Sicherheit: Mangelnde Eingabeprüfung in Berkeley DB
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in Berkeley DB
ID: FEDORA-2017-2b68e14594
Distribution: Fedora
Plattformen: Fedora 26
Datum: Sa, 8. Juli 2017, 11:18
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1464032
Applikationen: Berkeley DB


Fedora Update Notification
2017-07-07 22:40:59.826956

Name : libdb
Product : Fedora 26
Version : 5.3.28
Release : 24.fc26
URL : http://www.oracle.com/database/berkeley-db/
Summary : The Berkeley DB database library for C
Description :
The Berkeley Database (Berkeley DB) is a programmatic toolkit that
provides embedded database support for both traditional and
client/server applications. The Berkeley DB includes B+tree, Extended
Linear Hashing, Fixed and Variable-length record access methods,
transactions, locking, logging, shared memory caching, and database
recovery. The Berkeley DB supports C, C++, Java, and Perl APIs. It is
used by many applications, including Python and Perl, so this should
be installed on all systems.

Update Information:

Security fix for DB_CONFIG parsing when db_home is not set. This update also
introduces modified fixes for rhbz#1394862 once again and additionally fixes
specific hangs described in rhbz#1460003. Please be aware that this update is
expected to cause **DB_VERSION_MISMATCH** errors during installation if you are
still running an older release of libdb. These errors are a result of packages
calling rpm commands during installation and have so far been found harmless.
You can also run into issues with dnf plugins that do the same. As these
are run after the rpm transaction has already gone through successfully they
should also be harmless. However, in this case a rebuild of rpmdb's
will be needed. Detailed information on how to achieve this can be found in the
links below. For more information please take a look at:

[ 1 ] Bug #1464032 - libdb: Reads DB_CONFIG from the current working

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade libdb' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Unterstützer werden
Neue Nachrichten