drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Rechteprüfung in krb5-appl
Name: |
Mangelnde Rechteprüfung in krb5-appl |
|
ID: |
FEDORA-2011-9109 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 14 |
|
Datum: |
Fr, 15. Juli 2011, 09:52 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1526 |
|
Applikationen: |
MIT Kerberos |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2011-9109 2011-07-06 20:55:22 ------------------------------------------------------------------------------- -
Name : krb5-appl Product : Fedora 14 Version : 1.0.1 Release : 4.fc14 URL : http://web.mit.edu/kerberos/www/ Summary : Kerberos-aware versions of telnet, ftp, rsh, and rlogin Description : This package contains Kerberos-aware versions of the telnet, ftp, rcp, rsh, and rlogin clients and servers. While these have been replaced by tools such as OpenSSH in most environments, they remain in use in others.
------------------------------------------------------------------------------- - Update Information:
This update corrects a potential failure to properly set the effective group ID in the GSSAPI-capable FTP server (MITKRB5-SA-2011-005, CVE-2011-1526). ------------------------------------------------------------------------------- - ChangeLog:
* Tue Jul 5 2011 Nalin Dahyabhai <nalin@redhat.com> - 1.0.1-4 - ftpd: add candidate patch to detect setegid/setregid/setresgid and check for errors when calling them (MITKRB5-SA-2011-005, CVE-2011-1526, #713341) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #711419 - CVE-2011-1526 krb5, krb5-appl: ftpd incorrect group privilege dropping (MITKRB5-SA-2011-005) https://bugzilla.redhat.com/show_bug.cgi?id=711419 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update krb5-appl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|