Date: Thu, 31 Jan 2002 11:53:21 -0500 (EST) From: Joe Marcus Clarke <marcus@marcuscom.com> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/34493: linux-realplayer has a security vulnerability Message-ID: <200201311653.g0VGrLI92455@shumai.marcuscom.com>
next in thread | raw e-mail | index | archive | help
>Number: 34493 >Category: ports >Synopsis: linux-realplayer has a security vulnerability >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 31 09:00:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Joe Marcus Clarke >Release: FreeBSD 4.5-RC i386 >Organization: MarcusCom, Inc. >Environment: System: FreeBSD shumai.marcuscom.com 4.5-RC FreeBSD 4.5-RC #0: Fri Jan 25 02:45:22 EST 2002 marcus@shumai.marcuscom.com:/usr/obj/usr/src/sys/SHUMAI i386 >Description: All versions of RealPlayer have been found to be vulnerable to buffer overrun that allows users to gain elevated permissions. This is better documented at: http://www.service.real.com/help/faq/security/bufferoverrun.html >How-To-Repeat: >Fix: Installing this library will correct the problem: http://docs.real.com/docs/playerpatch/RP8_gold/rmffplin.so.6.0-linux-2.0-libc6-i386.gz >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201311653.g0VGrLI92455>