Updated util-linux packages fix CVE-2014-9114
Publication date: 09 Dec 2014Modification date: 09 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9114
Description
Updated util-linux packages fix security vulnerability: Sebastian Krahmer reported a command injection flaw in blkid. This could possibly result in command execution with root privileges (CVE-2014-9114). The util-linux package has been updated to version 2.24.2 and patched to fix this issue and other bugs.
References
- https://bugs.mageia.org/show_bug.cgi?id=14727
- ftp://ftp.kernel.org/pub/linux/utils/util-linux/v2.24/v2.24.1-ReleaseNotes
- ftp://ftp.kernel.org/pub/linux/utils/util-linux/v2.24/v2.24.2-ReleaseNotes
- https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145188.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9114
SRPMS
4/core
- util-linux-2.24.2-1.mga4