Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

Red Hat: RHSA-2004:441-02 Critical: Bzip2 Compression Vulnerability

red hat
Calendar Grey September 7, 2004
Dist Redhat Esm H88
Visit the Red Hat security advisory page at https://access.redhat.com/security/advisories to find the latest about lha buffer overflow vulnerabilities and patches
An updated lha package that fixes a buffer overflow is now available.

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

126740 - Buffer overflow in lha

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS:

b1b6d9d7d549331766f710ba6c5bf494 lha-1.00-17.3.src.rpm

i386: 3247304974c5a1ee592a1095a3a8c265 lha-1.00-17.3.i386.rpm

ia64: 1d13c396eab707b0603464455b4065e0 lha-1.00-17.3.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS:

b1b6d9d7d549331766f710ba6c5bf494 lha-1.00-17.3.src.rpm

ia64: 1d13c396eab707b0603464455b4065e0 lha-1.00-17.3.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS:

b1b6d9d7d549331766f710ba6c5bf494 lha-1.00-17.3.src.rpm

i386: 3247304974c5a1ee592a1095a3a8c265 lha-1.00-17.3.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS:

b1b6d9d7d549331766f710ba6c5bf494 lha-1.00-17.3.src.rpm

i386: 3247304974c5a1ee592a1095a3a8c265 lha-1.00-17.3.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from


Summary

References

http://marc.theaimsgroup.com/?l=bugtraq&m=108668791510153 CVE -CVE-2004-0771 CVE -CVE-2004-0769 CVE -CVE-2004-0694 CVE -CVE-2004-0745

Package List


Severity
critical
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2004:440-01
Issue date: 2004-09-07
Updated on: 2004-09-07
Product: Red Hat Enterprise Linux
Obsoletes: RHSA-2004:178

Topic

An updated lha package that fixes a buffer overflow is now available.

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.