---------------------------------------------------------------------- Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure. The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,700 different Windows applications. Request your account, the Secunia Network Software Inspector (NSI): http://secunia.com/network_software_inspector/ ---------------------------------------------------------------------- TITLE: Mandriva update for libvorbis SECUNIA ADVISORY ID: SA27170 VERIFY ADVISORY: http://secunia.com/advisories/27170/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ DESCRIPTION: Mandriva has issued an update for libvorbis. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA26232 SOLUTION: Apply updated packages. -- Mandriva Linux 2007.0 -- d41be27509ec3be88b202966d4a59550 2007.0/i586/libvorbis0-1.1.2-1.2mdv2007.0.i586.rpm e75b4f86a4c5d58f77373d50fbea8768 2007.0/i586/libvorbis0-devel-1.1.2-1.2mdv2007.0.i586.rpm 23f95877a057ba9cec80183affdbcd26 2007.0/i586/libvorbisenc2-1.1.2-1.2mdv2007.0.i586.rpm 5f32c9d9d23d2cca8814ad11c6992695 2007.0/i586/libvorbisfile3-1.1.2-1.2mdv2007.0.i586.rpm 3307e950d4b3918d358e9b82df6001cf 2007.0/SRPMS/libvorbis-1.1.2-1.2mdv2007.0.src.rpm -- Mandriva Linux 2007.0/X86_64 -- 402d3b03c86b0137011d1e46b51c5882 2007.0/x86_64/lib64vorbis0-1.1.2-1.2mdv2007.0.x86_64.rpm f2ac23af2f02fa7ae18eff8251a7187f 2007.0/x86_64/lib64vorbis0-devel-1.1.2-1.2mdv2007.0.x86_64.rpm 26edae58c4d13b1d3231eb5dc1560dac 2007.0/x86_64/lib64vorbisenc2-1.1.2-1.2mdv2007.0.x86_64.rpm 63e13185eeaa037dbc4fc583b85c0143 2007.0/x86_64/lib64vorbisfile3-1.1.2-1.2mdv2007.0.x86_64.rpm 3307e950d4b3918d358e9b82df6001cf 2007.0/SRPMS/libvorbis-1.1.2-1.2mdv2007.0.src.rpm ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066525.html OTHER REFERENCES: SA26232: http://secunia.com/advisories/26232/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------