Home > Security > Advisories


Mandriva Advisories

Package name elm
Date July 25th, 2001
Advisory ID MDKSA-2001:067
Affected versions 7.1, 7.2, 8.0, CS1.0
Synopsis Updated elm packages fix buffer overflow vulnerability

Problem Description

A buffer overflow exists in the elm email client when handling very
long message-ids. This would overwrite other header fields and could
potentially cause further damage.

Updated Packages

Mandrakelinux 7.1

 1501005689250e46c08f638998bed315  7.1/RPMS/elm-2.5.5-1.2mdk.i586.rpm
7cda328f91fd1a322b5e4f0dba77598b  7.1/SRPMS/elm-2.5.5-1.2mdk.src.rpm

Mandrakelinux 7.2

 efe6cec3d3781059ea455e3ac5afd722  7.2/RPMS/elm-2.5.5-1.1mdk.i586.rpm
d673e2c05cbcff08882946d75a1c73d3  7.2/SRPMS/elm-2.5.5-1.1mdk.src.rpm

Mandrakelinux 8.0

 19ea620f1635928c679ccd8a6a1c7d93  8.0/RPMS/elm-2.5.5-1.1mdk.i586.rpm
d673e2c05cbcff08882946d75a1c73d3  8.0/SRPMS/elm-2.5.5-1.1mdk.src.rpm

Corporate Server 1.0.1

 1501005689250e46c08f638998bed315  1.0.1/RPMS/elm-2.5.5-1.2mdk.i586.rpm
7cda328f91fd1a322b5e4f0dba77598b  1.0.1/SRPMS/elm-2.5.5-1.2mdk.src.rpm


To upgrade automatically, use MandrivaUpdate.


Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.