Chapter 1. Package Updates
248
• SOS was not able to report information about the iSCSI Initiator if this was present on the system.
Thus, information about transmission of SCSI commands over IP networks could not be gathered by
the reporting tool. To rectify this problem, SOS now reports on:
/etc/iscsi/iscsid.conf
/etc/iscsi/initiatorname.iscsi
/var/lib/iscsi/
This makes debugging problems involving iSCSI much easier. (
BZ#512889
1995
)
• SOS was not able to capture multicast information This made it hard to debug OpenAIS clusters,
as they use multicast IGMP groups to send messages. For the purposes of troubleshooting, it is
important to know which groups are available and active on a node, so SOS has been enhanced so
that it can now report on the following information:
netstat -agn
ip mroute show
ip maddr show
As a result, OpenAIS clusters can now be debugged by troubleshooters much more easily.
(
BZ#514294
1996
)
All sosreport users should install this updated package, which addresses these issues and adds these
enhancements.
1.191. squid
1.191.1. RHSA-2010:0221: Low security and bug fix update
An updated squid package that fixes two security issues and several bugs is now available for Red
Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having low security impact. Common
Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available
for each vulnerability from the CVE links in the References section.
Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP
data objects.
A flaw was found in the way Squid processed certain external ACL helper HTTP header fields that
contained a delimiter that was not a comma. A remote attacker could issue a crafted request to the
Squid server, causing excessive CPU use (up to 100%). (
CVE-2009-2855
1997
)
Note: The
CVE-2009-2855
1998
issue only affected non-default configurations that use an external ACL
helper script.
A flaw was found in the way Squid handled truncated DNS replies. A remote attacker able to send
specially-crafted UDP packets to Squid's DNS client port could trigger an assertion failure in Squid's
child process, causing that child process to exit. (
CVE-2010-0308
1999
)
1997
https://www.redhat.com/security/data/cve/CVE-2009-2855.html
1998
https://www.redhat.com/security/data/cve/CVE-2009-2855.html
1999
https://www.redhat.com/security/data/cve/CVE-2010-0308.html
Summary of Contents for ENTERPRISE LINUX 5.5 - S 2010
Page 10: ...x ...
Page 308: ...298 ...
Page 310: ...300 ...
Page 468: ...458 ...
Page 470: ...460 ...