drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in sysreport
Name: |
Unsichere Verwendung temporärer Dateien in sysreport |
|
ID: |
FEDORA-2005-1071 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora Core 4 |
|
Datum: |
Do, 10. November 2005, 18:31 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2104 |
|
Applikationen: |
SysReport |
|
Originalnachricht |
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2005-1071 2005-11-10 ---------------------------------------------------------------------
Product : Fedora Core 4 Name : sysreport Version : 1.4.1 Release : 5 Summary : Gathers system hardware and configuration information. Description : Sysreport is a utility that gathers information about a system's hardware and configuration. The information can then be used for diagnostic purposes and debugging. Sysreport is commonly used to help support technicians and developers by providing a "snapshot" of a system's current layout.
--------------------------------------------------------------------- Update Information:
It is possible for a local attacker to cause a race condition and trick sysreport into writing its output to a directory the attacker can read.
The new sysreport fixes this security issue --------------------------------------------------------------------- * Tue Jul 12 2005 Than Ngo <than@redhat.com> 1.4.1-5 - security fix #162978, CAN-2005-2104
* Fri Jun 17 2005 Than Ngo <than@redhat.com> 1.4.1-4 - fix datestamp
* Tue Jun 14 2005 Than Ngo <than@redhat.com> 1.4.1-3 - don't include sensitive data #159502 - exim/nis/cluster/inittab/maillog/shell/ipcs/nscd/udev
--------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
12a5bea3478280e753817be123909ef1 SRPMS/sysreport-1.4.1-5.src.rpm 817347be8397066f39154f558348c626 x86_64/sysreport-1.4.1-5.noarch.rpm 817347be8397066f39154f558348c626 i386/sysreport-1.4.1-5.noarch.rpm
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. ---------------------------------------------------------------------
-- fedora-announce-list mailing list fedora-announce-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-announce-list
|
|
|
|