Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Denial of Service in nfdump
Aktuelle Meldungen Distributionen
Name: Denial of Service in nfdump
ID: FEDORA-2016-54dfd21f15
Distribution: Fedora
Plattformen: Fedora 23
Datum: Di, 21. Juni 2016, 07:13
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1335204

Originalnachricht

Name        : nfdump
Product : Fedora 23
Version : 1.6.15
Release : 1.fc23
URL : https://github.com/phaag/nfdump
Summary : NetFlow collecting and processing tools
Description :
Nfdump is a set of tools to collect and process NetFlow data. It's fast and
has
a powerful filter pcap like syntax. It supports NetFlow versions v1, v5, v7, v9
and IPFIX as well as a limited set of sflow. It includes support for CISCO ASA
(NSEL) and CISCO NAT (NEL) devices which export event logging records as v9
flows. Nfdump is fully IPv6 compatible.

-------------------------------------------------------------------------------
-
Update Information:

nfdump 1.6.15 released. --- - Fix Security issue http://www.security-assessmen
t.com/files/documents/advisory/Nfdump%20nfcapd%201.6.14%20-%20Multiple%20Vulner
a
bilities.pdf - Fix obyte, opps and obps output records - Fix wrong bps type
case
in cvs output. Fix opbs ipbs typos nfdump 1.6.14 released. --- - Create
libnfdump for dynamic linking - Add -R to ModifyCompression - Add std sampler
ID
4 Bytes and allow random sampler (tag 50) - Add BZ2 compression along existing
LZ0 - Add direct write to flowtools converter ft2nfdump - Fix CentOS compile
issues with flow-tools converter - Fix FreeBSD,OpenBSD build problems - Fix
timestamp overflow in sflow.c - Fix IP Fragmentation in sflow collector - Fix
compile errors on other platforms - Fix zero alignment bug, if only half of an
extension is sent - Fix nfanon time window bug in subsequent files in -R list -
Fix CommonRecordV0Type conversion bug - Fix nfexport bug, if only one single
map
exists
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1335204 - nfdump: multiple remote denial of service
vulnerabilities
https://bugzilla.redhat.com/show_bug.cgi?id=1335204
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update nfdump' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung