Resolve CVE-2013-2069

Fix problem where root escalation is possible in a VM.

For more details:
http://lists.fedoraproject.org/pipermail/announce/2013-May/003157.html

Change-Id: I95013d8155d0338c4161a6cb87f02974973fcf80
changes/01/30401/1
Steven Dake 10 years ago
parent 573aba1a52
commit 8f19ddc364
  1. 3
      jeos/CentOS-6.3-x86_64-cfntools.tdl
  2. 3
      jeos/F16-i386-cfntools.tdl
  3. 3
      jeos/F16-x86_64-cfntools-openshift.tdl
  4. 3
      jeos/F16-x86_64-cfntools.tdl
  5. 3
      jeos/F17-i386-cfntools.tdl
  6. 3
      jeos/F17-x86_64-cfntools.tdl
  7. 3
      jeos/F18-i386-cfntools.tdl
  8. 3
      jeos/F18-x86_64-cfntools.tdl
  9. 3
      jeos/U10-amd64-cfntools.tdl
  10. 3
      jeos/U12.10-amd64-cfntools.tdl
  11. 3
      jeos/U12.10-i386-cfntools.tdl
  12. 3
      openshift-origin/F18-x86_64-openshift-origin-broker-cfntools.tdl
  13. 3
      openshift-origin/F18-x86_64-openshift-origin-node-cfntools.tdl

@ -10,6 +10,9 @@
</os>
<description>CentOS 6.3</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='network-config'>
cat > /etc/sysconfig/network-scripts/ifcfg-eth0 &lt;&lt; EOF
DEVICE="eth0"

@ -10,6 +10,9 @@
</os>
<description>Fedora 16</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip

@ -10,6 +10,9 @@
</os>
<description>Fedora 16 base OpenShift Install</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-boto

@ -10,6 +10,9 @@
</os>
<description>Fedora 16</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip

@ -10,6 +10,9 @@
</os>
<description>Fedora 17</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip

@ -10,6 +10,9 @@
</os>
<description>Fedora 17</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip

@ -10,6 +10,9 @@
</os>
<description>Fedora 18</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip python-boto

@ -10,6 +10,9 @@
</os>
<description>Fedora 18</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='packages'>
yum -y update fedora-release
yum -y install yum-plugin-fastestmirror cloud-init python-psutil python-pip python-boto

@ -10,6 +10,9 @@
</os>
<description>Ubuntu 10.04</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='commands'>
apt-get -y update
apt-get -y upgrade

@ -10,6 +10,9 @@
</os>
<description>Ubuntu 12.10</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='commands'>
apt-get -y update
apt-get -y upgrade

@ -10,6 +10,9 @@
</os>
<description>Ubuntu 12.10</description>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='commands'>
apt-get -y update
apt-get -y upgrade

@ -34,6 +34,9 @@ gpgcheck=0
</file>
</files>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='user'>
/usr/sbin/useradd ec2-user
echo -e 'ec2-user\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers

@ -34,6 +34,9 @@ gpgcheck=0
</file>
</files>
<commands>
<command name='lockroot'>
passwd -l root
</command>
<command name='user'>
/usr/sbin/useradd ec2-user
echo -e 'ec2-user\tALL=(ALL)\tNOPASSWD: ALL' >> /etc/sudoers

Loading…
Cancel
Save