drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in expat
| Name: |
Zwei Probleme in expat |
|
| ID: |
MDVSA-2012:041 |
|
| Distribution: |
Mandriva |
|
| Plattformen: |
Mandriva Enterprise Server 5.0, Mandriva 2010.1, Mandriva 2011 |
|
| Datum: |
Di, 27. März 2012, 22:37 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148 |
|
| Applikationen: |
expat |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1332874457-2905-108
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2012:041
http://www.mandriva.com/security/
_______________________________________________________________________
Package : expat
Date : March 27, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A memory leak and a hash table collision flaw in expat could cause
denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2010.1:
210b60280a0baf8e08634e0ea6a3bab9
2010.1/i586/expat-2.0.1-12.1mdv2010.2.i586.rpm
0b657867100b109cbf90a05d2262bec7
2010.1/i586/libexpat1-2.0.1-12.1mdv2010.2.i586.rpm
0bd180a7b4f4d93df5b74f66e2c85e74
2010.1/i586/libexpat1-devel-2.0.1-12.1mdv2010.2.i586.rpm
9f063d0589f638e047de6a5266e6ac84
2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm
Mandriva Linux 2010.1/X86_64:
ced30873d989d1511e828037b4f68d4d
2010.1/x86_64/expat-2.0.1-12.1mdv2010.2.x86_64.rpm
ebd7d687082377e65c818f8ba780b66d
2010.1/x86_64/lib64expat1-2.0.1-12.1mdv2010.2.x86_64.rpm
fd8bef44ccdadeaf14966b44733883fe
2010.1/x86_64/lib64expat1-devel-2.0.1-12.1mdv2010.2.x86_64.rpm
9f063d0589f638e047de6a5266e6ac84
2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm
Mandriva Linux 2011:
6c8bdc44eed2cebf483d4041d57f5eea
2011/i586/expat-2.0.1-15.1-mdv2011.0.i586.rpm
8211eeb028a563dcbedda7d1726035bb
2011/i586/libexpat1-2.0.1-15.1-mdv2011.0.i586.rpm
c6c9685891ae405ff6181b6899ee10ce
2011/i586/libexpat-devel-2.0.1-15.1-mdv2011.0.i586.rpm
7afd883dae4a17201128de1485cf949c
2011/i586/libexpat-static-devel-2.0.1-15.1-mdv2011.0.i586.rpm
4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm
Mandriva Linux 2011/X86_64:
7e84ec2183f6ba903779b00f914e3813
2011/x86_64/expat-2.0.1-15.1-mdv2011.0.x86_64.rpm
d7c0853983ce8d2dc2b0b9740924acd7
2011/x86_64/lib64expat1-2.0.1-15.1-mdv2011.0.x86_64.rpm
ecca4f586885b53d2a0ca39a8985f561
2011/x86_64/lib64expat-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm
f87f9aecd51f1f20508dc6f6ad5f02e6
2011/x86_64/lib64expat-static-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm
4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm
Mandriva Enterprise Server 5:
9618c2dceec06fcb04655e2adb9f8d9d mes5/i586/expat-2.0.1-7.4mdvmes5.2.i586.rpm
a0b4d2e3b545f6d63cef9476da3cc72f
mes5/i586/libexpat1-2.0.1-7.4mdvmes5.2.i586.rpm
95ec804d1758d0a7628abd42bf3e54e5
mes5/i586/libexpat1-devel-2.0.1-7.4mdvmes5.2.i586.rpm
01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm
Mandriva Enterprise Server 5/X86_64:
4781b62e289cae964e8a7c540d2387c9
mes5/x86_64/expat-2.0.1-7.4mdvmes5.2.x86_64.rpm
aee65480dd6cc31f957c3b17771babf6
mes5/x86_64/lib64expat1-2.0.1-7.4mdvmes5.2.x86_64.rpm
ddbc81b65a6969e17900bbbc842cc8e4
mes5/x86_64/lib64expat1-devel-2.0.1-7.4mdvmes5.2.x86_64.rpm
01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFPcd5UmqjQ0CJFipgRAvzjAJ46WPQm7hmP1/gmoLmPmFMdZYcOrQCgq/oR
ZVAk5KD7zUd2cFhkef3xvRo=
=EuSi
-----END PGP SIGNATURE-----
------------=_1332874457-2905-108
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________
------------=_1332874457-2905-108--
|
|
|
|
