You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa msgpuck i tarantool

Sigurnosni nedostaci programskog paketa msgpuck i tarantool

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

——————————————————————————–
Fedora Update Notification
FEDORA-2016-badd014afe
2016-12-22 02:23:18.167589
——————————————————————————–

Name : msgpuck
Product : Fedora 24
Version : 1.1.3
Release : 1.fc24
URL : https://github.com/rtsisyk/msgpuck
Summary : MsgPack binary serialization library in a self-contained header
Description :
MsgPack is a binary-based efficient object serialization library.
It enables to exchange structured objects between many languages like JSON.
But unlike JSON, it is very fast and small.

msgpuck is very lightweight header-only library designed to be embedded to
your application by the C/C++ compiler. The library is fully documented and
covered by unit tests.

——————————————————————————–
Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037
——————————————————————————–
References:

[ 1 ] Bug #1406682 – CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406682
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade msgpuck’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-2d0c8ba781
2016-12-22 02:23:28.605419
——————————————————————————–

Name : msgpuck
Product : Fedora 25
Version : 1.1.3
Release : 1.fc25
URL : https://github.com/rtsisyk/msgpuck
Summary : MsgPack binary serialization library in a self-contained header
Description :
MsgPack is a binary-based efficient object serialization library.
It enables to exchange structured objects between many languages like JSON.
But unlike JSON, it is very fast and small.

msgpuck is very lightweight header-only library designed to be embedded to
your application by the C/C++ compiler. The library is fully documented and
covered by unit tests.

——————————————————————————–
Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037
——————————————————————————–
References:

[ 1 ] Bug #1406682 – CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406682
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade msgpuck’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-badd014afe
2016-12-22 02:23:18.167589
——————————————————————————–

Name : tarantool
Product : Fedora 24
Version : 1.6.9.52
Release : 1.fc24
URL : http://tarantool.org
Summary : In-memory database and Lua application server
Description :
Tarantool is a high performance in-memory NoSQL database and Lua
application server. Tarantool supports replication, online backup and
stored procedures in Lua.

This package provides the server daemon and admin tools.

——————————————————————————–
Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037
——————————————————————————–
References:

[ 1 ] Bug #1406682 – CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406682
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade tarantool’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-2d0c8ba781
2016-12-22 02:23:28.605419
——————————————————————————–

Name : tarantool
Product : Fedora 25
Version : 1.6.9.52
Release : 1.fc25
URL : http://tarantool.org
Summary : In-memory database and Lua application server
Description :
Tarantool is a high performance in-memory NoSQL database and Lua
application server. Tarantool supports replication, online backup and
stored procedures in Lua.

This package provides the server daemon and admin tools.

——————————————————————————–
Update Information:

Security fix for CVE-2016-9036, CVE-2016-9037
——————————————————————————–
References:

[ 1 ] Bug #1406682 – CVE-2016-9036 CVE-2016-9037 tarantool: Multiple DoS vulnerabilities [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1406682
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade tarantool’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

AutorVlatka Misic
Cert idNCERT-REF-2016-12-0043-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
Izvorhttp://www.adobe.com/
Top
More in Preporuke
Sigurnosni nedostatak programskog paketa Cisco CloudCenter Orchestrator

Otkriven je sigurnosni nedostatak u Docker Engine konfiguraciji Cisco CloudCenter Orchestrator platforme. Otkriveni nedostatak uzrokovan je pogrešnom konfiguracijom, a potencijalnom...

Close