drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung von pickle in openstack-swift
Name: |
Unsichere Verwendung von pickle in openstack-swift |
|
ID: |
FEDORA-2012-15642 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 17 |
|
Datum: |
Fr, 19. Oktober 2012, 08:36 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4406 |
|
Applikationen: |
OpenStack |
|
Originalnachricht |
Name : openstack-swift Product : Fedora 17 Version : 1.4.8 Release : 3.fc17 URL : http://launchpad.net/swift Summary : OpenStack Object Storage (swift) Description : OpenStack Object Storage (swift) aggregates commodity servers to work together in clusters for reliable, redundant, and large-scale storage of static objects. Objects are written to multiple hardware devices in the data center, with the OpenStack software responsible for ensuring data replication and integrity across the cluster. Storage clusters can scale horizontally by adding new nodes, which are automatically configured. Should a node fail, OpenStack works to replicate its content from other active nodes. Because OpenStack uses software logic to ensure data replication and distribution across different devices, inexpensive commodity hard drives and servers can be used in lieu of more expensive equipment.
------------------------------------------------------------------------------- - Update Information:
Do not use pickle for serialization in memcache (CVE-2012-4406)
------------------------------------------------------------------------------- - ChangeLog:
* Thu Sep 27 2012 Derek Higgins <derekh@redhat.com> - 1.4.8-3 - Do not use pickle for serialization in memcache (CVE-2012-4406) - include bugfixes from f16 (rhbz#810392 rhbz#807172 rhbz#809393) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #854761 - CVE-2012-4406 Openstack-Swift: insecure use of python pickle() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=854761 [ 2 ] Bug #807172 - Addition to openstack-swift packaging (man pages) https://bugzilla.redhat.com/show_bug.cgi?id=807172 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update openstack-swift' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|