|
|||||||||||||||||||||
-
Summary
Various updates are available for Gentoo Linux:
- media-libs/jasper versions < 1.900.1-r4 could allow an attacker to execute arbitrary code or conduct a Denial of Service attack. See: http://www.gentoo.org/security/en/glsa/glsa-201201-10.xml
- app-crypt/mit-krb5 versions < 1.9.2-r1 has multiple vulnerabilities related to those found in the MIT Kerberos 5. See: http://www.gentoo.org/security/en/glsa/glsa-201201-13.xml Update to the latest version 1.9.2-r1 or later
- app-crypt/mit-krb5-appl versions < 1.0.2-r1 are vulnerable to arbitrary code execution, with privileges of the user running telnet daemon/client. Additionally, attackers could read/write files owned by FTP daemon. See: http://www.gentoo.org/
security/en/glsa/glsa-201201- 14.xml Update to the latest version - fwbuilder versions < 3.0.7 suffers from insecure temporary file usage. An attack could overwrite files See: http://security.gentoo.org/glsa/glsa-201201-11.xm Update to the latest version
-
Fix
Update to the latest version(s) – See links in the Summary for instructions.
-
Source
Gentoo.org
Disclaimer: Salvus Alerting provides timely industry related information to its subscriber community and visitors for informational purposes only and makes every effort to distribute accurate and reliable information. Any information provided, is considered “as-is” and the subscriber and/or visitor assumes all responsibility for its uses. Salvus Alerting disclaims all warranties with regard to the information being provided, including all implied warranties of merchantability and fitness. In no event shall Salvus Alerting be liable for any special, indirect or consequential damages or any damages whatsoever resulting from loss of use, data or profits, whether in an action of contract, negligence or other legal action, arising out of or in connection with the use or performance of this information being provided. Salvus Systems and Salvus Alerting is a wholly owned and operated by FactNgN, LLC.