Gentoo Local Security Checks : Gentoo Security Advisory GLSA 200711-15 (flac)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58754

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 200711-15 (flac)

Resumen: The remote host is missing updates announced in;advisory GLSA 200711-15.

Descripción: Summary:
The remote host is missing updates announced in
advisory GLSA 200711-15.

Vulnerability Insight:
Multiple integer overflow vulnerabilities were found in FLAC possibly
allowing for the execution of arbitrary code.

Solution:
All FLAC users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=media-libs/flac-1.2.1-r1'

You should also run revdep-rebuild to rebuild any packages that depend on
older versions of FLAC:

# revdep-rebuild --library=libFLAC.*

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-4619
BugTraq ID: 26042
http://www.securityfocus.com/bid/26042
Debian Security Information: DSA-1469 (Google Search)
http://www.debian.org/security/2008/dsa-1469
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00035.html
http://security.gentoo.org/glsa/glsa-200711-15.xml
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608
http://www.mandriva.com/security/advisories?name=MDKSA-2007:214
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10571
http://www.redhat.com/support/errata/RHSA-2007-0975.html
http://securitytracker.com/id?1018815
http://secunia.com/advisories/27210
http://secunia.com/advisories/27223
http://secunia.com/advisories/27355
http://secunia.com/advisories/27399
http://secunia.com/advisories/27507
http://secunia.com/advisories/27601
http://secunia.com/advisories/27625
http://secunia.com/advisories/27628
http://secunia.com/advisories/27780
http://secunia.com/advisories/27878
http://secunia.com/advisories/28548
SuSE Security Announcement: SUSE-SR:2007:022 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html
http://www.ubuntu.com/usn/usn-540-1
http://www.vupen.com/english/advisories/2007/3483
http://www.vupen.com/english/advisories/2007/3484
http://www.vupen.com/english/advisories/2007/4061
XForce ISS Database: flac-media-files-bo(37187)
https://exchange.xforce.ibmcloud.com/vulnerabilities/37187

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58754
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 200711-15 (flac)
Resumen:	The remote host is missing updates announced in;advisory GLSA 200711-15.
Descripción:	Summary: The remote host is missing updates announced in advisory GLSA 200711-15. Vulnerability Insight: Multiple integer overflow vulnerabilities were found in FLAC possibly allowing for the execution of arbitrary code. Solution: All FLAC users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/flac-1.2.1-r1' You should also run revdep-rebuild to rebuild any packages that depend on older versions of FLAC: # revdep-rebuild --library=libFLAC.* CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-4619 BugTraq ID: 26042 http://www.securityfocus.com/bid/26042 Debian Security Information: DSA-1469 (Google Search) http://www.debian.org/security/2008/dsa-1469 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00035.html http://security.gentoo.org/glsa/glsa-200711-15.xml http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=608 http://www.mandriva.com/security/advisories?name=MDKSA-2007:214 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10571 http://www.redhat.com/support/errata/RHSA-2007-0975.html http://securitytracker.com/id?1018815 http://secunia.com/advisories/27210 http://secunia.com/advisories/27223 http://secunia.com/advisories/27355 http://secunia.com/advisories/27399 http://secunia.com/advisories/27507 http://secunia.com/advisories/27601 http://secunia.com/advisories/27625 http://secunia.com/advisories/27628 http://secunia.com/advisories/27780 http://secunia.com/advisories/27878 http://secunia.com/advisories/28548 SuSE Security Announcement: SUSE-SR:2007:022 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://www.ubuntu.com/usn/usn-540-1 http://www.vupen.com/english/advisories/2007/3483 http://www.vupen.com/english/advisories/2007/3484 http://www.vupen.com/english/advisories/2007/4061 XForce ISS Database: flac-media-files-bo(37187) https://exchange.xforce.ibmcloud.com/vulnerabilities/37187
Copyright	Copyright (C) 2008 E-Soft Inc.