U radu programskog paketa Dovecot, distribuiranog s operacijskim sustavom CentOS, uočen je sigurnosni propust. Taj propust udaljenom napadaču omogućuje pokretanje DoS (eng. Denial of Service) napada.
Paket:
Dovecot 1.x
Operacijski sustavi:
CentOS
Kritičnost:
3.7
Problem:
pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-1929
Izvorni ID preporuke:
CESA-2011:1187
Izvor:
CentOS
Problem:
Problem sigurnosti je posljedica pogrešnog rukovanja '\0' znakovima u datoteci "lib-mail/message-header-parser.c".
Posljedica:
Udaljeni napadač navedenu ranjivost može iskoristiti za napad uskraćivanjem usluga (DoS).
Rješenje:
Rješenje problema sigurnosti je korištenje dostupnih programskih nadogradnji.
CentOS Errata and Security Advisory CESA-2011:1187
dovecot security update for CentOS 4 i386:
https://rhn.redhat.com/errata/RHSA-2011-1187.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
i386:
updates/i386/RPMS/dovecot-0.99.11-10.EL4.i386.rpm
source:
updates/SRPMS/dovecot-0.99.11-10.EL4.src.rpm
You may update your CentOS-4 i386 installations by running the command:
yum update dovecot
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
CentOS Errata and Security Advisory CESA-2011:1187
dovecot security update for CentOS 4 x86_64:
https://rhn.redhat.com/errata/RHSA-2011-1187.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
x86_64:
updates/x86_64/RPMS/dovecot-0.99.11-10.EL4.x86_64.rpm
source:
updates/SRPMS/dovecot-0.99.11-10.EL4.src.rpm
You may update your CentOS-4 x86_64 installations by running the command:
yum update dovecot
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
Posljednje sigurnosne preporuke