drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in mom
Name: |
Unsichere Verwendung temporärer Dateien in mom |
|
ID: |
FEDORA-2012-15496 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 17 |
|
Datum: |
Fr, 19. Oktober 2012, 08:35 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4480 |
|
Applikationen: |
mom |
|
Originalnachricht |
Name : mom Product : Fedora 17 Version : 0.3.0 Release : 1.fc17 URL : http://wiki.github.com/aglitke/mom Summary : Dynamically manage system resources on virtualization hosts Description : MOM is a policy-driven tool that can be used to manage overcommitment on KVM hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At a regular collection interval, data is gathered about the host and guests. Data can come from multiple sources (eg. the /proc interface, libvirt API calls, a client program connected to a guest, etc). Once collected, the data is organized for use by the policy evaluation engine. When started, MOM accepts a user-supplied overcommitment policy. This policy is regularly evaluated using the latest collected data. In response to certain conditions, the policy may trigger reconfiguration of the system’s overcommitment mechanisms. Currently MOM supports control of memory ballooning and KSM but the architecture is designed to accommodate new mechanisms such as cgroups.
------------------------------------------------------------------------------- - Update Information:
Update to mom-0.3.0 which fixes a momd security issue and includes many features for ovirt integration. ------------------------------------------------------------------------------- - ChangeLog:
* Fri Oct 5 2012 Adam Litke <agl@us.ibm.com> - 0.3.0-1 - Upgrade to version 0.3.0 - Upstream fixes CVE-2012-4480 * Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.2.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #863178 - CVE-2012-4480 mom: world-writable PID file [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=863178 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update mom' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|