Scientific Linux 3: Important Patch Released for GCC CVE-2006-3619 Issue

Date: Fri, 15 Jun 2007 17:36:00 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA for gcc on SL3,x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Moderate: gcc security and bug fix update
Issue date: 2007-06-11
CVE Names: CVE-2006-3619

Jorgen Weigert discovered a directory traversal flaw in fastjar. An
attacker could create a malicious JAR file which, if unpacked using
fastjar, could write to any files the victim had write access to.
(CVE-2006-3619)

SL 3.0.x

 SRPMS:
gcc-3.2.3-59.src.rpm
 i386:
cpp-3.2.3-59.i386.rpm
gcc-3.2.3-59.i386.rpm
gcc-c++-3.2.3-59.i386.rpm
gcc-g77-3.2.3-59.i386.rpm
gcc-gnat-3.2.3-59.i386.rpm
gcc-java-3.2.3-59.i386.rpm
gcc-objc-3.2.3-59.i386.rpm
libf2c-3.2.3-59.i386.rpm
libgcc-3.2.3-59.i386.rpm
libgcj-3.2.3-59.i386.rpm
libgcj-devel-3.2.3-59.i386.rpm
libgnat-3.2.3-59.i386.rpm
libobjc-3.2.3-59.i386.rpm
libstdc++-3.2.3-59.i386.rpm
libstdc++-devel-3.2.3-59.i386.rpm
 x86_64:
cpp-3.2.3-59.x86_64.rpm
gcc-3.2.3-59.x86_64.rpm
gcc-c++-3.2.3-59.x86_64.rpm
gcc-g77-3.2.3-59.x86_64.rpm
gcc-gnat-3.2.3-59.x86_64.rpm
gcc-java-3.2.3-59.x86_64.rpm
gcc-objc-3.2.3-59.x86_64.rpm
libf2c-3.2.3-59.i386.rpm
libf2c-3.2.3-59.x86_64.rpm
libgcc-3.2.3-59.i386.rpm
libgcc-3.2.3-59.x86_64.rpm
libgcj-3.2.3-59.i386.rpm
libgcj-3.2.3-59.x86_64.rpm
libgcj-devel-3.2.3-59.x86_64.rpm
libgnat-3.2.3-59.i386.rpm
libgnat-3.2.3-59.x86_64.rpm
libobjc-3.2.3-59.i386.rpm
libobjc-3.2.3-59.x86_64.rpm
libstdc++-3.2.3-59.i386.rpm
libstdc++-3.2.3-59.x86_64.rpm
libstdc++-devel-3.2.3-59.i386.rpm
libstdc++-devel-3.2.3-59.x86_64.rpm

-Connie Sieh
-Troy Dawson