Support / Security / Advisories / Multi Network Firewall 2.0 / MDVSA-2009:073

Package name: sarg
Date: 2009-03-10
Advisory ID: MDVSA-2009:073
Affected versions: MNF2.0 i586 , 2008.0 i586 , 2008.0 x86_64

Problem description

Various stack buffer overflows were discovered and corrected in sarg:

Additionally the previous release fixed CVE-2008-1922, CVE-2008-7249,
CVE-2008-7250

The updated packages have been patched to correct these issues.

Updated packages

MNF2.0 i586

 a16192924303d6a30611345c0cdd5226  mnf/2.0/i586/sarg-2.2.5-0.2.M20mdk.i586.rpm 
 076cfa3458dbc3c71eda0ccfe948c7fb  mnf/2.0/SRPMS/sarg-2.2.5-0.2.M20mdk.src.rpm

2008.0 i586

 15220d1d19df7866158faf5691091db1  2008.0/i586/sarg-2.2.5-0.3mdv2008.0.i586.rpm 
 e90b1965c741b0411cc26dc0a3076f43  2008.0/SRPMS/sarg-2.2.5-0.3mdv2008.0.src.rpm

2008.0 x86_64

 72be1a3b7331854ec27678985fa11fa9  2008.0/x86_64/sarg-2.2.5-0.3mdv2008.0.x86_64.rpm 
 e90b1965c741b0411cc26dc0a3076f43  2008.0/SRPMS/sarg-2.2.5-0.3mdv2008.0.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7249
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7250