Nom du paquet
R-base
Date
2008-09-16
Advisory ID
MDVSA-2008:198
Affected versions
2008.1 i586 , 2008.1 x86_64 , 2008.0 i586 , 2008.0 x86_64

Problem description

A symlink vulnerability was found in the javareconf script in R that
allows local users to overwrite arbitrary files (CVE-2008-3931).

The updated packages have been patched to prevent this issue.

Updated packages

2008.1 i586

 993a6ceac7d4449223227c50fb0ac909  2008.1/i586/libRmath-2.6.2-3.1mdv2008.1.i586.rpm
 fffeba26637c011fd5420782e0aca56e  2008.1/i586/libRmath-devel-2.6.2-3.1mdv2008.1.i586.rpm
 b789a632e3a37d569e755c68d7d1ebda  2008.1/i586/R-base-2.6.2-3.1mdv2008.1.i586.rpm 
 53700724d57ca220a20b05bcf17a69bd  2008.1/SRPMS/R-base-2.6.2-3.1mdv2008.1.src.rpm

2008.1 x86_64

 f90761c90c971f97c796c79915722f98  2008.1/x86_64/lib64Rmath-2.6.2-3.1mdv2008.1.x86_64.rpm
 164bc6c3961beb489332816d29636401  2008.1/x86_64/lib64Rmath-devel-2.6.2-3.1mdv2008.1.x86_64.rpm
 366aa15f8337066a823556df0795d2aa  2008.1/x86_64/R-base-2.6.2-3.1mdv2008.1.x86_64.rpm 
 53700724d57ca220a20b05bcf17a69bd  2008.1/SRPMS/R-base-2.6.2-3.1mdv2008.1.src.rpm

2008.0 i586

 9a5c7a09fdf572a74368fae673d6b3b4  2008.0/i586/libRmath-2.5.1-3.1mdv2008.0.i586.rpm
 6aac2b83064741ec5301191ef28cf01c  2008.0/i586/libRmath-devel-2.5.1-3.1mdv2008.0.i586.rpm
 e2c37f14844baf407ab485899b5d25a5  2008.0/i586/R-base-2.5.1-3.1mdv2008.0.i586.rpm 
 55f08e70cb31f63c32656229496f2cc1  2008.0/SRPMS/R-base-2.5.1-3.1mdv2008.0.src.rpm

2008.0 x86_64

 c10af1c79d4a77e0c7b67d197f9d736a  2008.0/x86_64/lib64Rmath-2.5.1-3.1mdv2008.0.x86_64.rpm
 55b8c74659a75c8ac1b852b1f8498dc0  2008.0/x86_64/lib64Rmath-devel-2.5.1-3.1mdv2008.0.x86_64.rpm
 f93dd60a5b8acf5c3a55a4a853189528  2008.0/x86_64/R-base-2.5.1-3.1mdv2008.0.x86_64.rpm 
 55f08e70cb31f63c32656229496f2cc1  2008.0/SRPMS/R-base-2.5.1-3.1mdv2008.0.src.rpm

References