The ipmitool package contains a command line utility for interfacing withdevices that support the Intelligent Platform Management Interface (IPMI)specification. IPMI is an open standard for machine health, inventory, andremote power control.It was discovered that the IPMI event daemon (ipmievd) created its processID (PID) file with world-writable permissions. A local user could use thisflaw to make the ipmievd init script kill an arbitrary process when theipmievd daemon is stopped or restarted. (CVE-2011-4339)All users of ipmitool are advised to upgrade to this updated package, whichcontains a backported patch to correct this issue. After installing thisupdate, the IPMI event daemon (ipmievd) will be restarted automatically.