Scientific Linux SL5.x Security Update: Aide CVE-2007-3849 Moderate

Sep 05, 2007 •

LinuxSecurity Advisories

1 min read

Scientific Large Esm H500

Topics Covered

security advisory moderate aide security update Scientific Linux

Moderate: aide security update

Date: Wed, 5 Sep 2007 08:56:23 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux

From: Troy Dawson 
Subject: Security ERRATA for aide on SL5.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis:	Moderate: aide security update
Issue date:	2007-09-04
CVE Names:	CVE-2007-3849

A flaw was discovered in the way file checksums were stored in the AIDE
database. A packaging flaw in the Red Hat AIDE rpm resulted in the file
database not containing any file checksum information. This could prevent
AIDE from detecting certain file modifications. (CVE-2007-3849)

This update also fixes the following bugs:

* certain configurations could result in a segmentation fault upon
initialization.

* AIDE was unable to open its log file in the LSPP evaluated configuration.

* if AIDE found SELinux context differences, the changed files report it
generated only included the first 32 characters of the context.

SL 5.x

 SRPMS:
	aide-0.13.1-2.0.4.el5.src.rpm
 i386:
	aide-0.13.1-2.0.4.el5.i386.rpm
 x86_64:
	aide-0.13.1-2.0.4.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Powered By

Linux Security Footer

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Your message here