lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <E1DsUwi-0007z7-27@mercury.mandriva.com> Date: Wed Jul 13 01:18:00 2005 From: security at mandriva.com (Mandriva Security Team) Subject: MDKSA-2005:117 - Updated dhcpcd packages fix vulnerabilities -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Update Advisory _______________________________________________________________________ Package name: dhcpcd Advisory ID: MDKSA-2005:117 Date: July 12th, 2005 Affected versions: 10.1, 10.2, Corporate 3.0 ______________________________________________________________________ Problem Description: "infamous42md" discovered that the dhcpcd DHCP client could be tricked into reading past the end of the supplied DHCP buffer, which could lead to the daemon crashing. The updated packages have been patched to address this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848 ______________________________________________________________________ Updated Packages: Mandrakelinux 10.1: c690959dc0ba51327c85856cc42c0c05 10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.i586.rpm 6b830a9a614025aa26c74c831dbbcd24 10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 190a7e068611249ab13eba7f0754f30a x86_64/10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.x86_64.rpm 6b830a9a614025aa26c74c831dbbcd24 x86_64/10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm Mandrakelinux 10.2: 8d7e2e4f9dd145c72dfa06b662437206 10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.i586.rpm f88321c6e99e6ecdd614e79dd938d6b4 10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm Mandrakelinux 10.2/X86_64: 442b745b6d43b1fca68a9843e8c55c94 x86_64/10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.x86_64.rpm f88321c6e99e6ecdd614e79dd938d6b4 x86_64/10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm Corporate 3.0: f12b8268879122dbfbb348856578701e corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.i586.rpm 3f8e81acc938dd89f9a576cf50baff5f corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm Corporate 3.0/X86_64: 2dc6f10ac3905c162177222ce57406a0 x86_64/corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.x86_64.rpm 3f8e81acc938dd89f9a576cf50baff5f x86_64/corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFC1F2vmqjQ0CJFipgRArOSAKDWo0O1N7l6tQF2GZWz1Qu3f51pigCg6DIQ tC+ZaJj4e7hHldguWiHBbt4= =dOUk -----END PGP SIGNATURE-----
Powered by blists - more mailing lists