Izdana je nova inačica jezgre operacijskog sustava. Nova inačica posljedica je uočenog propusta u funkciji "sctp_icmp_proto_unreachable" datoteke "net/sctp/input.c". Spomenuta ranjivost omogućuje udaljenom napadaču pokretanje napada uskraćivanja usluga slanjem ICMP (eng. Internet Control Message Protocol) poruke "unreachable" na zatvorenu priključnicu (eng. socket). Opisani postupak otvara priključnicu i aktivira izmjenu podataka u listama vezanim uz funkciju "sctp_wait_for_connect". Svim korisnicima preporučuje se nadogradnja.
CentOS Errata and Security Advisory 2011:0163 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2011-0163.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( md5sum Filename )
i386:
da5d924567161643277e3eabaac75720 kernel-2.6.18-238.1.1.el5.i686.rpm
370ccf9927ffaf11dc9064e3d25488de kernel-debug-2.6.18-238.1.1.el5.i686.rpm
457fd90c547c3ebf15e7c1e4cc99dd36
kernel-debug-devel-2.6.18-238.1.1.el5.i686.rpm
397aa0a89c2710c2c6d23d17d5389ed5 kernel-devel-2.6.18-238.1.1.el5.i686.rpm
9fa3b61d9315c33792f7257a1497e34e kernel-doc-2.6.18-238.1.1.el5.noarch.rpm
6838e100f4230b0edc4c68dfbad73ac7 kernel-headers-2.6.18-238.1.1.el5.i386.rpm
eb00bc160e1ca27a4e7f433d1de4a56d kernel-PAE-2.6.18-238.1.1.el5.i686.rpm
394a00e37df999ebe7861d590a2f44db kernel-PAE-devel-2.6.18-238.1.1.el5.i686.rpm
f88aca1f493fb3930b0f8936bdd8654d kernel-xen-2.6.18-238.1.1.el5.i686.rpm
ef2be1d0d57ac38e4587142335269919 kernel-xen-devel-2.6.18-238.1.1.el5.i686.rpm
Source:
26be81e7150443e9d7d2aec739bdc828 kernel-2.6.18-238.1.1.el5.src.rpm
--
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce
Posljednje sigurnosne preporuke