Issued:
2005-06-13
Updated:
2005-06-13

RHSA-2005:506 - Security Advisory

Synopsis

mikmod security update

Type/Severity

Security Advisory: Low

Topic

Updated mikmod packages that fix a security issue are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

MikMod is a well known MOD music file player for UNIX-based systems.

A buffer overflow bug was found in mikmod during the processing of archive
filenames. An attacker could create a malicious archive that when opened by
mikmod could result in arbitrary code execution. The Common Vulnerabilities
and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0427
to this issue.

Users of mikmod are advised to upgrade to these erratum packages, which
contain backported security patches and are not vulnerable to these issues.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux Server 2 ia64
  • Red Hat Enterprise Linux Server 2 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Workstation 2 ia64
  • Red Hat Enterprise Linux Workstation 2 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc

Fixes

CVEs

References

(none)

Red Hat Enterprise Linux Server 4

SRPM
x86_64
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.x86_64.rpm SHA-256: 3eae1fcea7717ef53d65bcc4151baa2a785a56939d029b5647da1595c2255fbb
mikmod-3.1.6-32.EL4.x86_64.rpm SHA-256: 3eae1fcea7717ef53d65bcc4151baa2a785a56939d029b5647da1595c2255fbb
mikmod-devel-3.1.6-32.EL4.x86_64.rpm SHA-256: 5d4f911e957b21e8a4bcd0473f2c51c54abb5d4582a42e242cbc9033fb902f4e
mikmod-devel-3.1.6-32.EL4.x86_64.rpm SHA-256: 5d4f911e957b21e8a4bcd0473f2c51c54abb5d4582a42e242cbc9033fb902f4e
ia64
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.ia64.rpm SHA-256: b15267d6c87bd0abca49e421405ef11672883c118c1e871473f4c7bfd202320a
mikmod-3.1.6-32.EL4.ia64.rpm SHA-256: b15267d6c87bd0abca49e421405ef11672883c118c1e871473f4c7bfd202320a
mikmod-devel-3.1.6-32.EL4.ia64.rpm SHA-256: b23b51223fc5f74356ac4cf90b5fab9432bba6d977de56b1faef79d265ab7423
mikmod-devel-3.1.6-32.EL4.ia64.rpm SHA-256: b23b51223fc5f74356ac4cf90b5fab9432bba6d977de56b1faef79d265ab7423
i386
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-devel-3.1.6-32.EL4.i386.rpm SHA-256: 1748efd256784793f8b9a3be5963272956130adb41d08c99e6340c14518c7058
mikmod-devel-3.1.6-32.EL4.i386.rpm SHA-256: 1748efd256784793f8b9a3be5963272956130adb41d08c99e6340c14518c7058

Red Hat Enterprise Linux Workstation 4

SRPM
x86_64
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.x86_64.rpm SHA-256: 3eae1fcea7717ef53d65bcc4151baa2a785a56939d029b5647da1595c2255fbb
mikmod-devel-3.1.6-32.EL4.x86_64.rpm SHA-256: 5d4f911e957b21e8a4bcd0473f2c51c54abb5d4582a42e242cbc9033fb902f4e
ia64
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.ia64.rpm SHA-256: b15267d6c87bd0abca49e421405ef11672883c118c1e871473f4c7bfd202320a
mikmod-devel-3.1.6-32.EL4.ia64.rpm SHA-256: b23b51223fc5f74356ac4cf90b5fab9432bba6d977de56b1faef79d265ab7423
i386
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-devel-3.1.6-32.EL4.i386.rpm SHA-256: 1748efd256784793f8b9a3be5963272956130adb41d08c99e6340c14518c7058

Red Hat Enterprise Linux Desktop 4

SRPM
x86_64
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-3.1.6-32.EL4.x86_64.rpm SHA-256: 3eae1fcea7717ef53d65bcc4151baa2a785a56939d029b5647da1595c2255fbb
mikmod-devel-3.1.6-32.EL4.x86_64.rpm SHA-256: 5d4f911e957b21e8a4bcd0473f2c51c54abb5d4582a42e242cbc9033fb902f4e
i386
mikmod-3.1.6-32.EL4.i386.rpm SHA-256: 3f18ce90e09f683b300fb82b0d55005de413225b73f58ef0b04434cc704431e1
mikmod-devel-3.1.6-32.EL4.i386.rpm SHA-256: 1748efd256784793f8b9a3be5963272956130adb41d08c99e6340c14518c7058

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
s390x
mikmod-3.1.6-32.EL4.s390.rpm SHA-256: 1a79744946bfd5e10dbad167c5f747204366eecc3ee9ad2a2970d0dc64b70901
mikmod-3.1.6-32.EL4.s390x.rpm SHA-256: b303aaab20eeeabc6ba18dfdb2b10e714292fa4b4b8fdfd68105a934374d992e
mikmod-devel-3.1.6-32.EL4.s390x.rpm SHA-256: 1efe50870003f358eb0104d910693b79bebd518780d79fefe2c2ceb7a2499d47
s390
mikmod-3.1.6-32.EL4.s390.rpm SHA-256: 1a79744946bfd5e10dbad167c5f747204366eecc3ee9ad2a2970d0dc64b70901
mikmod-devel-3.1.6-32.EL4.s390.rpm SHA-256: 2848fc23ae566d20678f8882f9dedd2670b5e38da12a96df828b20ac8a366277

Red Hat Enterprise Linux for Power, big endian 4

SRPM
ppc
mikmod-3.1.6-32.EL4.ppc.rpm SHA-256: 248ac53d14df8abc27c737f2290da3137ba4f825c710c7e4b4ff1ec4a3a03aa2
mikmod-3.1.6-32.EL4.ppc64.rpm SHA-256: f5f140618c393b1b6ab191a146e6be92fa17c5680faf3c3bd2a71a1f9b26873a
mikmod-devel-3.1.6-32.EL4.ppc.rpm SHA-256: 8dda503bbfb9053cfa6abdad74e2ee10bc324666a9b86cbaf0f2f630ba9e65eb

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.