You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa cifs

Sigurnosni nedostatak programskog paketa cifs

——————————————————————————–
Fedora Update Notification
FEDORA-2020-ea0b9caac3
2020-11-11 01:17:49.473314
——————————————————————————–

Name : cifs-utils
Product : Fedora 33
Version : 6.11
Release : 1.fc33
URL : https://protect2.fireeye.com/v1/url?k=68bd25a1-37213fbf-68bab86d-000babd90757-fa6593918002c5a9&q=1&e=541e2ada-d188-49a3-9f43-6d52616eb337&u=http%3A%2F%2Flinux-cifs.samba.org%2Fcifs-utils%2F
Summary : Utilities for mounting and managing CIFS mounts
Description :
The SMB/CIFS protocol is a standard file sharing protocol widely deployed
on Microsoft Windows machines. This package contains tools for mounting
shares on Linux using the SMB/CIFS protocol. The tools in this package
work in conjunction with support in the kernel to allow one to mount a
SMB/CIFS share onto a client and use it as if it were a standard Linux
file system.

——————————————————————————–
Update Information:

New upstream release: – fixes CVE-2020-14342 cifs-utils: shell command
injection in mount.cifs – adds `smb2-quota` tool – adds `mount.smb3` as a
symlink to `mount.cifs`
——————————————————————————–
ChangeLog:

* Mon Nov 2 2020 Alexander Bokovoy <abokovoy@redhat.com> – 6.11-1
– Update to v6.11 release
– Resolves: rhbz#1876400 – CVE-2020-14342 – cifs-utils: shell command injection
——————————————————————————–
References:

[ 1 ] Bug #1784578 – cifs-utils-6.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1784578
[ 2 ] Bug #1876400 – CVE-2020-14342 cifs-utils: shell command injection in mount.cifs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1876400
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-ea0b9caac3’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=97f72c07-c86b3619-97f0b1cb-000babd90757-9fa081f9723574a9&q=1&e=541e2ada-d188-49a3-9f43-6d52616eb337&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2020-cfdd73f1b4
2020-11-11 01:19:50.943659
——————————————————————————–

Name : cifs-utils
Product : Fedora 32
Version : 6.11
Release : 1.fc32
URL : https://protect2.fireeye.com/v1/url?k=79b1f665-262dec7b-79b66ba9-000babd90757-43be84f98b1f5747&q=1&e=4b2d45cd-e210-485e-a21b-19f0a0924836&u=http%3A%2F%2Flinux-cifs.samba.org%2Fcifs-utils%2F
Summary : Utilities for mounting and managing CIFS mounts
Description :
The SMB/CIFS protocol is a standard file sharing protocol widely deployed
on Microsoft Windows machines. This package contains tools for mounting
shares on Linux using the SMB/CIFS protocol. The tools in this package
work in conjunction with support in the kernel to allow one to mount a
SMB/CIFS share onto a client and use it as if it were a standard Linux
file system.

——————————————————————————–
Update Information:

New upstream release: – fixes CVE-2020-14342 cifs-utils: shell command
injection in mount.cifs – adds `smb2-quota` tool – adds `mount.smb3` as a
symlink to `mount.cifs`
——————————————————————————–
ChangeLog:

* Mon Nov 2 2020 Alexander Bokovoy <abokovoy@redhat.com> – 6.11-1
– Update to v6.11 release
– Resolves: rhbz#1876400 – CVE-2020-14342 – cifs-utils: shell command injection
——————————————————————————–
References:

[ 1 ] Bug #1784578 – cifs-utils-6.11 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1784578
[ 2 ] Bug #1876400 – CVE-2020-14342 cifs-utils: shell command injection in mount.cifs [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1876400
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-cfdd73f1b4’ at the command
line. For more information, refer to the dnf documentation available at
https://protect2.fireeye.com/v1/url?k=d7f7ff60-886be57e-d7f062ac-000babd90757-74be14b58e0902b5&q=1&e=4b2d45cd-e210-485e-a21b-19f0a0924836&u=http%3A%2F%2Fdnf.readthedocs.io%2Fen%2Flatest%2Fcommand_ref.html%23upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programskih paketa Chromium i Google Chrome

Otkriveni su sigurnosni nedostaci u programskim paketima Chromium i Google Chrome za operacijski sustav Gentoo. Otkriveni nedostaci potencijalnim napadačima omogućuju...

Close