Sicherheit: Pufferüberläufe in boinc-client
Aktuelle Meldungen Distributionen
Name: Pufferüberläufe in boinc-client
ID: FEDORA-2013-23720
Distribution: Fedora
Plattformen: Fedora 19
Datum: Fr, 27. Dezember 2013, 09:30
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2298
Applikationen: boinc-client


Name        : boinc-client
Product : Fedora 19
Version : 7.2.33
Release : 2.git1994cc8.fc19
URL : http://boinc.berkeley.edu/
Summary : The BOINC client core
Description :
The Berkeley Open Infrastructure for Network Computing (BOINC) is an open-
source software platform which supports distributed computing, primarily in
the form of "volunteer" computing and "desktop Grid" computing.
It is well
suited for problems which are often described as "trivially parallel".
is the underlying software used by projects such as SETI@home, Einstein@Home,
ClimatePrediciton.net, the World Community Grid, and many other distributed
computing projects.

This package installs the BOINC client software, which will allow your
computer to participate in one or more BOINC projects, using your spare
computer time to search for cures for diseases, model protein folding, study
global warming, discover sources of gravitational waves, and many other types
of scientific and mathematical research.

Update Information:

*Updates Boinc to 7.2.33.
*Remove the "Can't connect to boinc-client" notify at startup.
*Fix "GPU not detected" problem.
*Fix security vulnerability #957811

**Please note for "GPU not detected" bug**
If you still have this problem after updating, you need to run boinc with your
user, not with boinc user.
To do that, add your user to boinc group:
'useradd -G boinc <your_username>'

Disable boinc daemon:
'systemctl disable boinc-client.service'
'systemctl stop boinc-client.service'

Change directory and files permissions:
'chmod -R g+rw /var/lib/boinc'
'chmod g+rw /var/log/boinc*'

Logout and login again.
Now run boinc using this command (under your user):
If you want to autostart boinc after login you need to configure your DE to do
that. See instruction specific to your DE on how to do that.


* Tue Dec 17 2013 Mattia Verga <mattia.verga@tiscali.it> -
- Change default attribute of /var/lib/boinc to give write permission to boinc
- Fix systemd requires as described in guidelines
* Tue Dec 17 2013 Mattia Verga <mattia.verga@tiscali.it> -
- Update to 7.2.33
- Removed no more needed X11 patch
- Removed boinc manager notification patch see bug #990693
- Add patch to fix Italian locale dir
- Enabled parallel make
- Removed boincmgr wrap
- Fix checkin_notes
- Added boinc_gpu wrapper to fix GPU detection (see instruction on how to use
- Build now requires mariadb-devel instead of mysql-devel as actual default for
- Fix trim script for new directory and not remove html dir for build error
- Remove scripts for update from sysV to systemd
* Sat Aug 3 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 7.0.65-2.git79b00ef
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

[ 1 ] Bug #957771 - CVE-2013-2298 boinc-client: Multiple stack overflow flaws
when parsing XML files
[ 2 ] Bug #957795 - boinc-client: Format string flaw by writing account file

This update can be installed with the "yum" update program. Use
su -c 'yum update boinc-client' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten