U radu paketa hostapd pronađen je sigurnosni propust koji omogućava zlonamjernim korisnicima stjecanje povećanih ovlasti.
| Paket: | hostapd 0.x |
| Operacijski sustavi: | Fedora 16, Fedora 17 |
| Kritičnost: | 5 |
| Problem: | nepravilno rukovanje ovlastima |
| Iskorištavanje: | lokalno/udaljeno |
| Posljedica: | zaobilaženje postavljenih ograničenja |
| Rješenje: | programska zakrpa proizvođača |
| CVE: | CVE-2012-2389 |
| Izvorni ID preporuke: | FEDORA-2012-9137 |
| Izvor: | Fedora |
| Problem: | |
| U programskom paketu se pri instalaciji postavljaju nepravilne sigurnosne postavke. |
|
| Posljedica: | |
| Korisnici bi mogli iskoristiti propust za stjecanje povećanih ovlasti. |
|
| Rješenje: | |
| Svim se korisnicima preporuča nadogradnja. |
|
Izvorni tekst preporuke
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9137
2012-06-08 23:27:01
--------------------------------------------------------------------------------
Name : hostapd
Product : Fedora 17
Version : 0.7.3
Release : 9.fc17
URL : http://w1.fi/hostapd
Summary : IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Description :
hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.
hostapd is designed to be a "daemon" program that runs in the back-
ground and acts as the backend component controlling authentication.
hostapd supports separate frontend programs and an example text-based
frontend, hostapd_cli, is included with hostapd.
--------------------------------------------------------------------------------
Update Information:
Remove hostapd-specific runtime state directory
Fixup typo in pid file path in hostapd.service
Add BuildRequires for systemd-units
Fixup typo in configuration file path in hostapd.service
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 8 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-9
- Remove hostapd-specific runtime state directory
* Wed Jun 6 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-8
- Fixup typo in pid file path in hostapd.service
* Wed May 30 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-7
- Add BuildRequires for systemd-units
* Fri May 25 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-6
- Fixup typo in configuration file path in hostapd.service
- Tighten-up default permissions for hostapd.conf
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818800 - hostapd.service pointing to the wrong config file
https://bugzilla.redhat.com/show_bug.cgi?id=818800
[ 2 ] Bug #824661 - CVE-2012-2389 hostapd: insecure default permissions on
/etc/hostapd/hostapd.conf [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=824661
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update hostapd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-9206
2012-06-10 01:06:44
--------------------------------------------------------------------------------
Name : hostapd
Product : Fedora 16
Version : 0.7.3
Release : 9.fc16
URL : http://w1.fi/hostapd
Summary : IEEE 802.11 AP, IEEE 802.1X/WPA/WPA2/EAP/RADIUS Authenticator
Description :
hostapd is a user space daemon for access point and authentication
servers. It implements IEEE 802.11 access point management, IEEE
802.1X/WPA/WPA2/EAP Authenticators and RADIUS authentication server.
hostapd is designed to be a "daemon" program that runs in the back-
ground and acts as the backend component controlling authentication.
hostapd supports separate frontend programs and an example text-based
frontend, hostapd_cli, is included with hostapd.
--------------------------------------------------------------------------------
Update Information:
Remove hostapd-specific runtime state directory
Fixup typo in pid file path in hostapd.service
Fixup typo in configuration file path in hostapd.service
Tighten-up default permissions for hostapd.conf (CVE-2012-2389)
Add BuildRequires for systemd-units
Fixup typo in configuration file path in hostapd.service
Tighten-up default permissions for hostapd.conf (CVE-2012-2389)
--------------------------------------------------------------------------------
ChangeLog:
* Fri Jun 8 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-9
- Remove hostapd-specific runtime state directory
* Wed Jun 6 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-8
- Fixup typo in pid file path in hostapd.service
* Wed May 30 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-7
- Add BuildRequires for systemd-units
* Fri May 25 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-6
- Fixup typo in configuration file path in hostapd.service
- Tighten-up default permissions for hostapd.conf
* Tue Feb 28 2012 Jon Ciesla <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-5
- Migrate to systemd, BZ 770310.
* Wed Jan 18 2012 John W. Linville <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> - 0.7.3-4
- Add reference to sample hostapd.conf in the default installed version
- Include README-WPS from the hostapd distribution as part of the docs
* Fri Jan 13 2012 Fedora Release Engineering <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> -
0.7.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #818800 - hostapd.service pointing to the wrong config file
https://bugzilla.redhat.com/show_bug.cgi?id=818800
[ 2 ] Bug #824661 - CVE-2012-2389 hostapd: insecure default permissions on
/etc/hostapd/hostapd.conf [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=824661
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update hostapd' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke