http://annyung.oops.org/?m=update&p=1.3 AnNyung 1.3 Update Notice euc-kr 2003-2010 OOPS Development Organization Wed, 08 Sep 2010 11:36:14 +0900 Annyng Update RSS Notifier 1.1 http://oops.org (±èÁ¤±Õ) http://annyung.oops.org/?m=update&p=1.3&t=1279043819&n=304 http://annyung.oops.org/?m=update&p=1.3&t=1279043819&n=304 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> krb5 º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 1.3.4-62.el48.2 update - fixed CVE-2010-1321 CVE-2010-1321: The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via an AP-REQ message in which the authenticator's checksum field is missing. <span class="title">Autoupdates Áö¿ø</span> : Packages System pkgadd -F &quot;krb5*&quot; <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/auth/krb5-libs-1.3.4-62.el48.2.i686.rpm">krb5-libs-1.3.4-62.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/auth/krb5-server-1.3.4-62.el48.2.i686.rpm">krb5-server-1.3.4-62.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/auth/krb5-workstation-1.3.4-62.el48.2.i686.rpm">krb5-workstation-1.3.4-62.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/auth/krb5-devel-1.3.4-62.el48.2.i686.rpm">krb5-devel-1.3.4-62.el48.2.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/krb5-1.3.4-62.el48.2.src.rpm">krb5-1.3.4-62.el48.2.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1321</a> </pre></td></tr> </table> </td></tr> </table> Wed, 14 Jul 2010 02:56:59 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1261333822&n=303 http://annyung.oops.org/?m=update&p=1.3&t=1261333822&n=303 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> strace ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - fixed BZ#538410 <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/strace-4.5.16-1.el48.6.i686.rpm">strace-4.5.16-1.el48.6.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/strace-4.5.16-1.el48.6.src.rpm">strace-4.5.16-1.el48.6.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Mon, 21 Dec 2009 03:30:22 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1279041451&n=302 http://annyung.oops.org/?m=update&p=1.3&t=1279041451&n=302 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> net-snmp ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> * ¹ö±× ¼öÁ¤ - fix trap forwarding from SMUX peers (#462016) - implement 'v1trapaddress' snmpd.conf option to set fixed agent address in outgoing SNMPv1 traps (#437494) - implement 'dontLogTCPWrappersConnects' snmpd.conf option to turn off logging of incoming connections (#444657) - UDP responses are now sent from the interface that received the request (#447947) - snmpd no longer reports '-f' option as deprecated (#440220) - fix parsing of command line parameters to allow hostnames in specification of transport address (#447839) - fix a regression in 5.1.2-15 - snmptrapd no longer passes "<UNKNOWN>" as hostname of sender of received trap (#437494) - fix crash in bulk request processing (#469371) - fix net-snmp package dependencies (#469679) - fix crash when parsing '-LS', '-LF' and '-LO' command line arguments (#469620) - fix UCD-SNMP-MIB::ssCpu* statistics - show one-minute load average instead of average since agent startup (#469607) - fix HOST-RESOURCES-MIB::hrProcessorLoad - show one-minute load average instead of average since last query (#458996) - fix UCD-SNMP-MIB::dskPercent to support filesystems > 32TB (#474161) - fix regressions caused by new compilation flags - fix ifSpeed of inactive interfaces (#562754) <span class="title">Autoupdates Áö¿ø</span> : Packages System pkgadd -F net-snmp* pkgadd -F perl-SNMP <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/monitor/net-snmp-5.1.2-18.el48.2.i686.rpm">net-snmp-5.1.2-18.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/monitor/net-snmp-devel-5.1.2-18.el48.2.i686.rpm">net-snmp-devel-5.1.2-18.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/monitor/net-snmp-utils-5.1.2-18.el48.2.i686.rpm">net-snmp-utils-5.1.2-18.el48.2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/perl/perl-SNMP-5.1.2-18.el48.2.i686.rpm">perl-SNMP-5.1.2-18.el48.2.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/net-snmp-5.1.2-18.el48.2.src.rpm">net-snmp-5.1.2-18.el48.2.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Wed, 14 Jul 2010 02:17:31 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1278699050&n=301 http://annyung.oops.org/?m=update&p=1.3&t=1278699050&n=301 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> perl º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> º¸¾È¹ö±× fix: . CVE-2008-5302 Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. . CVE-2010-1168 he Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the (a) DESTROY and (b) AUTOLOAD methods, related to "automagic methods." . CVE-2010-1447 The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving subroutine references and delayed execution. . CVE-2008-5302 Race condition in the rmtree function in File::Path 1.08 and 2.07 (lib/File/Path.pm) in Perl 5.8.8 and 5.10.0 allows local users to create arbitrary setuid binaries via a symlink attack, a different vulnerability than CVE-2005-0448, CVE-2004-0452, and CVE-2008-2827. NOTE: this is a regression error related to CVE-2005-0448. It is different from CVE-2008-5303 due to affected versions. <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/perl-5.8.8-32.el5.i686.rpm">perl-5.8.8-32.el5.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/perl-5.8.8-32.el5.src.rpm">perl-5.8.8-32.el5.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5302</a> </pre></td></tr> </table> </td></tr> </table> Sat, 10 Jul 2010 03:10:50 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1278692546&n=300 http://annyung.oops.org/?m=update&p=1.3&t=1278692546&n=300 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> php 5.x º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> * º¸¾È ¹ö±× fix . CVE-2010-0397 The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument. . CVE-2010-2225 Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3.2 allows remote attackers to execute arbitrary code or obtain sensitive information via serialized data, related to the PHP unserialize function. <span class="title">Autoupdates Áö¿ø</span> : ÀϺΠ<span class="sup">Áö¿ø</span> pkgsysupdate -v pkgadd -F "php*" <span class="title">update ÆÐÅ°Áö</span> RPMS : + PHP5 . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/php-binary-5.2.6-7.i686.rpm">php-binary-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-5.2.6-7.i686.rpm">php-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-fcgi-5.2.6-7.i686.rpm">php-fcgi-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-devel-5.2.6-7.i686.rpm">php-devel-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-gd-5.2.6-7.i686.rpm">php-gd-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mssql-5.2.6-7.i686.rpm">php-mssql-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-bcmath-5.2.6-7.i686.rpm">php-bcmath-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-geoip-5.2.6-7.i686.rpm">php-geoip-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mysql-5.2.6-7.i686.rpm">php-mysql-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-gettext-5.2.6-7.i686.rpm">php-gettext-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mysqli-5.2.6-7.i686.rpm">php-mysqli-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-bz2-5.2.6-7.i686.rpm">php-bz2-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-hash-5.2.6-7.i686.rpm">php-hash-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-openssl-5.2.6-7.i686.rpm">php-openssl-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-calendar-5.2.6-7.i686.rpm">php-calendar-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-iconv-5.2.6-7.i686.rpm">php-iconv-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-5.2.6-7.i686.rpm">php-pdo-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-curl-5.2.6-7.i686.rpm">php-curl-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-imap-5.2.6-7.i686.rpm">php-imap-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-mysql-5.2.6-7.i686.rpm">php-pdo-mysql-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-dba-5.2.6-7.i686.rpm">php-dba-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-korean-5.2.6-7.i686.rpm">php-korean-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-pgsql-5.2.6-7.i686.rpm">php-pdo-pgsql-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-krisp-5.2.6-7.i686.rpm">php-krisp-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pgsql-5.2.6-7.i686.rpm">php-pgsql-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-eaccelerator-5.2.6-7.i686.rpm">php-eaccelerator-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-rrd-5.2.6-7.i686.rpm">php-rrd-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-exif-5.2.6-7.i686.rpm">php-exif-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mcrypt-5.2.6-7.i686.rpm">php-mcrypt-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-sockets-5.2.6-7.i686.rpm">php-sockets-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-fileinfo-5.2.6-7.i686.rpm">php-fileinfo-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-memcache-5.2.6-7.i686.rpm">php-memcache-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-sqlite-5.2.6-7.i686.rpm">php-sqlite-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-ftp-5.2.6-7.i686.rpm">php-ftp-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mhash-5.2.6-7.i686.rpm">php-mhash-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-yp-5.2.6-7.i686.rpm">php-yp-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-nis-5.2.6-7.i686.rpm">php-nis-5.2.6-7.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-json-5.2.6-7.i686.rpm">php-json-5.2.6-7.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/php-5.2.6-7.src.rpm">php-5.2.6-7.src.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/php-extension-5.2.6-7.src.rpm">php-extension-5.2.6-7.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0397" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0397</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2225</a> </pre></td></tr> </table> </td></tr> </table> Sat, 10 Jul 2010 01:22:26 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1275852246&n=299 http://annyung.oops.org/?m=update&p=1.3&t=1275852246&n=299 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> libkrisp ¹ö±× ¼öÁ¤ </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 2.1.5-1 ¾÷µ¥ÀÌÆ®: - 2.1.4-1 ¾÷µ¥ÀÌÆ® ÀÌ ÈÄ, loinip field typeÀÌ À߸ø µÇ¾î À߸øµÈ °á°ú ³ª¿À´Â ¹®Á¦ ÇØ°á <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> pkgsysupdate or pkgadd -F "libkrisp*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-2.1.5-1.i686.rpm">libkrisp-2.1.5-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-devel-2.1.5-1.i686.rpm">libkrisp-devel-2.1.5-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/libkrisp-2.1.5-1.src.rpm">libkrisp-2.1.5-1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://devel.oops.org/index.php?c=5" TARGET="_blank">http://devel.oops.org/index.php?c=5</a> <A HREF="http://devel.oops.org/viewtopic.php?t=85" TARGET="_blank">http://devel.oops.org/viewtopic.php?t=85</a> </pre></td></tr> </table> </td></tr> </table> Mon, 07 Jun 2010 04:24:06 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1275739681&n=298 http://annyung.oops.org/?m=update&p=1.3&t=1275739681&n=298 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> libkrisp ¹ö±× ¼öÁ¤ </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 2.1.4-1 ¾÷µ¥ÀÌÆ®: - 2.1.2-2 ¾÷µ¥ÀÌÆ® ÀÌ ÈÄ, krnic data °Ë»ö ½ÇÆÐÇÏ´Â ¹®Á¦ ¼öÁ¤ - 201006 database update <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> pkgsysupdate or pkgadd -F "libkrisp*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-2.1.4-1.i686.rpm">libkrisp-2.1.4-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-devel-2.1.4-1.i686.rpm">libkrisp-devel-2.1.4-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/libkrisp-2.1.4-1.src.rpm">libkrisp-2.1.4-1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://devel.oops.org/index.php?c=5" TARGET="_blank">http://devel.oops.org/index.php?c=5</a> <A HREF="http://devel.oops.org/viewtopic.php?t=85" TARGET="_blank">http://devel.oops.org/viewtopic.php?t=85</a> </pre></td></tr> </table> </td></tr> </table> Sat, 05 Jun 2010 21:08:01 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1273919363&n=297 http://annyung.oops.org/?m=update&p=1.3&t=1273919363&n=297 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> initscript ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> * SSH_LANG Áö¿ø SSH client¿¡¼­ SSH_LANG ȯ°æ º¯¼ö¸¦ Àü¼ÛÇϸé, LANG ȯ°æ º¯¼ö¿¡ ¹Ý¿µÇϵµ·Ï Áö¿ø <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> pkgsysupdate -v <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/initscripts-6.67-16.i686.rpm">initscripts-6.67-16.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/initscripts-6.67-16.src.rpm">initscripts-6.67-16.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Sat, 15 May 2010 19:29:23 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1273728407&n=296 http://annyung.oops.org/?m=update&p=1.3&t=1273728407&n=296 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> openssh ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - 5.5p1 update * openssh ¾È³ç ¹öÀüÀÇ Ãß°¡ »çÇ× . -H ¿É¼ÇÀ¸·Î host key check¸¦ ÇÏÁö ¾ÊÀ» ¼ö ÀÖ½À´Ï´Ù. ½ºÅ©¸³Æ®¸¦ µ¹¸± °æ¿ì key µî·ÏÀÌ µÇ¾î ÀÖÁö ¾Ê¾Æ¼­ blockÀÌ µÇ´Â °æ¿ì À¯¿ëÇÏ°Ô »ç¿ëÇÒ ¼ö ÀÖ½À´Ï´Ù. . ssh ÇѱÛ.com°ú °°ÀÌ multibyte µµ¸ÞÀÎÀ» Á÷Á¢ »ç¿ëÇÏ½Ç ¼ö ÀÖ½À´Ï´Ù. . 5.5p1 ºÎÅÍ sftp readline patch°¡ Á¦°Å µÇ¾ú½À´Ï´Ù. <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/openssh-5.5p1-1.i686.rpm">openssh-5.5p1-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/openssh-clients-5.5p1-1.i686.rpm">openssh-clients-5.5p1-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/openssh-server-5.5p1-1.i686.rpm">openssh-server-5.5p1-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/openssh-5.5p1-1.src.rpm">openssh-5.5p1-1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://openssh.org/txt/release-5.5" TARGET="_blank">http://openssh.org/txt/release-5.5</a> </pre></td></tr> </table> </td></tr> </table> Thu, 13 May 2010 14:26:47 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1270837919&n=295 http://annyung.oops.org/?m=update&p=1.3&t=1270837919&n=295 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> libkrisp ¹ö±× ¼öÁ¤ </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 2.1.2-2 ¾÷µ¥ÀÌÆ®: - Çѱ¹ IP°¡ ¾Æ´Ò °æ¿ì, ±¹°¡ Á¤º¸°¡ Çѱ¹À¸·Î ³ª¿À´Â ¹®Á¦ ¼öÁ¤ - 201004 database update <span class="title">Autoupdates Áö¿ø</span> : Pakcages System ÀÌ¿ë pkgadd -F "libkrisp*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-2.1.2-2.i686.rpm">libkrisp-2.1.2-2.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/libkrisp-devel-2.1.2-2.i686.rpm">libkrisp-devel-2.1.2-2.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/libkrisp-2.1.2-2.src.rpm">libkrisp-2.1.2-2.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://devel.oops.org/index.php?c=5" TARGET="_blank">http://devel.oops.org/index.php?c=5</a> <A HREF="http://devel.oops.org/viewtopic.php?t=85" TARGET="_blank">http://devel.oops.org/viewtopic.php?t=85</a> </pre></td></tr> </table> </td></tr> </table> Sat, 10 Apr 2010 03:31:59 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1270127615&n=294 http://annyung.oops.org/?m=update&p=1.3&t=1270127615&n=294 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> sendmail º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 8.14.4 update CVE-2009-4565 fixed CVE-2009-4565: sendmail before 8.14.4 does not properly handle a '\0' character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. * ÁÖÀÇ sendmail update ÈÄ¿¡, ±âÁ¸ÀÇ sendmail.cf ´Â sendmail.cf.rpmsave ·Î ¹é¾÷ÀÌ µË´Ï´Ù. ±×·¯¹Ç·Î ÀÌÀüÀÇ ¼³Á¤À» »õ sendmail.cf ¿¡ Àû¿ëÇØ ÁÖ¼Å¾ß ÇÕ´Ï´Ù. ¼³Ä¡µÈ ±âº»°ªÀ¸·Î »ç¿ëÇϽŠ´Ù¸é ½Å°æ¾²Áö ¾Ê¾Æµµ »ó°ü ¾ø½À´Ï´Ù. <span class="title">Autoupdates Áö¿ø</span> : Packages System pkgadd -F "sendmail*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/mail/sendmail-8.14.4-1.i686.rpm">sendmail-8.14.4-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/mail/sendmail-devel-8.14.4-1.i686.rpm">sendmail-devel-8.14.4-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/mail/sendmail-cf-8.14.4-1.i686.rpm">sendmail-cf-8.14.4-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/sendmail-8.14.4-1.src.rpm">sendmail-8.14.4-1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4565</a> </pre></td></tr> </table> </td></tr> </table> Thu, 01 Apr 2010 22:13:35 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1250682046&n=293 http://annyung.oops.org/?m=update&p=1.3&t=1250682046&n=293 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> curl º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 7.12.1-11.1.el4.1 update - fixed CVE-2009-2417 CVE-2009-2417: lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a ' </pre></td></tr> </table> </td></tr> </table> Wed, 19 Aug 2009 20:40:46 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1270123447&n=292 http://annyung.oops.org/?m=update&p=1.3&t=1270123447&n=292 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> openssl097 º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> openssl097a ÆÐÅ°Áö´Â openssl 0.9.7 library ¸¦ link Çϵµ·Ï ºôµåµÈ ¹ÙÀ̳ʸ®³ª openssl 0.9.7 À» ¿ä±¸ÇÏ´Â ºôµåȯ°æÀ» À§ÇÏ¿© Á¦°øµÇ´Â ȣȯ ¶óÀ̺귯¸® ÀÔ´Ï´Ù. ÀÌ ¶óÀ̺귯¸®¸¦ ÀÌ¿ëÇÏ¿© ºôµå¸¦ ÇÒ °æ¿ì¿¡´Â ´ÙÀ½ÀÇ »çÇ×À» ÁÖÀÇÇØ¾ß ÇÕ´Ï´Ù. ÀÌ ¶óÀ̺귯¸®´Â RHEL 4 ÀÇ openssl 0.9.7a-43.17.el48.5 ¸¦ ÀÌ¿ëÇÏ¿© ÀÛ¼ºÀÌ µÇ¾ú ½À´Ï´Ù. 1. header file include ½Ã.. #include &lt;openssl/xxx.h&gt; ¸¦ #include &lt;openssl097a/xxx.h&gt; ·Î ¼öÁ¤ÇØ¾ß ÇÕ´Ï´Ù. 2. library ¸µÅ©½Ã.. -lssl À̳ª -lcrypto ÀÇ °æ¿ì -lssl097a ³ª -lcrypto097a ·Î ¼öÁ¤Çؼ­ ºôµå ÇØ¾ß ÇÕ´Ï´Ù. Security fix - CVE-2009-0590 - CVE-2009-2409 - CVE-2009-3555 CVE-2009-0590 The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length. CVE-2009-2409 The Network Security Services (NSS) library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large. CVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a "plaintext injection" attack, aka the "Project Mogul" issue. <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> pkgsysupdate <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/openssl097a-0.9.7a-43.17.el48.5.noarch.rpm">openssl097a-0.9.7a-43.17.el48.5.noarch.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/library/openssl097a-devel-0.9.7a-43.17.el48.5.noarch.rpm">openssl097a-devel-0.9.7a-43.17.el48.5.noarch.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/doc/openssl097a-doc-0.9.7a-43.17.el48.5.noarch.rpm">openssl097a-doc-0.9.7a-43.17.el48.5.noarch.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/openssl097a-0.9.7a-43.17.el48.5.src.rpm">openssl097a-0.9.7a-43.17.el48.5.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555</a> </pre></td></tr> </table> </td></tr> </table> Thu, 01 Apr 2010 21:04:07 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1269864361&n=291 http://annyung.oops.org/?m=update&p=1.3&t=1269864361&n=291 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> tar º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - security fix CVE-2007-4476 CVE-2010-0624 CVE-2007-4476: Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack." CVE-2010-0624: Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/tar-1.14-16.el48.1.i686.rpm">tar-1.14-16.el48.1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/tar-1.14-16.el48.1.src.rpm">tar-1.14-16.el48.1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4476</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624</a> </pre></td></tr> </table> </td></tr> </table> Mon, 29 Mar 2010 21:06:01 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1269864111&n=290 http://annyung.oops.org/?m=update&p=1.3&t=1269864111&n=290 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> cpio º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - security fix CVE-2010-0624 - fix writing multitape archives (bz#253917) CVE-2010-0624: Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character. <span class="title">Autoupdates Áö¿ø</span> : <span class="sup">Áö¿ø</span> <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/cpio-2.5-16.el48.1.i686.rpm">cpio-2.5-16.el48.1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/cpio-2.5-16.el48.1.src.rpm">cpio-2.5-16.el48.1.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0624</a> </pre></td></tr> </table> </td></tr> </table> Mon, 29 Mar 2010 21:01:51 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1268382421&n=289 http://annyung.oops.org/?m=update&p=1.3&t=1268382421&n=289 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> mysql ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - mysql 5.0.90 update <span class="title">Autoupdates Áö¿ø</span> : Packages System pkgadd -F "mysql*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/db/mysql/mysql-5.0.90-1.i686.rpm">mysql-5.0.90-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/db/mysql/mysql-devel-5.0.90-1.i686.rpm">mysql-devel-5.0.90-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/db/mysql/mysql-client-5.0.90-1.i686.rpm">mysql-client-5.0.90-1.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/db/mysql/mysql-shared-5.0.90-1.i686.rpm">mysql-shared-5.0.90-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/mysql-5.0.90-1.src.rpm">mysql-5.0.90-1.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Fri, 12 Mar 2010 17:27:01 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1268155791&n=288 http://annyung.oops.org/?m=update&p=1.3&t=1268155791&n=288 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> proftpd ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> 1.3.2e-1 ¾÷µ¥ÀÌÆ® * ¼öÁ¤ »çÇ× - Bug 3342 - FEAT response contains LF without preceding CR. <span class="title">Autoupdates Áö¿ø</span> : <span class='sup'>Áö¿ø</span> pkgsysupdate pkgadd -F proftpd-devel <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/proftpd-1.3.2e-1.i686.rpm">proftpd-1.3.2e-1.i686.rpm</a> . <a href='/devel/proftpd-devel-1.3.2e-1.i686.rpm'>proftpd-devel-1.3.2e-1.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/proftpd-1.3.2e-1.src.rpm">proftpd-1.3.2e-1.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Wed, 10 Mar 2010 02:29:51 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1264412505&n=287 http://annyung.oops.org/?m=update&p=1.3&t=1264412505&n=287 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> php 5.x º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> * º¸¾È ¹ö±× fix . CVE-2009-2687 The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353. . CVE-2009-3291 The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. . CVE-2009-3292 Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing." . CVE-2009-3546 The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information. . CVE-2009-4017 PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive. . CVE-2009-4142 The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. * sqlrelqy 0.41 update <span class="title">Autoupdates Áö¿ø</span> : ÀϺΠ<span class="sup">Áö¿ø</span> pkgsysupdate -v pkgadd -F "php*" <span class="title">update ÆÐÅ°Áö</span> RPMS : + PHP5 . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/php-binary-5.2.6-6.i686.rpm">php-binary-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-5.2.6-6.i686.rpm">php-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-fcgi-5.2.6-6.i686.rpm">php-fcgi-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-devel-5.2.6-6.i686.rpm">php-devel-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-gd-5.2.6-6.i686.rpm">php-gd-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mssql-5.2.6-6.i686.rpm">php-mssql-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-bcmath-5.2.6-6.i686.rpm">php-bcmath-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-geoip-5.2.6-6.i686.rpm">php-geoip-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mysql-5.2.6-6.i686.rpm">php-mysql-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-gettext-5.2.6-6.i686.rpm">php-gettext-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mysqli-5.2.6-6.i686.rpm">php-mysqli-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-bz2-5.2.6-6.i686.rpm">php-bz2-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-hash-5.2.6-6.i686.rpm">php-hash-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-openssl-5.2.6-6.i686.rpm">php-openssl-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-calendar-5.2.6-6.i686.rpm">php-calendar-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-iconv-5.2.6-6.i686.rpm">php-iconv-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-5.2.6-6.i686.rpm">php-pdo-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-curl-5.2.6-6.i686.rpm">php-curl-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-imap-5.2.6-6.i686.rpm">php-imap-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-mysql-5.2.6-6.i686.rpm">php-pdo-mysql-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-dba-5.2.6-6.i686.rpm">php-dba-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-korean-5.2.6-6.i686.rpm">php-korean-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pdo-pgsql-5.2.6-6.i686.rpm">php-pdo-pgsql-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-krisp-5.2.6-6.i686.rpm">php-krisp-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-pgsql-5.2.6-6.i686.rpm">php-pgsql-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-eaccelerator-5.2.6-6.i686.rpm">php-eaccelerator-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-rrd-5.2.6-6.i686.rpm">php-rrd-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-exif-5.2.6-6.i686.rpm">php-exif-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mcrypt-5.2.6-6.i686.rpm">php-mcrypt-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-sockets-5.2.6-6.i686.rpm">php-sockets-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-fileinfo-5.2.6-6.i686.rpm">php-fileinfo-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-memcache-5.2.6-6.i686.rpm">php-memcache-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-sqlite-5.2.6-6.i686.rpm">php-sqlite-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-ftp-5.2.6-6.i686.rpm">php-ftp-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-mhash-5.2.6-6.i686.rpm">php-mhash-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-yp-5.2.6-6.i686.rpm">php-yp-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-nis-5.2.6-6.i686.rpm">php-nis-5.2.6-6.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/language/php/php-json-5.2.6-6.i686.rpm">php-json-5.2.6-6.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/php-5.2.6-6.src.rpm">php-5.2.6-6.src.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/php-extension-5.2.6-6.src.rpm">php-extension-5.2.6-6.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2687" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2687</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3546</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4142</a> </pre></td></tr> </table> </td></tr> </table> Mon, 25 Jan 2010 18:41:45 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1264354872&n=286 http://annyung.oops.org/?m=update&p=1.3&t=1264354872&n=286 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> bind º¸¾È ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> - 9.4.3-5 (9.4.3-P5) update - root name server information update - fixed CVE-2010-0097 - fixed CVE-2010-0290 . CVE-2010-0097: A flaw was found in the BIND DNSSEC NSEC/NSEC3 validation code. If BIND was running as a DNSSEC-validating resolver, it could incorrectly cache NXDOMAIN responses, as if they were valid, for records proven by NSEC or NSEC3 to exist. A remote attacker could use this flaw to cause a BIND server to return the bogus, cached NXDOMAIN responses for valid records and prevent users from retrieving those records (denial of service). . CVE-2010-0290: The original fix for CVE-2009-4022 was found to be incomplete. BIND was incorrectly caching certain responses without performing proper DNSSEC validation. CNAME and DNAME records could be cached, without proper DNSSEC validation, when received from processing recursive client queries that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries. <span class="title">Autoupdates Áö¿ø</span> : ÀϺΠ<span class="sup">Áö¿ø</span> pkgsysupdate && pkgadd -F "bind*" <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/dns/bind-9.4.3-5.i686.rpm">bind-9.4.3-5.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/i686/OOPS/RPMS/bind-utils-9.4.3-5.i686.rpm">bind-utils-9.4.3-5.i686.rpm</a> . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/dns/bind-devel-9.4.3-5.i686.rpm">bind-devel-9.4.3-5.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/bind-9.4.3-5.src.rpm">bind-9.4.3-5.src.rpm</a> <span class="title">Âü°í</span> : <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0097</a> <A HREF="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290" TARGET="_blank">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0290</a> </pre></td></tr> </table> </td></tr> </table> Mon, 25 Jan 2010 02:41:12 +0900 ±èÁ¤±Õ http://annyung.oops.org/?m=update&p=1.3&t=1264353000&n=285 http://annyung.oops.org/?m=update&p=1.3&t=1264353000&n=285 <table width="100%" border="0" cellpadding="0" cellspacing="1"> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="font: 12px ±¼¸²Ã¼,monospace; font-weight: bold; color: #ffffff;"> ypserv ¾÷µ¥ÀÌÆ® </td></tr> </table> </td></tr> <tr><td style="background-color: #000000;"> <table width="100%" border="0" cellpadding="3" cellspacing="1"> <tr><td style="background-color: #ffffff; font-size: 11px;"><pre> <span class="title">»ó¼¼³»¿ë</span> * in the previous ypserv package, ypserv logged a lot of common errors that are safe to ignore. In this updated package, the verbosity of ypserv logs has been decreased for certain common errors. * some binaries -- mainly ypserv -- were stripped of debugging symbols, even though a debuginfo package was available. In these cases, no debugging symbols were available when using ypservb. * in the previous ypserv package, "/var/yp/Makefile" did not fail when the NIS/YP domain name was set to "none". This was seen by running the "make -C /var/yp" command. Now, for these situations, the "make -C /var/yp" command fails, and an error occurs. <span class="title">Autoupdates Áö¿ø</span> : Packages system pkgadd -F ypserv <span class="title">update ÆÐÅ°Áö</span> RPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/Packages/net/auth/ypserv-2.19-15.el5.i686.rpm">ypserv-2.19-15.el5.i686.rpm</a> SRPMS : . <A HREF="ftp://mirror.oops.org/pub/AnNyung/1.0/SRPMS/SRPMS/ypserv-2.19-15.el5.src.rpm">ypserv-2.19-15.el5.src.rpm</a> <span class="title">Âü°í</span> : </pre></td></tr> </table> </td></tr> </table> Mon, 25 Jan 2010 02:10:00 +0900 ±èÁ¤±Õ