From Mageia wiki
Jump to: navigation, search

MGASA-2013-0001

Date: January 5th, 2013
Affected releases: 2


Description:
Updated squashfs-tools packages fix security vulnerabilities:

remote arbitrary code execution via crafted list file (CVE-2012-4024)

integer overflow in queue_init() may lead to abitrary code execution
(CVE-2012-4025)


Updated Packages:
squashfs-tools-4.2-3.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4025
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094628.html
https://bugs.mageia.org/show_bug.cgi?id=8448