OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Michael Schloh
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-web Date: 08-Jun-2005 14:40:47
Branch: HEAD Handle: 2005060813404700
Modified files:
openpkg-web/security OpenPKG-SA-2005.008-bzip2.txt
Log:
add analog-6.0 packages to affected OpenPKG package list (containing
embedded libbz2) and improve formatting
Summary:
Revision Changes Path
1.2 +10 -8 openpkg-web/security/OpenPKG-SA-2005.008-bzip2.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-web/security/OpenPKG-SA-2005.008-bzip2.txt
============================================================================
$ cvs diff -u -r1.1 -r1.2 OpenPKG-SA-2005.008-bzip2.txt
--- openpkg-web/security/OpenPKG-SA-2005.008-bzip2.txt 6 Jun 2005
19:13:53 -0000 1.1
+++ openpkg-web/security/OpenPKG-SA-2005.008-bzip2.txt 8 Jun 2005
12:40:47 -0000 1.2
@@ -3,26 +3,28 @@
OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED] [EMAIL PROTECTED]
-OpenPKG-SA-2005.008 06-June-2005
+OpenPKG-SA-2005.008 08-June-2005
________________________________________________________________________
-Package: bzip2
+Package: bzip2, openpkg, analog
Vulnerability: arbitrary file mode modification, denial of service
OpenPKG Specific: no
Affected Releases: Affected Packages: Corrected Packages:
OpenPKG CURRENT <= bzip2-1.0.2-20050324 >= bzip2-1.0.3-20050506
<= openpkg-20050527-20050527 >=
openpkg-20050606-20050606
+ <= analog-6.0-20041220 >= analog-6.0-20050608
OpenPKG 2.3 <= bzip2-1.0.2-2.3.0 >= bzip2-1.0.2-2.3.1
<= openpkg-2.2.2-2.2.2 >= openpkg-2.2.3-2.2.3
+ <= analog-6.0-2.3.0 >= analog-6.0-2.3.1
OpenPKG 2.2 <= bzip2-1.0.2-2.2.0 >= bzip2-1.0.2-2.2.1
<= openpkg-2.3.1-2.3.1 >= openpkg-2.3.2-2.3.2
Affected Releases: Dependent Packages:
OpenPKG CURRENT apache::with_mod_php_bzip2 bsdtar clamav gnupg
- imagemagick libarchive perl-comp perl-mail
- pgpdump php::with_bzip2 php5::with_bzip2
- python::with_bzip2 r rzip
+ imagemagick libarchive perl-comp perl-mail pgpdump
+ php::with_bzip2 php5::with_bzip2 python::with_bzip2
+ r rzip
OpenPKG 2.3 apache::with_mod_php_bzip2 clamav gnupg imagemagick
perl-comp perl-mail php::with_bzip2 php5::with_bzip2
OpenPKG 2.2 apache::with_mod_php_bzip2 clamav imagemagick
@@ -46,9 +48,9 @@
CAN-2005-1260 [3] to this problem.
Please check whether you are affected by running "<prefix>/bin/openpkg
- rpm -q bzip2". If you have the "bzip2" package installed and its version
- is affected (see above), we recommend that you immediately upgrade it
- (see Solution) and any dependent packages as well [4][5].
+ rpm -q bzip2". If you have the "bzip2" package installed and its
+ version is affected (see above), we recommend that you immediately
+ upgrade it (see Solution) and any dependent packages as well [4][5].
Solution:
Select the updated source RPM appropriate for your OpenPKG release
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [email protected]
