Nome do pacote
php-radius
Data
2013-07-02
ID Alerta
MDVSA-2013:192
Versões afetadas
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Descrição do problema

A security vulnerability was discovered and fixed in php-radius.

Fix a security issue in radius_get_vendor_attr() by enforcing checks
of the VSA length field against the buffer size (CVE-2013-2220).

The updated packages have been upgraded to the 1.2.7 version which
is not affected by this issue.

Pacotes atualizados

MES5 i586

 4790251f05e4c483852ce73c39a36ae3  mes5/i586/php-radius-1.2.7-0.1mdvmes5.2.i586.rpm 
 a1280c451e434792b56b652c12615fb2  mes5/SRPMS/php-radius-1.2.7-0.1mdvmes5.2.src.rpm

MBS1 x86_64

 e1d14e1423c3cadcbb9a091bc7b4dda7  mbs1/x86_64/php-radius-1.2.7-1.mbs1.x86_64.rpm 
 26cafae909e29f4c6c8821f0efbb80f8  mbs1/SRPMS/php-radius-1.2.7-1.mbs1.src.rpm

MES5 x86_64

 49b8a4f105f4c3fd17bc51bd3549a755  mes5/x86_64/php-radius-1.2.7-0.1mdvmes5.2.x86_64.rpm 
 a1280c451e434792b56b652c12615fb2  mes5/SRPMS/php-radius-1.2.7-0.1mdvmes5.2.src.rpm

Referências