You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa munin

Sigurnosni nedostaci programskog paketa munin

==========================================================================
Ubuntu Security Notice USN-2090-1
January 27, 2014

munin vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 13.10
– Ubuntu 12.10
– Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in Munin.

Software Description:
– munin: Network-wide graphing framework

Details:

Christoph Biedl discovered that Munin incorrectly handled certain
multigraph data. A remote attacker could use this issue to cause Munin to
consume resources, resulting in a denial of service. (CVE-2013-6048)

Christoph Biedl discovered that Munin incorrectly handled certain
multigraph service names. A remote attacker could use this issue to cause
Munin to stop data collection, resulting in a denial of service.
(CVE-2013-6359)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
munin 2.0.17-2ubuntu1.1

Ubuntu 12.10:
munin 2.0.2-1ubuntu2.3

Ubuntu 12.04 LTS:
munin 1.4.6-3ubuntu3.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2090-1
CVE-2013-6048, CVE-2013-6359

Package Information:
https://launchpad.net/ubuntu/+source/munin/2.0.17-2ubuntu1.1
https://launchpad.net/ubuntu/+source/munin/2.0.2-1ubuntu2.3
https://launchpad.net/ubuntu/+source/munin/1.4.6-3ubuntu3.4

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS5p+aAAoJEGVp2FWnRL6Tf0QQAL3z8cQbkdwwaD2TeC/kro//
WyuKFZtjXdUmyJcNj4Wkxs8HH6uEZ6upAlmwrWi+NBAaxXLBtknE6juojzQlWA5+
8SGwRStMmYsAwaiikF+8yMAARzLRL66/NYpaQ099N1Ed77gNxOhgDLMOShAyRkZh
/nGW4mwvr1xZDRNG/7QJhIMH7aqs08dwQ+Mdvep0k99kqSE2c25OnRLBN407kMz1
2ya44KN0o7M7bCCu3zKm1jhSfvyixmmdCnbuepJ/ZxL2U+L0rNtiy/6sgcC8Mj3G
GZ9ZTnxncttntVJnGuCE58PFcj8QQjfWgDYoBqfDCDKo+mUTvnsNH6F21U/yWTsi
F2ektc9OPY3SY5VACGAjHkwnuGmcE6BnMq59RLPo+uRYYRvRbyC3LUXNvIw7dtw4
fMMfMTuSgcpqwNAzezBKlZF/pxOyunvKuPzcSr7sLTv5YPh+3Gi9to7uNc3PmR+C
0DengrH5rv7MqnyAgHwA3qJ4+0ez0UNUVu8RyBZgbrycCLGO7DcSoa4GTQo1ykgG
l1qrRg2AGBBiuzWmy5i/AXCPuLZy3z6XOqFNeyw9wzSVoLvoSTgsxgAme8qECNnp
n3wiIgqIc5O1IsJn9g5LCTmGIQbQy6ZzJObyzdyB+9kF+mrH6MmNyK9L4kaInYwB
doeel3qVXxYf6y25i/Po
=kwVh
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa mingw-openssl

Otkriveni su sigurnosni nedostaci u programskom paketu mingw-openssl. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja usluge ili izvođenje "man-in-the-middle"...

Close