LWN.net Logo

Mageia alert MGASA-2012-0334 (plib)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2012-0334: plib-1.8.5-3.2.mga1 (1/core), plib-1.8.5-4.1.mga2 (2/core)
Date:  Wed, 21 Nov 2012 20:53:45 +0100
Message-ID:  <20121121195345.GA1393@valstar.mageia.org>
Archive-link:  Article, Thread

MGASA-2012-0334 Date: November 21st, 2012 Affected releases: 1, 2 Description: Updated plib package fixes security vulnerability: Plib is prone to stack based Buffer overflow in the error function in ssg/ssgParser.cxx when it loads 3d model files as X (Direct x), ASC, ASE, ATG, and OFF, if a very long error message is passed to the function (CVE-2012-4552). Additionally, the torcs, flightgear, tuxkart, speed-dreams, and tux_aqfh packages have been rebuilt to include the updated library. Updated Packages: Mageia 1: plib-devel-1.8.5-3.2.mga1 flightgear-2.0.0-4.3.mga1 torcs-1.3.1-7.3.mga1 torcs-robots-base-1.3.1-7.3.mga1 torcs-robots-berniw-1.3.1-7.3.mga1 torcs-robots-bt-1.3.1-7.3.mga1 torcs-robots-olethros-1.3.1-7.3.mga1 tuxkart-0.4.0-10.2.mga1 Mageia 2: plib-devel-1.8.5-4.1.mga2 flightgear-2.6.0-2.2.mga2 speed-dreams-2.0.0-1.1.mga2 speed-dreams-robots-hq-2.0.0-1.1.mga2 speed-dreams-robots-more-hq-2.0.0-1.1.mga2 speed-dreams-robots-wip-2.0.0-1.1.mga2 speed-dreams-devel-2.0.0-1.1.mga2 torcs-1.3.3-2.1.mga2 torcs-robots-base-1.3.3-2.1.mga2 torcs-robots-berniw-1.3.3-2.1.mga2 torcs-robots-bt-1.3.3-2.1.mga2 torcs-robots-olethros-1.3.3-2.1.mga2 tuxkart-0.4.0-11.1.mga2 tux_aqfh-1.0.14-13.1.mga2 References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4552 http://lists.fedoraproject.org/pipermail/package-announce... https://bugs.mageia.org/show_bug.cgi?id=8066 https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...


(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds