====================================================================                   Red Hat Security Advisory

Synopsis:          Low: util-linux security and bug fix update
Advisory ID:       RHSA-2009:0981-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-0981.html
Issue date:        2009-05-18
Keywords:          mount nfs fdisk login audit
CVE Names:         CVE-2008-1926 
====================================================================
1. Summary:

An updated util-linux package that fixes one security issue and several
bugs is now available.

This update has been rated as having low security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Description:

The util-linux package contains a collection of basic system utilities,
such as fdisk and mount.

A log injection attack was found in util-linux when logging log in attempts
via the audit subsystem of the Linux kernel. A remote attacker could use
this flaw to modify certain parts of logged events, possibly hiding their
activities on a system. (CVE-2008-1926)

This updated package also fixes the following bugs:

* partitions created by VMware ESX