drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in mongoose
| Name: |
Pufferüberlauf in mongoose |
|
| ID: |
FEDORA-2011-11823 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 15 |
|
| Datum: |
Do, 8. September 2011, 09:48 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2900 |
|
| Applikationen: |
mongoose |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2011-11823
2011-08-31 00:52:39
-------------------------------------------------------------------------------
-
Name : mongoose
Product : Fedora 15
Version : 3.0
Release : 2.fc15
URL : http://code.google.com/p/mongoose
Summary : An easy-to-use self-sufficient web server
Description :
Mongoose web server executable is self-sufficient, it does not depend on
anything to start serving requests. If it is copied to any directory and
executed, it starts to serve that directory on port 8080 (so to access files,
go to http://localhost:8080). If some additional configuration is required -
for example, different listening port or IP-based access control, then a
'mongoose.conf' file with respective options can be created in the same
directory where executable lives. This makes Mongoose perfect for all sorts
of demos, quick tests, file sharing, and Web programming.
-------------------------------------------------------------------------------
-
Update Information:
Add upstream patch to fix CVE-2011-2900
-------------------------------------------------------------------------------
-
ChangeLog:
* Sat Aug 27 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-2
- Add upstream patch to fix CVE-2011-2900 (729146)
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-1
- Rebuilt for Fedora's inclusion, after scracth-build successful tests.
* Mon Jul 25 2011 Rafael Azenha Aquini <aquini at linux dot com> - 3.0-0
- Packaged mongoose's upstream 3.0 release.
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #729145 - CVE-2011-2900 mongoose: stack-based buffer overflow flaw
in put_dir()
https://bugzilla.redhat.com/show_bug.cgi?id=729145
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update mongoose' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
