what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-232

Mandriva Linux Security Advisory 2009-232
Posted Sep 11, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-232 - A security vulnerability has been identified and fixed in libsamplerate. Lev Givon discovered a buffer overflow in libsamplerate that could lead to a segfault with specially crafted python code. This problem has been fixed with libsamplerate-0.1.7 but older versions are affected. This update provides a solution to this vulnerability.

tags | advisory, overflow, python
systems | linux, mandriva
SHA-256 | 1c0b306e55ccbf49d474cf47f1400104caf0be94c944b7ccb3fb6c9738b7e3a9

Mandriva Linux Security Advisory 2009-232

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:232
http://www.mandriva.com/security/
_______________________________________________________________________

Package : libsamplerate
Date : September 11, 2009
Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A security vulnerability has been identified and fixed in
libsamplerate:

Lev Givon discovered a buffer overflow in libsamplerate that could
lead to a segfault with specially crafted python code. This problem has
been fixed with libsamplerate-0.1.7 but older versions are affected.

This update provides a solution to this vulnerability.
_______________________________________________________________________

References:

https://qa.mandriva.com/47888
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.1:
68b6b761ad6f8c5144380adf7e670a20 2008.1/i586/libsamplerate0-0.1.3-0.pre6.3.2mdv2008.1.i586.rpm
c4048627b6cd47ecc36798e3b95291f8 2008.1/i586/libsamplerate-devel-0.1.3-0.pre6.3.2mdv2008.1.i586.rpm
8b021bc53c012b993a55b702ca5d4ef3 2008.1/i586/libsamplerate-progs-0.1.3-0.pre6.3.2mdv2008.1.i586.rpm
6fc83bb69d28e02bb4676ac8c822bf4c 2008.1/SRPMS/libsamplerate-0.1.3-0.pre6.3.2mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
c912e011f54a3f43adf7592e3f79159c 2008.1/x86_64/lib64samplerate0-0.1.3-0.pre6.3.2mdv2008.1.x86_64.rpm
52245d2684de49d0c42b127ed25770d3 2008.1/x86_64/lib64samplerate-devel-0.1.3-0.pre6.3.2mdv2008.1.x86_64.rpm
e009822b488278ce524c98ccd0f4d9e3 2008.1/x86_64/libsamplerate-progs-0.1.3-0.pre6.3.2mdv2008.1.x86_64.rpm
6fc83bb69d28e02bb4676ac8c822bf4c 2008.1/SRPMS/libsamplerate-0.1.3-0.pre6.3.2mdv2008.1.src.rpm

Mandriva Linux 2009.0:
00c1eddd0f7027881d61c9810c8a7b9e 2009.0/i586/libsamplerate0-0.1.4-1.1mdv2009.0.i586.rpm
aaa8cb9975747da1fdfde6232ccf59a4 2009.0/i586/libsamplerate-devel-0.1.4-1.1mdv2009.0.i586.rpm
1ac80dd7e709814263e5b9aeaa398b90 2009.0/i586/libsamplerate-progs-0.1.4-1.1mdv2009.0.i586.rpm
440cca6113286912ad26389751846488 2009.0/SRPMS/libsamplerate-0.1.4-1.1mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
742aed975be2108101d544e4af10051f 2009.0/x86_64/lib64samplerate0-0.1.4-1.1mdv2009.0.x86_64.rpm
01273f68c2bd71058c17dc130e7995da 2009.0/x86_64/lib64samplerate-devel-0.1.4-1.1mdv2009.0.x86_64.rpm
934924f0f55c61bd7328316994594132 2009.0/x86_64/libsamplerate-progs-0.1.4-1.1mdv2009.0.x86_64.rpm
440cca6113286912ad26389751846488 2009.0/SRPMS/libsamplerate-0.1.4-1.1mdv2009.0.src.rpm

Corporate 3.0:
90a843449a9077e3de0daa6bffd9a5d2 corporate/3.0/i586/libsamplerate0-0.0.15-2.2.C30mdk.i586.rpm
575111d361dc0886f1788fab9a55bc2a corporate/3.0/i586/libsamplerate0-devel-0.0.15-2.2.C30mdk.i586.rpm
17c39e53f9c74b7f161008a8ea205630 corporate/3.0/i586/libsamplerate-progs-0.0.15-2.2.C30mdk.i586.rpm
f9b91945c60e160f9a44e3d6e8265930 corporate/3.0/SRPMS/libsamplerate-0.0.15-2.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
502ef117b448d385d61ba74676118bb1 corporate/3.0/x86_64/lib64samplerate0-0.0.15-2.2.C30mdk.x86_64.rpm
bf8a35fbb19b14fb8a180e15263da664 corporate/3.0/x86_64/lib64samplerate0-devel-0.0.15-2.2.C30mdk.x86_64.rpm
32e670174dbf0e76ce55b30af497d076 corporate/3.0/x86_64/libsamplerate-progs-0.0.15-2.2.C30mdk.x86_64.rpm
f9b91945c60e160f9a44e3d6e8265930 corporate/3.0/SRPMS/libsamplerate-0.0.15-2.2.C30mdk.src.rpm

Corporate 4.0:
5911901b6500278924e683527389dff7 corporate/4.0/i586/libsamplerate0-0.1.2-1.2.20060mlcs4.i586.rpm
020f7a51ac2dfc9100519ac17f3ad9c1 corporate/4.0/i586/libsamplerate0-devel-0.1.2-1.2.20060mlcs4.i586.rpm
3bcce103dbed501d68e83e1513de4fb7 corporate/4.0/i586/libsamplerate-progs-0.1.2-1.2.20060mlcs4.i586.rpm
9ed1ef514bb0ba8882604a438c3a2b6c corporate/4.0/SRPMS/libsamplerate-0.1.2-1.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
ff73bdbc43ef5dab21be04dce86c96ec corporate/4.0/x86_64/lib64samplerate0-0.1.2-1.2.20060mlcs4.x86_64.rpm
81c6d68db92c9121fdc71a07738d49d1 corporate/4.0/x86_64/lib64samplerate0-devel-0.1.2-1.2.20060mlcs4.x86_64.rpm
198206469146f0f5438c2a4d0fdbe651 corporate/4.0/x86_64/libsamplerate-progs-0.1.2-1.2.20060mlcs4.x86_64.rpm
9ed1ef514bb0ba8882604a438c3a2b6c corporate/4.0/SRPMS/libsamplerate-0.1.2-1.2.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKqoLwmqjQ0CJFipgRApxoAJ9MLgPhPp4Wgm4vqZMNVZZggJlWOACgp6DH
Sp5KoJri+ssPAeLg354oFyc=
=6ODM
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close