Nome do pacote
perl-Compress-Raw-Bzip2
Data
2009-08-19
ID Alerta
MDVSA-2009:207
Versões afetadas
2009.1 i586 , 2009.1 x86_64 , MES5 i586 , MES5 x86_64

Descrição do problema

A vulnerability has been found and corrected in perl-Compress-Raw-Bzip:

Off-by-one error in the bzinflate function in Bzip2.xs in
the Compress-Raw-Bzip2 module before 2.018 for Perl allows
context-dependent attackers to cause a denial of service (application
hang or crash) via a crafted bzip2 compressed stream that triggers
a buffer overflow, a related issue to CVE-2009-1391 (CVE-2009-1884).

This update provides a solution to this vulnerability.

Pacotes atualizados

2009.1 i586

 3ef77fd50a466b9c22d8e832662b167e  2009.1/i586/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.i586.rpm 
 01cc73eb2e4bc0567372c8158b4fce33  2009.1/SRPMS/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.src.rpm

2009.1 x86_64

 9f066b4968d03c1fb2400f016716c56e  2009.1/x86_64/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.x86_64.rpm 
 01cc73eb2e4bc0567372c8158b4fce33  2009.1/SRPMS/perl-Compress-Raw-Bzip2-2.015-2.1mdv2009.1.src.rpm

MES5 i586

 8459a1793dcf3454572204bd2e676365  mes5/i586/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.i586.rpm 
 96e7cf7c48581d0c1df0eb2fd860b80a  mes5/SRPMS/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.src.rpm

MES5 x86_64

 b15d45c9bffc74557a52b3725c4bd890  mes5/x86_64/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.x86_64.rpm 
 96e7cf7c48581d0c1df0eb2fd860b80a  mes5/SRPMS/perl-Compress-Raw-Bzip2-2.015-1.1mdvmes5.src.rpm

Referências