Описание
ELSA-2013-0120: quota security and bug fix update (LOW)
[1:3.13-8.0.1]
- Add ocfs2 support (Orabug: 14208111)
[1:3.13-8]
- Fix CVE-2012-3417 (incorrect use of tcp_wrappers) (Resolves: #841448)
[1:3.13-7]
- Fix parsing numeric arguments of setquota (Resolves: #831520)
[1:3.13-6]
- Do not use real domains in warnquota example (Resolves: #680429)
- Use /proc/mounts for mountpoint scanning (Resolves: #689822)
- Use rq_bsize to convert quotas transferred by RPC (bug #667360)
- Make RPC block factor dynamic (bug #667360)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
quota
3.13-8.0.1.el5
Oracle Linux x86_64
quota
3.13-8.0.1.el5
Oracle Linux i386
quota
3.13-8.0.1.el5
Связанные CVE
Связанные уязвимости
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota ...
The good_client function in rquotad (rquota_svc.c) in Linux DiskQuota (aka quota) before 3.17 invokes the hosts_ctl function the first time without a host name, which might allow remote attackers to bypass TCP Wrappers rules in hosts.deny.