You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa openhpi

Sigurnosni nedostatak programskog paketa openhpi

——————————————————————————–
Fedora Update Notification
FEDORA-2015-10944
2015-10-07 03:46:09.915691
——————————————————————————–

Name : openhpi
Product : Fedora 22
Version : 3.4.0
Release : 2.fc22
URL : http://www.openhpi.org
Summary : Hardware Platform Interface library and tools
Description :
OpenHPI is an open source project created with the intent of providing an
implementation of the SA Forum’s Hardware Platform Interface (HPI). HPI
provides an abstracted interface to managing computer hardware, typically for
chassis and rack based servers. HPI includes resource modeling; access to and
control over sensor, control, watchdog, and inventory data associated with
resources; abstracted System Event Log interfaces; hardware events and alerts;
and a managed hot swap interface.

OpenHPI provides a modular mechanism for adding new hardware and device support
easily. Many plug-ins exist in the OpenHPI source tree to provide access to
various types of hardware. This includes, but is not limited to, IPMI based
servers, Blade Center, and machines which export data via sysfs.

——————————————————————————–
Update Information:

fix /var/lib/openhpi permissions (#1233521).
——————————————————————————–
References:

[ 1 ] Bug #1233521 – CVE-2015-3248 openhpi: world writable /var/lib/openhpi directory [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1233521
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update openhpi’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa zendframework

Otkriven je sigurnosni nedostatak u programskom paketu zendframework. Otkriveni nedostatak potencijalnim napadačima omogućuje pokretanje proizvoljnog programskog koda ili stjecanje uvećanih...

Close