LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2011-8930 (scsi-target-utils)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 14 Update: scsi-target-utils-1.0.18-1.fc14 


Date:
    	      Tue, 12 Jul 2011 04:55:18 +0000


Message-ID:
    	      <20110712045518.8F7D3110D22@bastion02.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-8930
2011-07-01 18:25:19
--------------------------------------------------------------------------------

Name        : scsi-target-utils
Product     : Fedora 14
Version     : 1.0.18
Release     : 1.fc14
URL         : http://stgt.sourceforge.net/
Summary     : The SCSI target daemon and utility programs
Description :
The SCSI target package contains the daemon and tools to setup a SCSI targets.
Currently, software iSCSI targets are supported.

--------------------------------------------------------------------------------
Update Information:

fix double-free vulnerability leads to pre-authenticated crash

fix iscsi target outgoing user binding broken unexpectedly
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 29 2011 Andy Grover <agrover@redhat.com> - 1.0.18-1
- Update to new upstream release
- Remove git-sync patch
* Fri Apr 29 2011 Dan HorĂ¡k <dan[at]danny.cz> - 1.0.14-3
- no InfiniBand on s390(x)
* Thu Mar 17 2011 Andy Grover <agrover@redhat.com> - 1.0.14-2
- Add git-sync patch to get up to 9c1cd78.
* Thu Mar 17 2011 Andy Grover <agrover@redhat.com> - 1.0.14-1
- Update to new upstream release
* Tue Feb 22 2011 Andy Grover <agrover@redhat.com> - 1.0.13-1
- Update to new upstream release
  - Drop merged snprintf-fix and fix-isns-of patches
  - Update dynamic-link-iser patch for new iser module
  - Small fixes to redhatify-docs
* Wed Feb  9 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Tue Jun 29 2010 Mike Christie <mchristie@redhat.com> - 1.0.1-4
- Fix iSNS scn pdu overflows (CVE-2010-2221).
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #667261 - CVE-2011-0001 scsi-target-utils: double-free vulnerability leads to
pre-authenticated crash
        https://bugzilla.redhat.com/show_bug.cgi?id=667261
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update scsi-target-utils' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds