Sigurnosni propust paketa qpid

Ispravljen je sigurnosni nedostatak programskog paketa Qpid kojeg zlonamjerni korisnici mogu iskoristiti za rušenje ranjivog programa.

Paket:	qpid 0.x
Operacijski sustavi:	CentOS
Kritičnost:	5
Problem:	pogreška u programskoj komponenti
Iskorištavanje:	udaljeno
Posljedica:	uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-2145
Izvorni ID preporuke:	2012:1269
Izvor:	CentOS

Problem:
Problemi su posljedica nepravilnog rukovanja dolaznim vezama, tj. nepostojanjem ograničenja na broj veza koje dolaze od nekog klijenta.
Posljedica:
Ranjivost je moguće iskoristiti za izvođenje napada uskraćivanjem usluge.
Rješenje:
Savjetuje se ugradnja izdane zakrpe.

Izvorni tekst preporuke

CentOS Errata and Security Advisory 2012:1269 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1269.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
293df4e212d169d2c52478b2370a4836f6e9583c04397bf087edb7a2c306946c 
python-qpid-0.14-11.el6_3.noarch.rpm
da4549ce7efea26c92b7df8e91188f561c5cd189a46ee497bce517ed34c11ef2 
python-qpid-qmf-0.14-14.el6_3.i686.rpm
c19ed1370e192a03712489857eff1fdbad8c7d5812fd7b4fed1156d0d211d57d 
qpid-cpp-client-0.14-22.el6_3.i686.rpm
187ad34dabd277e532218cb08d6d6d0746b3fe773c0462867b6a26c7f47c2d8c 
qpid-cpp-client-devel-0.14-22.el6_3.i686.rpm
fcad512736d954705997f3390a672fdb1e362b93e078a23a227e0ff7e52ca8d1 
qpid-cpp-client-devel-docs-0.14-22.el6_3.noarch.rpm
676aa2646560a854b1d66597ad777d931aa653d63aef82959add591a44e29141 
qpid-cpp-client-rdma-0.14-22.el6_3.i686.rpm
1067307efa95a62dbc53f502a547b080afaf698b46ea9baa8e0a8c4da895fd47 
qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
351b2c45b98b6632fd470ea60c35182405ba2e6bc2445bb4aaac37ab41f2307d 
qpid-cpp-server-0.14-22.el6_3.i686.rpm
760c8ec7212bd3a0775b6cf4d62e53c8c8bf6a5f87920c9c73a8753d2205734c 
qpid-cpp-server-cluster-0.14-22.el6_3.i686.rpm
0a9d3b9906dab99e86c60c1ce5d6b2977ad1b23e1d9628ee70fa2046dd8b440e 
qpid-cpp-server-devel-0.14-22.el6_3.i686.rpm
8e17fd53d67f0220bb3e8858406069b4d727c044ff89150589a7b5c9d30101e6 
qpid-cpp-server-rdma-0.14-22.el6_3.i686.rpm
9a9df61841991f2ad15ccbd2c84a41ea14a5d4b43a0358249c941abd9c016960 
qpid-cpp-server-ssl-0.14-22.el6_3.i686.rpm
dc05460b3acd710f55c04a2012f1cc20441eecf23cb1c7c8e6fdac9c3fde13c7 
qpid-cpp-server-store-0.14-22.el6_3.i686.rpm
e8a201b5fbb71f5daf26a1dbdae19200d207b856882c42283c20a121a062077d 
qpid-cpp-server-xml-0.14-22.el6_3.i686.rpm
51e2bd60d84c08d917cdd0cd9932dd064e5f6a3fa04f76b6f4394225cfd71887 
qpid-qmf-0.14-14.el6_3.i686.rpm
f98a886f92f3f5ea3737dd1a2d537be355df7f1ced42c3e2f0a59f665f03bf82 
qpid-qmf-devel-0.14-14.el6_3.i686.rpm
4e322cf51b601076ed84bb3ba735962a40397891db425b73b3130b7aacc18170 
qpid-tools-0.14-6.el6_3.noarch.rpm
f36117dff040729d7c4aa58edc2d3019293f0962e8cea6491ad0d8e602f7a0f7 
rh-qpid-cpp-tests-0.14-22.el6_3.i686.rpm
753a489ca9df4fc7352c3e0b0abd075682a13a690a94d43f51c2efe61b267f50 
ruby-qpid-qmf-0.14-14.el6_3.i686.rpm

x86_64:
fd7c205549fbd20d5c81799e72ab8af596a7faf380ee11a8d34006d497a98810 
python-qpid-0.14-11.el6_3.noarch.rpm
2d3d9cc48ab052805ed627c0e0ccb4d7d32e561c2ef82f69d2bf6a8ddf149e22 
python-qpid-qmf-0.14-14.el6_3.x86_64.rpm
c19ed1370e192a03712489857eff1fdbad8c7d5812fd7b4fed1156d0d211d57d 
qpid-cpp-client-0.14-22.el6_3.i686.rpm
5d859f4c39b0fe3f6b9303c39317fe32501b264bbdb14d7bc16a0b55575e6254 
qpid-cpp-client-0.14-22.el6_3.x86_64.rpm
8b4b685f52ec9ec567eb20cbec861679cb4d8a8850d42bbd44024027fc174f19 
qpid-cpp-client-devel-0.14-22.el6_3.x86_64.rpm
d8a5d272e8ba91e9051ff54f41477eb4680656c1c46f5b7c9dd96519d53b1c64 
qpid-cpp-client-devel-docs-0.14-22.el6_3.noarch.rpm
2fabdf4a2612ba4e0081a23e5274af4cd645661343bc74741e3a8d439ac4b511 
qpid-cpp-client-rdma-0.14-22.el6_3.x86_64.rpm
1067307efa95a62dbc53f502a547b080afaf698b46ea9baa8e0a8c4da895fd47 
qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
6dbfb209d44fd2145e75c03a842f99cf4b66866b52e256d69a607038bb9dfe05 
qpid-cpp-client-ssl-0.14-22.el6_3.x86_64.rpm
351b2c45b98b6632fd470ea60c35182405ba2e6bc2445bb4aaac37ab41f2307d 
qpid-cpp-server-0.14-22.el6_3.i686.rpm
c00684b73478a5df2f32b148865f2779571a1b7da3158a281de99256862050e2 
qpid-cpp-server-0.14-22.el6_3.x86_64.rpm
4bb00085e58b07085f38b7fcaef44448b0c40c85fa4eb7d1c1a8f69f9be32d8b 
qpid-cpp-server-cluster-0.14-22.el6_3.x86_64.rpm
0cb57bdf718fb757aedebdd76f7c5666352892996a040561518324212f0ec52f 
qpid-cpp-server-devel-0.14-22.el6_3.x86_64.rpm
813e9c55cc698d273b45b0fe24044dec721f1c67165c493fd186f08a8e393fc6 
qpid-cpp-server-rdma-0.14-22.el6_3.x86_64.rpm
5e34a457be1cb1292e680bca34eee9ddb76d1c85c97b78970341f89942a30ef0 
qpid-cpp-server-ssl-0.14-22.el6_3.x86_64.rpm
21bf901986eef25e33bfe24c693a15d0b6fe3f163a24f1e0b9fea11f70f37ddc 
qpid-cpp-server-store-0.14-22.el6_3.x86_64.rpm
9e03ed1c1e520f4dfa4f106837fb6f2d045f8b075b07fcc79707031295a7d2e9 
qpid-cpp-server-xml-0.14-22.el6_3.x86_64.rpm
51e2bd60d84c08d917cdd0cd9932dd064e5f6a3fa04f76b6f4394225cfd71887 
qpid-qmf-0.14-14.el6_3.i686.rpm
d843a28060509dc2063a88ab5a6b571d6456aa7a58d0821f2375c133db463984 
qpid-qmf-0.14-14.el6_3.x86_64.rpm
32e3c1c03a757b0016a32e2d5f28a8eabacc763276c736d00d809d8f4b88940a 
qpid-qmf-devel-0.14-14.el6_3.x86_64.rpm
871c32ff7dfa411252e253557d48d3aecd68c47706516565eb9bcc121fae92bc 
qpid-tools-0.14-6.el6_3.noarch.rpm
df65b628dd832c9461f867c73ac2cfbc895abd7c2e3602da8599153e00e2c40a 
rh-qpid-cpp-tests-0.14-22.el6_3.x86_64.rpm
f8a7bf7279add2e738b86a3b8b92766ac530c6581e3a798228113ef73f8ddfab 
ruby-qpid-qmf-0.14-14.el6_3.x86_64.rpm

Source:
dc51a331aca9dda95782dfe1b1c7b02710d5efcb7ed131e3a38b9ed738fc57c7 
python-qpid-0.14-11.el6_3.src.rpm
66c52aa3b3ff3b1745d70144f1d3182a2cae3a16e7cf24e58c6a72fb202d2fdc 
qpid-cpp-0.14-22.el6_3.src.rpm
c2506cd806ebb86f4316d619b00ccace3982d0645bebe53774acad9a0fffaef6 
qpid-qmf-0.14-14.el6_3.src.rpm
c6e8e33c7851a432ecc60e8dbf7fe04cd32ef14d1d8c66e74e30f5f04cf13788 
qpid-tools-0.14-6.el6_3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce

Sigurnosni propust paketa qpid

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Sigurnosni propust paketa qpid

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti