Sicherheit: Ausführen beliebiger Kommandos in graphite-web
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in graphite-web
ID: FEDORA-2013-15710
Distribution: Fedora
Plattformen: Fedora 19
Datum: Do, 19. September 2013, 08:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5093
Applikationen: graphite-web


Name        : graphite-web
Product : Fedora 19
Version : 0.9.12
Release : 1.fc19
URL : https://launchpad.net/graphite/
Summary : A Django webapp for enterprise scalable realtime graphing
Description :
Graphite consists of a storage backend and a web-based visualization frontend.
Client applications send streams of numeric time-series data to the Graphite
backend (called carbon), where it gets stored in fixed-size database files
similar in design to RRD. The web frontend provides user interfaces
for visualizing this data in graphs as well as a simple URL-based API for
direct graph generation.

Graphite's design is focused on providing simple interfaces (both to users
applications), real-time visualization, high-availability, and enterprise

Update Information:

This is both an update to 0.9.12 and to address CVE-2013-5093.
Correctly pull in fonts.
Initial package import.
Initial package import.
Initial package import.
Initial package import.

* Mon Sep 2 2013 Jonathan Steffan <jsteffan@fedoraproject.org> -
- Update to 0.9.12
- Require Django >= 1.3
- Add EL5 conditional for SELinux policycoreutils
* Sat Aug 3 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 0.9.10-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

This update can be installed with the "yum" update program. Use
su -c 'yum update graphite-web' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Traut euch!
Neue Nachrichten