Scientific Linux Security Update : lzo on SL6.x i386/srpm/x86_64
High Nessus Plugin ID 76448
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionAn integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrary code.
For the update to take effect, all services linked to the lzo library must be restarted or the system rebooted.
SolutionUpdate the affected packages.