nasm security update

ID CESA-2005:381
Type centos
Reporter CentOS Project
Modified 2005-05-04T23:06:51


CentOS Errata and Security Advisory CESA-2005:381

NASM is an 80x86 assembler.

Two stack based buffer overflow bugs have been found in nasm. An attacker could create an ASM file in such a way that when compiled by a victim, could execute arbitrary code on their machine. The Common Vulnerabilities and Exposures project ( has assigned the names CAN-2004-1287 and CAN-2005-1194 to these issues.

All users of nasm are advised to upgrade to this updated package, which contains backported fixes for these issues.

Merged security bulletin from advisories:

Affected packages: nasm nasm-doc nasm-rdoff

Upstream details at: