|
|
| Problem Description |
Luigi Auriemma discovered a number of problems with the nas (Network
Audio System) daemon that could be used to crash nasd.
Updated packages have been patched to address this issue.
| Updated Packages |
Mandriva Linux 2007
cc58e73353eb07946526cbddff8ffbf2 2007.0/i586/libnas2-1.8-1.1mdv2007.0.i586.rpm c6030170436a4e2d143e8941e8083a4d 2007.0/i586/libnas2-devel-1.8-1.1mdv2007.0.i586.rpm 87d3dd2650740544296040cc00336ef4 2007.0/i586/libnas2-static-devel-1.8-1.1mdv2007.0.i586.rpm a5c9d2cbbc69a93d1a976a09928b255c 2007.0/i586/nas-1.8-1.1mdv2007.0.i586.rpm 8c5c4b41158d3edcca33fd6084df8b84 2007.0/SRPMS/nas-1.8-1.1mdv2007.0.src.rpm
Mandriva Linux 2007/X86_64
ec28cf2a6b6a429a7c5debdd73d90861 2007.0/x86_64/lib64nas2-1.8-1.1mdv2007.0.x86_64.rpm cf09ffe8692065c936393750e4cec030 2007.0/x86_64/lib64nas2-devel-1.8-1.1mdv2007.0.x86_64.rpm 7855b6a446d1e248a5fa311794e20da0 2007.0/x86_64/lib64nas2-static-devel-1.8-1.1mdv2007.0.x86_64.rpm 0d4bf3d345de9457ebe2fcf083314e48 2007.0/x86_64/nas-1.8-1.1mdv2007.0.x86_64.rpm 8c5c4b41158d3edcca33fd6084df8b84 2007.0/SRPMS/nas-1.8-1.1mdv2007.0.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1543
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1544
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1545
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1546
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1547
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.