LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: December 22nd, 2014
Linux Advisory Watch: December 19th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandriva: Updated pwlib packages fix vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga. Updated packages have been patched to prevent these issues.
 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:206
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : pwlib
 Date    : November 2, 2007
 Affected: 2007.0, 2007.1, 2008.0, Corporate 3.0
 _______________________________________________________________________
 
 Problem Description:
 
 A memory management flaw was discovered in PWLib, that an attacker
 could use to crash an application linked with it, such as Ekiga.
 
 Updated packages have been patched to prevent these issues.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4897
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 4bfc45bd6236ac7659c16d4feba43091  2007.0/i586/libpwlib1-1.10.2-2.1mdv2007.0.i586.rpm
 84cea52a64deef3df562a5de3750d20e  2007.0/i586/libpwlib1-devel-1.10.2-2.1mdv2007.0.i586.rpm
 978af2994d3c5dcb68d2284d6bf4d0b7  2007.0/i586/libpwlib1-plugins-1.10.2-2.1mdv2007.0.i586.rpm
 64ca0ae79677f914c8c699a227b0eae1  2007.0/i586/libpwlib1-plugins-avc-1.10.2-2.1mdv2007.0.i586.rpm
 3a31d6eea21466adb7e4e67dc6ee5cfd  2007.0/i586/libpwlib1-plugins-dc-1.10.2-2.1mdv2007.0.i586.rpm 
 caadaec51df423b89a7f3a3e2eacbb2c  2007.0/SRPMS/pwlib-1.10.2-2.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 90955615e7f4cdcd85bdf6d0b38b39a1  2007.0/x86_64/lib64pwlib1-1.10.2-2.1mdv2007.0.x86_64.rpm
 70d13f9ef3892ee761325a87692aa01b  2007.0/x86_64/lib64pwlib1-devel-1.10.2-2.1mdv2007.0.x86_64.rpm
 59584508e6651e76f6e0b03953fd6981  2007.0/x86_64/lib64pwlib1-plugins-1.10.2-2.1mdv2007.0.x86_64.rpm
 c828a72fdc9c39d8b1d89fb3c3ae6a78  2007.0/x86_64/lib64pwlib1-plugins-avc-1.10.2-2.1mdv2007.0.x86_64.rpm
 5d64b400ab9206a00955425c5ff4b577  2007.0/x86_64/lib64pwlib1-plugins-dc-1.10.2-2.1mdv2007.0.x86_64.rpm 
 caadaec51df423b89a7f3a3e2eacbb2c  2007.0/SRPMS/pwlib-1.10.2-2.1mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 6de321ca2091bb5d35393f6da5374e74  2007.1/i586/libpwlib1-1.10.5-1.1mdv2007.1.i586.rpm
 ff1a2fc457b5f6c96c88eb3b4f966a51  2007.1/i586/libpwlib1-devel-1.10.5-1.1mdv2007.1.i586.rpm
 9be1480880bd440c965f822aecbb997f  2007.1/i586/libpwlib1-plugins-1.10.5-1.1mdv2007.1.i586.rpm
 dcbd0515c7b463a3b392af866df0a67d  2007.1/i586/libpwlib1-plugins-avc-1.10.5-1.1mdv2007.1.i586.rpm
 f9fd8e259564dec1da67742f88259aee  2007.1/i586/libpwlib1-plugins-dc-1.10.5-1.1mdv2007.1.i586.rpm 
 2a2d05b989a6c0c33c5aa0481555d5f7  2007.1/SRPMS/pwlib-1.10.5-1.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 8ed6153bca8d7ba7bf00b64c19ca2e4b  2007.1/x86_64/lib64pwlib1-1.10.5-1.1mdv2007.1.x86_64.rpm
 028e266dcfe898f5e66bc5e6101fb952  2007.1/x86_64/lib64pwlib1-devel-1.10.5-1.1mdv2007.1.x86_64.rpm
 a79400f5f945015d5ee59c2edb54425e  2007.1/x86_64/lib64pwlib1-plugins-1.10.5-1.1mdv2007.1.x86_64.rpm
 81640e8727aa5a474db2b920472a7e4d  2007.1/x86_64/lib64pwlib1-plugins-avc-1.10.5-1.1mdv2007.1.x86_64.rpm
 6ceb9298e5db9fc861355e5ec3ba0afd  2007.1/x86_64/lib64pwlib1-plugins-dc-1.10.5-1.1mdv2007.1.x86_64.rpm 
 2a2d05b989a6c0c33c5aa0481555d5f7  2007.1/SRPMS/pwlib-1.10.5-1.1mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 07c5dd8c2f8a564b60b0fb1cbf770323  2008.0/i586/libpwlib1-1.10.10-2.1mdv2008.0.i586.rpm
 a9596ac6c7ed9604f7d674ea843acc3f  2008.0/i586/libpwlib1-devel-1.10.10-2.1mdv2008.0.i586.rpm
 4ec351c5bb57d2883b3cab9813831115  2008.0/i586/libpwlib1-plugins-1.10.10-2.1mdv2008.0.i586.rpm
 f5fd094f33496c98ad8d3b2c5687e3ef  2008.0/i586/libpwlib1-plugins-avc-1.10.10-2.1mdv2008.0.i586.rpm
 8bb1307d4810fa065e2dd8e6d01f83b6  2008.0/i586/libpwlib1-plugins-dc-1.10.10-2.1mdv2008.0.i586.rpm 
 c9d691a9c0d4fa8bee1e1f879d23201b  2008.0/SRPMS/pwlib-1.10.10-2.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 88b3a46ab5106a47d40ac0d5f448ba88  2008.0/x86_64/lib64pwlib1-1.10.10-2.1mdv2008.0.x86_64.rpm
 9886151d07a498669322de5c9a34a58b  2008.0/x86_64/lib64pwlib1-devel-1.10.10-2.1mdv2008.0.x86_64.rpm
 618d84b58b6287643bd381ae94267d38  2008.0/x86_64/lib64pwlib1-plugins-1.10.10-2.1mdv2008.0.x86_64.rpm
 69470a8b930804ce8475b143dfca8b02  2008.0/x86_64/lib64pwlib1-plugins-avc-1.10.10-2.1mdv2008.0.x86_64.rpm
 d473d19c955655ac78e5deb3e9b2f49e  2008.0/x86_64/lib64pwlib1-plugins-dc-1.10.10-2.1mdv2008.0.x86_64.rpm 
 c9d691a9c0d4fa8bee1e1f879d23201b  2008.0/SRPMS/pwlib-1.10.10-2.1mdv2008.0.src.rpm

 Corporate 3.0:
 769c95db126e8dbf1935af7c3ed04f0e  corporate/3.0/i586/libpwlib1-1.5.2-2.2.C30mdk.i586.rpm
 5bd83f298d7a21c047fe5d0bff250022  corporate/3.0/i586/libpwlib1-devel-1.5.2-2.2.C30mdk.i586.rpm 
 37ebe166490bd05ad0a9e9d345a3db1a  corporate/3.0/SRPMS/pwlib-1.5.2-2.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8384099d3a1c847d3014fa38e504bc00  corporate/3.0/x86_64/lib64pwlib1-1.5.2-2.2.C30mdk.x86_64.rpm
 125d19bcf8ef1a6f2b4d2addead8c6c4  corporate/3.0/x86_64/lib64pwlib1-devel-1.5.2-2.2.C30mdk.x86_64.rpm 
 37ebe166490bd05ad0a9e9d345a3db1a  corporate/3.0/SRPMS/pwlib-1.5.2-2.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Report: U.S. planning “proportional response” to Sony hack, blamed on North Korea
Heartbleed, Shellshock, Tor and more: The 13 biggest security stories of 2014
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.