ignore security and it'll go away

Mandriva Linux Security Advisory 2012-041

Mandriva Linux Security Advisory 2012-041
Posted Mar 28, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-041 - A memory leak and a hash table collision flaw in expat could cause denial of service attacks. The updated packages have been patched to correct this issue.

tags | advisory, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2012-0876, CVE-2012-1148
MD5 | bc5d99bc968a3302928048a8bf550249

Mandriva Linux Security Advisory 2012-041

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2012:041
http://www.mandriva.com/security/
_______________________________________________________________________

Package : expat
Date : March 27, 2012
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

A memory leak and a hash table collision flaw in expat could cause
denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148).

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1148
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
210b60280a0baf8e08634e0ea6a3bab9 2010.1/i586/expat-2.0.1-12.1mdv2010.2.i586.rpm
0b657867100b109cbf90a05d2262bec7 2010.1/i586/libexpat1-2.0.1-12.1mdv2010.2.i586.rpm
0bd180a7b4f4d93df5b74f66e2c85e74 2010.1/i586/libexpat1-devel-2.0.1-12.1mdv2010.2.i586.rpm
9f063d0589f638e047de6a5266e6ac84 2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
ced30873d989d1511e828037b4f68d4d 2010.1/x86_64/expat-2.0.1-12.1mdv2010.2.x86_64.rpm
ebd7d687082377e65c818f8ba780b66d 2010.1/x86_64/lib64expat1-2.0.1-12.1mdv2010.2.x86_64.rpm
fd8bef44ccdadeaf14966b44733883fe 2010.1/x86_64/lib64expat1-devel-2.0.1-12.1mdv2010.2.x86_64.rpm
9f063d0589f638e047de6a5266e6ac84 2010.1/SRPMS/expat-2.0.1-12.1mdv2010.2.src.rpm

Mandriva Linux 2011:
6c8bdc44eed2cebf483d4041d57f5eea 2011/i586/expat-2.0.1-15.1-mdv2011.0.i586.rpm
8211eeb028a563dcbedda7d1726035bb 2011/i586/libexpat1-2.0.1-15.1-mdv2011.0.i586.rpm
c6c9685891ae405ff6181b6899ee10ce 2011/i586/libexpat-devel-2.0.1-15.1-mdv2011.0.i586.rpm
7afd883dae4a17201128de1485cf949c 2011/i586/libexpat-static-devel-2.0.1-15.1-mdv2011.0.i586.rpm
4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm

Mandriva Linux 2011/X86_64:
7e84ec2183f6ba903779b00f914e3813 2011/x86_64/expat-2.0.1-15.1-mdv2011.0.x86_64.rpm
d7c0853983ce8d2dc2b0b9740924acd7 2011/x86_64/lib64expat1-2.0.1-15.1-mdv2011.0.x86_64.rpm
ecca4f586885b53d2a0ca39a8985f561 2011/x86_64/lib64expat-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm
f87f9aecd51f1f20508dc6f6ad5f02e6 2011/x86_64/lib64expat-static-devel-2.0.1-15.1-mdv2011.0.x86_64.rpm
4be73538c443ced014373c7e364daac5 2011/SRPMS/expat-2.0.1-15.1.src.rpm

Mandriva Enterprise Server 5:
9618c2dceec06fcb04655e2adb9f8d9d mes5/i586/expat-2.0.1-7.4mdvmes5.2.i586.rpm
a0b4d2e3b545f6d63cef9476da3cc72f mes5/i586/libexpat1-2.0.1-7.4mdvmes5.2.i586.rpm
95ec804d1758d0a7628abd42bf3e54e5 mes5/i586/libexpat1-devel-2.0.1-7.4mdvmes5.2.i586.rpm
01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
4781b62e289cae964e8a7c540d2387c9 mes5/x86_64/expat-2.0.1-7.4mdvmes5.2.x86_64.rpm
aee65480dd6cc31f957c3b17771babf6 mes5/x86_64/lib64expat1-2.0.1-7.4mdvmes5.2.x86_64.rpm
ddbc81b65a6969e17900bbbc842cc8e4 mes5/x86_64/lib64expat1-devel-2.0.1-7.4mdvmes5.2.x86_64.rpm
01271afe453d63599a6951f7dbc83197 mes5/SRPMS/expat-2.0.1-7.4mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPcd5UmqjQ0CJFipgRAvzjAJ46WPQm7hmP1/gmoLmPmFMdZYcOrQCgq/oR
ZVAk5KD7zUd2cFhkef3xvRo=
=EuSi
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close