Support / Security / Advisories / Mandriva Linux 2009.0 / MDVSA-2009:215

Package name: audacity
Date: 2009-08-23
Advisory ID: MDVSA-2009:215
Affected versions: 2009.0 x86_64 , 2009.0 i586 , CS3.0 i586 , CS3.0 x86_64

Problem description

A vulnerability was found in xmltok_impl.c (expat) that with
specially crafted XML could be exploited and lead to a denial of
service attack. Related to CVE-2009-2625 (CVE-2009-3720).

This update fixes this vulnerability.

Updated packages

2009.0 x86_64

 c625360be50f39a55cd7ede627830124  2009.0/x86_64/audacity-1.3.5-3.2mdv2009.0.x86_64.rpm 
 a22ed1a7886e4c380291b74a8e032fcc  2009.0/SRPMS/audacity-1.3.5-3.2mdv2009.0.src.rpm

2009.0 i586

 c2ead0c2902a48b1130b8c6286f9b215  2009.0/i586/audacity-1.3.5-3.2mdv2009.0.i586.rpm 
 a22ed1a7886e4c380291b74a8e032fcc  2009.0/SRPMS/audacity-1.3.5-3.2mdv2009.0.src.rpm

CS3.0 i586

 bbcb3d8393600c05e16c5a05e4817b56  corporate/3.0/i586/audacity-1.2.0-1.3.C30mdk.i586.rpm 
 d23af7474dfac71417b041811521f397  corporate/3.0/SRPMS/audacity-1.2.0-1.3.C30mdk.src.rpm

CS3.0 x86_64

 ddd3f05e48acb61a5ede9e79c01d54c3  corporate/3.0/x86_64/audacity-1.2.0-1.3.C30mdk.x86_64.rpm 
 d23af7474dfac71417b041811521f397  corporate/3.0/SRPMS/audacity-1.2.0-1.3.C30mdk.src.rpm

MDVSA-2009:215