You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa lldpad

Sigurnosni nedostatak programskog paketa lldpad

  • Detalji os-a: WN7
  • Važnost: INF
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-11-03 00:00:04.467603

Name : lldpad
Product : Fedora 29
Version : 1.0.1
Release : 12.git036e314.fc29
Summary : Intel LLDP Agent
Description :
This package contains the Linux user space daemon and configuration tool for
Intel LLDP Agent with Enhanced Ethernet support for the Data Center.

Update Information:

– Add upstream fix for improper sanitization of shell-escape codes when lldptool
parses a mngAddr TLV (CVE-2018-10932). – Add upstream patch to support DSCP
selectors in APP TLVs. This allows configuration of DSCP-based packet
prioritization on capable network devices.

* Tue Oct 23 2018 Petr Machata <> – 1.0.1-12.git036e314
– Add open-lldp-v1.0.1-29-basman_clif-print-the-OID-properly.patch (BZ 1614932,
1614896 (CVE-2018-10932)
– Add open-lldp-v1.0.1-28-support-DSCP-selectors.patch (BZ 1618377)

[ 1 ] Bug #1614896 – CVE-2018-10932 lldptool: improper sanitization of shell-escape codes

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2018-06d56c8c9d’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorToni Vugdelija
Cert idNCERT-REF-2018-11-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa roundcubemail

Otkriven je sigurnosni nedostatak u programskom paketu roundcubemail za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje XSS napada....