lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1GhpGX-0001vq-H7@mercury.mandriva.com>
Date: Wed,  8 Nov 2006 08:23:01 -0700
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDKSA-2006:203 ] - Updated texinfo packages fix
	vulnerability


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:203
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : texinfo
 Date    : November 8, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 Miloslav Trmac discovered a buffer overflow in texinfo. This issue can
 cause texi2dvi or texindex to crash when processing a carefully crafted
 file.

 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4810
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 cc1879d0392af708f7c37bca15dd9879  2006.0/i586/info-4.8-1.2.20060mdk.i586.rpm
 4c80a4e06e04e28ae6bc9d34d0ce6b9c  2006.0/i586/info-install-4.8-1.2.20060mdk.i586.rpm
 84e851c4c094d8259debe9a92da97efd  2006.0/i586/texinfo-4.8-1.2.20060mdk.i586.rpm 
 f63eeab2e5fd19d6df4d794cc9a0556d  2006.0/SRPMS/texinfo-4.8-1.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 b37fd6f8393fe1a997da4dfcf24e0c6c  2006.0/x86_64/info-4.8-1.2.20060mdk.x86_64.rpm
 d3e5f5d3df7464226e370d18d2040d78  2006.0/x86_64/info-install-4.8-1.2.20060mdk.x86_64.rpm
 94ad72f47a76488f8fe3000187217e9d  2006.0/x86_64/texinfo-4.8-1.2.20060mdk.x86_64.rpm 
 f63eeab2e5fd19d6df4d794cc9a0556d  2006.0/SRPMS/texinfo-4.8-1.2.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 841f25fd2ae052fa135f347d1a321a61  2007.0/i586/info-4.8-4.1mdv2007.0.i586.rpm
 d0ba0f48503167816581c5f4166949ad  2007.0/i586/info-install-4.8-4.1mdv2007.0.i586.rpm
 c731ee9865530fdbafc445b56b67e5ad  2007.0/i586/texinfo-4.8-4.1mdv2007.0.i586.rpm 
 b8bf1a5838ac82d4910e9a5e5ea612b4  2007.0/SRPMS/texinfo-4.8-4.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 054058a5ef065bc25d0bb87b36ad3622  2007.0/x86_64/info-4.8-4.1mdv2007.0.x86_64.rpm
 5b63631e0cd60e201e14332faf3e30d8  2007.0/x86_64/info-install-4.8-4.1mdv2007.0.x86_64.rpm
 cbdda90e9cce0abc9de7fdfab70f593e  2007.0/x86_64/texinfo-4.8-4.1mdv2007.0.x86_64.rpm 
 b8bf1a5838ac82d4910e9a5e5ea612b4  2007.0/SRPMS/texinfo-4.8-4.1mdv2007.0.src.rpm

 Corporate 3.0:
 81b5711c0afe51a12aa4458ab0b680c3  corporate/3.0/i586/info-4.6-1.2.C30mdk.i586.rpm
 65e67c1be9ca13d7320218e60fab855c  corporate/3.0/i586/info-install-4.6-1.2.C30mdk.i586.rpm
 fc7f021455259a97412c95b3939ede98  corporate/3.0/i586/texinfo-4.6-1.2.C30mdk.i586.rpm 
 13d484c70a47aa50038c1f59b514aaaa  corporate/3.0/SRPMS/texinfo-4.6-1.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 942bc82c461a5bd53799978b7c7d37ac  corporate/3.0/x86_64/info-4.6-1.2.C30mdk.x86_64.rpm
 616999400ddebcfc8593bfb47f7a8835  corporate/3.0/x86_64/info-install-4.6-1.2.C30mdk.x86_64.rpm
 ad900d22f4e1402ef303aa211109845a  corporate/3.0/x86_64/texinfo-4.6-1.2.C30mdk.x86_64.rpm 
 13d484c70a47aa50038c1f59b514aaaa  corporate/3.0/SRPMS/texinfo-4.6-1.2.C30mdk.src.rpm

 Corporate 4.0:
 cc0ef9a317302dc40c14d90bbc10200d  corporate/4.0/i586/info-4.8-1.2.20060mlcs4.i586.rpm
 db1c66093560e85561313346c9e8d110  corporate/4.0/i586/info-install-4.8-1.2.20060mlcs4.i586.rpm
 cacd6c6cc8e1f1199d3bfc9efafe53f7  corporate/4.0/i586/texinfo-4.8-1.2.20060mlcs4.i586.rpm 
 915e8d5f747b0ed558491ed474f3ca4f  corporate/4.0/SRPMS/texinfo-4.8-1.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 0016ff4dfe7b413ef3dff74d6d5037e2  corporate/4.0/x86_64/info-4.8-1.2.20060mlcs4.x86_64.rpm
 4d4b71acc580a419fbb2a8654324a8b7  corporate/4.0/x86_64/info-install-4.8-1.2.20060mlcs4.x86_64.rpm
 09f9fcfe879baa6a4296bde478e536c5  corporate/4.0/x86_64/texinfo-4.8-1.2.20060mlcs4.x86_64.rpm 
 915e8d5f747b0ed558491ed474f3ca4f  corporate/4.0/SRPMS/texinfo-4.8-1.2.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFUckhmqjQ0CJFipgRAq1PAJ4w4mL8uDnDkRGrZYQ7/Mz/8B98kwCggUQo
uHTmSaCDpMEUjAqWp9zkmOM=
=SLd6
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ