| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200310082009.37442.security-announce@turbolinux.co.jp>
From: security-announce at turbolinux.co.jp (Turbolinux)
Subject: [TURBOLINUX SECURITY INFO] 08/Oot/2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This is an announcement only email list for the x86 architecture.
============================================================
Turbolinux Security Announcement 08/Oct/2003
============================================================
The following page contains the security information of Turbolinux Inc.
- Turbolinux Security Center
http://www.turbolinux.com/security/
(1) pine -> Multipel vulnerabilities in pine
===========================================================
* pine -> Multipel vulnerabilities in pine
===========================================================
Summary : Multipel vulnerabilities in pine
More information :
Pine is a very popular, easy to use, full-featured email user agent.
Pine contains a vulnerability during the handling of the 'message/external-body' type.
An integer overflow exists in the Pine MIME header parsing.
Impact :
This vulnerability may allow a remote attacker to execute arbitrary code.
Affected Products :
- Turbolinux Workstation 6.0
Solution :
Please use turbopkg tool to apply the update.
<Turbolinux Workstation 6.0>
Source Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/SRPMS/pine-4.58-2.src.rpm
2893276 b818bf85bdaa8ef0ff9d557bf9bdb89a
Binary Packages
Size : MD5
ftp://ftp.turbolinux.com/pub/TurboLinux/TurboLinux/ia32/Workstation/6.0/ja/updates/RPMS/pine-4.58-2.i386.rpm
2635143 6a6d0b3bf0d7b5ec927e8100d79f1f84
References :
CVE
[CAN-2003-0720]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0720
[CAN-2003-0721]
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0721
--------------------------------------------------------------------------
Revision History
08 Oct 2003 Initial release
--------------------------------------------------------------------------
* You may need to update the turbopkg tool before applying the update.
Please refer to the following URL for detailed information.
http://www.turbolinux.com/download/zabom.html
http://www.turbolinux.com/download/zabomupdate.html
Package Update Path
http://www.turbolinux.com/update
============================================================
* To obtain the public key
Here is the public key
http://www.turbolinux.com/security/
* To unsubscribe from the list
If you ever want to remove yourself from this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the word `unsubscribe' in the body (don't include the quotes).
unsubscribe
* To change your email address
If you ever want to chage email address in this mailing list,
you can send a message to <server-users-e-ctl@...bolinux.co.jp> with
the following command in the message body:
chaddr 'old address' 'new address'
If you have any questions or problems, please contact
<supp_info@...bolinux.co.jp>
Thank you!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/g/BvK0LzjOqIJMwRAo+4AJ9L8IQnOiAhTaA/xrxDNVd+fP8jYgCgqGYN
W0gWl4c5XmtG7qMnbdUmCts=
=qi/C
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists