Zwei Probleme in trytond
ID: | FEDORA-2016-d961441913 |
Distribution: | Fedora |
Plattformen: | Fedora 25 |
Datum: | Mi, 14. September 2016, 06:34 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1241
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1242 |
Applikationen: | Tryton |
Originalnachricht |
|
Name : trytond Product : Fedora 25 Version : 4.0.4 Release : 1.fc25 URL : http://www.tryton.org Summary : Server for the Tryton application framework Description : Tryton is a three-tiers high-level general purpose application framework written in Python and use PostgreSQL as database engine. It is the core base of an Open Source ERP. It provides modularity, scalability and security. The core of Tryton (also called Tryton kernel) provides all the necessary functionalities for a complete application framework: data persistence (i.e an ORM with extensive modularity), users management (authentication, fine grained control for data access, handling of concurrent access of resources), workflow and report engines, web services and internationalisation. Thus constituting a complete application platform which can be used for any relevant purpose. -------------------------------------------------------------------------------- Update Information: - security fix for CVE-2016-1241, CVE-2016-1242 - other bug fixes -------------------------------------------------------------------------------- References: [ 1 ] Bug #1374220 - CVE-2016-1242 tryton: admin user able to access all files on system https://bugzilla.redhat.com/show_bug.cgi?id=1374220 [ 2 ] Bug #1374172 - CVE-2016-1241 tryton: password hashes leak to authenticated users https://bugzilla.redhat.com/show_bug.cgi?id=1374172 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update trytond' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org |