RHSA-2010:0679: Moderate: rpm security and bug fix update

First published: Tue Sep 07 2010(Updated: )

The RPM Package Manager (RPM) is a command line driven package management<br>system capable of installing, uninstalling, verifying, querying, and<br>updating software packages.<br>It was discovered that RPM did not remove setuid and setgid bits set on<br>binaries when upgrading packages. A local attacker able to create hard<br>links to binaries could use this flaw to keep those binaries on the system,<br>at a specific version level and with the setuid or setgid bit set, even if<br>the package providing them was upgraded by a system administrator. This<br>could have security implications if a package was upgraded because of a<br>security flaw in a setuid or setgid program. (CVE-2010-2059)<br>This update also fixes the following bug:<br><li> A memory leak in the communication between RPM and the Security-Enhanced</li> Linux (SELinux) subsystem, which could have caused extensive memory<br>consumption. In reported cases, this issue was triggered by running<br>rhn_check when errata were scheduled to be applied. (BZ#627630)<br>All users of rpm are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/redhat-errata
• anchor-id/RHSA-2010:0679
• agent/references
• agent/title
• agent/severity
• agent/description
• agent/tags
• agent/type
• agent/event
• agent/remedy
• agent/softwarecombine
• agent/first-publish-date
• agent/last-modified-date
• package-manager/redhat