Paketname
boost
Datum
2008-02-01
Advisory ID
MDVSA-2008:032
Betroffene Versionen
2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , 2008.0 x86_64 , 2008.0 i586 , 2007.1 x86_64

Problembeschreibung

Tavis Ormandy and Will Drewry found that the bost library did not
properly perform input validation on regular expressions. An attacker
could exploit this by sening a specially crafted regular expression
to an application linked against boost and cause a denial of service
via an application crash.

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

2007.0 x86_64

 9b983d8a118824218998792630a93368  2007.0/x86_64/lib64boost1-1.33.1-3.1mdv2007.0.x86_64.rpm
 f975c8790f99728dd3635b0a79a2b639  2007.0/x86_64/lib64boost1-devel-1.33.1-3.1mdv2007.0.x86_64.rpm
 8349cb46e64007d854902abe784278d8  2007.0/x86_64/lib64boost1-examples-1.33.1-3.1mdv2007.0.x86_64.rpm
 8781b8e9cac3079e22be542dc89679e0  2007.0/x86_64/lib64boost1-static-devel-1.33.1-3.1mdv2007.0.x86_64.rpm 
 4b9252988703c7360d91138aa1b738b7  2007.0/SRPMS/boost-1.33.1-3.1mdv2007.0.src.rpm

2007.1 i586

 4e2b108f19e9e77cacd23f950a287c1a  2007.1/i586/libboost1-1.33.1-5.1mdv2007.1.i586.rpm
 953ecb0bb51516d5a860947c6ec3cca3  2007.1/i586/libboost1-devel-1.33.1-5.1mdv2007.1.i586.rpm
 cec00f6e2461c188e12248ec1085b64a  2007.1/i586/libboost1-examples-1.33.1-5.1mdv2007.1.i586.rpm
 7f3150b483155ba9ddc5ce9b9c6a24b1  2007.1/i586/libboost1-static-devel-1.33.1-5.1mdv2007.1.i586.rpm 
 0133bec4e45c53c26b59fe599b0c2ef3  2007.1/SRPMS/boost-1.33.1-5.1mdv2007.1.src.rpm

2007.0 i586

 050747f9a2c9557d33977d9bd51184b2  2007.0/i586/libboost1-1.33.1-3.1mdv2007.0.i586.rpm
 447ac5fc34d29669c8a21b7abd677413  2007.0/i586/libboost1-devel-1.33.1-3.1mdv2007.0.i586.rpm
 4b4b7ff3d032516cd2f22af208ef7d3b  2007.0/i586/libboost1-examples-1.33.1-3.1mdv2007.0.i586.rpm
 b084ed15b24c16e41ea2660732d1fa53  2007.0/i586/libboost1-static-devel-1.33.1-3.1mdv2007.0.i586.rpm 
 4b9252988703c7360d91138aa1b738b7  2007.0/SRPMS/boost-1.33.1-3.1mdv2007.0.src.rpm

2008.0 x86_64

 af70bbe3671b92f97d09e845682609ca  2008.0/x86_64/lib64boost1-1.33.1-6.1mdv2008.0.x86_64.rpm
 3597c04eea3dea15c278cdb3f0bbcc8e  2008.0/x86_64/lib64boost1-devel-1.33.1-6.1mdv2008.0.x86_64.rpm
 65468c84027dbe61a43146a82a5a76e8  2008.0/x86_64/lib64boost1-examples-1.33.1-6.1mdv2008.0.x86_64.rpm
 3a6b5ed6fffb8d18358729afb1f9ebc1  2008.0/x86_64/lib64boost1-static-devel-1.33.1-6.1mdv2008.0.x86_64.rpm 
 e4b3da7cdfb5210d65c5b60556e9744e  2008.0/SRPMS/boost-1.33.1-6.1mdv2008.0.src.rpm

2008.0 i586

 e184b23843e35d7365033cc6cb45f2dd  2008.0/i586/libboost1-1.33.1-6.1mdv2008.0.i586.rpm
 6fa2ca96cb71d8bd3e54aa2f05118017  2008.0/i586/libboost1-devel-1.33.1-6.1mdv2008.0.i586.rpm
 aa82d51548030d03ad1e86a174013333  2008.0/i586/libboost1-examples-1.33.1-6.1mdv2008.0.i586.rpm
 42d0e230fca8ac7b094f9d159e9d8758  2008.0/i586/libboost1-static-devel-1.33.1-6.1mdv2008.0.i586.rpm 
 e4b3da7cdfb5210d65c5b60556e9744e  2008.0/SRPMS/boost-1.33.1-6.1mdv2008.0.src.rpm

2007.1 x86_64

 55150e1ce05e3d3385815648cd4924ba  2007.1/x86_64/lib64boost1-1.33.1-5.1mdv2007.1.x86_64.rpm
 93d7474def1e122c4ddf5fab1e81dfd6  2007.1/x86_64/lib64boost1-devel-1.33.1-5.1mdv2007.1.x86_64.rpm
 59dd3438007e7d383d3cbaa1b2eacb38  2007.1/x86_64/lib64boost1-examples-1.33.1-5.1mdv2007.1.x86_64.rpm
 a213a0ee7cdc1b75fbbde6835a7295db  2007.1/x86_64/lib64boost1-static-devel-1.33.1-5.1mdv2007.1.x86_64.rpm 
 0133bec4e45c53c26b59fe599b0c2ef3  2007.1/SRPMS/boost-1.33.1-5.1mdv2007.1.src.rpm

Referenzen