You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa trafficserver

Sigurnosni nedostatak programskog paketa trafficserver

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10520
2015-06-23 03:02:16
——————————————————————————–

Name : trafficserver
Product : Fedora 21
Version : 5.3.0
Release : 1.fc21
URL : http://trafficserver.apache.org/index.html
Summary : Fast, scalable and extensible HTTP/1.1 compliant caching proxy server
Description :
Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant
caching proxy server.

——————————————————————————–
Update Information:

https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x

——————————————————————————–
ChangeLog:

* Sun Jun 21 2015 Peter Robinson <pbrobinson@fedoraproject.org> 5.3.0-1
– Update to 5.3.0 LTS release
– Build on aarch64 and power64
– Split perl bindings to sub package
– Cleanup and modernise spec
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 5.0.1-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 2 2015 Kalev Lember <kalevlember@gmail.com> – 5.0.1-3
– Rebuilt for GCC 5 C++11 ABI change
* Mon Jan 26 2015 Petr Machata <pmachata@redhat.com> – 5.0.1-2
– Rebuild for boost 1.57.0
——————————————————————————–
References:

[ 1 ] Bug #1102559 – Add AArch64 support to trafficserver
https://bugzilla.redhat.com/show_bug.cgi?id=1102559
[ 2 ] Bug #1103173 – trafficserver: insecure temporary file usage [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1103173
[ 3 ] Bug #1179204 – trafficserver: incorrect handling of “Max-Forwards” header [fedora-21]
https://bugzilla.redhat.com/show_bug.cgi?id=1179204
[ 4 ] Bug #1103174 – trafficserver: insecure temporary file usage [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1103174
[ 5 ] Bug #1133387 – CVE-2014-3525 trafficserver: unspecified flaw related to health checks fixed in versions 4.2.1.1 and 5.0.1 [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1133387
[ 6 ] Bug #1179205 – trafficserver: incorrect handling of “Max-Forwards” header [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1179205
[ 7 ] Bug #994224 – trafficserver must be compiled with -fno-strict-aliasing, but it is not
https://bugzilla.redhat.com/show_bug.cgi?id=994224
[ 8 ] Bug #955127 – trafficserver package should be built with PIE flags
https://bugzilla.redhat.com/show_bug.cgi?id=955127
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update trafficserver’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10524
2015-06-23 03:02:27
——————————————————————————–

Name : trafficserver
Product : Fedora 22
Version : 5.3.0
Release : 1.fc22
URL : http://trafficserver.apache.org/index.html
Summary : Fast, scalable and extensible HTTP/1.1 compliant caching proxy server
Description :
Apache Traffic Server is a fast, scalable and extensible HTTP/1.1 compliant
caching proxy server.

——————————————————————————–
Update Information:

https://cwiki.apache.org/confluence/display/TS/What%27s+New+in+v5.3.x

——————————————————————————–
ChangeLog:

* Sun Jun 21 2015 Peter Robinson <pbrobinson@fedoraproject.org> 5.3.0-1
– Update to 5.3.0 LTS release
– Build on aarch64 and power64
– Split perl bindings to sub package
– Cleanup and modernise spec
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 5.0.1-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat May 2 2015 Kalev Lember <kalevlember@gmail.com> – 5.0.1-3
– Rebuilt for GCC 5 C++11 ABI change
——————————————————————————–
References:

[ 1 ] Bug #1103173 – trafficserver: insecure temporary file usage [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1103173
[ 2 ] Bug #1103174 – trafficserver: insecure temporary file usage [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1103174
[ 3 ] Bug #1102559 – Add AArch64 support to trafficserver
https://bugzilla.redhat.com/show_bug.cgi?id=1102559
[ 4 ] Bug #1179204 – trafficserver: incorrect handling of “Max-Forwards” header [fedora-21]
https://bugzilla.redhat.com/show_bug.cgi?id=1179204
[ 5 ] Bug #1133387 – CVE-2014-3525 trafficserver: unspecified flaw related to health checks fixed in versions 4.2.1.1 and 5.0.1 [epel-6]
https://bugzilla.redhat.com/show_bug.cgi?id=1133387
[ 6 ] Bug #1179205 – trafficserver: incorrect handling of “Max-Forwards” header [epel-7]
https://bugzilla.redhat.com/show_bug.cgi?id=1179205
[ 7 ] Bug #994224 – trafficserver must be compiled with -fno-strict-aliasing, but it is not
https://bugzilla.redhat.com/show_bug.cgi?id=994224
[ 8 ] Bug #955127 – trafficserver package should be built with PIE flags
https://bugzilla.redhat.com/show_bug.cgi?id=955127
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update trafficserver’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Ranjivosti programskog paketa OpenSSL

Otkrivene su ranjivosti u programskom paketu OpenSSL distribuiranog na više SUSE proizvoda. Otkrivena Logjam ranjivost (CVE-2015-4000) potencijalnim napadačima izvođenjem "man-in-the-middle"...

Close