U radu programskog paketa ypserv, distribuiranog s operacijskim sustavom Fedora 18, uočen je sigurnosi propust. Zasad nisu poznate informacije o mogućoj zlouporabi.
Paket:
ypserv 2.x
Operacijski sustavi:
Fedora 18
Problem:
neodgovarajuće rukovanje memorijom
Iskorištavanje:
lokalno/udaljeno
Posljedica:
uskraćivanje usluga (DoS)
Rješenje:
programska zakrpa proizvođača
Izvorni ID preporuke:
FEDORA-2012-13225
Izvor:
Fedora
Problem:
Propust se očituje u višestrukim curenjima memorije (eng. memory leak).
Posljedica:
Trenutno nema podataka o mogućnostima eventualne zlouporabe.
Rješenje:
Korisnicima se savjetuje instalacija odgovarajuće nadogradnje.
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-13225
2012-09-03 17:18:47
--------------------------------------------------------------------------------
Name : ypserv
Product : Fedora 18
Version : 2.29
Release : 1.fc18
URL : http://www.linux-nis.org/nis/ypserv/index.html
Summary : The NIS (Network Information Service) server
Description :
The Network Information Service (NIS) is a system that provides
network information (login names, passwords, home directories, group
information) to all of the machines on a network. NIS can allow users
to log in on any machine on the network, as long as the machine has
the NIS client programs running and the user's password is recorded in
the NIS passwd database. NIS was formerly known as Sun Yellow Pages
(YP).
This package provides the NIS server, which will need to be running on
your network. NIS clients do not need to be running the server.
Install ypserv if you need an NIS server for your network. You also
need to install the yp-tools and ypbind packages on any NIS client
machines.
--------------------------------------------------------------------------------
Update Information:
This is an update to a new upstream release that fixes several memory leaks
considered as a security issue.
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #853785 - ypserv-2.29 is available
https://bugzilla.redhat.com/show_bug.cgi?id=853785
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update ypserv' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Posljednje sigurnosne preporuke