[SECURITY] Fedora 17 Update: sectool-0.9.5-7.fc17

updates at fedoraproject.org updates at fedoraproject.org
Sat May 26 07:47:12 UTC 2012


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-6334
2012-04-21 20:57:35
--------------------------------------------------------------------------------

Name        : sectool
Product     : Fedora 17
Version     : 0.9.5
Release     : 7.fc17
URL         : https://hosted.fedoraproject.org/sectool/wiki/WikiStart
Summary     : A security audit system and intrusion detection system
Description :
sectool is a security tool that can be used both as a security audit
and intrusion detection system. It consists of set of tests, library
and command line interface tool. Tests are sorted into groups and security
levels. Admins can run certain tests, groups or whole security levels.
The library and the tools are implemented in python and tests are
language independent.

--------------------------------------------------------------------------------
Update Information:

Fixing dbus config privilege escalation
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  3 2012 Peter Vrabec <pvrabec at redhat.com> - 0.9.5-7
- fixing dbus config privilege escalation (#809437)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #809437 - CVE-2012-1615 Merely installing sectool grants some permissions to users?
        https://bugzilla.redhat.com/show_bug.cgi?id=809437
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update sectool' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list