lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <421CB683.7080106@arkeia.com>
From: aspicht at arkeia.com (Arnaud Spicht)
Subject: Release of Arkeia Network Backup 5.3.5 fixes
	security issue

After carefully examining issues recently discussed in public technical 
forums, Arkeia Corp. has immediately released a new version to block any 
potential invasion of Arkeia protected networks.

ANB 5.3.5 fixes a buffer overflow bug that could allow a remote attacker 
to remotely execute arbitrary code, and thereby get root access to the 
machine.

The fix is also applicable to previous versions of Arkeia (5.1, 5.2, 
Arkeia Light). The appropriate packages can be found on the Arkeia websites:

     * http://www.arkeia.com/donwload/anb/ (Version 5.3.5)
     * http://www.arkeia.com/donwload/52/ (Version 5.2.28)
     * http://www.arkeia.com/donwload/51/ (Version 5.1.21)


For Arkeia light: http://www.arkeia.org/download/light/

If you are using Arkeia in an untrusted environment such as a publicly 
accessible Web server or corporate mail gateway, it is strongly advised 
to upgrade to this version. The bug is in the arkeiad daemon process, 
making it necessary to upgrade all the sensitive client machines.

Arkeia users should also remember to take into account Arkeia security 
recommendations in the Arkeia User Manual "Appendix B: System Security." 
We urge you to read again the sections describing how to secure Arkeia 
against system-level intrusion.
Get the Arkeia_User_Manual.pdf at http://www.arkeia.com/manuals.html

To stay up-to-date on all new releases and upgrades of Arkeia Enterprise 
Solutions, you can subscribe to Arkeia Announcements at 
http://www.arkeia.com/mailinglists/
-- 
Arnaud Spicht, CTO
Arkeia Corp                                    Arkeia SA
1808 Aston Avenue, Suite 220                   41 rue Delizy
Carlsbad, CA 92008                             93692 Pantin Cedex
USA                                            France
Tel: (760) 431.1319                            Tel: +33 (0)1 48 10 89 89
Fax: (760) 602.8599                            Fax: +33 (0)1 48 10 89 90
http://www.arkeia.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ