Ubuntu 14.04 LTS : RPM vulnerabilities (USN-2479-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2479-1 advisory. Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. CVE-2013-6435...

USN-2479-1 rpm vulnerabilities

Florian Weimer discovered that RPM incorrectly handled temporary files. A local attacker could use this issue to execute arbitrary code. CVE-2013-6435 Florian Weimer discovered that RPM incorrectly handled certain CPIO headers. If a user or automated system were tricked into installing a maliciou...

Debian Security Advisory DSA 3129-1 (rpm - security update)

Two vulnerabilities have been discovered in the RPM package manager. CVE-2013-6435 Florian Weimer discovered a race condition in package signature validation. CVE-2014-8118 Florian Weimer discovered an integer overflow in parsing CPIO headers which might result in the execution of arbitrary code...