The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[PLSN-0007] new libcdaudio package available


<< Previous INDEX Search src Set bookmark Go to bookmark Next >> 
Date: Mon, 25 Apr 2005 22:14:11 -0400
From: Peachtree Linux Security Team <security@peachtree.burdell.org.>
To: peachlnx-security@lists.sourceforge.net,
Subject: [PLSN-0007] new libcdaudio package available
Message-ID: <20050426021411.GC8840@kevlar.burdell.org.>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="adJ1OR3c6QgCpb/j"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Virus-Scanned: antivirus-gw at tyumen.ru


--adJ1OR3c6QgCpb/j
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

---------------------------------------------------------------------------
Peachtree Linux Security Notice PLSN-0007
April 22, 2005

Remote DoS and possible code execution in libcdaudio
CAN-2005-0706
---------------------------------------------------------------------------

The following Peachtree Linux releases are affected:

   Peachtree Linux release 1 ("Atlanta")

Description:

   CAN-2005-0706:  Buffer overflow in CDDB result handling allows
   attackers to cause a denial of service (crash) and possible execute
   arbitrary code by causing the cddb lookup to return more matches than
   expected.

   (NOTE: This vulnerability was originally found to affect grip.  We do
   not ship grip, but Mandriva found that the vulnerability affected
   libcdaudio and gnome-vfs.)

Packages:

   alpha
      7087c543031ed7c2799b047b4d8b2c24  libcdaudio-0.99.4.alpha.dist

   i386
      ca2ca9a7677148641f5c598be1d330b1  libcdaudio-0.99.4.i686.dist

   ppc
      f22c18b50e37e31437ba3ad44fc09d1e  libcdaudio-0.99.4.ppc.dist

Solution:

   Download the appropriate package for your release of Peachtree linux.
   Upgrade your system to the new package:

      distadd -u packagename

   Where package name is the name of the package file from the list above.

--=20
Peachtree Linux Security Team
http://peachtree.burdell.org/

--adJ1OR3c6QgCpb/j
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCbaPznchtWYh7oqQRAjhTAJ4lxjJaiRtGB+fOOQa+EGV/mqzcFQCeJqds
WdDkInztaCvsMQ/SqKjj3zs=
=1JZ/
-----END PGP SIGNATURE-----

--adJ1OR3c6QgCpb/j--

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру