gzip
73
1.67. gzip
1.67.1. RHSA-2010:0061: Moderate security update
Important
This update has already been released (prior to the GA of this release) as the security
errata
RHSA-2010:0061
468
An updated gzip package that fixes one security issue is now available for Red Hat Enterprise Linux 3,
4, and 5.
This update has been rated as having moderate security impact by the Red Hat Security Response
Team.
The gzip package provides the GNU gzip data compression program.
An integer underflow flaw, leading to an array index error, was found in the way gzip expanded archive
files compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. If a victim expanded a
specially-crafted archive, it could cause gzip to crash or, potentially, execute arbitrary code with the
privileges of the user running gzip. This flaw only affects 64-bit systems. (
CVE-2010-0001
469
)
Red Hat would like to thank Aki Helin of the Oulu University Secure Programming Group for
responsibly reporting this flaw.
Users of gzip should upgrade to this updated package, which contains a backported patch to correct
this issue.
1.68. hal
1.68.1. RHBA-2010:0256: bug fix update
Updated hal packages that fix various bugs are now available.
HAL is a daemon for collecting and maintaining information relating to hardware from several system
sources.
The updated packages fix the following bugs:
* a sanity check in the HAL init script was incorrectly exiting with error code 0 when the script could not
locate /usr/sbin/hald. The updated packages now contain a stronger sanity check, which returns the
correct error code for a given condition. (
BZ#238113
470
)
* a missing FDI quirk parameter for IBM X31 laptops prevented the laptop monitor from switching
off during suspension. The updated packages add an extra "merge" element to the X40/X30 FDI
definition, which correctly sets the dpms_suspend power management attribute. (
BZ#395991
471
)
* a suspend hotkey combination (Fn+F1) used on Dell Latitude hardware was not mapped correctly.
While the keycode sequence could be set manually, owners of Dell Latitude equipment experienced
469
https://www.redhat.com/security/data/cve/CVE-2010-0001.html
470
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238113
471
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=395991
Содержание ENTERPRISE LINUX 5.5 - S 2010
Страница 10: ...x ...
Страница 308: ...298 ...
Страница 310: ...300 ...
Страница 468: ...458 ...
Страница 470: ...460 ...