drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in kdeedu (Fedora Core 4)
Name: |
Unsichere Verwendung temporärer Dateien in kdeedu (Fedora Core 4)
|
|
ID: |
FEDORA-2005-744 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora Core 4 |
|
Datum: |
Do, 18. August 2005, 13:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2101 |
|
Applikationen: |
KDE Software Compilation |
|
Originalnachricht |
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-744 2005-08-16 ---------------------------------------------------------------------
Product : Fedora Core 4 Name : kdeedu Version : 3.4.2 Release : 0.fc4.2 Summary : Educational/Edutainment applications for KDE Description : Educational/Edutainment applications for KDE
--------------------------------------------------------------------- Update Information:
Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. The script must be manually invoked.
The script uses known filenames in /tmp which allow an local attacker to overwrite files writeable by the user invoking the conversion script.
This update fixes these vulnerabilities. --------------------------------------------------------------------- * Tue Aug 9 2005 Than Ngo <than@redhat.com> 3.4.2-0.fc4.2 - apply patch to fix tempfile vulnerability, CAN-2005-2101, #165606
--------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
c67158d3b335fbc4a8f2ea525c3b72b7 SRPMS/kdeedu-3.4.2-0.fc4.2.src.rpm bd7bb376d62d379191c13e41ddacc71c ppc/kdeedu-3.4.2-0.fc4.2.ppc.rpm 0078da1ed86fb27e7cafdf7266aaf531 ppc/kdeedu-devel-3.4.2-0.fc4.2.ppc.rpm 2413132c98bd9056d83d3a36599a7a7c ppc/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.ppc.rpm ad81b18583d1c1ae12b7bb80e5f9a231 x86_64/kdeedu-3.4.2-0.fc4.2.x86_64.rpm dc9701f17f39a2b2e7557445cb643a0c x86_64/kdeedu-devel-3.4.2-0.fc4.2.x86_64.rpm 3fdfc3ac1f9b274aa23105f668669928 x86_64/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.x86_64.rpm 2dec5389a9e086cfe32bea50dfc0020f i386/kdeedu-3.4.2-0.fc4.2.i386.rpm 3fb79b0ca43b4f83b535ded7c8d6bcdb i386/kdeedu-devel-3.4.2-0.fc4.2.i386.rpm 7ac009558c5f813312dd95b9e9ef03b1 i386/debug/kdeedu-debuginfo-3.4.2-0.fc4.2.i386.rpm
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------
-- fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|