You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa conntrack

Sigurnosni nedostatak programskog paketa conntrack

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-3341-1 security@debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
August 20, 2015 https://www.debian.org/security/faq
– ————————————————————————-

Package : conntrack
CVE ID : CVE-2015-6496
Debian Bug : 796103

It was discovered that in certain configurations, if the relevant
conntrack kernel module is not loaded, conntrackd will crash when
handling DCCP, SCTP or ICMPv6 packets.

For the oldstable distribution (wheezy), this problem has been fixed
in version 1:1.2.1-1+deb7u1.

For the stable distribution (jessie), this problem has been fixed in
version 1:1.4.2-2+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 1:1.4.2-3.

We recommend that you upgrade your conntrack packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJV1b6tAAoJEAVMuPMTQ89E9acQAI9mJw2+XMAYv6o3b3LPoWEw
blxUTwWaoEB8JzMthDL4vw54GbfYaAecIQ2/3Q81TQVHn+CUw4q3lgKIgRg4MHd5
Zi5WGD8tUFc0OLzX34E7FkHzMLgNDt2x1GfVCNZYJ2cLvEu1xMJTRKl0UxCfSUGU
THHNEc6Ko9NgAtzJZgun2K3bxEpko61VuCNpoHW4ib4kGyeJ9aZE0E0CDh5s1CVm
F6qSvoI5KOm4molOStf7AQU9dAubTi6ZNc8YaKKlHon6/uCySsXt52nBDfcygAlf
HVK1lio+t5s0T24qzYjaJZxH6VqQ6dLLsc2YDdiBYuMkmylOgnAXlqW5kRjyrJEb
kX3JCgLxI/lbdw9XHwsUELDcEppSXkrhor97K1Kmv4ef5qTLEp1IHUMppmn609Jk
+P2sBlPco4+3fj/CSqhEdtnZADwKt/5ZuvEJr1J0ueZJvUrmuRi4v1tiwNUmnzlU
0Rwo0npZs0T/QarPtCtPgWutG2v8yS1XaOl5al8nqmE7+DtBql7Z22QbGYG9nD8t
tHPTPMy8o9mctyrJ8bR7f3dQBbYjQwB3WJSNnC+1ceiU2+f4L6FuWUFbkU8rum31
8WpfUUA519b6vh8/SoiZrMaOwNcGtw23BkIYXko3GoEF3Docnb2dfXLRosZCIoH/
IC2ZqmuMiY41a0obKSdj
=S6/f
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Drupal

Otkriven je sigurnosni nedostatak u programskom paketu Drupal. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje XSS napada, umetanje SQL koda, zaobilaženje...

Close