MDKSA-2007:032
- Package name
- mpg123
- Date
- 2007-02-02
- Advisory ID
- MDKSA-2007:032
- Affected versions
- 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS3.0 i586 , 2006.0 x86_64
Problem description
The http_open function in httpget.c in mpg123 before 0.64 allows remote
attackers to cause a denial of service (infinite loop) by closing the
HTTP connection early.
Packages have been patched to correct this issue.
Updated packages
2006.0 i586
babe8d78bc25c2dd132fa920880ba753 2006.0/i586/mpg123-0.59r-23.2.20060mdk.i586.rpm ba97940bced19952befcacd2f3543adf 2006.0/SRPMS/mpg123-0.59r-23.2.20060mdk.src.rpm
2007.0 x86_64
a84d45f47bcb660148c1a8294b4aec65 2007.0/x86_64/mpg123-0.60-2.1mdv2007.0.x86_64.rpm 6e6643dbbb5f0f837af32ca764568189 2007.0/SRPMS/mpg123-0.60-2.1mdv2007.0.src.rpm
2007.0 i586
63d1e8b57d1883657612bc4655ef9479 2007.0/i586/mpg123-0.60-2.1mdv2007.0.i586.rpm 6e6643dbbb5f0f837af32ca764568189 2007.0/SRPMS/mpg123-0.60-2.1mdv2007.0.src.rpm
CS3.0 x86_64
893735fab9e27cd51cac70f64f4aa831 corporate/3.0/x86_64/mpg123-0.59r-22.4.C30mdk.x86_64.rpm 396f3b1659f5ea06471b8c8f4a077043 corporate/3.0/SRPMS/mpg123-0.59r-22.4.C30mdk.src.rpm
CS3.0 i586
b4f1ca196054a9d7e40359bd15bcf708 corporate/3.0/i586/mpg123-0.59r-22.4.C30mdk.i586.rpm 396f3b1659f5ea06471b8c8f4a077043 corporate/3.0/SRPMS/mpg123-0.59r-22.4.C30mdk.src.rpm
2006.0 x86_64
df5b4948cc199f99cb922c501529ea6d 2006.0/x86_64/mpg123-0.59r-23.2.20060mdk.x86_64.rpm ba97940bced19952befcacd2f3543adf 2006.0/SRPMS/mpg123-0.59r-23.2.20060mdk.src.rpm