You are here
Home > Preporuke > Sigurnosni propust programskog paketa torque

Sigurnosni propust programskog paketa torque

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LDE

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-2936-1 security@debian.org
http://www.debian.org/security/ Salvatore Bonaccorso
May 23, 2014 http://www.debian.org/security/faq
– ————————————————————————-

Package : torque
CVE ID : CVE-2014-0749
Debian Bug : 748827

John Fitzpatrick from MWR Labs reported a stack-based buffer overflow
vulnerability in torque, a PBS-derived batch processing queueing system.
An unauthenticated remote attacker could exploit this flaw to execute
arbitrary code with root privileges.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2.4.8+dfsg-9squeeze4.

For the stable distribution (wheezy), this problem has been fixed in
version 2.4.16+dfsg-1+deb7u3.

For the unstable distribution (sid), this problem has been fixed in
version 2.4.16+dfsg-1.4.

We recommend that you upgrade your torque packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1

iQIcBAEBCgAGBQJTfxKGAAoJEAVMuPMTQ89EQp8QAJnp462bdRlyCSh0flxIxdnF
m1TwK9I76qWhbxIF/f6uxFB/AF7lMkLtHzNPvfZr4GwNXNgcb9oTSf4vs1olccwI
VfJsvt1vwaAhKjFmTiP8LlnAfL7LPFnOIs7yYVquLZ2pDOYlgOTQURL5sSSiSJ/H
8IjxgvASJMPLF/vQNTBOxOKJhqerloQXmBtHbYuMwglOx4c6K+d8mNTMlB1TO+M2
KO90E5PBq1gK3tJ02XXy4/ykS3bqBaW6U7IvEtzCC8z/yxoqIvZFQwdWKHDjB2wE
a6RTzNUD9p24ShXLzabJQGD++H+3VnpECzj+wjh1sQN8pE/2KlzJoIiRfBsce3jt
1mzvMBIJNwhie5VKRqI/KlEl6C+AAMqAIvXORWhO9HYmTcdD8YFpkAF28cW1f++C
xwr3V1WKXZQnFHEO02sLoxKXcCinHvTF8C55vVlxZO6Lng06w5Braun46v8i0zGy
oq1Tu9kHF7DYsRaENStTBaeaq4SuVKzGxMtFN+HYZDAWxx1uRjZFyShr6BDup6im
ROS38IgdV1cuE7v1wnk8YVzxxryao+JYQgItGrsgabC3ojbUEvpUIObMZ6wdyA5Q
dMSl6qxQWcQMG5ANmSDmnCUbYXGB0ibL/jUUXOuZCQbcSPABnr+KoQ6BG5BUEgRY
290BbLzaKsviiMhHG0CN
=rBXi
—–END PGP SIGNATURE—–


To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of “unsubscribe”. Trouble? Contact listmaster@lists.debian.org
Archive: https://lists.debian.org/E1Wnldb-0004Gq-HP@master.debian.org

AutorMarko Stanec
Cert idNCERT-REF-2014-05-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostaci u jezgri operacijskog sustava

Otkriveni su sigurnosni nedostaci u jezgri operacijskog sustava Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja usluge, zaobilaženje postavljenih...

Close