Paketname
w3c-libwww
Datum
2005-11-09
Advisory ID
MDKSA-2005:210
Betroffene Versionen
2006.0 i586 , CS2.1 i586 , 10.2 i586 , 10.1 i586 , CS2.1 x86_64 , CS3.0 x86_64 , CS3.0 i586 , 10.2 x86_64 , 2006.0 x86_64 , 10.1 x86_64

Problembeschreibung

Sam Varshavchik discovered the HTBoundary_put_block function
in HTBound.c for W3C libwww (w3c-libwww) allows remote servers
to cause a denial of service (segmentation fault) via a crafted
multipart/byteranges MIME message that triggers an out-of-bounds
read.

The updated packages have been patched to address this issue.

Aktualisierte Pakete

2006.0 i586

 90a6b76b0348b44b0e27bea010b4eb49  2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.i586.rpm
 c3110ef8841c42bca06d7bec5a735dfc  2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.i586.rpm
 3ce9cb49c20992d28dbcef5279320a2e  2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.i586.rpm
 aa2513983ebff77a377f050a03f0f709  2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm

CS2.1 i586

 7a89ba5572926683e96c33e77f3ac90c  corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.i586.rpm
 d6bae42a8ce8464b5939768a8db0984b  corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.i586.rpm
 94fc975b58d69415229a07c72208d68b  corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.i586.rpm
 658ef36b9237c32c8b8b2242d784b649  corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm

10.2 i586

 dedea2c8f6044a7e8e926dec7aacb7b6  10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.i586.rpm
 a23c0a0492d5e3283f2ba1f5011ac6e0  10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.i586.rpm
 58a644897fa5b4bd4758f1fd796b333f  10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.i586.rpm
 6325ed733dd1288eed4b7cadd761efb4  10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm

10.1 i586

 0028a9950c115d5d12bfbee15c9a1faf  10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.i586.rpm
 4a3be6811dd6d050d0d71b19529a3981  10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.i586.rpm
 fce977cbc39a6bb745fe2be4735894d6  10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.i586.rpm
 970c882bb1726148859331e261b7decc  10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm

CS2.1 x86_64

 79b5a6c4cb509f8006d3ec99632f2ad6  x86_64/corporate/2.1/RPMS/w3c-libwww-5.4.0-1.1.C21mdk.x86_64.rpm
 b094ee750ad39cbb3ca4a3cbd8691e4b  x86_64/corporate/2.1/RPMS/w3c-libwww-apps-5.4.0-1.1.C21mdk.x86_64.rpm
 703d42ad6034c04f67965ce7c7d85c68  x86_64/corporate/2.1/RPMS/w3c-libwww-devel-5.4.0-1.1.C21mdk.x86_64.rpm
 658ef36b9237c32c8b8b2242d784b649  x86_64/corporate/2.1/SRPMS/w3c-libwww-5.4.0-1.1.C21mdk.src.rpm

CS3.0 x86_64

 4338a82df1ad722c4db049093c2ce40e  x86_64/corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.x86_64.rpm
 1b0b167065556a599eb495a7bded51d1  x86_64/corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.x86_64.rpm
 979feebbff0b283e480d223332369cbd  x86_64/corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.x86_64.rpm
 fbcc5c240ba9a1393630d104348b8f0d  x86_64/corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm

CS3.0 i586

 694c85995c941cdba2192fe97e5ec059  corporate/3.0/RPMS/w3c-libwww-5.4.0-2.1.C30mdk.i586.rpm
 19f8b7186d1a89b35e09e361ef886b71  corporate/3.0/RPMS/w3c-libwww-apps-5.4.0-2.1.C30mdk.i586.rpm
 2bc46f631fbaa3c76c34d68379a98a1d  corporate/3.0/RPMS/w3c-libwww-devel-5.4.0-2.1.C30mdk.i586.rpm
 fbcc5c240ba9a1393630d104348b8f0d  corporate/3.0/SRPMS/w3c-libwww-5.4.0-2.1.C30mdk.src.rpm

10.2 x86_64

 a9eb35e0a8911a6d0f4ca62835ccf11b  x86_64/10.2/RPMS/w3c-libwww-5.4.0-5.1.102mdk.x86_64.rpm
 2bf2c665aa0457e3fd4477bf3bc420ed  x86_64/10.2/RPMS/w3c-libwww-apps-5.4.0-5.1.102mdk.x86_64.rpm
 a32352084a5e6b4e596149e9f70b2e0e  x86_64/10.2/RPMS/w3c-libwww-devel-5.4.0-5.1.102mdk.x86_64.rpm
 6325ed733dd1288eed4b7cadd761efb4  x86_64/10.2/SRPMS/w3c-libwww-5.4.0-5.1.102mdk.src.rpm

2006.0 x86_64

 211a4e31b787234053b57a98649ba4dd  x86_64/2006.0/RPMS/w3c-libwww-5.4.0-5.1.20060mdk.x86_64.rpm
 3202bdeae1f581a5bd96ac36c3fc9343  x86_64/2006.0/RPMS/w3c-libwww-apps-5.4.0-5.1.20060mdk.x86_64.rpm
 3b38bfd1666b8a7f2ee06279b8bc9c02  x86_64/2006.0/RPMS/w3c-libwww-devel-5.4.0-5.1.20060mdk.x86_64.rpm
 aa2513983ebff77a377f050a03f0f709  x86_64/2006.0/SRPMS/w3c-libwww-5.4.0-5.1.20060mdk.src.rpm

10.1 x86_64

 230dab77e0420b4b5e71621f7aa4bb03  x86_64/10.1/RPMS/w3c-libwww-5.4.0-3.1.101mdk.x86_64.rpm
 79a88076028dc9f67143b18f469bcfe7  x86_64/10.1/RPMS/w3c-libwww-apps-5.4.0-3.1.101mdk.x86_64.rpm
 9a593f8e9c24188e67d99d0f0cfefccd  x86_64/10.1/RPMS/w3c-libwww-devel-5.4.0-3.1.101mdk.x86_64.rpm
 970c882bb1726148859331e261b7decc  x86_64/10.1/SRPMS/w3c-libwww-5.4.0-3.1.101mdk.src.rpm

Referenzen