ipa-2.1.3-9.0.1.AXS4
エラータID: AXSA:2012-370:01
リリース日:
2012/03/20 Tuesday - 12:38
題名:
ipa-2.1.3-9.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- FreeIPA のマネジメントインターフェースにはクロスサイトリクエストフォージェリ (CSRF) 脆弱性が存在し,リモートの攻撃者が設定を変更するリクエストのためのアドミニストレータの認証をハイジャックすることのできる脆弱性があります。(CVE-2011-3636)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2011-3636
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.
Cross-site request forgery (CSRF) vulnerability in the management interface in FreeIPA before 2.1.4 allows remote attackers to hijack the authentication of administrators for requests that make configuration changes.
追加情報:
N/A
ダウンロード:
SRPMS
- ipa-2.1.3-9.0.1.AXS4.src.rpm
MD5: 26bf31752a63358280aa787db5df78ef
SHA-256: cab195635adfde2850e772c32e901b35d602dc3be054af18ec1467393879b583
Size: 4.19 MB
Asianux Server 4 for x86
- ipa-admintools-2.1.3-9.0.1.AXS4.i686.rpm
MD5: e9b886faa9ffd60c4dd7a7c7393b6304
SHA-256: 7fc0d0c746f72fb56f1dc4a21aa4a2b06ddd3236576fb173c001e592c34f4b3a
Size: 42.12 kB - ipa-client-2.1.3-9.0.1.AXS4.i686.rpm
MD5: 7f03df71fccce084994556a75c4acb3a
SHA-256: e2836919607fb599d536980e0973580c427224059454b652ea5a0659e4e6c4ed
Size: 97.95 kB - ipa-python-2.1.3-9.0.1.AXS4.i686.rpm
MD5: 5adc5062b13602f064dc1d2b3a34e1fa
SHA-256: af48f8c7d72f9e688ad77227bb1f9b821b474051452c6fb1d227e5b98f482039
Size: 630.24 kB - ipa-server-2.1.3-9.0.1.AXS4.i686.rpm
MD5: 88fa4adf742a4139717904a1f06d56b6
SHA-256: d020e3979f02b433a83a192f59dc42f7b067453ec47813baeb6c0933a0295f4e
Size: 0.95 MB - ipa-server-selinux-2.1.3-9.0.1.AXS4.i686.rpm
MD5: c6ab411b43cab4e74b14e13c85ccc369
SHA-256: fdb9850cc42c1531a7e95d319da7bd3c614f56b9bc1bc32d7fa29d607c6185e9
Size: 50.78 kB
Asianux Server 4 for x86_64
- ipa-admintools-2.1.3-9.0.1.AXS4.x86_64.rpm
MD5: 432b2d03e53d1dafb1174a795f8ec66c
SHA-256: cd4cab75d51870ee58996893ac9492d8ef8a27476583e7dab8d6ad41a8509333
Size: 41.67 kB - ipa-client-2.1.3-9.0.1.AXS4.x86_64.rpm
MD5: d47cf8806fc852847765856e2e01ab05
SHA-256: 33a57b8d3d082f1a67e273662d39020d2cb8313b0c1a8383b28cc4a50450bca8
Size: 98.07 kB - ipa-python-2.1.3-9.0.1.AXS4.x86_64.rpm
MD5: f65391fe4d8176e9f0aca93f214b59c8
SHA-256: 781e85c8a189e44dd926c68885d4c5af0c2e1052bb89c6b48c6f5ecc5b9f813a
Size: 630.35 kB - ipa-server-2.1.3-9.0.1.AXS4.x86_64.rpm
MD5: 096fe45486236cb3703ceba5a9d0cdf2
SHA-256: d1422d16d8bca30838a4306f11b46c505e040b13d4cac05fbef8671e83b68de8
Size: 0.95 MB - ipa-server-selinux-2.1.3-9.0.1.AXS4.x86_64.rpm
MD5: 8fbc0046ba0be9cd66bfe5037a82d7d3
SHA-256: a5fd526f3e74d246a183fc5474c56a3522728a0cbc8d596261c5b78e3388e5d4
Size: 50.33 kB