|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[PLSN-0007] new libcdaudio package available
From: Peachtree Linux Security Team (security
peachtree.burdell.org)
Date: Mon Apr 25 2005 - 21:14:11 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0007
April 22, 2005
Remote DoS and possible code execution in libcdaudio
CAN-2005-0706
---------------------------------------------------------------------------
The following Peachtree Linux releases are affected:
Peachtree Linux release 1 ("Atlanta")
Description:
CAN-2005-0706: Buffer overflow in CDDB result handling allows
attackers to cause a denial of service (crash) and possible execute
arbitrary code by causing the cddb lookup to return more matches than
expected.
(NOTE: This vulnerability was originally found to affect grip. We do
not ship grip, but Mandriva found that the vulnerability affected
libcdaudio and gnome-vfs.)
Packages:
alpha
7087c543031ed7c2799b047b4d8b2c24 libcdaudio-0.99.4.alpha.dist
i386
ca2ca9a7677148641f5c598be1d330b1 libcdaudio-0.99.4.i686.dist
ppc
f22c18b50e37e31437ba3ad44fc09d1e libcdaudio-0.99.4.ppc.dist
Solution:
Download the appropriate package for your release of Peachtree linux.
Upgrade your system to the new package:
distadd -u packagename
Where package name is the name of the package file from the list above.
--
Peachtree Linux Security Team
http://peachtree.burdell.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCbaPznchtWYh7oqQRAjhTAJ4lxjJaiRtGB+fOOQa+EGV/mqzcFQCeJqds
WdDkInztaCvsMQ/SqKjj3zs=
=1JZ/
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]