Fedora 14 : lvm2-2.02.73-1.fc14 (2010-13239)
Medium Nessus Plugin ID 49074
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis update fixes some minor problems as listed in the changelog. To improve performance, Logical Volumes will be aligned at 1MB boundaries by default now on any newly-created Physical Volumes that don't report a preferred alignment to the O/S. This update addresses a security problem when using the clustered LVM daemon clvmd from the package lvm2-cluster on systems where you have non-root users. The lvm2 package on its own is not vulnerable to this problem but if you are using lvm2-cluster you must update both together. Further details are given in the Red Hat Bugzilla:
https://bugzilla.redhat.com/CVE-2010-2526 After updating the packages, make sure that clvmd restarted itself. This update also includes several other important bug fixes - see the detailed changelog.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected lvm2 package.