Mandrake alert MDKSA-2004:077 (wv)
| From: | Mandrake Linux Security Team <security@linux-mandrake.com> | |
| To: | security-announce@linux-mandrake.com | |
| Subject: | [Security Announce] MDKSA-2004:077 - Updated wv packages fix vulnerability | |
| Date: | 30 Jul 2004 05:26:08 -0000 |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandrakelinux Security Update Advisory _______________________________________________________________________ Package name: wv Advisory ID: MDKSA-2004:077 Date: July 29th, 2004 Affected versions: 10.0, 9.2 ______________________________________________________________________ Problem Description: iDefense discovered a buffer overflow vulnerability in the wv package which could allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application. The updated packages are patched to protect against this problem. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0645 http://www.idefense.com/application/poi/display?id=115&[...] ______________________________________________________________________ Updated Packages: Mandrakelinux 10.0: 7bc8b712dbb5ca6592de05341b6d1489 10.0/RPMS/libwv-1.0_0-1.0.0-1.1.100mdk.i586.rpm bec8e09ab3be99e622bd62cf6c0cf3df 10.0/RPMS/libwv-1.0_0-devel-1.0.0-1.1.100mdk.i586.rpm e9795464f2baa0bb36ea2f15d7e420c6 10.0/RPMS/wv-1.0.0-1.1.100mdk.i586.rpm 10a630945f35b4a90f36a6270d98d241 10.0/SRPMS/wv-1.0.0-1.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64: e3072c5942b032b547b04dd10a442826 amd64/10.0/RPMS/lib64wv-1.0_0-1.0.0-1.1.100mdk.amd64.rpm 8b369ac8db42130442c003cb7229a7d1 amd64/10.0/RPMS/lib64wv-1.0_0-devel-1.0.0-1.1.100mdk.amd64.rpm 98c5fa468e3815501058461213bb7da7 amd64/10.0/RPMS/wv-1.0.0-1.1.100mdk.amd64.rpm 10a630945f35b4a90f36a6270d98d241 amd64/10.0/SRPMS/wv-1.0.0-1.1.100mdk.src.rpm Mandrakelinux 9.2: dcf67ddd72cc96ea526d4189dce93edb 9.2/RPMS/libwv-1.0_0-1.0.0-1.1.92mdk.i586.rpm d9c0629e2c8921a93290aede1b5158f9 9.2/RPMS/libwv-1.0_0-devel-1.0.0-1.1.92mdk.i586.rpm fa6f235b5934c40af8cb087394bcdefc 9.2/RPMS/wv-1.0.0-1.1.92mdk.i586.rpm ef345c688ddb57bdbadba00a5b924c79 9.2/SRPMS/wv-1.0.0-1.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64: a23f13d265c1916c45c514798a37aaad amd64/9.2/RPMS/lib64wv-1.0_0-1.0.0-1.1.92mdk.amd64.rpm 9ca5b4da978fb5c7908cd52018f6e191 amd64/9.2/RPMS/lib64wv-1.0_0-devel-1.0.0-1.1.92mdk.amd64.rpm 568e4b5933ceed44a7c7b30dfff15f80 amd64/9.2/RPMS/wv-1.0.0-1.1.92mdk.amd64.rpm ef345c688ddb57bdbadba00a5b924c79 amd64/9.2/SRPMS/wv-1.0.0-1.1.92mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandrakesoft for security. You can obtain the GPG public key of the Mandrakelinux Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandrakelinux at: http://www.mandrakesoft.com/security/advisories If you want to report vulnerabilities, please contact security_linux-mandrake.com Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security linux-mandrake.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFBCdvwmqjQ0CJFipgRAoHPAJ419K04Am6fBCVSjd92EMUjQyW3QACgvnkl xlFsJ7R1txTrB3F7MPA7AMI= =ywgN -----END PGP SIGNATURE----- ____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
(Log in to post comments)