You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa suricata

Sigurnosni nedostaci programskog paketa suricata

by ncert - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2015-7886
2015-05-10 04:04:10
——————————————————————————–

Name : suricata
Product : Fedora 21
Version : 2.0.8
Release : 1.fc21
URL : http://suricata-ids.org/
Summary : Intrusion Detection System
Description :
The Suricata Engine is an Open Source Next Generation Intrusion
Detection and Prevention Engine. This engine is not intended to
just replace or emulate the existing tools in the industry, but
will bring new ideas and technologies to the field. This new Engine
supports Multi-threading, Automatic Protocol Detection (IP, TCP,
UDP, ICMP, HTTP, TLS, FTP and SMB! ), Gzip Decompression, Fast IP
Matching, and GeoIP identification.

——————————————————————————–
Update Information:

This update fixes a bug in the DER parser which is used to
decode SSL/TLS certificates could crash Suricata. Also, those processing large numbers of (untrusted) pcap files need to update
as a malformed pcap could crash Suricata.
——————————————————————————–
ChangeLog:

* Wed May 6 2015 Steve Grubb <sgrubb@redhat.com> 2.0.8-1
– New upstream security bug fix release
* Thu Feb 26 2015 Steve Grubb <sgrubb@redhat.com> 2.0.7-1
– New upstream security bug fix release for CVE-2015-0928
* Thu Jan 15 2015 Steve Grubb <sgrubb@redhat.com> 2.0.6-1
– New upstream bug fix release
– Don’t use the system libhtp library
* Fri Dec 12 2014 Steve Grubb <sgrubb@redhat.com> 2.0.5-1
– New upstream bug fix release
– Use the system libhtp library
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update suricata’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

AutorMarko Stanec
Cert idNCERT-REF-2015-06-0005-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
ncert
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa fusionforge

Otkriven je sigurnosni nedostatak u programskom paketu fusionforge. Otkriveni nedostatak potencijalnim napadačima omogućuje pokretanje proizvoljnog programskog koda korištenjem posebno oblikovanog...

Close