[ MDVSA-2015:150 ] liblzo

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:150
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : liblzo
 Date    : March 29, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated liblzo packages fix security vulnerability:
 
 An integer overflow in liblzo before 2.07 allows attackers to
 cause a denial of service or possibly code execution in applications
 performing LZO decompression on a compressed payload from the attacker
 (CVE-2014-4607).
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4607
 http://advisories.mageia.org/MGASA-2014-0290.html
 __________________________________________________________

007 Software

[ MDVSA-2015:150 ] liblzo

Leave a Reply Cancel reply

Software and Security Information