[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntop
Subject:    [Ntop] RHN Errata Alert: Updated Cyrus SASL packages available
From:       Red Hat Network Alert <rhn-alert () redhat ! com>
Date:       2001-11-30 2:41:11
Message-ID: 200111300241.VAA31522 () scripts ! rwc-colo ! redhat ! com
[Download RAW message or body]

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered with the Software Manager
service:

Security Advisory - RHSA-2001:150-06
------------------------------------------------------------------------------
Summary:
Updated Cyrus SASL packages available

Description:
The default logging callback function supplied by the Cyrus SASL library
suffers from a format-string vulnerability.  This function is used when a
server which uses Cyrus SASL attempts to set or change a user's secrets.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2001-0869 to this issue.
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

    - log in to Red Hat Network at https://rhn.redhat.com and from the
      listing showing under 'Your RHN' select the affected servers and
      download or schedule a package update for that system.

    - run the Update Agent on the affected machine.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


---------------------
Affected Systems List
---------------------
This Errata Advisory may apply to the systems listed below. If you know that
this errata does not apply to a system listed, it might be possible that the
package profile for that server is out of date. In that case you should run
'up2date -p' as root on the system in question to refresh your software profile.

There is 1 affected system registered in 'Your RHN' (only systems for
which you have explicitly enabled Errata Alerts are shown).

Release   Arch       Profile Name
--------  --------   ------------
7.2       i686       chargerccsaaoc1                         


The Red Hat Network Team

This message is being sent by Red Hat Network Alert to:
   RHN user login:        mpmpmWWW
   Email address on file: <ntop@ntop.org>


[prev in list] [next in list] [prev in thread] [next in thread]