Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
91
security advisorydenial of servicecode executionGentoo: GLSA-201701-14 Normal: LZO Code Execution DoS Advisory
An integer overflow in LZO might allow remote attackers to execute arbitrary code or cause a Denial of Service condition.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201701-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: LZO: Multiple vulnerabilities Date: January 02, 2017 Bugs: #515238 ID: 201701-14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= An integer overflow in LZO might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Background ========= LZO is an extremely fast compression and decompression library Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/lzo < 2.08 > = 2.08 Description ========== LZO is vulnerable to an integer overflow condition in the "lzo1x_decompress_safe" function which could result in a possible buffer overrun when processing maliciously crafted compressed input data. Impact ===== A remote attacker could send specially crafted compressed input data possibly resulting in a Denial of Service condition or arbitrary code execution. Workaround ========= There is no known workaround at this time. Resolution ========= All LZO users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/lzo-2.08" References ========= [ 1 ] CVE-2014-4607 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-4607 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo SecurityWebsite: https://security.gentoo.org/glsa/201701-14 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to
Jan 02, 2017
Gentoo
100
security advisorydenial of serviceremote code executionDEBIAN: 2015:0328-2 Critical: Snmp DoS & Remote Hijacking
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.. SUSE Security Update: Security update for lzo ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0955-1 Rating: important References: #883947 Cross-References: CVE-2014-4607 Affected Products: SUSE Linux Enterprise Server 11 SP2 LTSS SUSE Linux Enterprise Server 11 SP1 LTSS SUSE Linux Enterprise Server 10 SP4 LTSS SUSE Linux Enterprise Server 10 SP3 LTSS ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: lzo has been updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts. (CVE-2014-4607) Security Issues: * CVE-2014-4607 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11 SP2 LTSS: zypper in -t patch slessp2-liblzo2-2-9522 - SUSE Linux Enterprise Server 11 SP1 LTSS: zypper in -t patch slessp1-liblzo2-2-9521 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 11 SP2 LTSS (i586 s390x x86_64): liblzo2-2-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP2 LTSS (s390x x86_64): liblzo2-2-32bit-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (i586 s390x x86_64): liblzo2-2-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP1 LTSS (s390x x86_64): liblzo2-2-32bit-2.03-12.3.1 - SUSELinux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64): lzo-2.02-12.10.1 lzo-devel-2.02-12.10.1 - SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64): lzo-32bit-2.02-12.10.1 lzo-devel-32bit-2.02-12.10.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (i586 s390x x86_64): lzo-2.02-12.10.1 lzo-devel-2.02-12.10.1 - SUSE Linux Enterprise Server 10 SP3 LTSS (s390x x86_64): lzo-32bit-2.02-12.10.1 lzo-devel-32bit-2.02-12.10.1 References: https://www.suse.com/security/cve/CVE-2014-4607.html https://scc.suse.com:443/patches/ https://scc.suse.com:443/patches/ https://scc.suse.com:443/patches/ https://scc.suse.com:443/patches/ . SUSE Security Patch for zlib mitigates Denial of Service vulnerabilities and potential remote code execution risks. Ensure you update promptly for enhanced protection.. SUSE Security, Denial Of Service, Remote Code Execution. . Severity: Important. LinuxSecurity.com Team
Jul 31, 2014
•Important
SuSE
172
security advisorydenial of servicecritical issueUbuntu 14.04 LTS USN-2300-1 Critical LZO Denial Of Service
LZO could be made to crash or run programs if it processed specially crafted data.. =========================================================================Ubuntu Security Notice USN-2300-1 July 24, 2014 lzo2 vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS Summary: LZO could be made to crash or run programs if it processed specially crafted data. Software Description: - lzo2: data compression library Details: Don A. Bailey discovered that LZO incorrectly handled certain input data. An attacker could use this issue to cause LZO to crash, resulting in a denial of service, or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: liblzo2-2 2.06-1.2ubuntu1.1 Ubuntu 12.04 LTS: liblzo2-2 2.06-1ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-2300-1 CVE-2014-4607 Package Information: https://launchpad.net/ubuntu/+source/lzo2/2.06-1.2ubuntu1.1 https://launchpad.net/ubuntu/+source/lzo2/2.06-1ubuntu0.1 . The LZO flaw poses risks such as system failures or unauthorized code execution on Ubuntu platforms. Immediate patching is crucial.. LZO Vulnerability, Ubuntu Advisory, Denial Of Service, Software Update. . Severity: Critical. LinuxSecurity.com Team
Jul 24, 2014
•Critical
Ubuntu
100
security advisorydenial of serviceremote executionSUSE 11 SP4: 2015:1005-3 Critical: Lzo Vulnerability Risk Alert
An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.. SUSE Security Update: Security update for lzo ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:0904-1 Rating: important References: #883947 Cross-References: CVE-2014-4607 Affected Products: SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Desktop 11 SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: lzo was updated to fix a potential denial of service issue or possible remote code execution by allowing an attacker, if the LZO decompression algorithm is used in a threaded or kernel context, to corrupt memory structures that control the flow of execution in other contexts. (CVE-2014-4607) Security Issue reference: * CVE-2014-4607 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-liblzo2-2-9506 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-liblzo2-2-9506 - SUSE Linux Enterprise Server 11 SP3: zypper in -t patch slessp3-liblzo2-2-9506 - SUSE Linux Enterprise Desktop 11 SP3: zypper in -t patch sledsp3-liblzo2-2-9506 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 11 SP3 (i586 ia64 ppc64 s390x x86_64): lzo-devel-2.03-12.3.1 - SUSE Linux Enterprise Software Development Kit 11 SP3(ppc64 s390x x86_64): lzo-devel-32bit-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (i586 x86_64): liblzo2-2-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP3 for VMware (x86_64): liblzo2-2-32bit-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP3 (i586 ia64 ppc64 s390x x86_64): liblzo2-2-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64): liblzo2-2-32bit-2.03-12.3.1 - SUSE Linux Enterprise Server 11 SP3 (ia64): liblzo2-2-x86-2.03-12.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (i586 x86_64): liblzo2-2-2.03-12.3.1 - SUSE Linux Enterprise Desktop 11 SP3 (x86_64): liblzo2-2-32bit-2.03-12.3.1 References: https://www.suse.com/security/cve/CVE-2014-4607.html https://login.microfocus.com/nidp/app/login?sid=0 https://scc.suse.com:443/patches/ . Patch released for lzo to mitigate significant denial of service and remote execution vulnerabilities on SUSE platforms.. SUSE Security Update,lzo fix,denial of service,remote execution threat. . Severity: Important. LinuxSecurity.com Team
Jul 16, 2014
•Important
SuSE
200
security advisorymoderatesecurity updateScientific Linux 6: SLSA-2014:0861-2 Moderate: LZO Integer Overflow Risk
Moderate: lzo security update. Date: Wed, 9 Jul 2014 18:43:11 +0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: lzo on SL6.x i386/srpm/x86_64 MIME-Version: 1.0 Synopsis: Moderate: lzo security update Advisory ID: SLSA-2014:0861-2 Issue Date: 2014-07-09 CVE Numbers: CVE-2014-4607 -- An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted. -- SL6 x86_64 lzo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm i386 lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm srpm lzo-2.03-3.1.el6_5.1.src.rpm noarch lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm - Scientific Linux Development Team . The OpenSSL project has released a critical patch to fix a buffer overflow vulnerability. Immediate attention is necessary for all dependent applications on Ubuntu systems.. lzo security update, Scientific Linux advice, moderate security patch. . LinuxSecurity.com Team
Jul 09, 2014
Scientific Linux
98
security advisorymoderatesecurity issueRed Hat 7: RHSA-2014:0861-02 Moderate: lzo Integer Overflow Risk
Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate [More...]. ==================================================================== Red Hat Security Advisory Synopsis: Moderate: lzo security update Advisory ID: RHSA-2014:0861-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2014:0861.html Issue date: 2014-07-09 CVE Names: CVE-2014-4607 ==================================================================== 1. Summary: Updated lzo packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. The Red Hat Security Response Team has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: LZO is aportable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code. (CVE-2014-4607) Red Hat would like to thank Don A. Bailey from Lab Mouse Security for reporting this issue. All lzo users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1112418 - CVE-2014-4607 lzo: lzo1x_decompress_safe() integer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v.6): Source: lzo-2.03-3.1.el6_5.1.src.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm ppc64: lzo-2.03-3.1.el6_5.1.ppc64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc64.rpm s390x: lzo-2.03-3.1.el6_5.1.s390x.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390x.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm ppc64: lzo-2.03-3.1.el6_5.1.ppc.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc.rpm lzo-debuginfo-2.03-3.1.el6_5.1.ppc64.rpm lzo-devel-2.03-3.1.el6_5.1.ppc.rpm lzo-devel-2.03-3.1.el6_5.1.ppc64.rpm lzo-minilzo-2.03-3.1.el6_5.1.ppc.rpm lzo-minilzo-2.03-3.1.el6_5.1.ppc64.rpm s390x: lzo-2.03-3.1.el6_5.1.s390.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390.rpm lzo-debuginfo-2.03-3.1.el6_5.1.s390x.rpm lzo-devel-2.03-3.1.el6_5.1.s390.rpm lzo-devel-2.03-3.1.el6_5.1.s390x.rpm lzo-minilzo-2.03-3.1.el6_5.1.s390.rpm lzo-minilzo-2.03-3.1.el6_5.1.s390x.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v.6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.x86_64.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: lzo-2.03-3.1.el6_5.1.src.rpm i386: lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm x86_64: lzo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.i686.rpm lzo-debuginfo-2.03-3.1.el6_5.1.x86_64.rpm lzo-devel-2.03-3.1.el6_5.1.i686.rpm lzo-devel-2.03-3.1.el6_5.1.x86_64.rpm lzo-minilzo-2.03-3.1.el6_5.1.i686.rpm lzo-minilzo-2.03-3.1.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: lzo-2.06-6.el7_0.2.src.rpm ppc64: lzo-2.06-6.el7_0.2.ppc.rpm lzo-2.06-6.el7_0.2.ppc64.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc64.rpm s390x: lzo-2.06-6.el7_0.2.s390.rpm lzo-2.06-6.el7_0.2.s390x.rpm lzo-debuginfo-2.06-6.el7_0.2.s390.rpm lzo-debuginfo-2.06-6.el7_0.2.s390x.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: lzo-debuginfo-2.06-6.el7_0.2.ppc.rpm lzo-debuginfo-2.06-6.el7_0.2.ppc64.rpm lzo-devel-2.06-6.el7_0.2.ppc.rpm lzo-devel-2.06-6.el7_0.2.ppc64.rpm lzo-minilzo-2.06-6.el7_0.2.ppc.rpm lzo-minilzo-2.06-6.el7_0.2.ppc64.rpm s390x: lzo-debuginfo-2.06-6.el7_0.2.s390.rpm lzo-debuginfo-2.06-6.el7_0.2.s390x.rpm lzo-devel-2.06-6.el7_0.2.s390.rpm lzo-devel-2.06-6.el7_0.2.s390x.rpm lzo-minilzo-2.06-6.el7_0.2.s390.rpm lzo-minilzo-2.06-6.el7_0.2.s390x.rpm x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: lzo-2.06-6.el7_0.2.src.rpm x86_64: lzo-2.06-6.el7_0.2.i686.rpm lzo-2.06-6.el7_0.2.x86_64.rpm lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-minilzo-2.06-6.el7_0.2.i686.rpm lzo-minilzo-2.06-6.el7_0.2.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: lzo-debuginfo-2.06-6.el7_0.2.i686.rpm lzo-debuginfo-2.06-6.el7_0.2.x86_64.rpm lzo-devel-2.06-6.el7_0.2.i686.rpm lzo-devel-2.06-6.el7_0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://access.redhat.com/security/cve/CVE-2014-4607 https://access.redhat.com/security/updates/classification#moderate 8. Contact: TheRed Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2014 Red Hat, Inc. . Red Hat has released an advisory about a moderate severity integer overflow vulnerability in lzo. Users should review the advisory and update quickly to protect system integrity. lzo update, Red Hat Enterprise Linux, integer overflow fix. . LinuxSecurity.com Team
Jul 09, 2014
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!