Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||||
Gentoo alert 200303-9 (netscape-flash)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200303-9 - - --------------------------------------------------------------------- PACKAGE : netscape-flash SUMMARY : buffer overflow DATE : 2003-03-09 01:56 UTC EXPLOIT : remote VERSIONS AFFECTED : <6.0.79 FIXED VERSION : =>6.0.79 CVE : - - --------------------------------------------------------------------- - From advisory: "The cumulative security patch is available today and addresses the potential for exploits surrounding buffer overflows (read/write) and sandbox integrity within the player, which might allow malicious users to gain access to a user's computer. The possibility of running native code on a users machine is a theoretical exploit, and extremely difficult to execute in practice. There are no known examples of running such native code from Macromedia Flash movies; however, even though this issue is difficult and theoretical in nature only, we are encouraging users to upgrade." Read the full advisory at: http://www.macromedia.com/v1/handlers/index.cfm?ID=23821 SOLUTION It is recommended that all Gentoo Linux users who are running net-www/netscape-flash upgrade to netscape-flash-6.0.79 as follows: emerge sync emerge netscape-flash emerge clean - - --------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz - - --------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+ap9HfT7nyhUpoZMRAlRuAJ4oOZYqilO1mRTGJW70KA1JI20CuQCggBp3 UGP5R8pxURyGTPEVsbstJMI= =dyfL -----END PGP SIGNATURE----- (Log in to post comments)
|
|||||||||||||