wget 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1260039144
업데이트 : 2009.12.06
상세내용
0.24.7-4.el48.2 update
- fixed CVE-2009-3490
CVE-2009-3490:
GNU Wget before 1.12 does not properly handle a '\0' character in a domain
name in the Common Name field of an X.509 certificate, which allows
man-in-the-middle remote attackers to spoof arbitrary SSL servers via a
crafted certificate issued by a legitimate Certification Authority, a
related issue to CVE-2009-2408.
Autoupdates 지원 : Packages System
pkgadd -F ngrep
update 패키지
RPMS :
. wget-1.10.2-1.el48.1.i686.rpm
SRPMS :
. wget-1.10.2-1.el48.1.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3490
|