An update for logrotate/ipa is now available for NewStart CGSL MAIN 5.05/CGSL CORE 5.05. NewStart Security has rated this update as having a security impact of moderate. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
logrotate: The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job. Install the logrotate package if you need a utility to deal with the log files on your system. ipa: Cross-realm trusts with Active Directory in IPA require working Samba 4 installation. This package is provided for convenience to install all required dependencies at once.
Security Fix(es): logrotate: Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place.(CVE-2011-1098) logrotate: The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.(CVE-2011-1154) logrotate: The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name.(CVE-2011-1155) logrotate: bugfix ipa: A flaw was found in jQuery. HTML containing
影响组件
logrotate
ipa
影响产品
CGSL MAIN 5.05
CGSL CORE 5.05
更新包
{"fix":[{"product":"CGSL MAIN 5.05","pkgs":[{"binary":["logrotate-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.x86_64.rpm","logrotate-debuginfo-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.x86_64.rpm"],"source":"logrotate-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.src.rpm"},{"binary":["ipa-debuginfo-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-python-compat-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-dns-4.6.8-5.el7.centos.4.noarch.rpm","python2-ipaserver-4.6.8-5.el7.centos.4.noarch.rpm","ipa-client-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-server-trust-ad-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-client-4.6.8-5.el7.centos.4.x86_64.rpm","python2-ipalib-4.6.8-5.el7.centos.4.noarch.rpm","python2-ipaclient-4.6.8-5.el7.centos.4.noarch.rpm"],"source":"ipa-4.6.8-5.el7.centos.4.src.rpm"}]},{"product":"CGSL CORE 5.05","pkgs":[{"binary":["logrotate-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.x86_64.rpm","logrotate-debuginfo-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.x86_64.rpm"],"source":"logrotate-3.8.6-17.el7.cgslv5_5.0.1.gcda2743.src.rpm"},{"binary":["ipa-debuginfo-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-python-compat-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-dns-4.6.8-5.el7.centos.4.noarch.rpm","python2-ipaserver-4.6.8-5.el7.centos.4.noarch.rpm","ipa-client-common-4.6.8-5.el7.centos.4.noarch.rpm","ipa-server-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-server-trust-ad-4.6.8-5.el7.centos.4.x86_64.rpm","ipa-client-4.6.8-5.el7.centos.4.x86_64.rpm","python2-ipalib-4.6.8-5.el7.centos.4.noarch.rpm","python2-ipaclient-4.6.8-5.el7.centos.4.noarch.rpm"],"source":"ipa-4.6.8-5.el7.centos.4.src.rpm"}]}]}