Libc-client input sanitising FC3 - Fedora FEDORA-2005-1112

	Main
	Security
	Downloads
	Forum
	Free e-books
	Security
	Advisories
	Vulnerabilities
	IT News
	Virus Central
	Services
	Advertise
	Newsletter
	Shop
	Search
	Wap-PDA/mobile
	Other
	Affiliates
	Contact
	RSS feeds

	Vendor:	Fedora
	Vendor ID:	FEDORA-2005-1112
	Title:	Libc-client input sanitising FC3
	Publishing date:	December 8, 2005
	Published by:	Nikola Strahija

Other advisories by Fedora:

Multiple Thunderbird vulnerabilities

Racoon daemon remote crash

Squirrelmail security issues

X.org arbitrary code execution

Firefox several security issues

CVE: CVE-2005-2933

Printable version |

Send to a friend

Security Advisory info: The library contains a bug in its mail_valid_net_parse() function. If an application allows untrusted input to be supplied to this function, its stack may become corrupted. This update backports the fix from imap-2004g which resolves this issue. Fedora Core 3.

Scroll down to see the full advisory

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1112
2005-12-08
---------------------------------------------------------------------

Product : Fedora Core 3
Name : libc-client
Version : 2002e
Release : 13
Summary : C-client mail access routines for IMAP and POP protocols
Description :
C-client is a common API for accessing mailboxes. It is used internally by
the popular PINE mail reader, the University of Washington's IMAP server
and PHP.

---------------------------------------------------------------------
Update Information:

The c-client library provides an API which allows
applications to access and manipulate remote mail boxes.

The library contains a bug in its mail_valid_net_parse()
function. If an application allows untrusted input to be
supplied to this function, its stack may become corrupted.
This update backports the fix from imap-2004g which resolves
this issue.
---------------------------------------------------------------------
* Wed Nov 23 2005 Nalin Dahyabhai <nalin@redhat.com> 2002e-13
- apply fix for CVE-2005-2933: buffer overflow (#171345)

* Wed Nov 9 2005 Tomas Mraz <tmraz@redhat.com> 2002e-12
- rebuilt against new openssl

* Sat Oct 15 2005 Florian La Roche <laroche@redhat.com>
- fix to rebuild at least, seems the way to specify the
include dir is a bit broken

* Wed Mar 2 2005 Joe Orton <jorton@redhat.com> 2002e-10
- rebuild

* Wed Mar 2 2005 Jindrich Novy <jnovy@redhat.com> 2002e-9
- rebuilt

---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

2701b151823333732d18968f5aaa4427 SRPMS/libc-client-2002e-13.src.rpm
1eff60252308fd6098f38c6b53012070 x86_64/libc-client-2002e-13.x86_64.rpm
3db455a4372570e1c2ae720eb83a6daf x86_64/libc-client-devel-2002e-13.x86_64.rpm
d95200d605b34293745146982709360a x86_64/debug/libc-client-debuginfo-2002e-13.x86_64.rpm
f047e8de3baa36327bc2212bc4fe54e9 x86_64/libc-client-2002e-13.i386.rpm
f047e8de3baa36327bc2212bc4fe54e9 i386/libc-client-2002e-13.i386.rpm
1b2df02097ae24cc8553c923effcfab8 i386/libc-client-devel-2002e-13.i386.rpm
98cb42f9d8d4ba23f1b35f7b1d24dd7b i386/debug/libc-client-debuginfo-2002e-13.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

Printable version |

Send to a friend


	Our Services	Information	Our Online Shop	Community Forum Topics


	Free weekly Newsletter Advertise on Xatrix Monthly News Archive Community Forum	Impressum/about Contributing Newsletter archive Latest bugs	Top sellers New Items Books Software	Xilisoft DVD Ripper... RM Qual OnlineCrypter - Ano... www.nikeshoeswarm.c...

Our Privacy Policy \| Contact Us Powered by TiP / Rapid IT \| HITB.org All content on this website is property of Xatrix Security if not noted otherwise. Copyright 2000 - 2010 Xatrix Security