SciLinux: CVE-2006-3619 gcc SL3,x i386/x86_64

Date:         Fri, 15 Jun 2007 17:36:00 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA for gcc on SL3,x i386/x86_64
Comments: To: scientific-linux-errata@fnal.gov

Synopsis: Moderate: gcc security and bug fix update
Issue date: 2007-06-11
CVE Names: CVE-2006-3619

Jorgen Weigert discovered a directory traversal flaw in fastjar. An
attacker could create a malicious JAR file which, if unpacked using
fastjar, could write to any files the victim had write access to.
(CVE-2006-3619)

SL 3.0.x

   SRPMS:
gcc-3.2.3-59.src.rpm
   i386:
cpp-3.2.3-59.i386.rpm
gcc-3.2.3-59.i386.rpm
gcc-c++-3.2.3-59.i386.rpm
gcc-g77-3.2.3-59.i386.rpm
gcc-gnat-3.2.3-59.i386.rpm
gcc-java-3.2.3-59.i386.rpm
gcc-objc-3.2.3-59.i386.rpm
libf2c-3.2.3-59.i386.rpm
libgcc-3.2.3-59.i386.rpm
libgcj-3.2.3-59.i386.rpm
libgcj-devel-3.2.3-59.i386.rpm
libgnat-3.2.3-59.i386.rpm
libobjc-3.2.3-59.i386.rpm
libstdc++-3.2.3-59.i386.rpm
libstdc++-devel-3.2.3-59.i386.rpm
   x86_64:
cpp-3.2.3-59.x86_64.rpm
gcc-3.2.3-59.x86_64.rpm
gcc-c++-3.2.3-59.x86_64.rpm
gcc-g77-3.2.3-59.x86_64.rpm
gcc-gnat-3.2.3-59.x86_64.rpm
gcc-java-3.2.3-59.x86_64.rpm
gcc-objc-3.2.3-59.x86_64.rpm
libf2c-3.2.3-59.i386.rpm
libf2c-3.2.3-59.x86_64.rpm
libgcc-3.2.3-59.i386.rpm
libgcc-3.2.3-59.x86_64.rpm
libgcj-3.2.3-59.i386.rpm
libgcj-3.2.3-59.x86_64.rpm
libgcj-devel-3.2.3-59.x86_64.rpm
libgnat-3.2.3-59.i386.rpm
libgnat-3.2.3-59.x86_64.rpm
libobjc-3.2.3-59.i386.rpm
libobjc-3.2.3-59.x86_64.rpm
libstdc++-3.2.3-59.i386.rpm
libstdc++-3.2.3-59.x86_64.rpm
libstdc++-devel-3.2.3-59.i386.rpm
libstdc++-devel-3.2.3-59.x86_64.rpm


-Connie Sieh
-Troy Dawson

Date: Fri, 15 Jun 2007 17:36:00 -0500Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA for gcc on SL3,x i386/x86_64Comments: To: scientific-linux-errata@fnal.govSynopsis: Moderate: gcc security and bug fix updateIssue date: 2007-06-11CVE Names: CVE-2006-3619Jorgen Weigert discovered a directory traversal flaw in fastjar. Anattacker could create a malicious JAR file which, if unpacked usingfastjar, could write to any files the victim had write access to.(CVE-2006-3619)SL 3.0.x SRPMS:gcc-3.2.3-59.src.rpm i386:cpp-3.2.3-59.i386.rpmgcc-3.2.3-59.i386.rpmgcc-c++-3.2.3-59.i386.rpmgcc-g77-3.2.3-59.i386.rpmgcc-gnat-3.2.3-59.i386.rpmgcc-java-3.2.3-59.i386.rpmgcc-objc-3.2.3-59.i386.rpmlibf2c-3.2.3-59.i386.rpmlibgcc-3.2.3-59.i386.rpmlibgcj-3.2.3-59.i386.rpmlibgcj-devel-3.2.3-59.i386.rpmlibgnat-3.2.3-59.i386.rpmlibobjc-3.2.3-59.i386.rpmlibstdc++-3.2.3-59.i386.rpmlibstdc++-devel-3.2.3-59.i386.rpm x86_64:cpp-3.2.3-59.x86_64.rpmgcc-3.2.3-59.x86_64.rpmgcc-c++-3.2.3-59.x86_64.rpmgcc-g77-3.2.3-59.x86_64.rpmgcc-gnat-3.2.3-59.x86_64.rpmgcc-java-3.2.3-59.x86_64.rpmgcc-objc-3.2.3-59.x86_64.rpmlibf2c-3.2.3-59.i386.rpmlibf2c-3.2.3-59.x86_64.rpmlibgcc-3.2.3-59.i386.rpmlibgcc-3.2.3-59.x86_64.rpmlibgcj-3.2.3-59.i386.rpmlibgcj-3.2.3-59.x86_64.rpmlibgcj-devel-3.2.3-59.x86_64.rpmlibgnat-3.2.3-59.i386.rpmlibgnat-3.2.3-59.x86_64.rpmlibobjc-3.2.3-59.i386.rpmlibobjc-3.2.3-59.x86_64.rpmlibstdc++-3.2.3-59.i386.rpmlibstdc++-3.2.3-59.x86_64.rpmlibstdc++-devel-3.2.3-59.i386.rpmlibstdc++-devel-3.2.3-59.x86_64.rpm-Connie Sieh-Troy Dawson

SciLinux: CVE-2006-3619 gcc SL3,x i386/x86_64

Summary

Security Fixes

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By