MDKSA-2006:022

Package name

perl-Convert-UUlib

Date

2006-01-26

Advisory ID

MDKSA-2006:022

Affected versions

CS3.0 i586 , 10.2 i586 , 10.2 x86_64 , CS3.0 x86_64

Problem description

A buffer overflow was discovered in the perl Convert::UUlib module in
versions prior to 1.051, which could allow remote attackers to execute
arbitrary code via a malformed parameter to a read operation.

This update provides version 1.051 which is not vulnerable to this
flaw.

Updated packages

CS3.0 i586

 e1399f028bbce62afd8db464c5add10e  corporate/3.0/RPMS/perl-Convert-UUlib-1.051-0.1.C30mdk.i586.rpm
 064f8c621fa2bfb2396ed6fcfa8f1d51  corporate/3.0/SRPMS/perl-Convert-UUlib-1.051-0.1.C30mdk.src.rpm

10.2 i586

 8e567c359c242c406e1a11505c6dc05f  10.2/RPMS/perl-Convert-UUlib-1.051-0.1.102mdk.i586.rpm
 077efc401869c15350c816d917bf4341  10.2/SRPMS/perl-Convert-UUlib-1.051-0.1.102mdk.src.rpm

10.2 x86_64

 3effe93cf49660d069bbd77040d1108b  x86_64/10.2/RPMS/perl-Convert-UUlib-1.051-0.1.102mdk.x86_64.rpm
 077efc401869c15350c816d917bf4341  x86_64/10.2/SRPMS/perl-Convert-UUlib-1.051-0.1.102mdk.src.rpm

CS3.0 x86_64

 f2d768502d5a5181b865d8e200373470  x86_64/corporate/3.0/RPMS/perl-Convert-UUlib-1.051-0.1.C30mdk.x86_64.rpm
 064f8c621fa2bfb2396ed6fcfa8f1d51  x86_64/corporate/3.0/SRPMS/perl-Convert-UUlib-1.051-0.1.C30mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1349