MDVSA-2011:143 -- Mandriva rpmID: oval:org.secpod.oval:def:301108 | Date: (C)2012-01-07 (M)2023-11-10 |
Class: PATCH | Family: unix |
Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code . Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise Server 5 updated perl-URPM and lzma packages are being provided to support upgrading to Mandriva Linux 2011. The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2010.1 |
Mandriva Linux 2009.0 |