From security@peachtree.burdell.org Tue Apr 26 16:13:53 2005 From: Peachtree Linux Security Team To: peachlnx-security@lists.sourceforge.net, bugtraq@securityfocus.com Date: Mon, 25 Apr 2005 22:13:38 -0400 Subject: [PLSN-0006] new libexif package available --------------------------------------------------------------------------- Peachtree Linux Security Notice PLSN-0006 April 22, 2005 Remote DoS vulnerability in libexif CAN-2005-0664 --------------------------------------------------------------------------- The following Peachtree Linux releases are affected: Peachtree Linux release 1 ("Atlanta") Description: CAN-2005-0664: Buffer overflow in the EXIF library (libexif) does not properly validate the structure of the EXIF tags, which allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an image with a crafted EXIF tag. Packages: alpha 8cdf8dde707c24d1817eb99f5c81b783 libexif-0.6.11.alpha.dist i386 767c6442a6e76ba424b2295c422bea3c libexif-0.6.11.i686.dist ppc e5e7a516f9fc5be261c00beae0577517 libexif-0.6.11.ppc.dist Solution: Download the appropriate package for your release of Peachtree linux. Upgrade your system to the new package: distadd -u packagename Where package name is the name of the package file from the list above. -- Peachtree Linux Security Team http://peachtree.burdell.org/ [ Part 2, Application/PGP-SIGNATURE 196bytes. ] [ Unable to print this part. ]