exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-143

Mandriva Linux Security Advisory 2009-143
Posted Jun 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-143 - Multiple security vulnerabilities has been identified and fixed in netpbm. The updated packages have been patched to prevent this.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3520, CVE-2008-3522
SHA-256 | b81ea8edb865aa9d27f8415798b828cc20746cd83801b09dfc80cc4527f2804a

Mandriva Linux Security Advisory 2009-143

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:143
http://www.mandriva.com/security/
_______________________________________________________________________

Package : netpbm
Date : June 26, 2009
Affected: Corporate 4.0
_______________________________________________________________________

Problem Description:

Multiple security vulnerabilities has been identified and fixed
in netpbm:

Multiple integer overflows in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via a crafted
image file, related to integer multiplication for memory allocation
(CVE-2008-3520).

Buffer overflow in the jas_stream_printf function in
libjasper/base/jas_stream.c in JasPer 1.900.1 might allow
context-dependent attackers to have an unknown impact via
vectors related to the mif_hdr_put function and use of vsprintf
(CVE-2008-3522).

The updated packages have been patched to prevent this.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3522
_______________________________________________________________________

Updated Packages:

Corporate 4.0:
ee725813ce84328353f254deaae6fb37 corporate/4.0/i586/libnetpbm10-10.29-1.5.20060mlcs4.i586.rpm
2aa11003c3f25f8e8c24b77bb149651c corporate/4.0/i586/libnetpbm10-devel-10.29-1.5.20060mlcs4.i586.rpm
986bf041d7635b323627d1e22d1dcad5 corporate/4.0/i586/libnetpbm10-static-devel-10.29-1.5.20060mlcs4.i586.rpm
785b15f9024d98211c8dce6924db0a1b corporate/4.0/i586/netpbm-10.29-1.5.20060mlcs4.i586.rpm
3e1a668baa86c6b280ec7cd07547c93c corporate/4.0/SRPMS/netpbm-10.29-1.5.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
d298f85e7e353913ac97ea15dc01a674 corporate/4.0/x86_64/lib64netpbm10-10.29-1.5.20060mlcs4.x86_64.rpm
70485d93a13188b2210a8024a96bc4f3 corporate/4.0/x86_64/lib64netpbm10-devel-10.29-1.5.20060mlcs4.x86_64.rpm
5c0f09c43181f26f57b0ced97be203ff corporate/4.0/x86_64/lib64netpbm10-static-devel-10.29-1.5.20060mlcs4.x86_64.rpm
3176c141b4a8b67f6418bb7ebe333675 corporate/4.0/x86_64/netpbm-10.29-1.5.20060mlcs4.x86_64.rpm
3e1a668baa86c6b280ec7cd07547c93c corporate/4.0/SRPMS/netpbm-10.29-1.5.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKRSSJmqjQ0CJFipgRAujBAKDtyVM+3LrDfWdPPN/+L1zN84kJvwCfRtlT
sB0NMhjI53zZSelwdUaTBrg=
=APY8
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close