drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in sysreport
| Name: |
Unsichere Verwendung temporärer Dateien in sysreport |
|
| ID: |
FEDORA-2005-1071 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora Core 4 |
|
| Datum: |
Do, 10. November 2005, 18:31 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2104 |
|
| Applikationen: |
SysReport |
|
Originalnachricht |
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1071
2005-11-10
---------------------------------------------------------------------
Product : Fedora Core 4
Name : sysreport
Version : 1.4.1
Release : 5
Summary : Gathers system hardware and configuration information.
Description :
Sysreport is a utility that gathers information about a system's
hardware and configuration. The information can then be used for
diagnostic purposes and debugging. Sysreport is commonly used to help
support technicians and developers by providing a "snapshot" of a
system's current layout.
---------------------------------------------------------------------
Update Information:
It is possible for a local attacker to cause a race
condition and trick sysreport into writing its output to a
directory the attacker can read.
The new sysreport fixes this security issue
---------------------------------------------------------------------
* Tue Jul 12 2005 Than Ngo <than@redhat.com> 1.4.1-5
- security fix #162978, CAN-2005-2104
* Fri Jun 17 2005 Than Ngo <than@redhat.com> 1.4.1-4
- fix datestamp
* Tue Jun 14 2005 Than Ngo <than@redhat.com> 1.4.1-3
- don't include sensitive data #159502
- exim/nis/cluster/inittab/maillog/shell/ipcs/nscd/udev
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
12a5bea3478280e753817be123909ef1 SRPMS/sysreport-1.4.1-5.src.rpm
817347be8397066f39154f558348c626 x86_64/sysreport-1.4.1-5.noarch.rpm
817347be8397066f39154f558348c626 i386/sysreport-1.4.1-5.noarch.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------
--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|
