drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in pwgen
Name: |
Zwei Probleme in pwgen |
|
ID: |
FEDORA-2014-16473 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 19 |
|
Datum: |
Mi, 17. Dezember 2014, 07:49 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4440
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4442 |
|
Applikationen: |
pwgen |
|
Originalnachricht |
Name : pwgen Product : Fedora 19 Version : 2.07 Release : 1.fc19 URL : http://sf.net/projects/pwgen Summary : Automatic password generation Description : pwgen generates random, meaningless but pronounceable passwords. These passwords contain either only lowercase letters, or upper and lower case, or upper case, lower case and numeric digits. Upper case letters and numeric digits are placed in a way that eases memorizing the password.
------------------------------------------------------------------------------- - Update Information:
Update to 2.07 (bug 1159526) fixes:
- CVE-2013-4440 (bug 1020222, 1020223)
- CVE-2013-4442 (bug 1020259, 1020261)
------------------------------------------------------------------------------- - ChangeLog:
* Fri Dec 5 2014 Orion Poplawski <orion@cora.nwra.com> - 2.07-1 - Update to 2.07 (bug 1159526) fixes: CVE-2013-4440 (bug 1020222, 1020223) CVE-2013-4442 (bug 1020259, 1020261) * Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.06-12 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.06-11 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Sun Aug 4 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.06-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1020220 - CVE-2013-4440 pwgen: non-tty passwords are trivially weak by default https://bugzilla.redhat.com/show_bug.cgi?id=1020220 [ 2 ] Bug #1020258 - CVE-2013-4442 pwgen: silent fallback to insecure entropy https://bugzilla.redhat.com/show_bug.cgi?id=1020258 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update pwgen' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|