drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in libgtop2
Name: |
Pufferüberlauf in libgtop2 |
|
ID: |
MDKSA-2007:023 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva 2007.0 |
|
Datum: |
Do, 18. Januar 2007, 23:51 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 |
|
Applikationen: |
GNOME |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1169160708-16192-7952
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2007:023 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libgtop2 Date : January 18, 2007 Affected: 2007.0 _______________________________________________________________________ Problem Description: Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor.
The updated packages have been patched to correct this problem. _______________________________________________________________________
References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 _______________________________________________________________________ Updated Packages: Mandriva Linux 2007.0: 9a42ece573e6285e548d3611d905962b 2007.0/i586/libgtop2-2.14.3-1.1mdv2007.0.i586.rpm 015d57a79518ea22832f6fbda39271a2 2007.0/i586/libgtop2.0_7-2.14.3-1.1mdv2007.0.i586.rpm 90c71d829f0ecf9a190cd6f883d7641d 2007.0/i586/libgtop2.0_7-devel-2.14.3-1.1mdv2007.0.i586.rpm d814d8ae476947ff129624b4bbf3c468 2007.0/SRPMS/libgtop2-2.14.3-1.1mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64: 6c29e33986f8edcb030c51c2a3f11284 2007.0/x86_64/lib64gtop2.0_7-2.14.3-1.1mdv2007.0.x86_64.rpm 7686a3045392d92d1f8a0e3e481b2172 2007.0/x86_64/lib64gtop2.0_7-devel-2.14.3-1.1mdv2007.0.x86_64.rpm fd1b70ddc81ee08e70661710883255d5 2007.0/x86_64/libgtop2-2.14.3-1.1mdv2007.0.x86_64.rpm d814d8ae476947ff129624b4bbf3c468 2007.0/SRPMS/libgtop2-2.14.3-1.1mdv2007.0.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFr8rTmqjQ0CJFipgRAgD7AJ9B68ksXN1Igw3gbiANW6EiWs/UxwCgsCUs 6JCAEa4WflSQgpWuMNP3x48= =0z2K -----END PGP SIGNATURE-----
------------=_1169160708-16192-7952 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________
------------=_1169160708-16192-7952--
|
|
|
|