Fedora 10 Update: trickle-1.07-7.fc10 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 20th, 2013

Linux Advisory Watch: May 17th, 2013

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora 10 Update: trickle-1.07-7.fc10

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle: Possibility to load arbitrary code from current working directory

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2009-1694
2009-02-13 20:56:49
--------------------------------------------------------------------------------

Name        : trickle
Product     : Fedora 10
Version     : 1.07
Release     : 7.fc10
URL         : http://monkey.org/~marius/pages/?page=trickle
Summary     : Portable lightweight userspace bandwidth shaper
Description :
trickle is a portable lightweight userspace bandwidth shaper.
It can run in collaborative mode or in stand alone mode.

trickle works by taking advantage of the unix loader preloading.
Essentially it provides, to the application,
a new version of the functionality that is required
to send and receive data through sockets.
It then limits traffic based on delaying the sending
and receiving of data over a socket.
trickle runs entirely in userspace and does not require root privileges.

--------------------------------------------------------------------------------
Update Information:

New patch for CVE-2009-0415 Fix for #484065 - CVE-2009-0415 trickle: Possibility
to load arbitrary code from current working directory
--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb 12 2009 Nicoleau Fabien  1.07-7
- Replace sed with a patch for #484065 (CVE-2009-0415)
* Fri Feb  6 2009 Nicoleau Fabien  1.07-6
- Add a fix for bug #484065 (CVE-2009-0415)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #484065 - CVE-2009-0415 trickle: Possibility to load arbitrary code from current working directory
        https://bugzilla.redhat.com/show_bug.cgi?id=484065
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update trickle' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

< Prev		Next >

Partner

Latest Features

Securing a Linux Web Server

Password guessing with Medusa 2.0

Password guessing as an attack vector

Squid and Digest Authentication

Squid and Basic Authentication

Demystifying the Chinese Hacking Industry: Earning 6 Million a Night

Free Online security course (LearnSIA) - A Call for Help

What You Need to Know About Linux Rootkits

Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition

Using the sec-wall Security Proxy

Yesterday's Edition

Large Attacks Hide More Subtle Threats In DDoS Data

Pressure mounts for building in security during application development

Partner Sponsor