Subject: | |
From: | |
Reply To: | |
Date: | Wed, 9 Jul 2014 18:43:11 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: lzo security update
Advisory ID: SLSA-2014:0861-2
Issue Date: 2014-07-09
CVE Numbers: CVE-2014-4607
--
An integer overflow flaw was found in the way the lzo library decompressed
certain archives compressed with the LZO algorithm. An attacker could
create a specially crafted LZO-compressed input that, when decompressed by
an application using the lzo library, would cause that application to
crash or, potentially, execute arbitrary code. (CVE-2014-4607)
For the update to take effect, all services linked to the lzo library must
be restarted or the system rebooted.
--
SL6
x86_64
lzo-2.03-3.1.el6_5.1.i686.rpm
lzo-devel-2.03-3.1.el6_5.1.i686.rpm
lzo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm
lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
i386
lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm
lzo-2.03-3.1.el6_5.1.i686.rpm
lzo-devel-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
srpm
lzo-2.03-3.1.el6_5.1.src.rpm
noarch
lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm
lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm
- Scientific Linux Development Team
|
|
|