exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-143

Mandriva Linux Security Advisory 2009-143
Posted Jun 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-143 - Multiple security vulnerabilities has been identified and fixed in netpbm. The updated packages have been patched to prevent this.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3520, CVE-2008-3522
SHA-256 | b81ea8edb865aa9d27f8415798b828cc20746cd83801b09dfc80cc4527f2804a

Mandriva Linux Security Advisory 2009-143

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:143
http://www.mandriva.com/security/
_______________________________________________________________________

Package : netpbm
Date : June 26, 2009
Affected: Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple security vulnerabilities has been identified and fixed
in netpbm:

Multiple integer overflows in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via a crafted
image file, related to integer multiplication for memory allocation
(CVE-2008-3520).

Buffer overflow in the jas_stream_printf function in
libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via
vectors related to the mif_hdr_put function and use of vsprintf
(CVE-2008-3522).

The updated packages have been patched to prevent this.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
_______________________________________________________________________

Updated Packages:

Corporate 4.0:
ee725813ce84328353f254deaae6fb37 corporate/4.0/i586/libnetpbm10-10.29-1.5.20060mlcs4.i586.rpm
2aa11003c3f25f8e8c24b77bb149651c corporate/4.0/i586/libnetpbm10-devel-10.29-1.5.20060mlcs4.i586.rpm
986bf041d7635b323627d1e22d1dcad5 corporate/4.0/i586/libnetpbm10-static-devel-10.29-1.5.20060mlcs4.i586.rpm
785b15f9024d98211c8dce6924db0a1b corporate/4.0/i586/netpbm-10.29-1.5.20060mlcs4.i586.rpm
3e1a668baa86c6b280ec7cd07547c93c corporate/4.0/SRPMS/netpbm-10.29-1.5.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
d298f85e7e353913ac97ea15dc01a674 corporate/4.0/x86_64/lib64netpbm10-10.29-1.5.20060mlcs4.x86_64.rpm
70485d93a13188b2210a8024a96bc4f3 corporate/4.0/x86_64/lib64netpbm10-devel-10.29-1.5.20060mlcs4.x86_64.rpm
5c0f09c43181f26f57b0ced97be203ff corporate/4.0/x86_64/lib64netpbm10-static-devel-10.29-1.5.20060mlcs4.x86_64.rpm
3176c141b4a8b67f6418bb7ebe333675 corporate/4.0/x86_64/netpbm-10.29-1.5.20060mlcs4.x86_64.rpm
3e1a668baa86c6b280ec7cd07547c93c corporate/4.0/SRPMS/netpbm-10.29-1.5.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKRSSJmqjQ0CJFipgRAujBAKDtyVM+3LrDfWdPPN/+L1zN84kJvwCfRtlT
sB0NMhjI53zZSelwdUaTBrg=
=APY8
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close