.rpm

ia64: 7f11526720a9288b3c95193c97c02788 autofs-5.0.1-0.rc2.55.el5.2.ia64.rpm c2a6a0b39aab22452797b486f71a4cbb autofs-debuginfo-5.0.1-0.rc2.55.el5.2.ia64.rpm

ppc: d5caec9515a94c2588d8be40d3a021c3 autofs-5.0.1-0.rc2.55.el5.2.ppc.rpm 4f00e9d1b2f8d4d166bf91a013ebe7da autofs-debuginfo-5.0.1-0.rc2.55.el5.2.ppc.rpm

s390x: 2c79053af040b63b7cd835b85778df7f autofs-5.0.1-0.rc2.55.el5.2.s390x.rpm 43a0d008743fdccb6689056166b19bea autofs-debuginfo-5.0.1-0.rc2.55.el5.2.s390x.rpm

x86_64: 382f81f678643f3ef989007ef9023110 autofs-5.0.1-0.rc2.55.el5.2.x86_64.rpm fb511a6ab5a5acdcae2c460aa5fe95e1 autofs-debuginfo-5.0.1-0.rc2.55.el5.2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-6285 https://access.redhat.com/security/updates/classification#important

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:1176-01
Issue date: 2007-12-20
Updated on: 2007-12-20
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here