 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 25 Sep 2009 11:52:57 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: newt security update
Issue date: 2009-09-24
CVE Names: CVE-2009-2905
CVE-2009-2905 newt: heap-overflow in textbox when text reflowing
A heap-based buffer overflow flaw was found in the way newt processes
content that is to be displayed in a text dialog box. A local attacker
could issue a specially-crafted text dialog box display request (direct
or via a custom application), leading to a denial of service
(application crash) or, potentially, arbitrary code execution with the
privileges of the user running the application using the newt library.
(CVE-2009-2905)
After installing the updated packages, all applications using the newt
library must be restarted for the update to take effect.
SL 3.0.x
SRPMS:
newt-0.51.5-2.el3.src.rpm
i386:
newt-0.51.5-2.el3.i386.rpm
newt-devel-0.51.5-2.el3.i386.rpm
x86_64:
newt-0.51.5-2.el3.i386.rpm
newt-0.51.5-2.el3.x86_64.rpm
newt-devel-0.51.5-2.el3.x86_64.rpm
SL 4.x
SRPMS:
newt-0.51.6-10.el4_8.1.src.rpm
i386:
newt-0.51.6-10.el4_8.1.i386.rpm
newt-devel-0.51.6-10.el4_8.1.i386.rpm
x86_64:
newt-0.51.6-10.el4_8.1.i386.rpm
newt-0.51.6-10.el4_8.1.x86_64.rpm
newt-devel-0.51.6-10.el4_8.1.x86_64.rpm
SL 5.x
SRPMS:
newt-0.52.2-12.el5_4.1.src.rpm
i386:
newt-0.52.2-12.el5_4.1.i386.rpm
newt-devel-0.52.2-12.el5_4.1.i386.rpm
x86_64:
newt-0.52.2-12.el5_4.1.i386.rpm
newt-0.52.2-12.el5_4.1.x86_64.rpm
newt-devel-0.52.2-12.el5_4.1.i386.rpm
newt-devel-0.52.2-12.el5_4.1.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|
