[SECURITY] Fedora Core 4 Update: libc-client-2002e-17
Posted on: 12/09/2005 01:22 AM

A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: libc-client-2002e-17. Here the announcement:

Fedora Update Notification
FEDORA-2005-1115
2005-12-08
---------------------------------------------------------------------

Product : Fedora Core 4
Name : libc-client
Version : 2002e
Release : 17
Summary : C-client mail access routines for IMAP and POP protocols
Description :
C-client is a common API for accessing mailboxes. It is used internally by
the popular PINE mail reader, the University of Washington's IMAP server
and PHP.

---------------------------------------------------------------------
Update Information:

The c-client library provides an API which allows
applications to access and manipulate remote mail boxes.

The library contains a bug in its mail_valid_net_parse()
function. If an application allows untrusted input to be
supplied to this function, its stack may become corrupted.
This update backports the fix from imap-2004g which resolves
this issue.
---------------------------------------------------------------------
* Thu Dec 1 2005 Nalin Dahyabhai lt;nalin@redhat.comgt; 2002e-17
- account for the /usr/share/ssl -gt; /etc/pki/tls move in the patch which
sets the locations at compile-time (more of #165967)

* Wed Nov 23 2005 Nalin Dahyabhai lt;nalin@redhat.comgt; 2002e-16
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai lt;nalin@redhat.comgt; 2002e-15
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai lt;nalin@redhat.comgt; 2002e-14
- rebuild

* Wed Nov 23 2005 Nalin Dahyabhai lt;nalin@redhat.comgt; 2002e-13
- apply fix for CVE-2005-2933: buffer overflow (#171345)

* Wed Nov 9 2005 Tomas Mraz lt;tmraz@redhat.comgt; 2002e-12
- rebuilt against new openssl

* Sat Oct 15 2005 Florian La Roche lt;laroche@redhat.comgt;
- fix to rebuild at least, seems the way to specify the
include dir is a bit broken


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

74e71a958021a53edfd632ca92145e8f SRPMS/libc-client-2002e-17.src.rpm
52839d60a1dedda6cec987bbf4590b07 ppc/libc-client-2002e-17.ppc.rpm
7b0f2cbe941bbb3abc4d0f54779ae217 ppc/libc-client-devel-2002e-17.ppc.rpm
c6568ccc39240ec5bcf5613a8ab94aa7 ppc/debug/libc-client-debuginfo-2002e-17.ppc.rpm
8d2660b1ce5d70f750760a1a69950d74 ppc/libc-client-2002e-17.ppc64.rpm
8791383ebfca4a12feecc83235d69352 x86_64/libc-client-2002e-17.x86_64.rpm
2323d4fe60fcf342ac0366aef688e52d x86_64/libc-client-devel-2002e-17.x86_64.rpm
293dddb99622975f39ad268453a27743 x86_64/debug/libc-client-debuginfo-2002e-17.x86_64.rpm
4a344561de695b7f15f979d640046694 x86_64/libc-client-2002e-17.i386.rpm
4a344561de695b7f15f979d640046694 i386/libc-client-2002e-17.i386.rpm
1bf275133ec054b1567fb74db13ffe7d i386/libc-client-devel-2002e-17.i386.rpm
3926fefbe75d22da13e5fdb924056396 i386/debug/libc-client-debuginfo-2002e-17.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_fedora_core_4_update_libc_client_2002e_17.html)