[SECURITY] Fedora 7 Update: autofs-5.0.1-31

updates at fedoraproject.org updates at fedoraproject.org
Fri Dec 21 21:10:57 UTC 2007


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-4709
2007-12-21 17:57:42
--------------------------------------------------------------------------------

Name        : autofs
Product     : Fedora 7
Version     : 5.0.1
Release     : 31
URL         : http://wiki.autofs.net/
Summary     : A tool for automatically mounting and unmounting filesystems
Description :
autofs is a daemon which automatically mounts filesystems when you use
them, and unmounts them later when you are not using them.  This can
include network filesystems, CD-ROMs, floppies, and so forth.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Dec 21 2007 Ian Kent <ikent at redhat.com> - 5.0.1-31
- Bug 426399: CVE-2007-6285 autofs default doesn't set nodev in /net [f7]
  - use mount option "nodev" for "-hosts" map unless "dev" is explicily specified.
* Tue Dec 18 2007 Ian Kent <ikent at redhat.com> - 5.0.1-30
- Bug 397591 SELinux is preventing /sbin/rpc.statd (rpcd_t) "search" to <Unknown> (sysctl_fs_t).
  - prevent fork between fd open and setting of FD_CLOEXEC.
* Thu Dec 13 2007 Ian Kent <ikent at redhat.com> - 5.0.1-29
- Bug 421351: CVE-2007-5964 autofs defaults don't restrict suid in /net [f7]
  - use mount option "nosuid" for "-hosts" map unless "suid" is explicily specified.
* Wed Sep  5 2007 Ian Kent <ikent at redhat.com> - 5.0.1-28
- add ldaps support (required by schema discovery).
- add back LDAP schema discovery if no schema is configured.
* Tue Aug 28 2007 Ian Kent <ikent at redhat.com> - 5.0.1-26
- fix "nosymlink" option handling and add desription to man page.
- update patch to prevent failure on empty master map. 
- if there's no "automount" entry in nsswitch.conf use "files" source.
- add LDAP schema discovery if no schema is configured.
* Tue Aug 21 2007 Ian Kent <ikent at redhat.com> - 5.0.1-25
- change random multiple server selection option name to be consistent
  with upstream naming.
* Tue Aug 21 2007 Ian Kent <ikent at redhat.com> - 5.0.1-24
- don't fail on empty master map.
- allow for older schemas that allow "*" as a key value.
- add support for the "%" hack for case insensitive attribute schemas.
* Mon Jul 30 2007 Ian Kent <ikent at redhat.com> - 5.0.1-23
- mark map instances stale so they aren't "cleaned" during updates.
- fix large file compile time option.
* Fri Jul 27 2007 Ian Kent <ikent at redhat.com> - 5.0.1-22
- fix version passed to get_supported_ver_and_cost (bz 249574).
* Tue Jul 24 2007 Ian Kent <ikent at redhat.com> - 5.0.1-21
- fix parse confusion between attribute and attribute value.
* Fri Jul 20 2007 Ian Kent <ikent at redhat.com> - 5.0.1-20
- fix handling of quoted slash alone (bz 248943).
* Wed Jul 18 2007 Ian Kent <ikent at redhat.com> - 5.0.1-19
- fix wait time resolution in alarm and state queue handlers (bz 247711).
* Mon Jul 16 2007 Ian Kent <ikent at redhat.com> - 5.0.1-18
- correct man page of patch which added mount options append control.
* Mon Jul 16 2007 Ian Kent <ikent at redhat.com> - 5.0.1-17
- fix mount point directory creation for bind mounts.
- add quoting for exports gathered by hosts map.
* Thu Jun  7 2007 Ian Kent <ikent at redhat.com> - 5.0.1-13
- fix deadlock in alarm manager module.
* Sun Jun  3 2007 Ian Kent <ikent at redhat.com> - 5.0.1-11
- correct mistake in logic test in wildcard lookup.
* Mon May  7 2007 Ian Kent <ikent at redhat.com> - 5.0.1-10
- fix master map lexer to admit "." in macro values.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #426399 - CVE-2007-6285 autofs default doesn't set nodev in /net [f7]
        https://bugzilla.redhat.com/show_bug.cgi?id=426399
--------------------------------------------------------------------------------
Updated packages:

128a3cf695f9c6662f9e474f833af528208182b7 autofs-debuginfo-5.0.1-31.ppc64.rpm
fc3114f874372d841b08ccee8287f631253454a8 autofs-5.0.1-31.ppc64.rpm
fa139fe88f913d4baaeea0906362776714098254 autofs-5.0.1-31.i386.rpm
58433c1470b32faf39b9c8dd3419907b2f1bc164 autofs-debuginfo-5.0.1-31.i386.rpm
8e5583a88125b5cc1de040ec7a37b57a5f014ae3 autofs-debuginfo-5.0.1-31.x86_64.rpm
f4693139aadd71c37002548da618bc6096936bca autofs-5.0.1-31.x86_64.rpm
fd72d964299f2476244c46d7217016a4a477ae0c autofs-debuginfo-5.0.1-31.ppc.rpm
86f8116cd5906ead13d350e5455cbfb1a8eb46dd autofs-5.0.1-31.ppc.rpm
a47e9f37124f13bc7b720df5f6118a69e78ee329 autofs-5.0.1-31.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update autofs' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------




More information about the package-announce mailing list