[Please upgrade if you use mpg123 on any platform -- Raju] This is an RFC 1153 digest. (1 message) ----------------------------------------------------------------------
Message-Id: <[EMAIL PROTECTED]> From: [EMAIL PROTECTED] (Daniel Ahlberg) To: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: GLSA: mpg123 (200309-17) Date: Tue, 30 Sep 2003 16:32:04 +0200 (CEST) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200309-17 - - - --------------------------------------------------------------------- PACKAGE : mpg123 SUMMARY : buffer overflow DATE : 2003-09-30 14:32 UTC EXPLOIT : remote GENTOO BUG # : 26787 CVE : CAN-2003-0577 - - - --------------------------------------------------------------------- DESCRIPTION mpg123 contains a heap based buffer overflow that would allow an remote attacker to execute arbitrary code on the victims machine. SOLUTION it is recommended that all Gentoo Linux users who are running media-sound/mpg123 upgrade to a fixed version. make sure that the version to be installed is either one of 0.59r-r3 (stable) or 0.59s-r1 (masked). emerge sync emerge mpg123 -p emerge mpg123 emerge clean - - - --------------------------------------------------------------------- [EMAIL PROTECTED] - GnuPG key is available at http://dev.gentoo.org/~aliz - - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/eZPkfT7nyhUpoZMRAnwiAJ9PLTpDpa6cMaJekjdbX+b/QhqB0QCfTxhJ aC2esvhlnUN1qSR9dPqjKv4= =ggBo -----END PGP SIGNATURE----- ------------------------------ End of this Digest ****************** -- Raj Mathur [EMAIL PROTECTED] http://kandalaya.org/ GPG: 78D4 FC67 367F 40E2 0DD5 0FEF C968 D0EF CC68 D17F All your domain are belong to us. It is the mind that moves _______________________________________________ ilugd mailing list [EMAIL PROTECTED] http://frodo.hserus.net/mailman/listinfo/ilugd