Noi apariţii/versiuni de software pentru Linux

Joined
Oct 20, 2003
Likes
75
Location
Giurgiu
#3
Daca folositi proftp ca server de ftp, va trebui sa instalati ultima versiune .
X-Force Research at ISS has discovered a remote exploit in ProFTPD's handling of ASCII translations that an attacker, by downloading a carefully crafted file, can exploit and gain a root shell. The source distributions on ftp.proftpd.org have all been replaced with patched versions. All ProFTPD users are strongly urged to upgrade to one of the patched versions as soon as possible.

Note that the upgraded package does not change the displayed version number to 1.2.8p (it remains 1.2.8), but we've verified the source code to make sure that this is in fact the patched version. We recommend all sites running ProFTPD upgrade to the new package right away.
 
Joined
Oct 20, 2003
Likes
75
Location
Giurgiu
#6
Update apache 2:
A problem was discovered in Apache2 where CGI scripts that output more than 4k of output to STDERR will hang the script's execution which can cause a Denial of Service on the httpd process because it is waiting for more input from the CGI that is not forthcoming due to the locked write() call in mod_cgi.
Mai multe detalii.
O lista de ftp-uri pentru download, deocamdata doar pentru mandrake:
http://www.mandrakesecure.net/en/ftp.php
 

creizi

embedded intelligence
Joined
Oct 14, 2003
Likes
40
Location
in dă big deşert
#8
Novell preia compania SuSE Linux:
"Novell today announced it has entered into an agreement to acquire SUSE LINUX, one of the world's leading enterprise Linux companies, expanding Novell's ability to provide enterprise-class services and support on the Linux platform."
Sursa: www.madpenguin.org
 
Joined
Oct 20, 2003
Likes
75
Location
Giurgiu
#9
Mandrake linux security

Pentru ca cei ce folosesc CUPS ca server de printer, implementarea Internet Printing Protocol (IPP) este o gaura serioasa de securitate.
Versiunile de Mandrake care contin CUPS si sunt afectate de acest bug: 9.0 si Corporate Server 2.1.
A bug in versions of CUPS prior to 1.1.19 was reported in the Internet Printing Protocol (IPP) implementation would result in CUPS going into a busy loop, which could result in a Denial of Service (DoS) condition. To be able to exploit this problem, an attacker would need to be able to make a TCP connection to the IPP port (port 631 by default).
Pentru autoupdate folositi mandrakeupdate sau urpmi. O lista de mirror-uri pentru download, de aici: http://www.mandrakesecure.net/en/ftp.php.
Download la ultima versiune de CUPS.
 
Top Bottom