https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2013-0097&feed=atom&action=history
Support/Advisories/MGASA-2013-0097 - Revision history
2024-03-29T15:25:13Z
Revision history for this page on the wiki
MediaWiki 1.31.16
https://wiki.mageia.org/mw-en/index.php?title=Support/Advisories/MGASA-2013-0097&diff=15624&oldid=prev
Dmorgan: Created page with "== MGASA-2013-0097 == {| |'''Date:''' |March 16rd, 2013 |- |'''Affected releases:''' |2 |- |'''Media:''' |Core |} '''Description:'''<br/> Updated stunnel packages fix security..."
2013-03-16T22:30:55Z
<p>Created page with "== MGASA-2013-0097 == {| |'''Date:''' |March 16rd, 2013 |- |'''Affected releases:''' |2 |- |'''Media:''' |Core |} '''Description:'''<br/> Updated stunnel packages fix security..."</p>
<p><b>New page</b></p><div>== MGASA-2013-0097 ==<br />
<br />
{|<br />
|'''Date:'''<br />
|March 16rd, 2013<br />
|-<br />
|'''Affected releases:'''<br />
|2<br />
|-<br />
|'''Media:'''<br />
|Core<br />
|}<br />
<br />
<br />
'''Description:'''<br/><br />
Updated stunnel packages fix security vulnerability:<br/><br />
<br/><br />
stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM<br/><br />
authentication are enabled, does not correctly perform integer conversion,<br/><br />
which allows remote proxy servers to execute arbitrary code via a crafted<br/><br />
request that triggers a buffer overflow (CVE-2013-1762).<br/><br />
<br/><br />
'''Updated Packages:'''<br/><br />
i586:<br/><br />
stunnel-4.55-1.mga2.i586.rpm<br/><br />
stunnel-debug-4.55-1.mga2.i586.rpm<br/><br />
<br/><br />
x86_64:<br/><br />
stunnel-4.55-1.mga2.x86_64.rpm<br/><br />
stunnel-debug-4.55-1.mga2.x86_64.rpm<br/><br />
<br/><br />
SRPMS:<br/><br />
stunnel-4.55-1.mga2.src.rpm<br/><br />
<br/><br />
<br />
'''References:'''<br/><br />
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1762<br/><br />
https://www.stunnel.org/CVE-2013-1762.html<br/><br />
https://bugs.mageia.org/show_bug.cgi?id=9312<br/></div>
Dmorgan