drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in a2ps
| Name: |
Überschreiben von Dateien in a2ps
|
|
| ID: |
MDKSA-2005:097 |
|
| Distribution: |
Mandriva |
|
| Plattformen: |
Mandriva 10.1, Mandriva Corporate 3.0, Mandriva Corporate Server 2.1, Mandriva 10.2 |
|
| Datum: |
Mi, 8. Juni 2005, 13:00 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1377 |
|
| Applikationen: |
a2ps |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: a2ps
Advisory ID: MDKSA-2005:097
Date: June 7th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
The fixps and psmandup scripts, part of the a2ps package, are
vulnerable to symlink attacks which could allow a local attacker to
overwrite arbitrary files. The updated packages have been patched to
correct the problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1377
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.1:
938d5b703cbeb762efd5619880208497 10.1/RPMS/a2ps-4.13b-5.2.101mdk.i586.rpm
e0e7a61ec86b0af969cbe60008e6830f
10.1/RPMS/a2ps-devel-4.13b-5.2.101mdk.i586.rpm
fce5b28393e1c8da6e0ea1ebdb1a2de6
10.1/RPMS/a2ps-static-devel-4.13b-5.2.101mdk.i586.rpm
05f8fdc46bded4e920c709a781c98550 10.1/SRPMS/a2ps-4.13b-5.2.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
fc1fd3817e4f41ea41758a3ac53e86cd
x86_64/10.1/RPMS/a2ps-4.13b-5.2.101mdk.x86_64.rpm
84541cd7d841c64ceccb89f2a413d450
x86_64/10.1/RPMS/a2ps-devel-4.13b-5.2.101mdk.x86_64.rpm
acf595ef3b6f3d2a79204feec3e34208
x86_64/10.1/RPMS/a2ps-static-devel-4.13b-5.2.101mdk.x86_64.rpm
05f8fdc46bded4e920c709a781c98550
x86_64/10.1/SRPMS/a2ps-4.13b-5.2.101mdk.src.rpm
Mandrakelinux 10.2:
47722386507aa7fb8c4ddbbbbcc4a20c 10.2/RPMS/a2ps-4.13b-6.1.102mdk.i586.rpm
190e48d0b4143ac0ad911482e0b0151f
10.2/RPMS/a2ps-devel-4.13b-6.1.102mdk.i586.rpm
4d3d6cbd4ad35999c9bff1f61f890778
10.2/RPMS/a2ps-static-devel-4.13b-6.1.102mdk.i586.rpm
52a665ac72fec5e99b3e1412e6470063 10.2/SRPMS/a2ps-4.13b-6.1.102mdk.src.rpm
Mandrakelinux 10.2/X86_64:
37135cc64ba189c769851ba678532576
x86_64/10.2/RPMS/a2ps-4.13b-6.1.102mdk.x86_64.rpm
6f4cbd5624aac20e99703072131538c7
x86_64/10.2/RPMS/a2ps-devel-4.13b-6.1.102mdk.x86_64.rpm
4314538dcbb211c28f32abc64d9e3de8
x86_64/10.2/RPMS/a2ps-static-devel-4.13b-6.1.102mdk.x86_64.rpm
52a665ac72fec5e99b3e1412e6470063
x86_64/10.2/SRPMS/a2ps-4.13b-6.1.102mdk.src.rpm
Corporate Server 2.1:
65a7ea65f589533d0aca00a6a37760ff
corporate/2.1/RPMS/a2ps-4.13-14.2.C21mdk.i586.rpm
45c465fc3e2165e6681cccda909fb91f
corporate/2.1/RPMS/a2ps-devel-4.13-14.2.C21mdk.i586.rpm
273f20da1e895043ee719b964b7d2b55
corporate/2.1/RPMS/a2ps-static-devel-4.13-14.2.C21mdk.i586.rpm
58e6bdd04f757728aa63089f8b4249ac
corporate/2.1/SRPMS/a2ps-4.13-14.2.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
d5cc8c0304f537acd89c575c7124a6c0
x86_64/corporate/2.1/RPMS/a2ps-4.13-14.2.C21mdk.x86_64.rpm
ee85486832fbdf9873c3acfa8b73bafe
x86_64/corporate/2.1/RPMS/a2ps-devel-4.13-14.2.C21mdk.x86_64.rpm
84c3ca054e874346bc55daeb5fea0f9f
x86_64/corporate/2.1/RPMS/a2ps-static-devel-4.13-14.2.C21mdk.x86_64.rpm
58e6bdd04f757728aa63089f8b4249ac
x86_64/corporate/2.1/SRPMS/a2ps-4.13-14.2.C21mdk.src.rpm
Corporate 3.0:
859d494306ae1dca81186e2fe99b9a96
corporate/3.0/RPMS/a2ps-4.13b-5.2.C30mdk.i586.rpm
9bd2c39d7495f18412fcd0a1412f1169
corporate/3.0/RPMS/a2ps-devel-4.13b-5.2.C30mdk.i586.rpm
68be9c1420f80da9047bf2c7f41e861c
corporate/3.0/RPMS/a2ps-static-devel-4.13b-5.2.C30mdk.i586.rpm
daba71e7aa523a71040a54e841bf9300
corporate/3.0/SRPMS/a2ps-4.13b-5.2.C30mdk.src.rpm
Corporate 3.0/X86_64:
3d2e4b184d3ff5f19d5ce48762b25c41
x86_64/corporate/3.0/RPMS/a2ps-4.13b-5.2.C30mdk.x86_64.rpm
7edb5fa8542f0a8216e2670a668aaf04
x86_64/corporate/3.0/RPMS/a2ps-devel-4.13b-5.2.C30mdk.x86_64.rpm
aebaa6e7473f6fa84bd973df34ef3b96
x86_64/corporate/3.0/RPMS/a2ps-static-devel-4.13b-5.2.C30mdk.x86_64.rpm
daba71e7aa523a71040a54e841bf9300
x86_64/corporate/3.0/SRPMS/a2ps-4.13b-5.2.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCpgvJmqjQ0CJFipgRAheSAJ9orZvyngdNmOlbIwh4uRPqQi8tMACgmJxw
EiHp0Bt4ppEs0n/AGblpMuc=
=t8PQ
-----END PGP SIGNATURE-----
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
|
|
|
|
