 
| Content-Transfer-Encoding: |
7bit |
| Sender: |
|
| Subject: |
|
| From: |
|
| Date: |
Wed, 9 Jul 2014 18:43:11 +0000 |
| MIME-Version: |
1.0 |
| Content-Type: |
text/plain; charset="utf-8" |
| Reply-To: |
|
| Parts/Attachments: |
|
|
Synopsis: Moderate: lzo security update
Advisory ID: SLSA-2014:0861-2
Issue Date: 2014-07-09
CVE Numbers: CVE-2014-4607
--
An integer overflow flaw was found in the way the lzo library decompressed
certain archives compressed with the LZO algorithm. An attacker could
create a specially crafted LZO-compressed input that, when decompressed by
an application using the lzo library, would cause that application to
crash or, potentially, execute arbitrary code. (CVE-2014-4607)
For the update to take effect, all services linked to the lzo library must
be restarted or the system rebooted.
--
SL6
x86_64
lzo-2.03-3.1.el6_5.1.i686.rpm
lzo-devel-2.03-3.1.el6_5.1.i686.rpm
lzo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm
lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
i386
lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm
lzo-2.03-3.1.el6_5.1.i686.rpm
lzo-devel-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
srpm
lzo-2.03-3.1.el6_5.1.src.rpm
noarch
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm
- Scientific Linux Development Team
|
|
|
