Login
Newsletter
Werbung
Sicherheit: Pufferüberlauf in libsamplerate
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in libsamplerate
ID: MDVSA-2008:238
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2008.1
Datum: Fr, 5. Dezember 2008, 02:30
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5008
Applikationen: Secret Rabbit Code

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1228440610-14940-5160


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:238
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : libsamplerate
 Date    : December 4, 2008
 Affected: 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________

 Problem Description:

 A buffer overflow was found by Russell O'Conner in the libsamplerate
 library versions prior to 0.1.4 that could possibly lead to the
 execution of arbitrary code via a specially crafted audio file
 (CVE-2008-5008).
 
 The updated packages have been patched to prevent this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5008
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 9a9cc1fbac25741ad38e914c98d90826 
 2008.0/i586/libsamplerate0-0.1.3-0.pre6.3.1mdv2008.0.i586.rpm
 294117b4e81f6d38553faf47b0d0b561 
 2008.0/i586/libsamplerate-devel-0.1.3-0.pre6.3.1mdv2008.0.i586.rpm
 695ab47e44749f3f0a6df321992f6064 
 2008.0/i586/libsamplerate-progs-0.1.3-0.pre6.3.1mdv2008.0.i586.rpm 
 4068b67bd67786501ddc388824763a19 
 2008.0/SRPMS/libsamplerate-0.1.3-0.pre6.3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 24a792941fa5fbff89764b724923a616 
 2008.0/x86_64/lib64samplerate0-0.1.3-0.pre6.3.1mdv2008.0.x86_64.rpm
 c1ac9d056ca38c36658158fec3ee3f31 
 2008.0/x86_64/lib64samplerate-devel-0.1.3-0.pre6.3.1mdv2008.0.x86_64.rpm
 dcdffc679e6af71864d8cdb78e335df8 
 2008.0/x86_64/libsamplerate-progs-0.1.3-0.pre6.3.1mdv2008.0.x86_64.rpm 
 4068b67bd67786501ddc388824763a19 
 2008.0/SRPMS/libsamplerate-0.1.3-0.pre6.3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 f44c5b4f55bbe4ad946f46456dce4745 
 2008.1/i586/libsamplerate0-0.1.3-0.pre6.3.1mdv2008.1.i586.rpm
 18a7016e5da1f0f37c3cde4222703f87 
 2008.1/i586/libsamplerate-devel-0.1.3-0.pre6.3.1mdv2008.1.i586.rpm
 6064159a6a594c006d16c42d29cfd240 
 2008.1/i586/libsamplerate-progs-0.1.3-0.pre6.3.1mdv2008.1.i586.rpm 
 32697b41d7fd390e91b4d4dbeacc0db2 
 2008.1/SRPMS/libsamplerate-0.1.3-0.pre6.3.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 6497eadf29decebda33422f431a83d45 
 2008.1/x86_64/lib64samplerate0-0.1.3-0.pre6.3.1mdv2008.1.x86_64.rpm
 2df7b9d3f1656f728667e68569cfc8af 
 2008.1/x86_64/lib64samplerate-devel-0.1.3-0.pre6.3.1mdv2008.1.x86_64.rpm
 b9c0276018ac620bbcd68f998b4daeac 
 2008.1/x86_64/libsamplerate-progs-0.1.3-0.pre6.3.1mdv2008.1.x86_64.rpm 
 32697b41d7fd390e91b4d4dbeacc0db2 
 2008.1/SRPMS/libsamplerate-0.1.3-0.pre6.3.1mdv2008.1.src.rpm

 Corporate 3.0:
 91ef6d6952ac4d845f4ed16b74117d8d 
 corporate/3.0/i586/libsamplerate0-0.0.15-2.1.C30mdk.i586.rpm
 7d1aef25a43863e4a7d89fd559312b29 
 corporate/3.0/i586/libsamplerate0-devel-0.0.15-2.1.C30mdk.i586.rpm
 e3d9b6a0c2d32d36bd55b3d2b9ff8fa7 
 corporate/3.0/i586/libsamplerate-progs-0.0.15-2.1.C30mdk.i586.rpm 
 67cdb6d349097d08925e2c4cb86d1fe6 
 corporate/3.0/SRPMS/libsamplerate-0.0.15-2.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 3efec8fbd1ea1fd00f9eea336afd5798 
 corporate/3.0/x86_64/lib64samplerate0-0.0.15-2.1.C30mdk.x86_64.rpm
 5783d23a1019bed054e713b94c5ad989 
 corporate/3.0/x86_64/lib64samplerate0-devel-0.0.15-2.1.C30mdk.x86_64.rpm
 f970ddd128def98252bc4090f576f4ec 
 corporate/3.0/x86_64/libsamplerate-progs-0.0.15-2.1.C30mdk.x86_64.rpm 
 67cdb6d349097d08925e2c4cb86d1fe6 
 corporate/3.0/SRPMS/libsamplerate-0.0.15-2.1.C30mdk.src.rpm

 Corporate 4.0:
 0a2d27263f81d8304028bccadb5142af 
 corporate/4.0/i586/libsamplerate0-0.1.2-1.1.20060mlcs4.i586.rpm
 7d3dddddbad29db356b97dc77f720c0a 
 corporate/4.0/i586/libsamplerate0-devel-0.1.2-1.1.20060mlcs4.i586.rpm
 9b2bc33430ac70a2c24eab9f2afee0c2 
 corporate/4.0/i586/libsamplerate-progs-0.1.2-1.1.20060mlcs4.i586.rpm 
 83cdd1d3349f1017c4c92cb6ee0fb636 
 corporate/4.0/SRPMS/libsamplerate-0.1.2-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 ffbc6a9d6d3403a52ca5cbe3c4a3495d 
 corporate/4.0/x86_64/lib64samplerate0-0.1.2-1.1.20060mlcs4.x86_64.rpm
 991dd38ed664577613f6a55da77eaa29 
 corporate/4.0/x86_64/lib64samplerate0-devel-0.1.2-1.1.20060mlcs4.x86_64.rpm
 92d88adbf9d580a772b702f33cf8d027 
 corporate/4.0/x86_64/libsamplerate-progs-0.1.2-1.1.20060mlcs4.x86_64.rpm 
 83cdd1d3349f1017c4c92cb6ee0fb636 
 corporate/4.0/SRPMS/libsamplerate-0.1.2-1.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFJOFc0mqjQ0CJFipgRAjweAKDVUt2pCqRSgKnXlJI0gJoSgbuXBACeMk6+
SxoIyNyLtbDX6XnTUTazqts=
=Kbrk
-----END PGP SIGNATURE-----


------------=_1228440610-14940-5160
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1228440610-14940-5160--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung