U radu programskog paketa scsi-target-utils uočena je nova sigurnosna ranjivost. Zlonamjernim korisnicima ona omogućuje pokretanje napada uskraćivanja usluge i izvršavanje zlonamjernog progamskog koda.
Paket:
scsi-target-utils 1.x
Operacijski sustavi:
Fedora 15
Kritičnost:
3.3
Problem:
neodgovarajuće rukovanje memorijom, pogreška u programskoj funkciji
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-8890
2011-06-30 18:38:25
--------------------------------------------------------------------------------
Name : scsi-target-utils
Product : Fedora 15
Version : 1.0.18
Release : 1.fc15
URL : http://stgt.sourceforge.net/
Summary : The SCSI target daemon and utility programs
Description :
The SCSI target package contains the daemon and tools to setup a SCSI targets.
Currently, software iSCSI targets are supported.
--------------------------------------------------------------------------------
Update Information:
fix double-free vulnerability leads to pre-authenticated crash
fix iscsi target outgoing user binding broken unexpectedly
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jun 29 2011 Andy Grover <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 1.0.18-1
- Update to new upstream release
- Remove git-sync patch
* Fri Apr 29 2011 Dan HorÄ
Posljednje sigurnosne preporuke