Mangelnde Eingabeprüfung in lldpad
ID: | FEDORA-2018-e9d1ec6dbc |
Distribution: | Fedora |
Plattformen: | Fedora 27 |
Datum: | Fr, 16. November 2018, 07:44 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10932 |
Applikationen: | lldpad |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2018-e9d1ec6dbc 2018-11-16 03:41:37.813095 -------------------------------------------------------------------------------- Name : lldpad Product : Fedora 27 Version : 1.0.1 Release : 9.git036e314.fc27 URL : http://open-lldp.org/ Summary : Intel LLDP Agent Description : This package contains the Linux user space daemon and configuration tool for Intel LLDP Agent with Enhanced Ethernet support for the Data Center. -------------------------------------------------------------------------------- Update Information: - Add upstream fix for improper sanitization of shell-escape codes when lldptool parses a mngAddr TLV (CVE-2018-10932). - Add upstream patch to support DSCP selectors in APP TLVs. This allows configuration of DSCP-based packet prioritization on capable network devices. -------------------------------------------------------------------------------- ChangeLog: * Thu Aug 16 2018 Petr Machata |