Home page logo
/

bugtraq logo Bugtraq mailing list archives

MDKSA-2005:117 - Updated dhcpcd packages fix vulnerabilities
From: Mandriva Security Team <security () mandriva com>
Date: Tue, 12 Jul 2005 18:17:51 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           dhcpcd
 Advisory ID:            MDKSA-2005:117
 Date:                   July 12th, 2005

 Affected versions:      10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 "infamous42md" discovered that the dhcpcd DHCP client could be tricked
 into reading past the end of the supplied DHCP buffer, which could
 lead to the daemon crashing.
 
 The updated packages have been patched to address this issue.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 c690959dc0ba51327c85856cc42c0c05  10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.i586.rpm
 6b830a9a614025aa26c74c831dbbcd24  10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 190a7e068611249ab13eba7f0754f30a  x86_64/10.1/RPMS/dhcpcd-1.3.22pl4-4.1.101mdk.x86_64.rpm
 6b830a9a614025aa26c74c831dbbcd24  x86_64/10.1/SRPMS/dhcpcd-1.3.22pl4-4.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 8d7e2e4f9dd145c72dfa06b662437206  10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.i586.rpm
 f88321c6e99e6ecdd614e79dd938d6b4  10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 442b745b6d43b1fca68a9843e8c55c94  x86_64/10.2/RPMS/dhcpcd-1.3.22pl4-4.1.102mdk.x86_64.rpm
 f88321c6e99e6ecdd614e79dd938d6b4  x86_64/10.2/SRPMS/dhcpcd-1.3.22pl4-4.1.102mdk.src.rpm

 Corporate 3.0:
 f12b8268879122dbfbb348856578701e  corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.i586.rpm
 3f8e81acc938dd89f9a576cf50baff5f  corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 2dc6f10ac3905c162177222ce57406a0  x86_64/corporate/3.0/RPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.x86_64.rpm
 3f8e81acc938dd89f9a576cf50baff5f  x86_64/corporate/3.0/SRPMS/dhcpcd-1.3.22pl4-4.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC1F2vmqjQ0CJFipgRArOSAKDWo0O1N7l6tQF2GZWz1Qu3f51pigCg6DIQ
tC+ZaJj4e7hHldguWiHBbt4=
=dOUk
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • MDKSA-2005:117 - Updated dhcpcd packages fix vulnerabilities Mandriva Security Team (Jul 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]