Oval Definition:oval:org.mitre.oval:def:21659
Revision Date:2014-02-24Version:11
Title:RHSA-2011:1349: rpm security update (Important)
Description:RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:1349
CVE-2011-3378
RHSA-2011:1349-01
Platform(s):CentOS Linux 5
CentOS Linux 6
Red Hat Enterprise Linux 5
Red Hat Enterprise Linux 6
Product(s):rpm
Definition Synopsis
  • Operation system section
  • Redhat 5 or Centos 5 release
  • The operating system installed on the system is Red Hat Enterprise Linux 5
  • OR The operating system installed on the system is CentOS Linux 5.x
  • AND Packages section
  • rpm is earlier than 0:4.4.2.3-22.el5_7.2
  • OR rpm-libs is earlier than 0:4.4.2.3-22.el5_7.2
  • OR rpm-python is earlier than 0:4.4.2.3-22.el5_7.2
  • OR rpm-apidocs is earlier than 0:4.4.2.3-22.el5_7.2
  • OR rpm-build is earlier than 0:4.4.2.3-22.el5_7.2
  • OR popt is earlier than 0:1.10.2.3-22.el5_7.2
  • OR rpm-devel is earlier than 0:4.4.2.3-22.el5_7.2
  • Operation system section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages section
  • rpm-cron is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm-libs is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm-python is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm-apidocs is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm-build is earlier than 0:4.8.0-16.el6_1.1
  • OR rpm-devel is earlier than 0:4.8.0-16.el6_1.1
    • BACK