From Mageia wiki
MGASA-2013-0001
Date: | January 5th, 2013 |
Affected releases: | 2 |
Description:
Updated squashfs-tools packages fix security vulnerabilities:
remote arbitrary code execution via crafted list file (CVE-2012-4024)
integer overflow in queue_init() may lead to abitrary code execution
(CVE-2012-4025)
Updated Packages:
squashfs-tools-4.2-3.mga2
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4025
http://lists.fedoraproject.org/pipermail/package-announce/2012-December/094628.html
https://bugs.mageia.org/show_bug.cgi?id=8448