Mandriva Linux Security Advisory : libcdio (MDVSA-2008:037)
Medium Nessus Plugin ID 36449
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image file that contains a long joliet file name.
In addition, a fix for failed UTF-8 conversions that would cause a segfault on certain ISOs was also fixed.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.