exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2006.039

Mandriva Linux Security Advisory 2006.039
Posted Feb 14, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Evgeny Legerov discovered cases of possible out-of-bounds access in the DER decoding schemes of libtasn1, when provided with invalid input. This library is bundled with gnutls.

tags | advisory
systems | linux, mandriva
SHA-256 | 1a12bdd85683ca42b32f6e4385c55ce9a939be0e58314cdea2f2c6eceac65ae3

Mandriva Linux Security Advisory 2006.039

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:039
http://www.mandriva.com/security/
_______________________________________________________________________

Package : gnutls
Date : February 13, 2006
Affected: 10.1, 10.2, 2006.0
_______________________________________________________________________

Problem Description:

Evgeny Legerov discovered cases of possible out-of-bounds access
in the DER decoding schemes of libtasn1, when provided with invalid
input. This library is bundled with gnutls.

The provided packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0645
_______________________________________________________________________

Updated Packages:

Mandriva Linux 10.1:
854980401ea37c7ffc74837684dda112 10.1/RPMS/gnutls-1.0.13-1.2.101mdk.i586.rpm
a7dbf3fc153f1cd47a70562c2f35583a 10.1/RPMS/libgnutls11-1.0.13-1.2.101mdk.i586.rpm
8f68fb4a8d295539c7067365b13e04fc 10.1/RPMS/libgnutls11-devel-1.0.13-1.2.101mdk.i586.rpm
9df50e7e944f3ceb82428920e3bafe15 10.1/SRPMS/gnutls-1.0.13-1.2.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
3fb98a2a65b1b0b0555ddff0e61a4a7b x86_64/10.1/RPMS/gnutls-1.0.13-1.2.101mdk.x86_64.rpm
d5ff612ea97c5668e7848e32de9b899c x86_64/10.1/RPMS/lib64gnutls11-1.0.13-1.2.101mdk.x86_64.rpm
45fbf72c634244ae61d6ed480a14b299 x86_64/10.1/RPMS/lib64gnutls11-devel-1.0.13-1.2.101mdk.x86_64.rpm
9df50e7e944f3ceb82428920e3bafe15 x86_64/10.1/SRPMS/gnutls-1.0.13-1.2.101mdk.src.rpm

Mandriva Linux 10.2:
dd212f4fd56ded6d63c67e6d2f95ccec 10.2/RPMS/gnutls-1.0.23-2.2.102mdk.i586.rpm
66cf0d26c552ed36223834a386e78bda 10.2/RPMS/libgnutls11-1.0.23-2.2.102mdk.i586.rpm
4cfb3fdfec9bb89fc3c3f0427320f226 10.2/RPMS/libgnutls11-devel-1.0.23-2.2.102mdk.i586.rpm
efb634eaa2e492a97d5a1c133ba203d0 10.2/SRPMS/gnutls-1.0.23-2.2.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
0660da8e12eeb87752c711815ae28772 x86_64/10.2/RPMS/gnutls-1.0.23-2.2.102mdk.x86_64.rpm
014d51131f651270d1794b1870aed135 x86_64/10.2/RPMS/lib64gnutls11-1.0.23-2.2.102mdk.x86_64.rpm
2835b640d5dc9a44d97f2bd6d4742898 x86_64/10.2/RPMS/lib64gnutls11-devel-1.0.23-2.2.102mdk.x86_64.rpm
efb634eaa2e492a97d5a1c133ba203d0 x86_64/10.2/SRPMS/gnutls-1.0.23-2.2.102mdk.src.rpm

Mandriva Linux 2006.0:
2dfb7ff638e5460a96629f12b33c12d5 2006.0/RPMS/gnutls-1.0.25-2.1.20060mdk.i586.rpm
baacaaf99353a45d410291a3b9588c5e 2006.0/RPMS/libgnutls11-1.0.25-2.1.20060mdk.i586.rpm
6eb83ab7dcff2dbfd0da0cff97d87e1d 2006.0/RPMS/libgnutls11-devel-1.0.25-2.1.20060mdk.i586.rpm
0558c6186fc001fa409d5802d6b09876 2006.0/SRPMS/gnutls-1.0.25-2.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
811e7ba9b1a8df7e7055d2719f8e8265 x86_64/2006.0/RPMS/gnutls-1.0.25-2.1.20060mdk.x86_64.rpm
0eb960f072648f8ae1e6c2f2b204ddd1 x86_64/2006.0/RPMS/lib64gnutls11-1.0.25-2.1.20060mdk.x86_64.rpm
6c767b46c44d485c8b62150336c73948 x86_64/2006.0/RPMS/lib64gnutls11-devel-1.0.25-2.1.20060mdk.x86_64.rpm
0558c6186fc001fa409d5802d6b09876 x86_64/2006.0/SRPMS/gnutls-1.0.25-2.1.20060mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD8S4qmqjQ0CJFipgRAj4XAJ4347J7gCsR250n5fRIxIvy2PNzCACfa2v1
Z4gWlfsU/2DdjVjs17T1SUI=
=c7Oo
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close