what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2006.039

Mandriva Linux Security Advisory 2006.039
Posted Feb 14, 2006
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Evgeny Legerov discovered cases of possible out-of-bounds access in the DER decoding schemes of libtasn1, when provided with invalid input. This library is bundled with gnutls.

tags | advisory
systems | linux, mandriva
SHA-256 | 1a12bdd85683ca42b32f6e4385c55ce9a939be0e58314cdea2f2c6eceac65ae3

Mandriva Linux Security Advisory 2006.039

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:039
https://www.mandriva.com/security/
_______________________________________________________________________

Package : gnutls
Date : February 13, 2006
Affected: 10.1, 10.2, 2006.0
_______________________________________________________________________

Problem Description:

Evgeny Legerov discovered cases of possible out-of-bounds access
in the DER decoding schemes of libtasn1, when provided with invalid
input. This library is bundled with gnutls.

The provided packages have been patched to correct these issues.
_______________________________________________________________________

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0645
_______________________________________________________________________

Updated Packages:

Mandriva Linux 10.1:
854980401ea37c7ffc74837684dda112 10.1/RPMS/gnutls-1.0.13-1.2.101mdk.i586.rpm
a7dbf3fc153f1cd47a70562c2f35583a 10.1/RPMS/libgnutls11-1.0.13-1.2.101mdk.i586.rpm
8f68fb4a8d295539c7067365b13e04fc 10.1/RPMS/libgnutls11-devel-1.0.13-1.2.101mdk.i586.rpm
9df50e7e944f3ceb82428920e3bafe15 10.1/SRPMS/gnutls-1.0.13-1.2.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
3fb98a2a65b1b0b0555ddff0e61a4a7b x86_64/10.1/RPMS/gnutls-1.0.13-1.2.101mdk.x86_64.rpm
d5ff612ea97c5668e7848e32de9b899c x86_64/10.1/RPMS/lib64gnutls11-1.0.13-1.2.101mdk.x86_64.rpm
45fbf72c634244ae61d6ed480a14b299 x86_64/10.1/RPMS/lib64gnutls11-devel-1.0.13-1.2.101mdk.x86_64.rpm
9df50e7e944f3ceb82428920e3bafe15 x86_64/10.1/SRPMS/gnutls-1.0.13-1.2.101mdk.src.rpm

Mandriva Linux 10.2:
dd212f4fd56ded6d63c67e6d2f95ccec 10.2/RPMS/gnutls-1.0.23-2.2.102mdk.i586.rpm
66cf0d26c552ed36223834a386e78bda 10.2/RPMS/libgnutls11-1.0.23-2.2.102mdk.i586.rpm
4cfb3fdfec9bb89fc3c3f0427320f226 10.2/RPMS/libgnutls11-devel-1.0.23-2.2.102mdk.i586.rpm
efb634eaa2e492a97d5a1c133ba203d0 10.2/SRPMS/gnutls-1.0.23-2.2.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
0660da8e12eeb87752c711815ae28772 x86_64/10.2/RPMS/gnutls-1.0.23-2.2.102mdk.x86_64.rpm
014d51131f651270d1794b1870aed135 x86_64/10.2/RPMS/lib64gnutls11-1.0.23-2.2.102mdk.x86_64.rpm
2835b640d5dc9a44d97f2bd6d4742898 x86_64/10.2/RPMS/lib64gnutls11-devel-1.0.23-2.2.102mdk.x86_64.rpm
efb634eaa2e492a97d5a1c133ba203d0 x86_64/10.2/SRPMS/gnutls-1.0.23-2.2.102mdk.src.rpm

Mandriva Linux 2006.0:
2dfb7ff638e5460a96629f12b33c12d5 2006.0/RPMS/gnutls-1.0.25-2.1.20060mdk.i586.rpm
baacaaf99353a45d410291a3b9588c5e 2006.0/RPMS/libgnutls11-1.0.25-2.1.20060mdk.i586.rpm
6eb83ab7dcff2dbfd0da0cff97d87e1d 2006.0/RPMS/libgnutls11-devel-1.0.25-2.1.20060mdk.i586.rpm
0558c6186fc001fa409d5802d6b09876 2006.0/SRPMS/gnutls-1.0.25-2.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
811e7ba9b1a8df7e7055d2719f8e8265 x86_64/2006.0/RPMS/gnutls-1.0.25-2.1.20060mdk.x86_64.rpm
0eb960f072648f8ae1e6c2f2b204ddd1 x86_64/2006.0/RPMS/lib64gnutls11-1.0.25-2.1.20060mdk.x86_64.rpm
6c767b46c44d485c8b62150336c73948 x86_64/2006.0/RPMS/lib64gnutls11-devel-1.0.25-2.1.20060mdk.x86_64.rpm
0558c6186fc001fa409d5802d6b09876 x86_64/2006.0/SRPMS/gnutls-1.0.25-2.1.20060mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

https://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFD8S4qmqjQ0CJFipgRAj4XAJ4347J7gCsR250n5fRIxIvy2PNzCACfa2v1
Z4gWlfsU/2DdjVjs17T1SUI=
=c7Oo
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close