sblim-cim-client2-2.1.3-2.AXS4
エラータID: AXSA:2012-596:01
リリース日:
2012/07/25 Wednesday - 10:12
題名:
sblim-cim-client2-2.1.3-2.AXS4
影響のあるチャネル:
Asianux Server 4 for x86
Asianux Server 4 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2012-2328 の情報が公開されておりません。CVEの情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-2328
internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.
internal/cimxml/sax/NodeFactory.java in Standards-Based Linux Instrumentation for Manageability (SBLIM) Common Information Model (CIM) Client (aka sblim-cim-client2) before 2.1.12 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via a crafted XML file.
追加情報:
N/A
ダウンロード:
SRPMS
- sblim-cim-client2-2.1.3-2.AXS4.src.rpm
MD5: eb2f2d61ecc2715c631a5f824f7655a0
SHA-256: b89e1aa0306a5048651f85a28ea7581428ad710bce301a1fbd8493cda4654d85
Size: 833.70 kB
Asianux Server 4 for x86
- sblim-cim-client2-2.1.3-2.AXS4.noarch.rpm
MD5: 2c152584df1eea1ffdcc4bb1b3f693e2
SHA-256: 5d9efa67000265649016d2c0e823fa8acba3f7dbf2a13b4a3a6331e327e1280c
Size: 601.79 kB
Asianux Server 4 for x86_64
- sblim-cim-client2-2.1.3-2.AXS4.noarch.rpm
MD5: a068957a8c7a0752affc93e0d1fcafe0
SHA-256: d1281dfb035028a2e7554822d26a5202484a56f6e2129697dcc60e5f9509e8ea
Size: 601.35 kB