drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in 389-admin
Name: |
Unsichere Verwendung temporärer Dateien in 389-admin |
|
ID: |
FEDORA-2015-1711 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 21 |
|
Datum: |
So, 15. März 2015, 19:34 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0233 |
|
Applikationen: |
389-admin |
|
Originalnachricht |
Name : 389-admin Product : Fedora 21 Version : 1.1.38 Release : 1.fc21 URL : http://port389.org/ Summary : 389 Administration Server (admin) Description : 389 Administration Server is an HTTP agent that provides management features for 389 Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access control, and CGI utilities used by the console.
------------------------------------------------------------------------------- - Update Information:
Release 1.1.38 ------------------------------------------------------------------------------- - ChangeLog:
* Tue Feb 3 2015 Noriko Hosoi <nhosoi@redhat.com> - 1.1.38-1 - bump version to 1.1.38 - Ticket 48024 - repl-monitor invoked from adminserver cgi fails - Ticket 47995 - Admin Server: source code cleaning - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47929 - Admin Server - disable SSLv3 by default - Ticket 201 - nCipher HSM cannot be configured via the console - Ticket 47493 - Configuration Tab does not work with FIPS mode enabled - Ticket 47697 - Resource leak in lib/libdsa/dsalib_updown.c - Ticket 47860 - register-ds-admin.pl problem when following steps to replicate o=netscaperoot - Ticket 47548 - register-ds-admin does not register into remote config ds - Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain - Ticket 47891 - Admin Server reconfig breaks SSL config - Ticket 47300 - Update man page for remove-ds-admin.pl - Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time - Ticket 47497 - Admin Express - remove "Security Level" - Ticket 47495 - admin express: wrong instance creation time - Ticket 47665 - Create new instance results in setting wrong ACI for the "cn=config" entry - Ticket 47478 - No groups file? error restarting Admin server - Ticket 47300 - [RFE] remove-ds-admin.pl: redesign the behaviour - Ticket 434 - admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve <ip address>" - Ticket 47563 - cannot restart directory server from console - Ticket 222 - Admin Express issues "Internal Server Error" when the Config DS is down. - Ticket 418 - Error with register-ds-admin.pl - Ticket 377 - Unchecked use of SELinux command Reviewed by: rmeggins - Ticket 47498 - Error Message for Failed to create the configuration directory server ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1183153 - CVE-2015-0233 389-admin: multiple /tmp/ file vulnerabilities [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1183153 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update 389-admin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|