Many thanks to Pat and team, I have applied the libuser pre-release patch on a SL 6.6 system.
The yum update is okay, but not too sure how to test the vulnerability. Did try - chfn and embedded the literals "\n xxx" to Office prompt, and that included into /etc/passwd and not regarded as control-N. Presumably this has fixed the issue. Thanks again. Regards, Peter -----Original Message----- From: owner-scientific-linux-us...@listserv.fnal.gov [mailto:owner-scientific-linux-us...@listserv.fnal.gov] On Behalf Of peter.c...@stfc.ac.uk Sent: 28 July 2015 08:51 To: riehe...@fnal.gov; scientific-linux-users@fnal.gov Subject: RE: libuser security update for SL 6 Many thanks, Pat, It is good to know they are forthcoming. Regards, Peter -----Original Message----- From: Patrick Riehecky [mailto:riehe...@fnal.gov] Sent: 28 July 2015 00:44 To: Chiu, Peter (STFC,RAL,RALSP); scientific-linux-users Subject: RE: libuser security update for SL 6 The libuser security packages (along with the rest of the 6.7 security errata) have been pushed into SL6's testing repo. A formal announcement will be forthcoming, but we are still evaluating our build of 6.7. Pat -- Pat Riehecky Scientific Linux developer Fermi National Accelerator Laboratory www.fnal.gov www.scientificlinux.org ________________________________________ From: Mailing list for Scientific Linux users worldwide [scientific-linux-us...@listserv.fnal.gov] on behalf of Peter C. Chiu [peter.c...@stfc.ac.uk] Sent: Monday, July 27, 2015 11:25 AM To: scientific-linux-users Subject: [SCIENTIFIC-LINUX-USERS] libuser security update for SL 6 Hello, I wonder if there is any news on the security update on libuser for SL 6? Thanks a lot. Peter