lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: 17 May 2004 21:35:30 -0000
From: Mandrake Linux Security Team <security@...ux-mandrake.com>
To: bugtraq@...urityfocus.com
Subject: MDKSA-2004:044 - Updated libuser packages fix vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           libuser
 Advisory ID:            MDKSA-2004:044
 Date:                   May 17th, 2004

 Affected versions:	 10.0, 9.1, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Steve Grubb discovered a number of problems in the libuser library that
 can lead to a crash in applications linked to it, or possibly write 4GB
 of garbage to the disk.
 
 The updated packages provide a patched libuser to correct these
 problems.
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 8b1052f6566345fa9f9ec1f3ac9e1d7f  10.0/RPMS/libuser-0.51.7-9.1.100mdk.i586.rpm
 85e478c659a9989d9a766ea4318bac7c  10.0/RPMS/libuser-python-0.51.7-9.1.100mdk.i586.rpm
 7ce35b806081b64defe7665d7ae68a1c  10.0/RPMS/libuser1-0.51.7-9.1.100mdk.i586.rpm
 ac64c3ce5b4cbfe2f80841af6dfb5e67  10.0/RPMS/libuser1-devel-0.51.7-9.1.100mdk.i586.rpm
 d7a7d5c43980af14ff1c4fb21905eca1  10.0/SRPMS/libuser-0.51.7-9.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 9557b2cbdb46786c792babb4fa02d33a  amd64/10.0/RPMS/libuser-0.51.7-9.1.100mdk.amd64.rpm
 bd658edd9366db56a4fb2a1af984d332  amd64/10.0/RPMS/libuser-python-0.51.7-9.1.100mdk.amd64.rpm
 387f940a770a8e1eb5c189fa6a6d2512  amd64/10.0/RPMS/libuser1-0.51.7-9.1.100mdk.amd64.rpm
 41ae8a0f4fb9d322cfb3b181cbabe4a0  amd64/10.0/RPMS/libuser1-devel-0.51.7-9.1.100mdk.amd64.rpm
 d7a7d5c43980af14ff1c4fb21905eca1  amd64/10.0/SRPMS/libuser-0.51.7-9.1.100mdk.src.rpm

 Corporate Server 2.1:
 5e808ded69e5d965537c4e2ea133c98e  corporate/2.1/RPMS/libuser-0.51-4.1.C21mdk.i586.rpm
 7e5f1ecabb9e80e0b0b55f0ee541730f  corporate/2.1/RPMS/libuser1-0.51-4.1.C21mdk.i586.rpm
 9e3980e106425e52a9ca7d780a9d7f87  corporate/2.1/RPMS/libuser1-devel-0.51-4.1.C21mdk.i586.rpm
 275b478ed0e000f3362168db23e55164  corporate/2.1/SRPMS/libuser-0.51-4.1.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 aee3697ed61122c6dca84073f3737cb9  x86_64/corporate/2.1/RPMS/libuser-0.51-4.1.C21mdk.x86_64.rpm
 66a9069f2e1bf93d8d4cb9483031ce57  x86_64/corporate/2.1/RPMS/libuser1-0.51-4.1.C21mdk.x86_64.rpm
 be873bdd2aa84e410dfc7921e4eebbd3  x86_64/corporate/2.1/RPMS/libuser1-devel-0.51-4.1.C21mdk.x86_64.rpm
 275b478ed0e000f3362168db23e55164  x86_64/corporate/2.1/SRPMS/libuser-0.51-4.1.C21mdk.src.rpm

 Mandrakelinux 9.1:
 079807611894e0256c78c30a3f5c6312  9.1/RPMS/libuser-0.51-6.1.91mdk.i586.rpm
 b85b62434cd712c817b0b32942a816db  9.1/RPMS/libuser1-0.51-6.1.91mdk.i586.rpm
 e4756b87c61aecdcf6b0333a8bd65d79  9.1/RPMS/libuser1-devel-0.51-6.1.91mdk.i586.rpm
 636c10df3bbdb865f86b6edda72b6b89  9.1/SRPMS/libuser-0.51-6.1.91mdk.src.rpm

 Mandrakelinux 9.1/PPC:
 a406fc70b29d5ef091d35e9b9b1b5297  ppc/9.1/RPMS/libuser-0.51-6.1.91mdk.ppc.rpm
 1660ea14a3a4ab99814253f350bc5044  ppc/9.1/RPMS/libuser1-0.51-6.1.91mdk.ppc.rpm
 fe58e3131693f632f9a539f34d6b58b6  ppc/9.1/RPMS/libuser1-devel-0.51-6.1.91mdk.ppc.rpm
 636c10df3bbdb865f86b6edda72b6b89  ppc/9.1/SRPMS/libuser-0.51-6.1.91mdk.src.rpm

 Mandrakelinux 9.2:
 05809041080c9b839351a17bf32844e4  9.2/RPMS/libuser-0.51.7-8.1.92mdk.i586.rpm
 547ec4105ab690c8ae3871a758c6364e  9.2/RPMS/libuser-python-0.51.7-8.1.92mdk.i586.rpm
 97ed7324b001f36e9122609ca067e590  9.2/RPMS/libuser1-0.51.7-8.1.92mdk.i586.rpm
 48938167eb941fa4f85a8627294581c0  9.2/RPMS/libuser1-devel-0.51.7-8.1.92mdk.i586.rpm
 bbd3f4eaa4f913b568d0b64430ba5de6  9.2/SRPMS/libuser-0.51.7-8.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 dc7bd5a3aee747beb9030922ace0fc54  amd64/9.2/RPMS/libuser-0.51.7-8.1.92mdk.amd64.rpm
 0ea25b434d32b0c6f80d8af2bdd8c5be  amd64/9.2/RPMS/libuser-python-0.51.7-8.1.92mdk.amd64.rpm
 b7223a4c92ab91fd102c23138422fdbd  amd64/9.2/RPMS/libuser1-0.51.7-8.1.92mdk.amd64.rpm
 dab4abf5431b2fa6269d62fb65d60a0f  amd64/9.2/RPMS/libuser1-devel-0.51.7-8.1.92mdk.amd64.rpm
 bbd3f4eaa4f913b568d0b64430ba5de6  amd64/9.2/SRPMS/libuser-0.51.7-8.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 A list of FTP mirrors can be obtained from:

  http://www.mandrakesecure.net/en/ftp.php

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98

 Please be aware that sometimes it takes the mirrors a few hours to
 update.

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesecure.net/en/advisories/

 Mandrakesoft has several security-related mailing list services that
 anyone can subscribe to.  Information on these lists can be obtained by
 visiting:

  http://www.mandrakesecure.net/en/mlist.php

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFAqTAimqjQ0CJFipgRAsn4AKDXCYmI7zXt3VeHrZ7zPjHm9WVE2wCgu5w+
/gXd+hxW5byuCxFSpbrIDeY=
=7jbJ
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists