You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa iodine

Sigurnosni nedostatak programskog paketa iodine

——————————————————————————–
Fedora Update Notification
FEDORA-2014-9265
2014-08-08 07:46:33
——————————————————————————–

Name : iodine
Product : Fedora 20
Version : 0.7.0
Release : 1.fc20
URL : http://code.kryo.se/iodine/
Summary : Solution to tunnel IPv4 data through a DNS server
Description :
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in
different situations where internet access is firewalled, but DNS queries are
allowed.

It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a
TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to
1 Mbit/s downstream.

This is meta-package to install both client and server.
It also contain three documantation files: CHANGELOG, README, TODO.

——————————————————————————–
Update Information:

Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
——————————————————————————–
ChangeLog:

* Tue Jul 22 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.7.0-1
– Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
– Drop old Patch0: iodine-0.5.2-prefix.patch
– Rebase iodine-0.6.0-rc1.split-man.patch -> iodine-0.7.0.split-man.patch
– Some spec cleanup.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 0.6.0-0.rc1.12.1
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.6.0-0.rc1.12
– Step to systemd macroses (#850160)
* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.6.0-0.rc1.11
– Add Provides: bundled(md5-deutsch) to client and server sub-packages (#1046028)
——————————————————————————–
References:

[ 1 ] Bug #1110338 – CVE-2014-4168 iodine: authentication bypass vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1110338
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update iodine’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2014-9279
2014-08-08 07:47:06
——————————————————————————–

Name : iodine
Product : Fedora 19
Version : 0.7.0
Release : 1.fc19
URL : http://code.kryo.se/iodine/
Summary : Solution to tunnel IPv4 data through a DNS server
Description :
iodine lets you tunnel IPv4 data through a DNS server. This can be usable in
different situations where internet access is firewalled, but DNS queries are
allowed.

It runs on Linux, Mac OS X, FreeBSD, NetBSD, OpenBSD and Windows and needs a
TUN/TAP device. The bandwidth is asymmetrical with limited upstream and up to
1 Mbit/s downstream.

This is meta-package to install both client and server.
It also contain three documantation files: CHANGELOG, README, TODO.

——————————————————————————–
Update Information:

Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
——————————————————————————–
ChangeLog:

* Tue Jul 22 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.7.0-1
– Update to 0.7.0 to fix CVE-2014-4168 iodine: authentication bypass vulnerability (bz#1110339, bz#1110338 [bz#1110340, bz#1110341, bz#1110342]).
– Drop old Patch0: iodine-0.5.2-prefix.patch
– Rebase iodine-0.6.0-rc1.split-man.patch -> iodine-0.7.0.split-man.patch
– Some spec cleanup.
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 0.6.0-0.rc1.12.1
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.6.0-0.rc1.12
– Step to systemd macroses (#850160)
* Tue Jan 7 2014 Pavel Alexeev <Pahan@Hubbitus.info> – 0.6.0-0.rc1.11
– Add Provides: bundled(md5-deutsch) to client and server sub-packages (#1046028)
* Sat Aug 3 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 0.6.0-0.rc1.10.1
– Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
——————————————————————————–
References:

[ 1 ] Bug #1110338 – CVE-2014-4168 iodine: authentication bypass vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1110338
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update iodine’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa krfb

Otkriven je sigurnosni nedostatak u programskom paketu krfb. Otkriveni nedostatak je posljedica preljeva spremnika i potencijalnim napadačima omogućuje izvođenje napada...

Close