Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zwei Probleme in mailx
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in mailx
ID: FEDORA-2014-17245
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 4. Januar 2015, 12:51
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2771
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7844

Originalnachricht

Name        : mailx
Product : Fedora 20
Version : 12.5
Release : 11.fc20
URL : http://heirloom.sourceforge.net/mailx.html
Summary : Enhanced implementation of the mailx command
Description :
Mailx is an enhanced mail command, which provides the functionality
of the POSIX mailx command, as well as SysV mail and Berkeley Mail
(from which it is derived).

Additionally to the POSIX features, mailx can work with Maildir/ e-mail
storage format (as well as mailboxes), supports IMAP, POP3 and SMTP
protocols (including over SSL) to operate with remote hosts, handles mime
types and different charsets. There are a lot of other useful features,
see mailx(1).

And as its ancient analogues, mailx can be used as a mail script language,
both for sending and receiving mail.

Besides the "mailx" command, this package provides "mail" and
"Mail"
(which should be compatible with its predecessors from the mailx-8.x source),
as well as "nail" (the initial name of this project).

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2004-2771, CVE-2014-7844
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Dec 17 2014 jchaloup <jchaloup@redhat.com> - 12.5-11
- Security fix for CVE-2004-2771, CVE-2014-7844
resolves: #1174903
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1162783 - CVE-2004-2771 CVE-2014-7844 mailx: command execution
flaw
https://bugzilla.redhat.com/show_bug.cgi?id=1162783
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update mailx' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung