You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa dracut

Sigurnosni nedostatak programskog paketa dracut

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2016-94d1c64fe2
2016-11-09 22:53:19.739508
——————————————————————————–

Name : dracut
Product : Fedora 24
Version : 044
Release : 21.fc24
URL : https://dracut.wiki.kernel.org/
Summary : Initramfs generator using udev
Description :
dracut contains tools to create a bootable initramfs for 2.6 Linux kernels.
Unlike existing implementations, dracut does hard-code as little as possible
into the initramfs. dracut contains various modules which are driven by the
event-based udev. Having root on MD, DM, LVM2, LUKS is supported as well as
NFS, iSCSI, NBD, FCoE with the dracut-network package.

——————————————————————————–
Update Information:

– fixed permissions of initramfs file, if microcode is prepended
(CVE-2016-8637)
——————————————————————————–
References:

[ 1 ] Bug #1392435 – CVE-2016-8637 dracut: Local information disclosure of initramfs when early cpio is used [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1392435
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade dracut’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorMarijo Plepelic
Cert idNCERT-REF-2016-11-0125-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa jasper

Otkriveni su sigurnosni nedostaci u programskom paketu jasper. Otkriveni nedostaci su uzrokovani dijeljenjem s nulom, neispravnim upravljanjem memorijom i dereferenciranjem...

Close