SCIENTIFIC-LINUX-ERRATA Archives

March 2011

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: scsi-target-utils on SL5.x, SL6.x i386/x86_64
From:
Troy Dawson <[log in to unmask]>
Reply To:
Troy Dawson <[log in to unmask]>
Date:
Thu, 10 Mar 2011 13:17:45 -0600
Content-Type:
text/plain
Parts/Attachments:
text/plain (32 lines) 
Synopsis:	Important: scsi-target-utils security update

Issue date:	2011-03-09

CVE Names:	CVE-2011-0001



A double-free flaw was found in scsi-target-utils' tgtd daemon. A remote

attacker could trigger this flaw by sending carefully-crafted network

traffic, causing the tgtd daemon to crash. (CVE-2011-0001)



All running scsi-target-utils services must be restarted for the update 

to take effect.



SL 5.x



       SRPMS:

scsi-target-utils-1.0.8-0.el5_6.1.src.rpm

       i386:

scsi-target-utils-1.0.8-0.el5_6.1.i386.rpm

       x86_64:

scsi-target-utils-1.0.8-0.el5_6.1.x86_64.rpm



SL 6.x



       SRPMS:

scsi-target-utils-1.0.4-3.el6_0.1.src.rpm

       i386:

scsi-target-utils-1.0.4-3.el6_0.1.i686.rpm

       x86_64:

scsi-target-utils-1.0.4-3.el6_0.1.x86_64.rpm



-Connie Sieh

-Troy Dawson

ATOM RSS1 RSS2