U radu programskog paketa SeaMonkey uočen je i ispravljen sigurnosni propust kojeg udaljeni napadač može iskoristiti za korištenje kompromitiranih certifikata.
Paket:
SeaMonkey 1.x
Operacijski sustavi:
CentOS
Problem:
neodgovarajuća provjera ulaznih podataka
Iskorištavanje:
udaljeno
Posljedica:
dobivanje većih privilegija, otkrivanje osjetljivih informacija
Rješenje:
programska zakrpa proizvođača
Izvorni ID preporuke:
CESA-2011:1244
Izvor:
CentOS
Problem:
Problem sigurnosti se javlja zbog pogrešnog rukovanja HTTPS certifikatima koje je izdao DigiNotar Certificate Authority.
Posljedica:
Udaljeni napadač ranjivost može iskoristiti za iskorištavanje kompromitiranih certifikata.
Rješenje:
Rješenje problema sigurnosti je korištenje dostupnih programskih nadogradnji i zakrpa.
CentOS Errata and Security Advisory CESA-2011:1244
seamonkey security update for CentOS 4 i386:
https://rhn.redhat.com/errata/RHSA-2011-1244.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
i386:
updates/i386/RPMS/seamonkey-1.0.9-74.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-chat-1.0.9-74.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-devel-1.0.9-74.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-dom-inspector-1.0.9-74.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-js-debugger-1.0.9-74.el4.centos.i386.rpm
updates/i386/RPMS/seamonkey-mail-1.0.9-74.el4.centos.i386.rpm
source:
updates/SRPMS/seamonkey-1.0.9-74.el4.centos.src.rpm
You may update your CentOS-4 i386 installations by running the command:
yum update seamonkey
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
CentOS Errata and Security Advisory CESA-2011:1244
seamonkey security update for CentOS 4 x86_64:
https://rhn.redhat.com/errata/RHSA-2011-1244.html
The following updated file has been uploaded and is currently syncing to
the mirrors:
x86_64:
updates/x86_64/RPMS/seamonkey-1.0.9-74.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-chat-1.0.9-74.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-devel-1.0.9-74.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-dom-inspector-1.0.9-74.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-js-debugger-1.0.9-74.el4.centos.x86_64.rpm
updates/x86_64/RPMS/seamonkey-mail-1.0.9-74.el4.centos.x86_64.rpm
source:
updates/SRPMS/seamonkey-1.0.9-74.el4.centos.src.rpm
You may update your CentOS-4 x86_64 installations by running the command:
yum update seamonkey
Tru
--
Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
Posljednje sigurnosne preporuke