Otkrivena je sigurnosna ranjivost u radu programskog paketa cyrus-imapd. Zlonamjerni korisnik ju može iskoristiti za umetanje naredbi u zaštićene sjednice.
Paket:
cyrus-imapd 2.x
Operacijski sustavi:
CentOS
Kritičnost:
3.8
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
lokalno/udaljeno
Posljedica:
umetanje proizvoljnih podataka u zaštićenu sjednicu
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-1926
Izvorni ID preporuke:
CESA-2011:0859
Izvor:
CentOS
Problem:
Ranjivost je uzrokovana pogreškom u STARTTLS implementaciji.
Posljedica:
Napadaču omogućuje umetanje naredbi u kriptirane sjednice.
CentOS Errata and Security Advisory CESA-2011:0859
cyrus-imapd security update for CentOS 4 i386:
https://rhn.redhat.com/errata/RHSA-2011-0859.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
i386:
updates/i386/RPMS/cyrus-imapd-2.2.12-15.el4_8.i386.rpm
updates/i386/RPMS/cyrus-imapd-devel-2.2.12-15.el4_8.i386.rpm
updates/i386/RPMS/cyrus-imapd-murder-2.2.12-15.el4_8.i386.rpm
updates/i386/RPMS/cyrus-imapd-nntp-2.2.12-15.el4_8.i386.rpm
updates/i386/RPMS/cyrus-imapd-utils-2.2.12-15.el4_8.i386.rpm
updates/i386/RPMS/perl-Cyrus-2.2.12-15.el4_8.i386.rpm
source:
updates/SRPMS/cyrus-imapd-2.2.12-15.el4_8.src.rpm
You may update your CentOS-4 i386 installations by running the command:
yum update cyrus-imapd
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
CentOS Errata and Security Advisory CESA-2011:0859
cyrus-imapd security update for CentOS 4 x86_64:
https://rhn.redhat.com/errata/RHSA-2011-0859.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
x86_64:
updates/x86_64/RPMS/cyrus-imapd-2.2.12-15.el4_8.x86_64.rpm
updates/x86_64/RPMS/cyrus-imapd-devel-2.2.12-15.el4_8.x86_64.rpm
updates/x86_64/RPMS/cyrus-imapd-murder-2.2.12-15.el4_8.x86_64.rpm
updates/x86_64/RPMS/cyrus-imapd-nntp-2.2.12-15.el4_8.x86_64.rpm
updates/x86_64/RPMS/cyrus-imapd-utils-2.2.12-15.el4_8.x86_64.rpm
updates/x86_64/RPMS/perl-Cyrus-2.2.12-15.el4_8.x86_64.rpm
source:
updates/SRPMS/cyrus-imapd-2.2.12-15.el4_8.src.rpm
You may update your CentOS-4 x86_64 installations by running the command:
yum update cyrus-imapd
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
Posljednje sigurnosne preporuke