Sicherheit: Mangelnde Eingabeprüfung in sleuthkit
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in sleuthkit
ID: FEDORA-2013-0336
Distribution: Fedora
Plattformen: Fedora 17
Datum: Mi, 23. Januar 2013, 06:51
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5619
Applikationen: sleuthkit


Name        : sleuthkit
Product : Fedora 17
Version : 4.0.1
Release : 1.fc17
URL : http://www.sleuthkit.org
Summary : The Sleuth Kit (TSK)
Description :
The Sleuth Kit (TSK) is a collection of UNIX-based command line tools that
allow you to investigate a computer. The current focus of the tools is the
file and volume systems and TSK supports FAT, Ext2/3, NTFS, UFS,
and ISO 9660 file systems

Update Information:

New Features:
More DOS partition types are displayed.
Added fcat tool that takes in file name and exports content (equivalent to
using ifind and icat together).
performance improvements with FAT code (maps and dir_add)
performance improvements with NTFS code (maps)
added AONLY flag to block_walk
Updated blkls and blkcalc to use AONLY flag -- MUCH faster.

Bug Fixes:
Fixed mactime issue where it could choose the wrong timezone that did not
follow daylight savings times.
Fixed file size of alternate data streams in framework.
Incorporated memory leak fixes and raw device fixes from ADF Solutions.

* Mon Dec 10 2012 Nicolas Chauvet <kwizart@gmail.com> - 4.0.1-1
- Update to 4.0.1
* Sat Jul 21 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 3.2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

[ 1 ] Bug #883330 - CVE-2012-5619 sleuthkit: Improper interpretation of
'.' entry on FAT filesystems (possibility to evade detection by forensic analysis)

This update can be installed with the "yum" update program. Use
su -c 'yum update sleuthkit' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten