Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

USN-624-2: Erlang vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) USN-624-2: Erlang vulnerability
# 1  
Old 04-08-2010
USN-624-2: Erlang vulnerability
Referenced CVEs:
CVE-2008-2371


Description:
===========================================================Ubuntu Security Notice USN-624-2 April 09, 2010erlang vulnerabilityCVE-2008-2371===========================================================A security issue affects the following Ubuntu releases:Ubuntu 9.10This advisory also applies to the corresponding versions ofKubuntu, Edubuntu, and Xubuntu.The problem can be corrected by upgrading your system to thefollowing package versions:Ubuntu 9.10: erlang-base 1:13.b.1-dfsg-2ubuntu1.1In general, a standard system upgrade is sufficient to effect thenecessary changes.Details follow:USN-624-1 fixed a vulnerability in PCRE. This update provides thecorresponding update for Erlang.Original advisory details: Tavis Ormandy discovered that the PCRE library did not correctly handle certain in-pattern options. An attacker could cause applications linked against pcre3 to crash, leading to a denial of service.





More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT ULTRIX

secsetup

secsetup(8)						      System Manager's Manual						       secsetup(8)

Name
       secsetup - enable the enhanced security features

Syntax
       /usr/etc/sec/secsetup

Description
       The command is an interactive facility that allows you to enable the enhanced security features on your system.	You must first have loaded
       the enhanced security subset onto your system before running the command.

       The command allows you to configure your system either for security auditing, trusted path, enhanced login, or  any  combination  of  those
       features.  In addition, the command may add lines to the file.  To remove entries from the you must edit it by hand.  The command only adds
       lines to this file if they aren't already present.  You can run while the system is in multiuser mode (however,	some  inconsistencies  may
       result  from  this.   See the Security Guide for Administrators for more information).  To run type the following and then answer the ques-
       tions that follow:
       # /usr/etc/sec/secsetup
       Depending on the security features chosen, when completes you may need to replace your system's kernel and reboot the system.  For example,
       chosing either the security auditing or trusted path feature may require you to re-build your kernel.

Files
See Also
       set_audit_mask(8), auth(5), svc.conf(5)
       Security Guide for Administrators

																       secsetup(8)