Detalji

Kod programskog paketa Network Block Device (NBD), namijenjenog operacijskim sustavima Fedora 13 i 14, uočene su dvije sigurnosne ranjivosti. Network Block Device je programski paket koji omogućuje pristup blok uređajima za smještaj podataka preko TCP/IP mreže. Uočeni propusti se odnose na pojavu prepisivanja spremnika (eng. buffer overflow) prilikom obrade određenih zahtjeva. Udaljeni napadač ih može iskoristiti za pokretanje proizvoljnog programskog koda. Svim se korisnicima ranjivog paketa savjetuje pravovremena instalacija ispravljenih inačica.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-1108
2011-02-05 21:43:21
--------------------------------------------------------------------------------

Name        : nbd
Product     : Fedora 14
Version     : 2.9.20
Release     : 1.fc14
URL         : http://nbd.sourceforge.net/
Summary     : Network Block Device user-space tools (TCP version)
Description :
Tools for the Linux Kernel's network block device, allowing you to use
remote block devices over a TCP/IP network.

--------------------------------------------------------------------------------
Update Information:

- Update to 2.9.20: fix CVE-2005-3534, BZ#673562
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  4 2011 MiloÅ¥ JakubíÄ?ek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 2.9.20-1
- Update to 2.9.20: fix CVE-2005-3534, BZ#673562
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #673562 - CVE-2011-0530 NBD: CVE-2005-3534 reintroduced in upstream
nbd-v2.9.0 version
        https://bugzilla.redhat.com/show_bug.cgi?id=673562
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nbd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-1097
2011-02-05 21:43:00
--------------------------------------------------------------------------------

Name        : nbd
Product     : Fedora 13
Version     : 2.9.20
Release     : 1.fc13
URL         : http://nbd.sourceforge.net/
Summary     : Network Block Device user-space tools (TCP version)
Description :
Tools for the Linux Kernel's network block device, allowing you to use
remote block devices over a TCP/IP network.

--------------------------------------------------------------------------------
Update Information:

- Update to 2.9.20: fix CVE-2005-3534, BZ#673562
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb  4 2011 MiloÅ¥ JakubíÄ?ek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 2.9.20-1
- Update to 2.9.20: fix CVE-2005-3534, BZ#673562
* Fri Mar 26 2010 MiloÅ¥ JakubíÄ?ek <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 2.9.15-1
- Update to 2.9.15
- Remove file dep on stubs-32.h, doesn't seem to be necessary anymore
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #673562 - CVE-2011-0530 NBD: CVE-2005-3534 reintroduced in upstream
nbd-v2.9.0 version
        https://bugzilla.redhat.com/show_bug.cgi?id=673562
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nbd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Idi na vrh