libgssapi/libgssglue 'GSSAPI_MECH_CONF'环境变量本地权限提升漏洞

目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：

http://lwn.net/Alerts/449415/

来源: www.citi.umich.edu

链接:http://www.citi.umich.edu/projects/nfsv4/linux/libgssglue/libgssglue-0.4.tar.gz

来源: bugzilla.novell.com

链接:https://bugzilla.novell.com/show_bug.cgi?id=694598

来源: BID

名称: 48490

链接:http://www.securityfocus.com/bid/48490

来源: MLIST

名称: [oss-security] 20110812 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization

链接:http://www.openwall.com/lists/oss-security/2011/08/12/10

来源: MLIST

名称: [oss-security] 20110722 Re: CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization

链接:http://www.openwall.com/lists/oss-security/2011/07/22/4

来源: MLIST

名称: [oss-security] 20110721 CVE Request -- libgssapi, libgssglue -- Ability to load untrusted configuration file, when loading GSS mechanisms and their definitions during initialization

链接:http://www.openwall.com/lists/oss-security/2011/07/21/3

来源: SECUNIA

名称: 45075

链接:http://secunia.com/advisories/45075

来源: SUSE

名称: SUSE-SU-2011:0696

链接:http://lwn.net/Alerts/449415/

来源: FEDORA

名称: FEDORA-2012-7971

链接:http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082297.html

来源: FEDORA

名称: FEDORA-2012-8067

链接:http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082072.html