Package: dracut Version: 020-1 Severity: important Tags: security An information disclosure flaw was found in the way dracut, an initramfs root filesystem images generator, created initramfs images.
When the root filesystem contained sensitive information (password based authentication for iSCSI systems or encrypted root filesystem crypttab password information), an attacker could use this flaw to obtain this information. I haven't verified Debian packages are affected. If you want me to do it send me an email :) Reference: https://bugzilla.redhat.com/show_bug.cgi?id=859448 Patch: http://git.kernel.org/?p=boot/dracut/dracut.git;a=commit;h=e1b48995c26c4f06d1a71 Information from: http://www.openwall.com/lists/oss-security/2012/09/27/3 - Henri Salo -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
