Login
Newsletter
Werbung
Sicherheit: Denial of Service in bzip2
Aktuelle Meldungen Distributionen
Name: Denial of Service in bzip2
ID: MDVSA-2008:075
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Multi Network Firewall 2.0, Mandriva Corporate 4.0, Mandriva 2007.0, Mandriva 2007.1, Mandriva 2008.0
Datum: So, 23. März 2008, 22:50
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
Applikationen: bzip2

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1206309045-11275-1636


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:075
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : bzip2
 Date    : March 23, 2008
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 Bzip2 versions before 1.0.5 are vulnerable to a denial of service
 attack via malicious compressed data.
 
 The updated packages have been patched to prevent the issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 d7ec22e71581a3f3b8482d69a6310045 
 2007.0/i586/bzip2-1.0.3-6.1mdv2007.0.i586.rpm
 6698bcb0d8e5e7c4af5d9577301a0d48 
 2007.0/i586/libbzip2_1-1.0.3-6.1mdv2007.0.i586.rpm
 3558992b5f4f864d4d77d609c54455c6 
 2007.0/i586/libbzip2_1-devel-1.0.3-6.1mdv2007.0.i586.rpm 
 5f6aade9d8b336a05d676d17eb3d4d62 
 2007.0/SRPMS/bzip2-1.0.3-6.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 f8df805e9268ffe67cf1c2c212ef04d5 
 2007.0/x86_64/bzip2-1.0.3-6.1mdv2007.0.x86_64.rpm
 58558f1cb97936b06b67c9c235c65517 
 2007.0/x86_64/lib64bzip2_1-1.0.3-6.1mdv2007.0.x86_64.rpm
 009ba4b9c280c0d56e10f4e75f23bc94 
 2007.0/x86_64/lib64bzip2_1-devel-1.0.3-6.1mdv2007.0.x86_64.rpm 
 5f6aade9d8b336a05d676d17eb3d4d62 
 2007.0/SRPMS/bzip2-1.0.3-6.1mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 1389e0beda990aa84af7ae94793526b3 
 2007.1/i586/bzip2-1.0.4-1.1mdv2007.1.i586.rpm
 9c7e8bfac1f7ac9f07bc050c3df6f8c1 
 2007.1/i586/libbzip2_1-1.0.4-1.1mdv2007.1.i586.rpm
 e26e2d2a349f2d2544b476e3c27b7ba1 
 2007.1/i586/libbzip2_1-devel-1.0.4-1.1mdv2007.1.i586.rpm 
 ef241d50e1564d017eead857ba1bca68 
 2007.1/SRPMS/bzip2-1.0.4-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 02f720b94ab3622adb12d27a9b0bcff8 
 2007.1/x86_64/bzip2-1.0.4-1.1mdv2007.1.x86_64.rpm
 d7d70f134895fbf1c73148ff0b218d20 
 2007.1/x86_64/lib64bzip2_1-1.0.4-1.1mdv2007.1.x86_64.rpm
 89b13bb16b9212513aa2b90405de07fa 
 2007.1/x86_64/lib64bzip2_1-devel-1.0.4-1.1mdv2007.1.x86_64.rpm 
 ef241d50e1564d017eead857ba1bca68 
 2007.1/SRPMS/bzip2-1.0.4-1.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 b20b1778b84d5862d273c93928ea3586 
 2008.0/i586/bzip2-1.0.4-2.1mdv2008.0.i586.rpm
 e69979ee6cae516a3251ea277f0b41b3 
 2008.0/i586/libbzip2_1-1.0.4-2.1mdv2008.0.i586.rpm
 9f871864bd0d87f383fa836a83c16739 
 2008.0/i586/libbzip2_1-devel-1.0.4-2.1mdv2008.0.i586.rpm 
 06bbfb1a27cfb8283cb54fec90877000 
 2008.0/SRPMS/bzip2-1.0.4-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 a5232c78a8556018adb3f777fd533e86 
 2008.0/x86_64/bzip2-1.0.4-2.1mdv2008.0.x86_64.rpm
 3c58e84746fdd94f689f358692ef917e 
 2008.0/x86_64/lib64bzip2_1-1.0.4-2.1mdv2008.0.x86_64.rpm
 66d7a3b544e5fda5c64af19e5ff1c117 
 2008.0/x86_64/lib64bzip2_1-devel-1.0.4-2.1mdv2008.0.x86_64.rpm 
 06bbfb1a27cfb8283cb54fec90877000 
 2008.0/SRPMS/bzip2-1.0.4-2.1mdv2008.0.src.rpm

 Corporate 3.0:
 197212b185073ae1cd28dfd6e962907c 
 corporate/3.0/i586/bzip2-1.0.2-17.5.C30mdk.i586.rpm
 566a9bc102a67b5979adab8490d72a3d 
 corporate/3.0/i586/libbzip2_1-1.0.2-17.5.C30mdk.i586.rpm
 03faec871e264e5e13ed7d3d4054effa 
 corporate/3.0/i586/libbzip2_1-devel-1.0.2-17.5.C30mdk.i586.rpm 
 9e3a038f1824a3d294c1b58bcd5d8d2a 
 corporate/3.0/SRPMS/bzip2-1.0.2-17.5.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e9137338bd9e2fec22cf34f8dd08e024 
 corporate/3.0/x86_64/bzip2-1.0.2-17.5.C30mdk.x86_64.rpm
 8385be2baa4f10e47a9b0e382103281e 
 corporate/3.0/x86_64/lib64bzip2_1-1.0.2-17.5.C30mdk.x86_64.rpm
 aa724051a95ec66cfb1961ce532ba9af 
 corporate/3.0/x86_64/lib64bzip2_1-devel-1.0.2-17.5.C30mdk.x86_64.rpm 
 9e3a038f1824a3d294c1b58bcd5d8d2a 
 corporate/3.0/SRPMS/bzip2-1.0.2-17.5.C30mdk.src.rpm

 Corporate 4.0:
 43c2884e3f37d6cd36fdc7496ff095f8 
 corporate/4.0/i586/bzip2-1.0.3-1.3.20060mlcs4.i586.rpm
 fa484966a13c0deb5d5a324c9e7bce03 
 corporate/4.0/i586/libbzip2_1-1.0.3-1.3.20060mlcs4.i586.rpm
 0fb3793ebb134cfd0079624d16e2b7aa 
 corporate/4.0/i586/libbzip2_1-devel-1.0.3-1.3.20060mlcs4.i586.rpm 
 63df10cb7218c2aaa90c92a64ef4fe7b 
 corporate/4.0/SRPMS/bzip2-1.0.3-1.3.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 d93be85bc254492e1e9cffe621829915 
 corporate/4.0/x86_64/bzip2-1.0.3-1.3.20060mlcs4.x86_64.rpm
 d58a247591e813b1a35288ac783cb923 
 corporate/4.0/x86_64/lib64bzip2_1-1.0.3-1.3.20060mlcs4.x86_64.rpm
 dcb647a39aed74d14a9b5e855ffc9470 
 corporate/4.0/x86_64/lib64bzip2_1-devel-1.0.3-1.3.20060mlcs4.x86_64.rpm 
 63df10cb7218c2aaa90c92a64ef4fe7b 
 corporate/4.0/SRPMS/bzip2-1.0.3-1.3.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 195b188697db7d58b13eba19ad569276 
 mnf/2.0/i586/bzip2-1.0.2-17.5.M20mdk.i586.rpm
 9ff6a10c830c15f31f88db7c7bb33f26 
 mnf/2.0/i586/libbzip2_1-1.0.2-17.5.M20mdk.i586.rpm
 5a42f1d31bb7dab7d3e162dcf4af4c3c 
 mnf/2.0/i586/libbzip2_1-devel-1.0.2-17.5.M20mdk.i586.rpm 
 d92e344fbd095e6f903385f0cace0bec 
 mnf/2.0/SRPMS/bzip2-1.0.2-17.5.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iD8DBQFH5qO0mqjQ0CJFipgRAqoZAKC9NvtTNyHuhR2EqjT7sBQW1A9NhACeLL2v
dvGyVXTBfj+Olsa7JG9hMCo=
=1hfp
-----END PGP SIGNATURE-----


------------=_1206309045-11275-1636
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1206309045-11275-1636--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung