MDKSA-2004:014

Package name

metamail

Date

2004-02-18

Advisory ID

MDKSA-2004:014

Affected versions

9.2 amd64 , CS2.1 x86_64 , CS2.1 i586 , 9.2 i586 , 9.0 i586 , 9.1 i586 , 9.1 i586

Problem description

Two format string and two buffer overflow vulnerabilities were discovered in metamail by Ulf Harnhammar. The updated packages are patched to fix these holes.

Updated packages

9.2 amd64

 d3fb23bbf49aba7ef9355031510c12c9  amd64/9.2/RPMS/metamail-2.7-9.1.92mdk.amd64.rpm
5f36fe16d00e69761d829fbdcdf95839  amd64/9.2/SRPMS/metamail-2.7-9.1.92mdk.src.rpm

CS2.1 x86_64

 7bc7bad9023a2c15175562d1fadc31ef  x86_64/corporate/2.1/RPMS/metamail-2.7-9.1.C21mdk.x86_64.rpm
bbacb5d6d2c7233b00bee939e1f92125  x86_64/corporate/2.1/SRPMS/metamail-2.7-9.1.C21mdk.src.rpm

CS2.1 i586

 548c9a7a79f8b3e6a64caabd4ff8b276  corporate/2.1/RPMS/metamail-2.7-9.1.C21mdk.i586.rpm
bbacb5d6d2c7233b00bee939e1f92125  corporate/2.1/SRPMS/metamail-2.7-9.1.C21mdk.src.rpm

9.2 i586

 73797afd935d841a8e1701d6c8572ed7  9.2/RPMS/metamail-2.7-9.1.92mdk.i586.rpm
5f36fe16d00e69761d829fbdcdf95839  9.2/SRPMS/metamail-2.7-9.1.92mdk.src.rpm

9.0 i586

 9ee83662f8af9eaf670ec7fda5a22351  9.0/RPMS/metamail-2.7-9.1.90mdk.i586.rpm
bc7f01df5ca62755f7e7c8f4cc698826  9.0/SRPMS/metamail-2.7-9.1.90mdk.src.rpm

9.1 i586

 b1e8c0600f1d2b8e3d7cb286300e798f  9.1/RPMS/metamail-2.7-9.1.91mdk.i586.rpm
504b97acd0de7ced8a5c93cd28a4fc16  9.1/SRPMS/metamail-2.7-9.1.91mdk.src.rpm

9.1 i586

 d2449e2c3a31e1ae82a197089367c7c0  ppc/9.1/RPMS/metamail-2.7-9.1.91mdk.ppc.rpm
504b97acd0de7ced8a5c93cd28a4fc16  ppc/9.1/SRPMS/metamail-2.7-9.1.91mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0104
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0105