| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Jul 2010 14:22:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:138 ] iputils
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:138
http://www.mandriva.com/security/
_______________________________________________________________________
Package : iputils
Date : July 23, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
Ovidiu Mara reported a vulnerability in ping.c (iputils) that
could cause ping to hang when responding to a malicious echo reply
(CVE-2010-2529). The updated packages have been patched to correct
these issues.
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2529
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
5acca01875a36f6484888a66b680d993 2008.0/i586/iputils-20070202-3.1mdv2008.0.i586.rpm
258c239db541f20ec4ada7c92ba6634e 2008.0/SRPMS/iputils-20070202-3.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
34d36f03187fa74eeb33f014522cd5cb 2008.0/x86_64/iputils-20070202-3.1mdv2008.0.x86_64.rpm
258c239db541f20ec4ada7c92ba6634e 2008.0/SRPMS/iputils-20070202-3.1mdv2008.0.src.rpm
Mandriva Linux 2009.0:
23e1a84143109e7baf01f01892aaf493 2009.0/i586/iputils-20071127-5.1mdv2009.0.i586.rpm
30b8d81f25ff5e437eb32bd53b085aea 2009.0/SRPMS/iputils-20071127-5.1mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
e4310cb44ea0ceb8d193e5670e9d6a0e 2009.0/x86_64/iputils-20071127-5.1mdv2009.0.x86_64.rpm
30b8d81f25ff5e437eb32bd53b085aea 2009.0/SRPMS/iputils-20071127-5.1mdv2009.0.src.rpm
Mandriva Linux 2009.1:
c7198a6d1a90d7893ccc2f0c85197399 2009.1/i586/iputils-20071127-6.1mdv2009.1.i586.rpm
b02409b08b7a7dbe0f39a2a829ee3253 2009.1/SRPMS/iputils-20071127-6.1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
9a6b9f5342cddf15f19b990df23994a2 2009.1/x86_64/iputils-20071127-6.1mdv2009.1.x86_64.rpm
b02409b08b7a7dbe0f39a2a829ee3253 2009.1/SRPMS/iputils-20071127-6.1mdv2009.1.src.rpm
Mandriva Linux 2010.0:
90cac37440f55fa0405d600fe913e8c1 2010.0/i586/iputils-20071127-7.1mdv2010.0.i586.rpm
4fd957193edc2ff530eb2e61e1d4ce41 2010.0/SRPMS/iputils-20071127-7.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
0f7f6153e6b9f75e8a5373df600c5974 2010.0/x86_64/iputils-20071127-7.1mdv2010.0.x86_64.rpm
4fd957193edc2ff530eb2e61e1d4ce41 2010.0/SRPMS/iputils-20071127-7.1mdv2010.0.src.rpm
Mandriva Linux 2010.1:
b8a2a7745829a10daac548c0b36a73c5 2010.1/i586/iputils-20100214-1.1mdv2010.1.i586.rpm
bdb5b752afef449ddb5bf547f7322d89 2010.1/SRPMS/iputils-20100214-1.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64:
6dc1f9300f9832abe9a0833af3a13b9e 2010.1/x86_64/iputils-20100214-1.1mdv2010.1.x86_64.rpm
bdb5b752afef449ddb5bf547f7322d89 2010.1/SRPMS/iputils-20100214-1.1mdv2010.1.src.rpm
Corporate 4.0:
53466e5c4a085eb22b56432c9bd09b6e corporate/4.0/i586/iputils-20020927-5.1.20060mlcs4.i586.rpm
a9c7e20957398e697e3bd6f7c95bb24a corporate/4.0/SRPMS/iputils-20020927-5.1.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
4beb4d4a2dc877489758bcada5a7a2f4 corporate/4.0/x86_64/iputils-20020927-5.1.20060mlcs4.x86_64.rpm
a9c7e20957398e697e3bd6f7c95bb24a corporate/4.0/SRPMS/iputils-20020927-5.1.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
2665b70643c059904464ab2373098be3 mes5/i586/iputils-20071127-5.1mdvmes5.1.i586.rpm
bb44edcc06715dc1f8a758e89420b33a mes5/SRPMS/iputils-20071127-5.1mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
297cd33b776d1cd0cb4a49684007a2e9 mes5/x86_64/iputils-20071127-5.1mdvmes5.1.x86_64.rpm
bb44edcc06715dc1f8a758e89420b33a mes5/SRPMS/iputils-20071127-5.1mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMSVeYmqjQ0CJFipgRAjxNAJ47NnHtZObOOSzfTxMy8nMMJd7U3QCgk5+E
2IY+qQdX2GwjWFW+Uh3dbbc=
=EozG
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists