lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 03 Apr 2007 15:58:04 -0400 From: Foresight Linux Essential Announcement Service <foresight-security-noreply@...esightlinux.org> To: foresight-security-announce@...ts.rpath.org Cc: lwn@....net, full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: FLEA-2007-0007-1: nas Foresight Linux Essential Advisory: 2007-0007-1 Published: 2007-04-03 Rating: Informational Updated Versions: nas=/conary.rpath.com@rpl:devel/1.8b-1-2 group-dist=/foresight.rpath.org@fl:1-devel//1/1.1-0.12-1 References: https://issues.rpath.com/browse/RPL-1155 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1544 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1546 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1547 Description: Previous versions of the nas package were vulnerable to a number of buffer overflows, NULL and invalid pointers, and an int overflow. Foresight Linux is not vulnerable to any of these by default, as Foresight does not ship the initscript which starts the nas daemon.
Powered by blists - more mailing lists