Otkrivena su dva sigurnosna nedostatka u radu programskog paketa SeaMonkey, a iskoristiti ih mogu udaljeni napadači kako bi izveli DoS napad i pokrenuli proizvoljni programski kod.
Paket:
SeaMonkey 1.x
Operacijski sustavi:
CentOS
Kritičnost:
6.8
Problem:
korupcija memorije
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-2982, CVE-2011-2983
Izvorni ID preporuke:
CESA-2011:1167
Izvor:
CentOS
Problem:
Otkriveni nedostaci su uzrokovani greškama pri obradi određenih web elemenata i JavaScript koda.
Posljedica:
Nedostaci se mogu iskoristiti udaljeno za izvođenje DoS napada i pokretanje proizvoljnog programskog koda.
Rješenje:
Svim korisnicima se savjetuje korištenje odgovarajućih programskih zakrpi.
CentOS Errata and Security Advisory CESA-2011:1167
seamonkey security update for CentOS 4 i386:
https://rhn.redhat.com/errata/RHSA-2011-1167.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
i386:
updates/i386/RPMS/seamonkey-1.0.9-72.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-chat-1.0.9-72.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-devel-1.0.9-72.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-dom-inspector-1.0.9-72.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-js-debugger-1.0.9-72.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-mail-1.0.9-72.el4.centos.i386.rpm
source:
updates/SRPMS/seamonkey-1.0.9-72.el4.centos.src.rpm
You may update your CentOS-4 i386 installations by running the command:
yum update seamonkey
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
CentOS Errata and Security Advisory CESA-2011:1167
seamonkey security update for CentOS 4 x86_64:
https://rhn.redhat.com/errata/RHSA-2011-1167.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
x86_64:
updates/x86_64/RPMS/seamonkey-1.0.9-72.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-chat-1.0.9-72.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-devel-1.0.9-72.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-dom-inspector-1.0.9-72.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-js-debugger-1.0.9-72.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-mail-1.0.9-72.el4.centos.x86_64.rpm
source:
updates/SRPMS/seamonkey-1.0.9-72.el4.centos.src.rpm
You may update your CentOS-4 x86_64 installations by running the command:
yum update seamonkey
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
Posljednje sigurnosne preporuke