Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Tue, 24 Sep 2013 22:09:30 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific LinuxFrom: Connie Sieh Subject: Security ERRATA Important: rtkit on SL6.x i386/x86_64 MIME-Version: 1.0 Synopsis: Important: rtkit security update Advisory ID: SLSA-2013:1282-1 Issue Date: 2013-09-24 CVE Numbers: CVE-2013-4326 -- It was found that RealtimeKit communicated with PolicyKit for authorization using a D-Bus API that is vulnerable to a race condition. This could have led to intended PolicyKit authorizations being bypassed. This update modifies RealtimeKit to communicate with PolicyKit via a different API that is not vulnerable to the race condition. (CVE-2013-4326) -- SL6 x86_64 rtkit-0.5-2.el6_4.x86_64.rpm rtkit-debuginfo-0.5-2.el6_4.x86_64.rpm i386 rtkit-0.5-2.el6_4.i686.rpm rtkit-debuginfo-0.5-2.el6_4.i686.rpm - Scientific Linux Development Team