MDVSA-2009:207
- Nom du paquet
- perl-Compress-Raw-Bzip2
- Date
- 2009-08-19
- Advisory ID
- MDVSA-2009:207
- Affected versions
- 2009.1 i586 , 2009.1 x86_64 , MES5 i586 , MES5 x86_64
Problem description
A vulnerability has been found and corrected in perl-Compress-Raw-Bzip:
Off-by-one error in the bzinflate function in Bzip2.xs in
the Compress-Raw-Bzip2 module before 2.018 for Perl allows
context-dependent attackers to cause a denial of service (application
hang or crash) via a crafted bzip2 compressed stream that triggers
a buffer overflow, a related issue to CVE-2009-1391 (CVE-2009-1884).
This update provides a solution to this vulnerability.
Updated packages
2009.1 i586
3ef77fd50a466b9c22d8e832662b167e 2009.1/i586/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.i586.rpm 01cc73eb2e4bc0567372c8158b4fce33 2009.1/SRPMS/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.src.rpm
2009.1 x86_64
9f066b4968d03c1fb2400f016716c56e 2009.1/x86_64/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.x86_64.rpm 01cc73eb2e4bc0567372c8158b4fce33 2009.1/SRPMS/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.src.rpm
MES5 i586
8459a1793dcf3454572204bd2e676365 mes5/i586/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.i586.rpm 96e7cf7c48581d0c1df0eb2fd860b80a mes5/SRPMS/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.src.rpm
MES5 x86_64
b15d45c9bffc74557a52b3725c4bd890 mes5/x86_64/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.x86_64.rpm 96e7cf7c48581d0c1df0eb2fd860b80a mes5/SRPMS/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.src.rpm