[SECURITY] Fedora 7 Update: inotify-tools-3.11-1.fc7

updates at fedoraproject.org updates at fedoraproject.org
Fri Nov 9 23:48:35 UTC 2007


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3074
2007-11-09 23:48:31.327365
--------------------------------------------------------------------------------

Name        : inotify-tools
Product     : Fedora 7
Version     : 3.11
Release     : 1.fc7
URL         : http://inotify-tools.sourceforge.net/
Summary     : Command line utilities for inotify
Description :
inotify-tools is a set of command-line programs for Linux providing
a simple interface to inotify. These programs can be used to monitor
and act upon filesystem events.

--------------------------------------------------------------------------------
Update Information:

A vulnerability has been reported in inotify-tools, which can potentially be
exploited by malicious users to compromise an application using the library.

Successful exploitation may allow the execution of arbitrary code with
privileges of the application using the affected library.

NOTE: The programs shipped with inotify-tools are reportedly not affected.

The vulnerability is reported in versions prior to 3.11.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Sep 24 2007 Dawid Gajownik <gajownik[AT]gmail.com> - 3.11-1
- Update to 3.11 (CVE-2007-5037, #299771)
- Fix License tag
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #299771 - CVE-2007-5037 inotify-tools inotifytools_snprintf() buffer overflow vulnerability
        https://bugzilla.redhat.com/show_bug.cgi?id=299771
  [ 2 ] CVE-2007-5037
        http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5037
--------------------------------------------------------------------------------
Updated packages:

2e2312863c6dacd8cce2957f781bad17c98f30da inotify-tools-devel-3.11-1.fc7.ppc64.rpm
f95157e1afc3fc63ade33c43705888d7e4f6b2ff inotify-tools-debuginfo-3.11-1.fc7.ppc64.rpm
8bc30e9362876e9b42b550a9e0244d27b5def322 inotify-tools-3.11-1.fc7.ppc64.rpm
e3ad0fa64196062ad17937aeef72afc5aae276be inotify-tools-3.11-1.fc7.i386.rpm
f672a5ab3cda48829a73a9d3448768c765f8ac1e inotify-tools-debuginfo-3.11-1.fc7.i386.rpm
62b8dec724acf521c43963ba3f70e5ef78018929 inotify-tools-devel-3.11-1.fc7.i386.rpm
e365b0a88b8c5f81adbfc448665c1294b7912cc3 inotify-tools-3.11-1.fc7.x86_64.rpm
547d36e971883a1b15f1aa72954abd09fc2bea1d inotify-tools-debuginfo-3.11-1.fc7.x86_64.rpm
39dc900b1924af6ef90e7ca0f033adb1fe0cb5c8 inotify-tools-devel-3.11-1.fc7.x86_64.rpm
fc59c2a1756120614d3ea6a765153df4fe68c641 inotify-tools-debuginfo-3.11-1.fc7.ppc.rpm
bc580b1c329c13dc157ca06e8c38d69efb7d2d4a inotify-tools-devel-3.11-1.fc7.ppc.rpm
340a5eab4e13a493cf00ba81ab5f3bfb637547b3 inotify-tools-3.11-1.fc7.ppc.rpm
85953da330a6b93607112ba57f98f985bf2de880 inotify-tools-3.11-1.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update inotify-tools' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the package-announce mailing list