Synopsis: Moderate: cscope security update Issue date: 2009-06-15 CVE Names: CVE-2004-2541 CVE-2006-4262 CVE-2009-0148 CVE-2009-1577 Multiple buffer overflow flaws were found in cscope. An attacker could create a specially crafted source code file that could cause cscope to crash or, possibly, execute arbitrary code when browsed with cscope. (CVE-2004-2541, CVE-2006-4262, CVE-2009-0148, CVE-2009-1577) All running instances of cscope must be restarted for this update to take effect. SL 3.0.x SRPMS: cscope-15.5-16.RHEL3.src.rpm i386: cscope-15.5-16.RHEL3.i386.rpm x86_64: cscope-15.5-16.RHEL3.x86_64.rpm SL 4.x SRPMS: cscope-15.5-10.RHEL4.3.src.rpm i386: cscope-15.5-10.RHEL4.3.i386.rpm x86_64: cscope-15.5-10.RHEL4.3.x86_64.rpm SL 5.x SRPMS: cscope-15.5-15.1.el5_3.1.src.rpm i386: cscope-15.5-15.1.el5_3.1.i386.rpm x86_64: cscope-15.5-15.1.el5_3.1.x86_64.rpm -Connie Sieh -Troy Dawson