CESA-2004:056: util-linux security update
Description
Updated util-linux packages that fix an information leak in the login program are now available.
The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. In some situations, the login program could use a pointer that had been freed and reallocated. This could cause unintentional data leakage. Note: CentOS Linux 3 is not vulnerable to this issue. It is recommended that all users upgrade to these updated packages, which are not vulnerable to this issue. CentOS would like to thank Matthew Lee of Fleming College for finding and reporting this issue.
Solution(s)
- centos-upgrade-util-linux
- Lightweight Endpoint Agent
- Live Dashboards
- Real Risk Prioritization
- IT-Integrated Remediation Projects
- Cloud, Virtual, and Container Assessment
- Integrated Threat Feeds
- Easy-to-Use RESTful API
- Automation-Assisted Patching
- Automated Containment
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center