Fedora Core 3 Update: alsa-lib-1.0.6-7.FC3 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

Is Mandatory Access Control Too Much Security For Enterprise's Linux?

	Yes, too difficult to configure and manage.
	No. You can never have enough security.
	Yes. Standard Linux security settings work for us.
	No. Industry demands will demand SELinux.
	Don't know.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: August 29th, 2008

Linux Security Week: August 25th, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 3 Update: alsa-lib-1.0.6-7.FC3

User Rating:

How can I rate this item?

Posted by Joseph Shakespeare

A flaw in the alsa mixer code was discovered, which disabled stack execution protection for the libasound.so library distributed with Fedora Core 3. The effect of this flaw resulted in stack execution protection, through NX or Exec-Shield, which was disabled for any application linked to libasound.

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-042
2005-01-20
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : alsa-lib
Version     : 1.0.6
Release     : 7.FC3
Summary     : The Advanced Linux Sound Architecture (ALSA) library.
Description :
The Advanced Linux Sound Architecture (ALSA) provides audio and MIDI
functionality to the Linux operating system.

This package includes the ALSA runtime libraries to simplify application
programming and provide higher level functionality as well as support for
the older OSS API, providing binary compatibility for most OSS programs.

---------------------------------------------------------------------
Update Information:

A flaw in the alsa mixer code was discovered, which disabled stack
execution protection for the libasound.so library distributed with
Fedora Core 3. The effect of this flaw resulted in stack execution
protection, through NX or Exec-Shield, which was disabled for any
application linked to libasound.

Updated version of alsa-lib package sorts out this problem.

---------------------------------------------------------------------
* Tue Jan 18 2005 Martin Stransky  1.0.6-7.FC3

- rebuilt

* Mon Jan 10 2005 Martin Stransky  1.0.6-6.FC3

- fixed #144518 - alsa-lib disables stack protection for it's users


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

131cdd571208adc5a9a7b88ced3bfa55  SRPMS/alsa-lib-1.0.6-7.FC3.src.rpm
cccfefc8b2218dc10b58f4ba5af9a349  x86_64/alsa-lib-1.0.6-7.FC3.x86_64.rpm
6a7bcc6925d31d0b4668db3265def910  x86_64/alsa-lib-devel-1.0.6-7.FC3.x86_64.rpm
f742758ca98220f169c5127b0c4a7caa  x86_64/debug/alsa-lib-debuginfo-1.0.6-7.FC3.x86_64.rpm
1cec9e97fc7e5598a577f5d1c9faf8d5  x86_64/alsa-lib-1.0.6-7.FC3.i386.rpm
1cec9e97fc7e5598a577f5d1c9faf8d5  i386/alsa-lib-1.0.6-7.FC3.i386.rpm
e9b8cd1ceed062fc08b7eaa62c686c0e  i386/alsa-lib-devel-1.0.6-7.FC3.i386.rpm
be4e68055d0a568efc48a580f2535c6e  i386/debug/alsa-lib-debuginfo-1.0.6-7.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

< Prev		Next >

Partner:

Latest Features

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Meet the Anti-Nmap: PSAD

Open Source Tool of February: Nmap!

Yesterday's Edition

Security Configuration Guides

Firefox 3.0's SSL Certificate Interface Meets Resistance

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital