Oval Definition:oval:com.redhat.rhsa:def:20060727
Revision Date:2006-11-08Version:639
Title:RHSA-2006:0727: texinfo security update (Moderate)
Description:Texinfo is a documentation system that can produce both online information and printed output from a single source file.

  • A buffer overflow flaw was found in Texinfo's texindex command. An attacker could construct a carefully crafted Texinfo file that could cause texindex to crash or possibly execute arbitrary code when opened. (CVE-2006-4810)

  • A flaw was found in the way Texinfo's texindex command creates temporary files. A local user could leverage this flaw to overwrite files the user executing texindex has write access to. (CVE-2005-3011)

    Users of Texinfo should upgrade to these updated packages which contain backported patches and are not vulnerable to these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2005-3011
    CVE-2006-4810
    RHSA-2006:0727
    RHSA-2006:0727-01
    RHSA-2006:0727-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • texinfo is earlier than 0:4.5-3.el3.1
  • AND texinfo is signed with Red Hat master key
  • info is earlier than 0:4.5-3.el3.1
  • AND info is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • texinfo is earlier than 0:4.7-5.el4.2
  • AND texinfo is signed with Red Hat master key
  • info is earlier than 0:4.7-5.el4.2
  • AND info is signed with Red Hat master key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • info is earlier than 0:4.5-3.el3.1
  • AND info is signed with Red Hat master key
  • texinfo is earlier than 0:4.5-3.el3.1
  • AND texinfo is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • info is earlier than 0:4.7-5.el4.2
  • AND info is signed with Red Hat master key
  • texinfo is earlier than 0:4.7-5.el4.2
  • AND texinfo is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • info is earlier than 0:4.7-5.el4.2
  • AND info is signed with Red Hat redhatrelease2 key
  • texinfo is earlier than 0:4.7-5.el4.2
  • AND texinfo is signed with Red Hat redhatrelease2 key
    • BACK