Login
Newsletter
Werbung

Sicherheit: Denial of Service in dhcpcd
Aktuelle Meldungen Distributionen
Name: Denial of Service in dhcpcd
ID: MDKSA-2005:117
Distribution: Mandriva
Plattformen: Mandriva 10.1, Mandriva Corporate 3.0, Mandriva 10.2
Datum: Mi, 13. Juli 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1848
Applikationen: dhcpcd

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: dhcpcd
Advisory ID: MDKSA-2005:117
Date: July 12th, 2005

Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________

Problem Description:

"infamous42md" discovered that the dhcpcd DHCP client could be tricked
into reading past the end of the supplied DHCP buffer, which could
lead to the daemon crashing.

The updated packages have been patched to address this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.1:
c690959dc0ba51327c85856cc42c0c05
10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.i586.rpm
6b830a9a614025aa26c74c831dbbcd24
10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
190a7e068611249ab13eba7f0754f30a
x86_64/10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.x86_64.rpm
6b830a9a614025aa26c74c831dbbcd24
x86_64/10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

Mandrakelinux 10.2:
8d7e2e4f9dd145c72dfa06b662437206
10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.i586.rpm
f88321c6e99e6ecdd614e79dd938d6b4
10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
442b745b6d43b1fca68a9843e8c55c94
x86_64/10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.x86_64.rpm
f88321c6e99e6ecdd614e79dd938d6b4
x86_64/10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

Corporate 3.0:
f12b8268879122dbfbb348856578701e
corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.i586.rpm
3f8e81acc938dd89f9a576cf50baff5f
corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
2dc6f10ac3905c162177222ce57406a0
x86_64/corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.x86_64.rpm
3f8e81acc938dd89f9a576cf50baff5f
x86_64/corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1F2vmqjQ0CJFipgRArOSAKDWo0O1N7l6tQF2GZWz1Qu3f51pigCg6DIQ
tC+ZaJj4e7hHldguWiHBbt4=
=dOUk
-----END PGP SIGNATURE-----


To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung