Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zahlenüberlauf in mingw-xz
Aktuelle Meldungen Distributionen
Name: Zahlenüberlauf in mingw-xz
ID: FEDORA-2016-472cdecb18
Distribution: Fedora
Plattformen: Fedora 24
Datum: Di, 16. August 2016, 23:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6250

Originalnachricht

Name        : mingw-xz
Product : Fedora 24
Version : 5.2.2
Release : 3.fc24
URL : http://tukaani.org/xz/
Summary : Cross-compiled LZMA compression utilities
Description :
XZ Utils are an attempt to make LZMA compression easy to use on free (as in
freedom) operating systems. This is achieved by providing tools and libraries
which are similar to use than the equivalents of the most popular existing
compression algorithms.

LZMA is a general purpose compression algorithm designed by Igor Pavlov as
part of 7-Zip. It provides high compression ratio while keeping the
decompression speed fast.

-------------------------------------------------------------------------------
-
Update Information:

Jun 20, 2016: libarchive 3.2.1 released This fixes a handful of security and
other critical issues with 3.2.0
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1358366 - CVE-2016-6250 libarchive: Integer overflow when
verifying filename size
https://bugzilla.redhat.com/show_bug.cgi?id=1358366
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update mingw-xz' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung