|
|
| Problem Description |
Buffer overflow in ulogd has unknown impact and attack vectors related
to "improper string length calculations."
The updated packages have been patched to correct this issue.
| Updated Packages |
Corporate Server 4.0
cb3fffdef63f6e7cc08bccc05b1e882c corporate/4.0/i586/ulogd-1.23-2.1.20060mlcs4.i586.rpm 784cbd25194bb71a3c197deb80f3b634 corporate/4.0/i586/ulogd-mysql-1.23-2.1.20060mlcs4.i586.rpm 76b7cb8610d47b7813d42f9878644336 corporate/4.0/i586/ulogd-pcap-1.23-2.1.20060mlcs4.i586.rpm 235a2afc3e88863082f2e9678316e5be corporate/4.0/i586/ulogd-pgsql-1.23-2.1.20060mlcs4.i586.rpm 418d6653046ddea3f3e9bfc3b9ee25c7 corporate/4.0/i586/ulogd-sqlite-1.23-2.1.20060mlcs4.i586.rpm 9873e7960f48810dd0d8fe5f72b2ebfc corporate/4.0/SRPMS/ulogd-1.23-2.1.20060mlcs4.src.rpm
Corporate Server 4.0/X86_64
3da5d0b9bf6af4d69f34cccecea42cfe corporate/4.0/x86_64/ulogd-1.23-2.1.20060mlcs4.x86_64.rpm bee5bd7a190f23e5c15be8b4f7b052be corporate/4.0/x86_64/ulogd-mysql-1.23-2.1.20060mlcs4.x86_64.rpm 982b1a66fccd7df9ffa3272e0303f2e4 corporate/4.0/x86_64/ulogd-pcap-1.23-2.1.20060mlcs4.x86_64.rpm e6cc11f6261021dd91b8ab970f6a1619 corporate/4.0/x86_64/ulogd-pgsql-1.23-2.1.20060mlcs4.x86_64.rpm 3e5a8211885c04b4b3df58b9e147a0e7 corporate/4.0/x86_64/ulogd-sqlite-1.23-2.1.20060mlcs4.x86_64.rpm 9873e7960f48810dd0d8fe5f72b2ebfc corporate/4.0/SRPMS/ulogd-1.23-2.1.20060mlcs4.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0460
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.