Ausführen beliebiger Kommandos in system-config-firewall
ID: | FEDORA-2011-9652 |
Distribution: | Fedora |
Plattformen: | Fedora 15 |
Datum: | Di, 2. August 2011, 09:09 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2520 |
Applikationen: | system-config-firewall |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-9652 2011-07-23 01:34:32 -------------------------------------------------------------------------------- Name : system-config-firewall Product : Fedora 15 Version : 1.2.29 Release : 4.fc15 URL : http://fedorahosted.org/system-config-firewall Summary : A graphical interface for basic firewall setup Description : system-config-firewall is a graphical user interface for basic firewall setup. -------------------------------------------------------------------------------- Update Information: - fixed possible privilege escalation flaw via use of python pickle (CVE-2011-2520), replaced pickle by json (rhbz#717985) and (rhbz#722991) - stop D-BUS firewall mechanism on update, because D-BUS interface will not be compatible to old pickle version - system-config-printer needs to get updated, too -------------------------------------------------------------------------------- ChangeLog: * Fri Jul 22 2011 Thomas Woerner |