On SL.62 installation for qpid update needed
matahari-*0.6.0-14.el6, on SL.61 for qpid update needed
matahari-*0.6.0-14.el6, augeas-*0.9.0-4.el6,
libvirt-qmf-0.3.0-7.el6_2, sigar-*1.6.5-0.4.git58097d9.el6. Seems like
these packages not presented on repositories.
--
Best regards,
Elena
В Чтв, 20/09/2012 в 08:34 -0500, Pat Riehecky пишет:
> Synopsis: Moderate: qpid security, bug fix, and enhancement
update
> Issue Date: 2012-09-19
> CVE Numbers: CVE-2012-2145
>
> Apache Qpid is a reliable, cross-platform, asynchronous messaging
system
> that supports the Advanced Message Queuing Protocol (AMQP) in several
> common programming languages.
>
> It was discovered that the Qpid daemon (qpidd) did not allow the
number of
> connections from clients to be restricted. A malicious client could
use
> this flaw to open an excessive amount of connections, preventing other
> legitimate clients from establishing a connection to qpidd.
(CVE-2012-2145)
>
> To address CVE-2012-2145, new qpidd configuration options were
introduced:
> max-negotiate-time defines the time during which initial protocol
> negotiation must succeed, connection-limit-per-user and
> connection-limit-per-ip can be used to limit the number of connections
per
> user and client host IP. Refer to the qpidd manual page for additional
> details.
>
> In addition, the qpid-cpp, qpid-qmf, qpid-tools, and python-qpid
packages
> have been upgraded to upstream version 0.14, which provides a number
of bug
> fixes and enhancements over the previous version.
>
> All users of qpid are advised to upgrade to these updated packages,
which
> fix these issues and add these enhancements.
>
> For dependency resolution saslwrapper, saslwrapper-devel,
> python-saslwrapper,
> and ruby-saslwrapper have been added to this update
>
> SL6
> x86_64
> python-qpid-qmf-0.14-14.el6_3.x86_64.rpm
> qpid-cpp-client-0.14-22.el6_3.i686.rpm
> qpid-cpp-client-0.14-22.el6_3.x86_64.rpm
> qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
> qpid-cpp-client-ssl-0.14-22.el6_3.x86_64.rpm
> qpid-cpp-server-0.14-22.el6_3.i686.rpm
> qpid-cpp-server-0.14-22.el6_3.x86_64.rpm
> qpid-cpp-server-ssl-0.14-22.el6_3.x86_64.rpm
> qpid-qmf-0.14-14.el6_3.i686.rpm
> qpid-qmf-0.14-14.el6_3.x86_64.rpm
> ruby-qpid-qmf-0.14-14.el6_3.x86_64.rpm
>
> Dependencies:
> python-saslwrapper-0.14-1.el6.x86_64.rpm
> ruby-saslwrapper-0.14-1.el6.x86_64.rpm
> saslwrapper-0.14-1.el6.i686.rpm
> saslwrapper-0.14-1.el6.x86_64.rpm
> saslwrapper-devel-0.14-1.el6.i686.rpm
> saslwrapper-devel-0.14-1.el6.x86_64.rpm
> i386
> python-qpid-qmf-0.14-14.el6_3.i686.rpm
> qpid-cpp-client-0.14-22.el6_3.i686.rpm
> qpid-cpp-client-ssl-0.14-22.el6_3.i686.rpm
> qpid-cpp-server-0.14-22.el6_3.i686.rpm
> qpid-cpp-server-ssl-0.14-22.el6_3.i686.rpm
> qpid-qmf-0.14-14.el6_3.i686.rpm
> ruby-qpid-qmf-0.14-14.el6_3.i686.rpm
>
> Dependencies:
> python-saslwrapper-0.14-1.el6.i686.rpm
> ruby-saslwrapper-0.14-1.el6.i686.rpm
> saslwrapper-0.14-1.el6.i686.rpm
> saslwrapper-devel-0.14-1.el6.i686.rpm
> noarch
> python-qpid-0.14-11.el6_3.noarch.rpm
> qpid-tools-0.14-6.el6_3.noarch.rpm
>
> - Scientific Linux Development Team
|