Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Mandriva Update for pulseaudio MDVA-2008:148 (pulseaudio)

Information

Severity

Severity

Critical

Family

Family

Mandrake Local Security Checks

CVSSv2 Base

CVSSv2 Base

9.3

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

14 years ago

Modified

Modified

6 years ago

Summary

Check for the Version of pulseaudio

Insight

Insight

Some issues relating to thread cancellation have been discovered in the pulseaudio package shipped with Mandriva Linux 2009.0. These issues could result in the crash of an application acting as a pulseaudio client. This condition is greatly exacerbated when the client is unable to connect to the pulseaudio server. Due to the fact that libcanberra is used to play event sounds in GTK apps, this problem could present itself when running GTK applications as root which, under some circumstances, was unable to connect to the user's pulseaudio daemon. The problems were traced to the use of libasycns in pulseaudio and this updated package is compiled without support for this library (it is not essential to pulseaudio operation). In addition, the version of pulseaudio shipped in Mandriva Linux 2009.0 used wallclock time to determine when a misbehaving daemon was overloading the CPU (under which circumstances the daemon terminated). This can cause problems when the time is changed manually or when daylight savings kick in. This package also contains an upstream fix to use monotonic time which does not suffer from this limitation.

Affected Software

Affected Software

pulseaudio on Mandriva Linux 2009.0, Mandriva Linux 2009.0/X86_64

Solution

Solution

Please Install the Updated Packages.