drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in pcp
Name: |
Unsichere Verwendung temporärer Dateien in pcp |
|
ID: |
FEDORA-2012-20223 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 17 |
|
Datum: |
Do, 20. Dezember 2012, 09:13 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5530 |
|
Applikationen: |
Performance Co-Pilot |
|
Originalnachricht |
Name : pcp Product : Fedora 17 Version : 3.6.10 Release : 2.fc17 URL : http://oss.sgi.com/projects/pcp Summary : System-level performance monitoring and performance management Description : Performance Co-Pilot (PCP) provides a framework and services to support system-level performance monitoring and performance management.
The PCP open source release provides a unifying abstraction for all of the interesting performance data in a system, and allows client applications to easily retrieve and process any subset of that data.
------------------------------------------------------------------------------- - Update Information:
Fix functional regressions from recent tmpfile security fixes ------------------------------------------------------------------------------- - ChangeLog:
* Wed Nov 28 2012 Nathan Scott <nathans@redhat.com> - 3.6.10-2 - Ensure tmpfile directories created in %files section. - Resolve tmpfile create/teardown race conditions. * Mon Nov 19 2012 Nathan Scott <nathans@redhat.com> - 3.6.10-1 - Update to latest PCP sources. - Resolve tmpfile security flaws: CVE-2012-5530 - Introduces new "pcp" user account for all daemons to use. * Fri Oct 12 2012 Nathan Scott <nathans@redhat.com> - 3.6.9-1 - Update to latest PCP sources. - Fix pmcd sigsegv in NUMA/CPU indom setup (BZ 858384) - Fix sar2pcp uninitialised perl variable warning (BZ 859117) - Fix pcp.py and pmcollectl with older python versions (BZ 852234) * Fri Sep 14 2012 Nathan Scott <nathans@redhat.com> - 3.6.8-1 - Update to latest PCP sources. * Wed Sep 5 2012 Nathan Scott <nathans@redhat.com> - 3.6.6-1.1 - Move configure step from prep to build section of spec (BZ 854128) * Tue Aug 28 2012 Mark Goodwin <mgoodwin@redhat.com> - 3.6.6-1 - Update to latest PCP sources, see installed CHANGELOG for details. - Introduces new python-pcp and pcp-testsuite sub-packages. * Thu Aug 16 2012 Mark Goodwin <mgoodwin@redhat.com> - 3.6.5-1 - Update to latest PCP sources, see installed CHANGELOG for details. - Fix security flaws: CVE-2012-3418 CVE-2012-3419 CVE-2012-3420 and CVE-2012-3421 (BZ 848629) * Thu Jul 19 2012 Mark Goodwin <mgoodwin@redhat.com> - pmcd and pmlogger services are not supposed to be enabled by default (BZ 840763) - 3.6.3-1.3 * Thu Jun 21 2012 Mark Goodwin <mgoodwin@redhat.com> - remove pcp-import-sheet2pcp subpackage due to missing deps (BZ 830923) - 3.6.3-1.2 * Fri May 18 2012 Dan Hork <dan[at]danny.cz> - 3.6.3-1.1 - fix build on s390x * Mon Apr 30 2012 Mark Goodwin - 3.6.3-1 - Update to latest PCP sources * Thu Apr 26 2012 Mark Goodwin - 3.6.2-1 - Update to latest PCP sources * Thu Apr 12 2012 Mark Goodwin - 3.6.1-1 - Update to latest PCP sources * Thu Mar 22 2012 Mark Goodwin - 3.6.0-1 - use CFLAGS="${CFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic}" ; export CFLAGS ; CXXFLAGS="${CXXFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic}" ; export CXXFLAGS ; FFLAGS="${FFLAGS:--O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -I/usr/lib64/gfortran/modules}" ; export FFLAGS ; LDFLAGS="${LDFLAGS:--Wl,-z,relro }"; export LDFLAGS; ./configure --build=x86_64-redhat-linux-gnu --host=x86_64-redhat-linux-gnu \ --program-prefix= \ --disable-dependency-tracking \ --prefix=/usr \ --exec-prefix=/usr \ --bindir=/usr/bin \ --sbindir=/usr/sbin \ --sysconfdir=/etc \ --datadir=/usr/share \ --includedir=/usr/include \ --libdir=/usr/lib64 \ --libexecdir=/usr/libexec \ --localstatedir=/var \ --sharedstatedir=/var/lib \ --mandir=/usr/share/man \ --infodir=/usr/share/info macro for correct libdir logic - update to latest PCP sources ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update pcp' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|