openSUSE alert openSUSE-SU-2010:0723-1 (libHX)

From:
    	     
 
opensuse-security@opensuse.org 
To:
    	     
 
opensuse-updates@opensuse.org 
Subject:
    	     
 
openSUSE-SU-2010:0723-1 (moderate): libHX: buffer overflow in HX_split() 
Date:
    	     
 
Wed, 13 Oct 2010 23:08:13 +0200 (CEST)
Message-ID:
    	     
 
<20101013210813.7BFA8BE44@oldboy.suse.de>

   openSUSE Security Update: libHX: buffer overflow in HX_split()
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0723-1
Rating:             moderate
References:         #631582 
Cross-References:   CVE-2010-2947
Affected Products:
                    openSUSE 11.3
                    openSUSE 11.2
                    openSUSE 11.1
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:

   This update fixes a heap-based buffer overflow in
   HX_split() of libHX. (CVE-2010-2947)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch libHX22-2976

   - openSUSE 11.2:

      zypper in -t patch libHX18-2975

   - openSUSE 11.1:

      zypper in -t patch libHX13-2974

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.3 (i586 x86_64):

      libHX22-3.4-2.1.1

   - openSUSE 11.3 (x86_64):

      libHX22-32bit-3.4-2.1.1

   - openSUSE 11.2 (i586 x86_64):

      libHX18-2.9-1.1.1

   - openSUSE 11.2 (x86_64):

      libHX18-32bit-2.9-1.1.1

   - openSUSE 11.1 (i586 ppc x86_64):

      libHX13-1.23-3.14.1

   - openSUSE 11.1 (x86_64):

      libHX13-32bit-1.23-3.14.1

   - openSUSE 11.1 (ppc):

      libHX13-64bit-1.23-3.14.1


References:

   http://support.novell.com/security/cve/CVE-2010-2947.html
   https://bugzilla.novell.com/631582