Nome do pacote
newt
Data
2009-09-27
ID Alerta
MDVSA-2009:249
Versões afetadas
2009.0 x86_64 , CS4.0 x86_64 , MNF2.0 i586 , 2009.1 i586 , 2009.0 i586 , 2008.1 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , MES5 i586 , 2008.1 x86_64 , 2009.1 x86_64 , MES5 x86_64

Descrição do problema

A vulnerability was discovered and corrected in newt:

A heap-based buffer overflow flaw was found in the way newt processes
content that is to be displayed in a text dialog box. A local attacker
could issue a specially-crafted text dialog box display request
(direct or via a custom application), leading to a denial of service
(application crash) or, potentially, arbitrary code execution with the
privileges of the user running the application using the newt library
(CVE-2009-2905).

This update provides a solution to this vulnerability.

Pacotes atualizados

2009.0 x86_64

 8e264f4b6a6bbe3df733fb877041a137  2009.0/x86_64/lib64newt0.52-0.52.6-5.1mdv2009.0.x86_64.rpm
 6ef22b9ed4929324a9438bc91b513d0c  2009.0/x86_64/lib64newt0.52-devel-0.52.6-5.1mdv2009.0.x86_64.rpm
 ce490bd016df1723298bf2adc6da1b43  2009.0/x86_64/newt-0.52.6-5.1mdv2009.0.x86_64.rpm 
 b026e810f5987a9d24aa9bf9fe402fc1  2009.0/SRPMS/newt-0.52.6-5.1mdv2009.0.src.rpm

CS4.0 x86_64

 618f96d2c92f1dafcfc58c3c8d916850  corporate/4.0/x86_64/lib64newt0.51-0.51.6-11.1.20060mlcs4.x86_64.rpm
 451f9aa3e735d487003d769a54c87fcc  corporate/4.0/x86_64/lib64newt0.51-devel-0.51.6-11.1.20060mlcs4.x86_64.rpm
 3221a8d4cdfb8c65e2c2ed89fabf7ee2  corporate/4.0/x86_64/newt-0.51.6-11.1.20060mlcs4.x86_64.rpm 
 dfff08bfd97a05c47a43a1dfd804b371  corporate/4.0/SRPMS/newt-0.51.6-11.1.20060mlcs4.src.rpm

MNF2.0 i586

 ad378d6b6b742d1ca93f7c7ea16c6684  mnf/2.0/i586/libnewt0.51-0.51.6-7.1.C30mdk.i586.rpm
 c07853e2b65314e9bdbe2081caa06748  mnf/2.0/i586/libnewt0.51-devel-0.51.6-7.1.C30mdk.i586.rpm
 d83709c6babd0ba1c5919bf0aca9a0b4  mnf/2.0/i586/newt-0.51.6-7.1.C30mdk.i586.rpm 
 a6207917854df02881d01b9be3022b6c  mnf/2.0/SRPMS/newt-0.51.6-7.1.C30mdk.src.rpm

2009.1 i586

 e2d6734e4949c556d06d2dbc61bc7410  2009.1/i586/libnewt0.52-0.52.6-8.1mdv2009.1.i586.rpm
 8cc4c6e032858816c2cda511e5db0349  2009.1/i586/libnewt0.52-devel-0.52.6-8.1mdv2009.1.i586.rpm
 2c0bd66fe6d8212f0665b0d20026c79a  2009.1/i586/newt-0.52.6-8.1mdv2009.1.i586.rpm 
 c5e61a3d8998406d8fdc5e1d85e08d92  2009.1/SRPMS/newt-0.52.6-8.1mdv2009.1.src.rpm

2009.0 i586

 6e9d83142b10197257a3f7fca433d93d  2009.0/i586/libnewt0.52-0.52.6-5.1mdv2009.0.i586.rpm
 b25a17cdc85bdd900932578f86647dcb  2009.0/i586/libnewt0.52-devel-0.52.6-5.1mdv2009.0.i586.rpm
 165813d5dfb887518d67b506d99da71d  2009.0/i586/newt-0.52.6-5.1mdv2009.0.i586.rpm 
 b026e810f5987a9d24aa9bf9fe402fc1  2009.0/SRPMS/newt-0.52.6-5.1mdv2009.0.src.rpm

2008.1 i586

 c6a8ff8e761afc355382d19ae0776063  2008.1/i586/libnewt0.52-0.52.6-4.1mdv2008.1.i586.rpm
 df728abddd8751eb80e48c7d507e9226  2008.1/i586/libnewt0.52-devel-0.52.6-4.1mdv2008.1.i586.rpm
 aada2a9cacfd5a0f84a8a395ab0c255e  2008.1/i586/newt-0.52.6-4.1mdv2008.1.i586.rpm 
 22e995ca31b429b28f52c734847e3ccd  2008.1/SRPMS/newt-0.52.6-4.1mdv2008.1.src.rpm

CS3.0 x86_64

 372246726358ba3145bd471f7ec01c28  corporate/3.0/x86_64/lib64newt0.51-0.51.6-7.1.C30mdk.x86_64.rpm
 dae3cef2876c0cd2fdbc6f04608c2964  corporate/3.0/x86_64/lib64newt0.51-devel-0.51.6-7.1.C30mdk.x86_64.rpm
 faa00f2430f3121fbc4d5812e2c7012c  corporate/3.0/x86_64/newt-0.51.6-7.1.C30mdk.x86_64.rpm 
 72c9b2ad1bc15f2d0ec6632753649d2a  corporate/3.0/SRPMS/newt-0.51.6-7.1.C30mdk.src.rpm

CS4.0 i586

 ebd14f55cd97d3594d83576180c64f53  corporate/4.0/i586/libnewt0.51-0.51.6-11.1.20060mlcs4.i586.rpm
 49634f3dc59442dfe2de932de0e298a2  corporate/4.0/i586/libnewt0.51-devel-0.51.6-11.1.20060mlcs4.i586.rpm
 e198d8793febc569c1453c2410e036c2  corporate/4.0/i586/newt-0.51.6-11.1.20060mlcs4.i586.rpm 
 dfff08bfd97a05c47a43a1dfd804b371  corporate/4.0/SRPMS/newt-0.51.6-11.1.20060mlcs4.src.rpm

CS3.0 i586

 8cd4515c7fd161dda7b70218f3b41ee5  corporate/3.0/i586/libnewt0.51-0.51.6-7.1.C30mdk.i586.rpm
 4847ad5e3c169a7b0d5334c7e61451a7  corporate/3.0/i586/libnewt0.51-devel-0.51.6-7.1.C30mdk.i586.rpm
 2b161c87f985c5d051757e181d871c2a  corporate/3.0/i586/newt-0.51.6-7.1.C30mdk.i586.rpm 
 72c9b2ad1bc15f2d0ec6632753649d2a  corporate/3.0/SRPMS/newt-0.51.6-7.1.C30mdk.src.rpm

MES5 i586

 39905d89be91a4acc30e26d7136397ea  mes5/i586/libnewt0.52-0.52.6-5.1mdvmes5.i586.rpm
 b6a379637a16dfb48ff213d22bd20329  mes5/i586/libnewt0.52-devel-0.52.6-5.1mdvmes5.i586.rpm
 6572397f833da0ad980de005ca542b26  mes5/i586/newt-0.52.6-5.1mdvmes5.i586.rpm 
 bd181512b2ff1e97c97a63f737e99760  mes5/SRPMS/newt-0.52.6-5.1mdvmes5.src.rpm

2008.1 x86_64

 4c681d98ee66276dea841eeccd8a7a5a  2008.1/x86_64/lib64newt0.52-0.52.6-4.1mdv2008.1.x86_64.rpm
 a4be5af5dffaa03d1060f6bfe77c40a4  2008.1/x86_64/lib64newt0.52-devel-0.52.6-4.1mdv2008.1.x86_64.rpm
 c1e98c59a9311095bf5789fd8d54156a  2008.1/x86_64/newt-0.52.6-4.1mdv2008.1.x86_64.rpm 
 22e995ca31b429b28f52c734847e3ccd  2008.1/SRPMS/newt-0.52.6-4.1mdv2008.1.src.rpm

2009.1 x86_64

 0d22c21c556493ea1eb410112eb57cfe  2009.1/x86_64/lib64newt0.52-0.52.6-8.1mdv2009.1.x86_64.rpm
 8bd081d4b92a71f56198745d372cf446  2009.1/x86_64/lib64newt0.52-devel-0.52.6-8.1mdv2009.1.x86_64.rpm
 8d716566263008130c792e8e9ee300de  2009.1/x86_64/newt-0.52.6-8.1mdv2009.1.x86_64.rpm 
 c5e61a3d8998406d8fdc5e1d85e08d92  2009.1/SRPMS/newt-0.52.6-8.1mdv2009.1.src.rpm

MES5 x86_64

 826b771bb4719dc3ff0ebbb648d4133b  mes5/x86_64/lib64newt0.52-0.52.6-5.1mdvmes5.x86_64.rpm
 5e34c552e7d25af4ce8bac7b06055e55  mes5/x86_64/lib64newt0.52-devel-0.52.6-5.1mdvmes5.x86_64.rpm
 ddd6424f2c130f306727170986a61c37  mes5/x86_64/newt-0.52.6-5.1mdvmes5.x86_64.rpm 
 bd181512b2ff1e97c97a63f737e99760  mes5/SRPMS/newt-0.52.6-5.1mdvmes5.src.rpm

Referências