Fehlerhafte Zugriffsrechte in OpenHPI
ID: | FEDORA-2015-10944 |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | Mi, 7. Oktober 2015, 10:42 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3248 |
Applikationen: | OpenHPI |
Originalnachricht |
|
Name : openhpi Product : Fedora 22 Version : 3.4.0 Release : 2.fc22 URL : http://www.openhpi.org Summary : Hardware Platform Interface library and tools Description : OpenHPI is an open source project created with the intent of providing an implementation of the SA Forum's Hardware Platform Interface (HPI). HPI provides an abstracted interface to managing computer hardware, typically for chassis and rack based servers. HPI includes resource modeling; access to and control over sensor, control, watchdog, and inventory data associated with resources; abstracted System Event Log interfaces; hardware events and alerts; and a managed hot swap interface. OpenHPI provides a modular mechanism for adding new hardware and device support easily. Many plug-ins exist in the OpenHPI source tree to provide access to various types of hardware. This includes, but is not limited to, IPMI based servers, Blade Center, and machines which export data via sysfs. -------------------------------------------------------------------------------- Update Information: fix /var/lib/openhpi permissions (#1233521). -------------------------------------------------------------------------------- References: [ 1 ] Bug #1233521 - CVE-2015-3248 openhpi: world writable /var/lib/openhpi directory [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1233521 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update openhpi' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |