Login
Newsletter
Werbung

Sicherheit: Mangelnde Eingabeprüfung in Suricata
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in Suricata
ID: FEDORA-2018-ee417c4b28
Distribution: Fedora
Plattformen: Fedora 27
Datum: Fr, 23. Februar 2018, 17:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6794
Applikationen: Suricata

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-ee417c4b28
2018-02-23 15:59:46.791960
-------------------------------------------------------------------------------
-

Name : suricata
Product : Fedora 27
Version : 4.0.4
Release : 1.fc27
URL : http://suricata-ids.org/
Summary : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.

-------------------------------------------------------------------------------
-
Update Information:

fixes bz#1543250 and bz#1543251
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1543250 - CVE-2018-6794 suricata: HTTP detection bypass in
detect.c and stream-tcp.c [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543250
[ 2 ] Bug #1543251 - CVE-2018-6794 suricata: HTTP detection bypass in
detect.c and stream-tcp.c [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1543251
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade suricata' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung