Login
Newsletter
Werbung

Sicherheit: Unsichere Verwendung temporärer Dateien in mom
Aktuelle Meldungen Distributionen
Name: Unsichere Verwendung temporärer Dateien in mom
ID: FEDORA-2012-15521
Distribution: Fedora
Plattformen: Fedora 18
Datum: Mi, 10. Oktober 2012, 07:55
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4480
Applikationen: mom

Originalnachricht

Name        : mom
Product : Fedora 18
Version : 0.3.0
Release : 1.fc18
URL : http://wiki.github.com/aglitke/mom
Summary : Dynamically manage system resources on virtualization hosts
Description :
MOM is a policy-driven tool that can be used to manage overcommitment on KVM
hosts. Using libvirt, MOM keeps track of active virtual machines on a host. At
a regular collection interval, data is gathered about the host and guests. Data
can come from multiple sources (eg. the /proc interface, libvirt API calls, a
client program connected to a guest, etc). Once collected, the data is
organized for use by the policy evaluation engine. When started, MOM accepts a
user-supplied overcommitment policy. This policy is regularly evaluated using
the latest collected data. In response to certain conditions, the policy may
trigger reconfiguration of the system’s overcommitment mechanisms. Currently
MOM supports control of memory ballooning and KSM but the architecture is
designed to accommodate new mechanisms such as cgroups.

-------------------------------------------------------------------------------
-
Update Information:

Update to mom-0.3.0 which fixes a momd security issue and includes many
features for ovirt integration.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #863178 - CVE-2012-4480 mom: world-writable PID file [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=863178
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update mom' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung