lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Feb 2008 12:58:06 -0500 From: rPath Update Announcements <announce-noreply@...th.com> To: security-announce@...ts.rpath.com, update-announce@...ts.rpath.com Cc: full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org, bugtraq@...urityfocus.com, lwn@....net Subject: rPSA-2008-0063-1 boost rPath Security Advisory: 2008-0063-1 Published: 2008-02-13 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Indirect Deterministic Denial of Service Updated Versions: boost=conary.rpath.com@rpl:1/1.33.1-1.1-1 rPath Issue Tracking System: https://issues.rpath.com/browse/RPL-2143 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0172 Description: Previous versions of the boost package are vulnerable to multiple Denials of Service in which attackers may use invalid regular expressions to trigger crashes in applications that use the boost regular expression library. http://wiki.rpath.com/Advisories:rPSA-2008-0063 Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html
Powered by blists - more mailing lists