U radu programskog paketa kstars zabilježena je sigurnosna ranjivost. Udaljeni napadač može doći do osjetljivih informacija uz pomoć neispravnih certifikata.
Paket:
Operacijski sustavi:
Fedora 16
Kritičnost:
5
Problem:
neodgovarajuća provjera ulaznih podataka, pogreška u programskoj komponenti
Iskorištavanje:
udaljeno
Posljedica:
otkrivanje osjetljivih informacija
Rješenje:
programska zakrpa proizvođača
CVE:
CVE-2011-3365
Izvorni ID preporuke:
FEDORA-2011-13417
Izvor:
Fedora
Problem:
Problem se javlja mogućnosti lažiranja SSL certifikata.
Posljedica:
Udaljeni napadač može dobiti osjetljive podatke od korisnika.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-13417
2011-09-28 18:43:50
--------------------------------------------------------------------------------
Name : kstars
Product : Fedora 16
Version : 4.7.1
Release : 3.fc16
URL : http://edu.kde.org/kstars
Summary : Desktop Planetarium
Description :
KStars is a Desktop Planetarium. It provides an accurate graphical
simulation of the night sky, from any location on Earth, at any date and
time. The display includes up to 100 million stars, 13,000 deep-sky objects,
all 8 planets, the Sun and Moon, and thousands of comets and asteroids.
--------------------------------------------------------------------------------
Update Information:
KDE Workspaces, Applications, and Development Platform 4.7.1 bugfix release,
see also:
http://kde.org/announcements/announce-4.7.1.php
This batch also includes split packaging for kdeedu-related rpms.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #717115 - Use /etc/login.defs to define a 'system' account instead
of hard-coding 500 (kde-settings)
https://bugzilla.redhat.com/show_bug.cgi?id=717115
[ 2 ] Bug #723987 - "The service Printer Configuration does not provide an
interface KCModule...".
https://bugzilla.redhat.com/show_bug.cgi?id=723987
[ 3 ] Bug #732830 - Use /etc/login.defs to define a 'system' account instead
of hard-coding 500 (kdebase-workspace)
https://bugzilla.redhat.com/show_bug.cgi?id=732830
[ 4 ] Bug #739642 - [abrt] kdeutils-printer-applet-4.7.0-1.fc16:
monitor.py:394:get_notifications:KeyError: 'job-originating-user-name'
https://bugzilla.redhat.com/show_bug.cgi?id=739642
[ 5 ] Bug #740676 - Default Plasma desktop is blank, doesn't show liveinst on
live CD
https://bugzilla.redhat.com/show_bug.cgi?id=740676
[ 6 ] Bug #743056 - CVE-2011-3365 kdelibs: input validation failure in KSSL
[fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=743056
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update kstars' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke