Updated nas packages fix security vulnerabilities
Publication date: 09 Oct 2013Modification date: 09 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4256 , CVE-2013-4257
Description
Updated nas packages fix security vulnerabilities: Buffer overflow when parsing display number and various other buffer overflows (CVE-2013-4256). Heap overflow when using AUDIOHOST environment variable (CVE-2013-4257). Race when opening a TCP device (nas#289).
References
SRPMS
2/core
- nas-1.9.2-6.1.mga2
3/core
- nas-1.9.3-2.1.mga3