Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in dump
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in dump
ID: FEDORA-2015-1023
Distribution: Fedora
Plattformen: Fedora 21
Datum: Mi, 25. Februar 2015, 14:35
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607

Originalnachricht

Name        : dump
Product : Fedora 21
Version : 0.4
Release : 0.24.b44.fc21
URL : http://dump.sourceforge.net/
Summary : Programs for backing up and restoring ext2/ext3 filesystems
Description :
The dump package contains both dump and restore. Dump examines files
in a filesystem, determines which ones need to be backed up, and
copies those files to a specified disk, tape, or other storage medium.
The restore command performs the inverse function of dump; it can
restore a full backup of a filesystem. Subsequent incremental backups
can then be layered on top of the full backup. Single files and
directory subtrees may also be restored from full or partial backups.

Install dump if you need a system for both backing up filesystems and
restoring filesystems after backups.

-------------------------------------------------------------------------------
-
Update Information:

Security fix for CVE-2014-4607
-------------------------------------------------------------------------------
-
ChangeLog:

* Wed Dec 17 2014 Petr Hracek <phracek@redhat.com> - 1:0.4-0.24.b44
- Do not ship lzo in dump package (#1132282)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1132282 - CVE-2014-4607 dump: lzo: lzo1x_decompress_safe() integer
overflow [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1132282
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update dump' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung