drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in Blender
Name: |
Pufferüberlauf in Blender |
|
ID: |
USN-238-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 5.10 |
|
Datum: |
Fr, 6. Januar 2006, 10:20 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3354 |
|
Applikationen: |
Blender |
|
Originalnachricht |
--===============1921633211== Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="rJwd6BRFiFCcLxzm" Content-Disposition: inline
--rJwd6BRFiFCcLxzm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
=========================================================== Ubuntu Security Notice USN-238-1 January 06, 2006 blender vulnerability CVE-2005-3354 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
blender
The problem can be corrected by upgrading the affected package to version 2.37a-1ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
Source archives:
blender_2.37a-1ubuntu1.1.diff.gz Size/MD5: 11607 282c2bc853abdd9fcadeb94fd42d293f blender_2.37a-1ubuntu1.1.dsc Size/MD5: 759 f6d6c5fe8bba50202cb60db85a1f3240 blender_2.37a.orig.tar.gz Size/MD5: 7885589 2af6afdb01c1d297c43602982d9a919c
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
blender_2.37a-1ubuntu1.1_amd64.deb Size/MD5: 4791610 926553266642bd9f625e1b27dccd23ff
i386 architecture (x86 compatible Intel/AMD)
blender_2.37a-1ubuntu1.1_i386.deb Size/MD5: 4113452 ee9f2a301ed054d9c56dd2412757465b
powerpc architecture (Apple Macintosh G3/G4/G5)
blender_2.37a-1ubuntu1.1_powerpc.deb Size/MD5: 4641056 8b75ee14b6ce089d7172c88343a1b821
--rJwd6BRFiFCcLxzm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDvjTFDecnbV4Fd/IRAocYAJ9TDqo80iLQ2DMccixxsQIvh2g+kwCgnjnS Rjxhi0vj42tYv96oXYbYTBY= =6Li1 -----END PGP SIGNATURE-----
--rJwd6BRFiFCcLxzm--
--===============1921633211== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1921633211==--
|
|
|
|