User: Password:
Subscribe / Log in / New account

Mandriva alert MDVSA-2014:033 (socat)

Subject:  [Security Announce] [ MDVSA-2014:033 ] socat
Date:  Fri, 14 Feb 2014 16:46:00 +0100
Message-ID:  <>

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2014:033 _______________________________________________________________________ Package : socat Date : February 14, 2014 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: A vulnerability has been discovered and corrected in socat: Stack-based buffer overflow in socat through and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service (segmentation fault) via a long server name in the PROXY-CONNECT address in the command line (CVE-2014-0019). The updated packages have been upgraded to the version which is not vulnerable to this issue. _______________________________________________________________________ References: _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: 556abad28fdb5cc80a15ff69790f4487 mbs1/x86_64/socat- 4174e565e7144f2e37712c97163e8292 mbs1/SRPMS/socat- _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver 0x22458A98 You can view other update advisories for Mandriva Linux at: If you want to report vulnerabilities, please contact security_(at) _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFS/hAYmqjQ0CJFipgRAhMEAKDMEcdwHBt5zIul+3JpAHc0hxIJFwCfaunk ncmqVSK6cQLcTIN5dFoju5Q= =BAB9 -----END PGP SIGNATURE----- To unsubscribe, send a email to with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to _______________________________________________________

(Log in to post comments)

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds