%package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Thu Apr 30 18:58:44 2009 Importance: security ID: MDVSA-2009:102 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:102 %pre A vulnerability has been found and corrected in apache: mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request (CVE-2009-1191). This update provides fixes for that vulnerability. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package memcached Update: Mon May 04 11:58:37 2009 Importance: security ID: MDVSA-2009:105 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:105 %pre The process_stat function in Memcached prior 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port (CVE-2009-1255, CVE-2009-1494). The updated packages have been patched to prevent this. %description memcached is a flexible memory object caching daemon designed to alleviate database load in dynamic web applications by storing objects in memory. It's based on libevent to scale to any size needed, and is specifically optimized to avoid swapping and always use non-blocking I/O. The memcached server binary comes in two flavours: o memcached - with threading support o memcached-replication - with replication support %package lib64wmf0.2_7 lib64wmf0.2_7-devel libwmf Update: Tue May 05 20:50:07 2009 Importance: security ID: MDVSA-2009:106 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:106 %pre Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file (CVE-2009-1364). The updated packages have been patched to prevent this. %description libwmf is a library for unix like machines that can convert wmf files into other formats, currently it supports a gd binding to convert to gif, and an X one to draw direct to an X window or pixmap. %package fuse lib64fuse2 lib64fuse-devel lib64fuse-static-devel Update: Wed May 06 13:32:31 2009 Importance: bugfix ID: MDVA-2009:104 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:104 %pre FUSE default setup was requiring non privileged users to be added manually to fuse group to be able to use fuse feature and this feature was not available immediatly after fuse package installation. This package updates ensure fuse is now immediatly available after package installation and for all users on the system. %description FUSE (Filesystem in USErspace) is a simple interface for userspace programs to export a virtual filesystem to the linux kernel. FUSE also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations. %package acpid Update: Wed May 06 21:40:31 2009 Importance: security ID: MDVSA-2009:107 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:107 %pre The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop (CVE-2009-0798). The updated packages have been patched to prevent this. %description The ACPI specification defines power and system management functions for each computer, in a generic manner. The ACPI daemon coordinates the management of power and system functions when ACPI kernel support is enabled (kernel 2.3.x or later). %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Wed May 13 01:12:00 2009 Importance: security ID: MDVSA-2009:111 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:111 %pre Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.10. (CVE-2009-1302, CVE-2009-1303, CVE-2009-1304, CVE-2009-1305, CVE-2009-0652, CVE-2009-1306, CVE-2009-1307, CVE-2009-1308, CVE-2009-1309, CVE-2009-1310, CVE-2009-1311, CVE-2009-1312, CVE-2009-1313) This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package Update: Wed May 13 01:52:07 2009 Importance: bugfix ID: MDVA-2009:059 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:059 %pre This bugfix update for draxk-net fixes several minor issues with Mandriva Linux network tools: - e1000e network card was added to the list of cards requiring additional initialization time (#49335). - network adapters which do not have a complete /sysfs/ (such as b43 cards) entry are properly detected (#44740) - the NETWORKING=yes configuration is properly saved when configuring the network connection - support for broadcom-wl driver was added %description %package Update: Wed May 13 01:55:16 2009 Importance: bugfix ID: MDVA-2009:060 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:060 %pre The network-up service, shipped with Mandriva Linux 2009.0, was not waiting for the network to be available in some cases, which could lead the services which depend on it to fail starting. %description %package flex ipsec-tools lib64ipsec0 lib64ipsec-devel Update: Wed May 13 20:33:14 2009 Importance: security ID: MDVSA-2009:112 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:112 %pre racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference (CVE-2009-1574). Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update. %description This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.6 and above kernels. This package builds: - libipsec, a PFKeyV2 library - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon %package mdkonline Update: Wed May 13 21:53:37 2009 Importance: bugfix ID: MDVA-2009:063 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:063 %pre This update fixes several issues with mdkapplet. On 2009.1 PowerPack, mdkonline wrongly set up the 2009.0 restricted media instead of the 2009.1 ones (#50478). Mdkapplet checks once a day if a new distribution is availlable. When checking again for updates (every 3 hoours by default), mdkapplet forgot to warn about the new distribution. It now remembers that a new distro is availlable (#50535). When adding restricted media on PowerPack, one might have to cancel several time in some cases (#48999). Last but not least, mdkapplet won't complain when network is down if net_applet is running since the later will already warn about this. This update fixes all of those issues. %description The Mandriva Online tool allows users to be kept informed about security updates, hardware support/enhancements and other high value services. The package include : * Update daemon which allows you to install security updates automatically, * A KDE/Gnome/IceWM compliant applet for security updates notification and installation. %package openoffice.org64-voikko Update: Wed May 13 22:02:44 2009 Importance: bugfix ID: MDVA-2009:064 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:064 %pre x86_64 version of openoffice.org-voikko was missing from 2009.1. This prevented the installation of Openoffice.org Finnish language support on 64-bit systems. %description Finnish spellchecker and hyphenator component for OpenOffice.org. Usually Voikko is automatically activated after the installation. If that won't happen, you can manually activate it from the Writing Aids section of the OpenOffice.org options. %package nasm nasm-doc nasm-rdoff Update: Wed May 13 22:15:20 2009 Importance: bugfix ID: MDVA-2009:065 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:065 %pre Nasm would crash under certain conditions. This update replaces the patch that introduced the crash. %description NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax. %package cyrus-sasl lib64sasl2 lib64sasl2-devel lib64sasl2-plug-anonymous lib64sasl2-plug-crammd5 lib64sasl2-plug-digestmd5 lib64sasl2-plug-gssapi lib64sasl2-plug-ldapdb lib64sasl2-plug-login lib64sasl2-plug-ntlm lib64sasl2-plug-otp lib64sasl2-plug-plain lib64sasl2-plug-sasldb lib64sasl2-plug-sql Update: Mon May 18 10:55:17 2009 Importance: security ID: MDVSA-2009:113 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:113 %pre Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash) via strings that are used as input to the sasl_encode64 function in lib/saslutil.c (CVE-2009-0688). The updated packages have been patched to prevent this. %description SASL is the Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection. To actually use SASL you must install at least one of the libsasl2-plug-XXXX authentication plugin, such as libsasl2-plug-plain. The SQL auxprop plugin can be rebuild with different database backends: --with srp SRP support (disabled) --with mysql MySQL support (enabled) --with pgsql Postgres SQL support (disabled) --with sqlite SQLite support (disabled) %package perl-URPM Update: Mon May 18 12:49:32 2009 Importance: bugfix ID: MDVA-2009:066 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:066 %pre This update fixes several minor issues with perl-URPM: - it fixes handling of repositories with identical GPG keys (same fingerprint) but different public keys (different emails addresses associated with the key for example) Previously, urpmi.addmedia would complain about not being able to import the public key in such cases. This update fixes it. %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package gnutls lib64gnutls26 lib64gnutls-devel Update: Mon May 18 14:06:18 2009 Importance: security ID: MDVSA-2009:116 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:116 %pre Multiple vulnerabilities has been found and corrected in gnutls: lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free (CVE-2009-1415). lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key (CVE-2009-1416). gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup (CVE-2009-1417). The updated packages have been patched to prevent this. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package gnutls lib64gnutls26 lib64gnutls-devel Update: Mon May 18 14:06:39 2009 Importance: security ID: MDVSA-2009:116 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:116 %pre Multiple vulnerabilities has been found and corrected in gnutls: lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a malformed DSA key that triggers a (1) free of an uninitialized pointer or (2) double free (CVE-2009-1415). lib/gnutls_pk.c in libgnutls in GnuTLS 2.5.0 through 2.6.5 generates RSA keys stored in DSA structures, instead of the intended DSA keys, which might allow remote attackers to spoof signatures on certificates or have unspecified other impact by leveraging an invalid DSA key (CVE-2009-1416). gnutls-cli in GnuTLS before 2.6.6 does not verify the activation and expiration times of X.509 certificates, which allows remote attackers to successfully present a certificate that is (1) not yet valid or (2) no longer valid, related to lack of time checks in the _gnutls_x509_verify_certificate function in lib/x509/verify.c in libgnutls_x509, as used by (a) Exim, (b) OpenLDAP, and (c) libsoup (CVE-2009-1417). The updated packages have been patched to prevent this. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package x11-driver-video-sisimedia Update: Mon May 18 15:17:04 2009 Importance: bugfix ID: MDVA-2009:068 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:068 %pre sisimedia Xorg driver wasn't ported to the newer interfaces of version 1.6 of that X server, resulting in a failure to load the driver due to ABI mismatch. This update fixes this issue. %description x11-driver-video-sisimedia is the video driver for SiS 670 / 671 cards. These are not supported by the X.org 'sis' driver. This code is very different, so the two cannot be easily merged. %package x11-server x11-server-common x11-server-devel x11-server-xephyr x11-server-xfbdev x11-server-xnest x11-server-xorg x11-server-xsdl x11-server-xvfb x11-server-xvnc Update: Mon May 18 17:31:36 2009 Importance: bugfix ID: MDVA-2009:069 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:069 %pre A bug in Xorg 1.6 Xinerama code would case the server to crash if the user kept a key pressed on a focused window in a secondary screen. This update fixes this issue. %description X11 servers %package x11-driver-video-ati Update: Mon May 18 17:45:35 2009 Importance: bugfix ID: MDVA-2009:070 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:070 %pre When using the ati Xorg driver with two monitors attached the mouse cursor might be drawn incorrectly. This update fixes this issue. %description x11-driver-video-ati is the X.org driver for ATI Technologies. %package shared-mime-info Update: Tue May 19 09:45:44 2009 Importance: bugfix ID: MDVA-2009:072 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:072 %pre Firefox as configured in Mandriva Linux 2009.1 doesn't open PDF files with the right application if using KDE. This update makes Okular the default application for PDF files in KDE. %description This is the freedesktop.org shared MIME info database. Many programs and desktops use the MIME system to represent the types of files. Frequently, it is necessary to work out the correct MIME type for a file. This is generally done by examining the file's name or contents, and looking up the correct MIME type in a database. For interoperability, it is useful for different programs to use the same database so that different programs agree on the type of a file, and new rules for determining the type apply to all programs. This specification attempts to unify the type-guessing systems currently in use by GNOME, KDE and ROX. Only the name-to-type and contents-to-type mappings are covered by this spec; other MIME type information, such as the default handler for a particular type, or the icon to use to display it in a file manager, are not covered since these are a matter of style. In addition, freedesktop.org provides a shared database in this format to avoid inconsistencies between desktops. This database has been created by converting the existing KDE and GNOME databases to the new format and merging them together. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-mono pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Tue May 19 10:24:32 2009 Importance: bugfix ID: MDVA-2009:075 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:075 %pre Pidgin in Mandriva Linux 2009 Spring would sometimes crash if the new mail notification was closed. This update prevents the crash. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package ntp ntp-client ntp-doc Update: Tue May 19 13:36:52 2009 Importance: security ID: MDVSA-2009:117 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:117 %pre A vulnerability has been found and corrected in ntp: A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd (CVE-2009-1252). The updated packages have been patched to prevent this. %description The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package if you need tools for keeping your system's time synchronized via the NTP protocol. Note: Primary, original, big, HTML documentation, is in the package ntp-doc. %package alsa_raoppcm-kernel-2.6.29.3-desktop-1mnb alsa_raoppcm-kernel-2.6.29.3-server-1mnb alsa_raoppcm-kernel-desktop-latest alsa_raoppcm-kernel-server-latest broadcom-wl-kernel-2.6.29.3-desktop-1mnb broadcom-wl-kernel-2.6.29.3-server-1mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.29.3-desktop-1mnb em8300-kernel-2.6.29.3-server-1mnb em8300-kernel-desktop-latest em8300-kernel-server-latest fglrx-kernel-2.6.29.3-desktop-1mnb fglrx-kernel-2.6.29.3-server-1mnb fglrx-kernel-desktop-latest fglrx-kernel-server-latest hsfmodem-kernel-2.6.29.3-desktop-1mnb hsfmodem-kernel-2.6.29.3-server-1mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest hso-kernel-2.6.29.3-desktop-1mnb hso-kernel-2.6.29.3-server-1mnb hso-kernel-desktop-latest hso-kernel-server-latest kernel-2.6.29.3-1mnb kernel-desktop-2.6.29.3-1mnb kernel-desktop-devel-2.6.29.3-1mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.29.3-1mnb kernel-server-devel-2.6.29.3-1mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.29.3-1mnb kernel-source-latest kqemu-kernel-2.6.29.3-desktop-1mnb kqemu-kernel-2.6.29.3-server-1mnb kqemu-kernel-desktop-latest kqemu-kernel-server-latest libafs-kernel-2.6.29.3-desktop-1mnb libafs-kernel-2.6.29.3-server-1mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.29.3-desktop-1mnb lirc-kernel-2.6.29.3-server-1mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.29.3-desktop-1mnb lzma-kernel-2.6.29.3-server-1mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.29.3-desktop-1mnb madwifi-kernel-2.6.29.3-server-1mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest netfilter-rtsp-kernel-2.6.29.3-desktop-1mnb netfilter-rtsp-kernel-2.6.29.3-server-1mnb netfilter-rtsp-kernel-desktop-latest netfilter-rtsp-kernel-server-latest nouveau-kernel-2.6.29.3-desktop-1mnb nouveau-kernel-2.6.29.3-server-1mnb nouveau-kernel-desktop-latest nouveau-kernel-server-latest nvidia173-kernel-2.6.29.3-desktop-1mnb nvidia173-kernel-2.6.29.3-server-1mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.29.3-desktop-1mnb nvidia96xx-kernel-2.6.29.3-server-1mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.29.3-desktop-1mnb nvidia-current-kernel-2.6.29.3-server-1mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest opencbm-kernel-2.6.29.3-desktop-1mnb opencbm-kernel-2.6.29.3-server-1mnb opencbm-kernel-desktop-latest opencbm-kernel-server-latest rt2870-kernel-2.6.29.3-desktop-1mnb rt2870-kernel-2.6.29.3-server-1mnb rt2870-kernel-desktop-latest rt2870-kernel-server-latest squashfs-kernel-2.6.29.3-desktop-1mnb squashfs-kernel-2.6.29.3-server-1mnb squashfs-kernel-desktop-latest squashfs-kernel-server-latest squashfs-lzma-kernel-2.6.29.3-desktop-1mnb squashfs-lzma-kernel-2.6.29.3-server-1mnb squashfs-lzma-kernel-desktop-latest squashfs-lzma-kernel-server-latest tp_smapi-kernel-2.6.29.3-desktop-1mnb tp_smapi-kernel-2.6.29.3-server-1mnb tp_smapi-kernel-desktop-latest tp_smapi-kernel-server-latest vboxadditions-kernel-2.6.29.3-desktop-1mnb vboxadditions-kernel-2.6.29.3-server-1mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest vhba-kernel-2.6.29.3-desktop-1mnb vhba-kernel-2.6.29.3-server-1mnb vhba-kernel-desktop-latest vhba-kernel-server-latest virtualbox-kernel-2.6.29.3-desktop-1mnb virtualbox-kernel-2.6.29.3-server-1mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.29.3-desktop-1mnb vpnclient-kernel-2.6.29.3-server-1mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Tue May 19 18:55:19 2009 Importance: security ID: MDVSA-2009:119 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:119 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies the exit_signal field and then uses an exec system call to launch a setuid application. (CVE-2009-1337) The selinux_ip_postroute_iptables_compat function in security/selinux/hooks.c in the SELinux subsystem in the Linux kernel before 2.6.27.22, and 2.6.28.x before 2.6.28.10, when compat_net is enabled, omits calls to avc_has_perm for the (1) node and (2) port, which allows local users to bypass intended restrictions on network traffic. NOTE: this was incorrectly reported as an issue fixed in 2.6.27.21. (CVE-2009-1184) drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 does not zero out pages that may later be available to a user-space process, which allows local users to obtain sensitive information by reading these pages. (CVE-2009-1192) Integer overflow in rose_sendmsg (sys/net/af_rose.c) in the Linux kernel 2.6.24.4, and other versions before 2.6.30-rc1, might allow remote attackers to obtain sensitive information via a large length value, which causes garbage memory to be sent. (CVE-2009-1265) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package rpmdrake Update: Wed May 20 08:39:05 2009 Importance: bugfix ID: MDVA-2009:078 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:078 %pre This update fixes several issues with rpmdrake: - it fixes listing one non installed package as installed in the packages per medium view (#50276) - it fixes a translation error that broke menu structure when using the swedish translation (#49989) - it fixes rpmdrake now showing updates whereas MandrivaUpdate does (#47305) - the graphical program list was updated and now list a couple missing packages (vmware, picasa, ...) (#50379) - it also prevents it from crashing when run as user %description This package contains the Mandriva graphical software manipulation tools. Rpmdrake provides a simple interface that makes it easy to install and remove software. MandrivaUpdate is a single-purpose application for keeping your system up to date with the latest official updates. There is also a tool for configuring package sources (medias), which can be run independently or accessed from within rpmdrake. %package drakguard Update: Thu May 21 05:08:55 2009 Importance: bugfix ID: MDVA-2009:079 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:079 %pre Parental control application available in Mandriva Linux was not detecting the previously configured parental control level correctly. This update fixes this issue. %description This tool allows to configure parental control. It can block access to web sites and restrict connection during a specified timeframe. %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel openssl Update: Thu May 21 15:01:45 2009 Importance: security ID: MDVSA-2009:120 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:120 %pre Multiple security vulnerabilities has been identified and fixed in OpenSSL: The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of future epoch DTLS records that are buffered in a queue, aka DTLS record buffer limitation bug. (CVE-2009-1377) Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka DTLS fragment handling memory leak. (CVE-2009-1378) The updated packages have been patched to prevent this. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lcms lib64lcms1 lib64lcms-devel python-lcms Update: Thu May 21 20:09:51 2009 Importance: security ID: MDVSA-2009:121 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:121 %pre Multiple security vulnerabilities has been identified and fixed in Little cms: A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file (CVE-2009-0581). Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow (CVE-2009-0723). Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel (CVE-2009-0733). A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file (CVE-2009-0793). This update provides fixes for these issues. %description Little cms is a color management library. Implements fast transforms between ICC profiles. It is focused on speed, and is portable across several platforms. %package strace Update: Mon May 25 18:53:56 2009 Importance: bugfix ID: MDVA-2009:080 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:080 %pre A memory handling error in strace could lead to crashes when handling certain applications. This updated package fixes this issue. %description The strace program intercepts and records the system calls called and received by a running process. Strace can print a record of each system call, its arguments and its return value. Strace is useful for diagnosing problems and debugging, as well as for instructional purposes. Install strace if you need a tool to track the system calls made and received by a process. %package x11-server x11-server-common x11-server-devel x11-server-xephyr x11-server-xfbdev x11-server-xnest x11-server-xorg x11-server-xsdl x11-server-xvfb x11-server-xvnc Update: Tue May 26 11:01:13 2009 Importance: bugfix ID: MDVA-2009:081 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:081 %pre Due to a wrong guess of resource types in the X server, some applications would be terminated with a BadName protocol error when the server was configured to use xfs (X font server). This update fixes this issue. %description X11 servers %package quassel quassel-client quassel-common quassel-core Update: Tue May 26 11:06:33 2009 Importance: bugfix ID: MDVA-2009:082 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:082 %pre On mandriva 2009.1 the default channel for auto-join at startup was #mandriva-cooker, this update changes the default auto-join channel to #mandriva. %description Quassel IRC is a modern, cross-platform, distributed IRC client, meaning that one (or multiple) client(s) can attach to and detach from a central core -- much like the popular combination of screen and a text-based IRC client such as WeeChat, but graphical. In addition to this uniqe feature, we aim to bring a pleasurable, comfortable chatting experience to all major platforms (including Linux®, Windows®, and MacOS X® as well as Qtopia-based cell phones and PDAs), making communication with your peers not only convenient, but also ubiquitous available. %package armagetron Update: Tue May 26 11:19:22 2009 Importance: bugfix ID: MDVA-2009:083 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:083 %pre Armagetron crashes when the users try to play online (except for the first connexion). This update fixes the crash so that users can play online again. %description Another very nice and networked Tron game using OpenGL. Armagetron Advanced is the continuation of the original Armagetron game. %package lib64opensc2 lib64opensc-devel mozilla-plugin-opensc opensc Update: Wed May 27 18:12:18 2009 Importance: security ID: MDVSA-2009:123 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:123 %pre src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted (CVE-2009-1603). The updated packages fix the issue. %description opensc is a library for accessing smart card devices using PC/SC Lite middleware package. It is also the core library of the OpenSC project. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the SmartCard is at the moment possible only with PKCS #15 compatible cards. %package x11-driver-video-intel x11-driver-video-intel-fast-i830 Update: Wed May 27 18:36:11 2009 Importance: bugfix ID: MDVA-2009:084 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:084 %pre The intel graphics driver shipped in 2009.1 was the 2.7.0 version which has turned out to be somewhat unstable on some systems (this was still more stable overall than earlier versions, but hardly any consolation to those having problems!). This updates the package to the 2.7.1 version recently released by intel and fixes several crashers. The number of changes is quite small, so hopefully minimises any chances of unexpected regressions. Here follows the advisory text from the upstream Intel maintainers: This is a maintenance release on the 2.7 branch. Compared to 2.7.0 it consists only of a few carefully hand-picked fixes for bugs, (including GPU crashers). We encourage all users of 2.7.0 to upgrade to 2.7.1. We have verified that several of the reported bugs of GPU crashes, (mouse continues to move, but otherwise X is totally unresponsive), are fixed with the commit by Keith Packard in 2.7.1 to correct the computation of the batch space required. If you have previously reported a GPU-crash bug in bugs.freedesktop.org, please test with 2.7.1 and report your findings in the bug. If the crash is fixed, please celebrate with us! If the crash persists, please attach the output of intel_gpu_dump available here (and hopefully packaged in your distribution of choice soon) Please note that the intel_gpu_dump utility refered to above is now available for 2009.1 via contrib/updates in the intel-gpu-tools pacakge. %description x11-driver-video-intel is the X.org driver for Intel video chipsets. %package lib64mesagl1 lib64mesagl1-devel lib64mesaglu1 lib64mesaglu1-devel lib64mesaglut3 lib64mesaglut3-devel lib64mesaglw1 lib64mesaglw1-devel mesa mesa-common-devel mesa-demos mesa-source Update: Thu May 28 13:55:17 2009 Importance: bugfix ID: MDVA-2009:085 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:085 %pre A bug in mesa would cause hardware accelerated yuv conversion to fail, resulting in videos being displayed with wrong colors while using a gl video output driver. This update fixes this issue. %description Mesa is an OpenGL 2.1 compatible 3D graphics library. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sun May 31 14:07:24 2009 Importance: security ID: MDVSA-2009:124 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:124 %pre Multiple vulnerabilities has been found and corrected in apache: Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm (CVE-2008-1678). Note that this security issue does not really apply as zlib compression is not enabled in the openssl build provided by Mandriva, but apache is patched to address this issue anyway (conserns 2008.1 only). Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). Note that this security issue was initially addressed with MDVSA-2008:195 but the patch fixing the issue was added but not applied in 2009.0. The Apache HTTP Server 2.2.11 and earlier 2.2 versions does not properly handle Options=IncludesNOEXEC in the AllowOverride directive, which allows local users to gain privileges by configuring (1) Options Includes, (2) Options +Includes, or (3) Options +IncludesNOEXEC in a .htaccess file, and then inserting an exec element in a .shtml file (CVE-2009-1195). This update provides fixes for these vulnerabilities. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Sun May 31 18:48:24 2009 Importance: security ID: MDVSA-2009:125 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:125 %pre A vulnerability has been identified and corrected in wireshark: o Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets (CVE-2009-1829). This update provides Wireshark 1.0.8, which is not vulnerable to this issue. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package sudo Update: Sun May 31 19:06:32 2009 Importance: bugfix ID: MDVA-2009:086 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:086 %pre The version of sudo shipped with 2009.1 has an incorrect path to /etc/ldap.conf compiled in. This means that users who have their sudo config supplied by their ldap server will find their rules no longer apply. This updated package uses the correct /etc/ldap.conf file. See http://www.sudo.ws/sudo/readme_ldap.html for more information on configuring sudo with ldap. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package eggdrop Update: Mon Jun 01 22:03:40 2009 Importance: security ID: MDVSA-2009:126 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:126 %pre mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807 (CVE-2009-1789). %description Eggdrop is an IRC bot, written in C. If you don't know what IRC is, this is probably not whatever you're looking for! Eggdrop, being a bot, sits on a channel and takes protective measures: to keep the channel from being taken over (in the few ways that anything CAN), to recognize banished users or sites and reject them, to recognize privileged users and let them gain ops, etc. %package flash-kde4-config free-kde4-config mandriva-kde4-config-common mandriva-kdm4-config one-kde4-config powerpack-kde4-config Update: Wed Jun 03 11:42:36 2009 Importance: bugfix ID: MDVA-2009:087 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:087 %pre This update introduces the kde4 artwork for the upcoming Mandriva 2009 Spring Flash version. %description This package regroups all specific Mandriva config file for KDE. (kicker config etc.) %package rpmdrake Update: Wed Jun 03 11:52:12 2009 Importance: bugfix ID: MDVA-2009:088 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:088 %pre This update fixes one issues with MandrivaUpdate: in previous update, a fix wrongly break the displaying of update descriptions & reasons. %description This package contains the Mandriva graphical software manipulation tools. Rpmdrake provides a simple interface that makes it easy to install and remove software. MandrivaUpdate is a single-purpose application for keeping your system up to date with the latest official updates. There is also a tool for configuring package sources (medias), which can be run independently or accessed from within rpmdrake. %package lib64modplug0 lib64modplug-devel Update: Thu Jun 04 16:12:37 2009 Importance: security ID: MDVSA-2009:128 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:128 %pre Multiple security vulnerabilities has been identified and fixed in libmodplug: Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow (CVE-2009-1438). Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name (CVE-2009-1513). The updated packages have been patched to prevent this. %description Olivier Lapicque, author of Modplug, which is arguably the best quality MOD-playing software available, has placed his sound rendering code in the public domain. This library and plugin is based on that code. It can play 22 different mod formats, including: MOD, S3M, XM, IT, 669, AMF (both of them), AMS, DBM, DMF, DSM, FAR, MDL, MED, MTM, OKT, PTM, STM, ULT, UMX, MT2, PSM %package file lib64magic1 lib64magic-devel lib64magic-static-devel python-magic Update: Fri Jun 05 10:08:21 2009 Importance: security ID: MDVSA-2009:129 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:129 %pre A security vulnerability has been identified and fixed in file: Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file. NOTE: some of these details are obtained from third party information (CVE-2009-1515). This update provides file-5.03, which is not vulnerable to this, and other unspecified issues. %description The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. You should install the file package, since the file command is such a useful utility. %package libbdevid-python mkinitrd mkinitrd-devel nash Update: Fri Jun 05 12:25:15 2009 Importance: bugfix ID: MDVA-2009:090 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:090 %pre This update fixes a minor issue with mkinitrd: - mount options for non-NFS mounts are ignored by the nash mount program %description mkinitrd creates filesystem images for use as initial ram filesystem (initramfs) images. These images are used to find and mount the root filesystem. %package gedit-plugins Update: Fri Jun 05 13:34:44 2009 Importance: bugfix ID: MDVA-2009:091 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:091 %pre The embedded terminal plugin was not included in gedit-plugins. The updated package was adjusted to include it. %description gEdit is a small but powerful text editor designed expressly for GNOME. It includes such features as split-screen mode, a plugin API, which allows gEdit to be extended to support many features while remaining small at its core, multiple document editing through the use of a 'tabbed' notebook and many more functions. This package contains some extra plugins for gEdit, extending gEdit functionality. %package gstreamer0.10-aalib gstreamer0.10-caca gstreamer0.10-dv gstreamer0.10-esound gstreamer0.10-flac gstreamer0.10-plugins-good gstreamer0.10-pulse gstreamer0.10-raw1394 gstreamer0.10-soup gstreamer0.10-speex gstreamer0.10-wavpack Update: Fri Jun 05 19:35:39 2009 Importance: security ID: MDVSA-2009:130 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:130 %pre Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow (CVE-2009-1932). %description GStreamer is a streaming-media framework, based on graphs of filters which operate on media data. Applications using this library can do anything from real-time sound processing to playing videos, and just about anything else media-related. Its plugin-based architecture means that new data types or processing capabilities can be added simply by installing new plug-ins. This package contains a set of plug-ins that are considered to have good quality code, correct functionality, the preferred license (LGPL for the plug-in code, LGPL or LGPL-compatible for the supporting library). People writing elements should base their code on these elements. %package apr-util-dbd-freetds apr-util-dbd-ldap apr-util-dbd-mysql apr-util-dbd-odbc apr-util-dbd-pgsql apr-util-dbd-sqlite3 lib64apr-util1 lib64apr-util-devel Update: Sat Jun 06 21:15:44 2009 Importance: security ID: MDVSA-2009:131 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:131 %pre Multiple security vulnerabilities has been identified and fixed in apr-util: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2) the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2 module for the Apache HTTP Server, or (4) an application that uses the libapreq2 library, related to an underflow flaw. (CVE-2009-0023). The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document containing a large number of nested entity references, as demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564 (CVE-2009-1955). Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input (CVE-2009-1956). The updated packages have been patched to prevent this. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. %package codeina Update: Sun Jun 07 11:28:44 2009 Importance: bugfix ID: MDVA-2009:092 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:092 %pre A bug in codeina could prevent its cache to not be flushed properly on errors, preventing it to work properly if a erronous file was downloaded previously. This package update fixes this issue and increase startup delay to 30s to improve login time. %description Codeina installs codecs from the Fluendo webshop or distribution package for GStreamer. %package lib64sndfile1 lib64sndfile-devel lib64sndfile-static-devel libsndfile-progs Update: Sun Jun 07 15:10:54 2009 Importance: security ID: MDVSA-2009:132 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:132 %pre Multiple vulnerabilities has been found and corrected in libsndfile: Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value (CVE-2009-1788). Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value (CVE-2009-1791). This update provides fixes for these vulnerabilities. %description libsndfile is a C library for reading and writing sound files such as AIFF, AU and WAV files through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Wed Jun 10 15:12:23 2009 Importance: bugfix ID: MDVA-2009:095 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:095 %pre The CVE-2009-1195 patch broke the mod_perl build. Patches from upstream svn has been applied to this update that fixes the issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package perl-MDK-Common Update: Wed Jun 10 17:30:47 2009 Importance: bugfix ID: MDVA-2009:096 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:096 %pre Mandriva system library (perl-MDK-Common) was not handling configuration files that had '#' character inside parameters correctly. This update fixes the issue. %description Various simple functions created for DrakX %package drakx-net drakx-net-text libdrakx-net Update: Wed Jun 10 17:33:31 2009 Importance: bugfix ID: MDVA-2009:097 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:097 %pre This bugfix update to drakx-net fixes a number of issues: - wireless passwords with '#' character were not properly handled (bug #50670) - wireless connection settings were not preserved for different connections (bug #46010) - when configuring Advanced Settings in draknetcenter, some variables were not written correctly (bug #50807). - e1000e card was added to the list of cards requiring additional delay for detecting network connectivity (bug #49335). - Cingular connection provider was added (bug #48849). - support for AVAHI/mDNS ports was added to drakfirewall (bug #50541). - translations were updated. %description This package contains the Mandriva network tools. net_applet: applet to check network connection net_monitor: connection monitoring %package ntp ntp-client ntp-doc Update: Wed Jun 10 19:54:07 2009 Importance: bugfix ID: MDVA-2009:099 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:099 %pre This bugfix release makes it possible to pass additional options to the ntpdate utility and for the releases lacking it the ntpd server by utilizing the /etc/sysconfig/ntpd file while starting the ntp service. %description The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package if you need tools for keeping your system's time synchronized via the NTP protocol. Note: Primary, original, big, HTML documentation, is in the package ntp-doc. %package lib64udev0 lib64udev0-devel lib64volume_id1 lib64volume_id1-devel udev udev-doc Update: Fri Jun 12 09:54:20 2009 Importance: bugfix ID: MDVA-2009:107 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:107 %pre udev network hotplug scripts before this update doesn't ignore tmpbridge interface, created by xen network-bridge script. This makes bridged xen network setup to fail. The update addresses the issue, making network hotplug ignore tmpbridge interface. Affects only xen users using bridges for network setup. %description Udev is an implementation of devfs/devfsd in userspace using sysfs and /sbin/hotplug. It requires a 2.6 kernel to run properly. Like devfs, udev dynamically creates and removes device nodes from /dev/. It responds to /sbin/hotplug device events. %package lib64x11_6 lib64x11_6-devel lib64x11_6-static-devel libx11-common Update: Fri Jun 12 13:25:13 2009 Importance: bugfix ID: MDVA-2009:108 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:108 %pre Due to a interface change in version 1.2 of the xcb library, programs depending on libx11 would not be able to run without the proper version of that library. But libx11 package did not require this version explicitly allowing that this package to be installed with a wrong version of libxcb. This update fixes this issue. %description libx11 contains the shared libraries that most X programs need to run properly. These shared libraries are in a separate package in order to reduce the disk space needed to run X applications on a machine without an X server (i.e, over a network). %package lemon lib64sqlite3_0 lib64sqlite3-devel lib64sqlite3-static-devel sqlite3-tools tcl-sqlite3 Update: Tue Jun 16 01:43:09 2009 Importance: bugfix ID: MDVA-2009:111 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:111 %pre This update provides latest sqlite3 package, which is required by Firefox 3.0.11 and xulrunner 1.9.0.11 update. %description SQLite is a C library that implements an embeddable SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. The distribution comes with a standalone command-line access program (sqlite) that can be used to administer an SQLite database and which serves as an example of how to use the SQLite library. %package irssi irssi-devel irssi-perl Update: Tue Jun 16 12:53:42 2009 Importance: security ID: MDVSA-2009:133 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:133 %pre A vulnerability has been found and corrected in irssi: Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service (crash) via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow (CVE-2009-1959). This update provides fixes for this vulnerability. %description Irssi is a modular and flexible IRC client for UNIX that has only a text mode user interface (but as 80-90% of the code isn't text mode specific, other UIs could be created pretty easily). Also, Irssi isn't really even IRC specific anymore, there are already working SILC and ICB modules available. Support for other protocols like ICQ and Jabber could be created some day too. Irssi is one of the most popular IRC clients at the moment. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Wed Jun 17 14:47:35 2009 Importance: security ID: MDVSA-2009:134 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:134 %pre Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.x: CVE-2009-1392: Firefox browser engine crashes CVE-2009-1832: Firefox double frame construction flaw CVE-2009-1833: Firefox JavaScript engine crashes CVE-2009-1834: Firefox URL spoofing with invalid unicode characters CVE-2009-1835: Firefox Arbitrary domain cookie access by local file: resources CVE-2009-1836: Firefox SSL tampering via non-200 responses to proxy CONNECT requests CVE-2009-1837: Firefox Race condition while accessing the private data of a NPObject JS wrapper class object CVE-2009-1838: Firefox arbitrary code execution flaw CVE-2009-1839: Firefox information disclosure flaw CVE-2009-1840: Firefox XUL scripts skip some security checks CVE-2009-1841: Firefox JavaScript arbitrary code execution CVE-2009-2043: firefox - remote TinyMCE denial of service CVE-2009-2044: firefox - remote GIF denial of service CVE-2009-2061: firefox - man-in-the-middle exploit CVE-2009-2065: firefox - man-in-the-middle exploit This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package drakx-net drakx-net-text libdrakx-net Update: Thu Jun 18 01:47:52 2009 Importance: bugfix ID: MDVA-2009:112 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:112 %pre In some cases, the wpa_supplicant configuration file would not be read correctly by drakx-net, mostly with WPA-Enterprise networks. This update fixes the issue. %description This package contains the Mandriva network tools. net_applet: applet to check network connection net_monitor: connection monitoring %package lib64rpm4.6 lib64rpm-devel python-rpm rpm rpm-build Update: Thu Jun 18 11:07:26 2009 Importance: bugfix ID: MDVA-2009:113 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:113 %pre This update fixes a minor issue with rpm: - mdvsys mass-update can segfault when parsing the %apply_patches macros through librpm (bug #50579) %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package logcheck Update: Thu Jun 18 11:17:36 2009 Importance: bugfix ID: MDVA-2009:114 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:114 %pre The logcheck package shipped in mandriva 2009.1 had two issues, preventing it to run properly: - its configuration directory (/etc/logcheck) is not readable with the identity used for running logcheck - it uses run-parts utility with unsupported --list option %description Logcheck is a software package that is designed to automatically run and check system log files for security violations and unusual activity. Logcheck utilizes a program called logtail that remembers the last position it read from in a log file and uses this position on subsequent runs to process new information. All source code is available for review and the implementation was kept simple to avoid problems. This package is a clone of the frequentcheck.sh script from the Trusted Information Systems Gauntlet(tm) firewall package. TIS has granted permission for me to clone this package. %package lib64webkitgtk1.0_2 lib64webkitgtk1.0-devel webkit1.0-webinspector webkit-gtklauncher webkit-jsc Update: Thu Jun 18 12:10:06 2009 Importance: bugfix ID: MDVA-2009:115 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:115 %pre Webkit shipped in 2009.1 has a bug that closes The Gimp help-browser plugin, this update fixes this issue. %description WebKit is an open source web browser engine. %package ruby-RubyGems Update: Thu Jun 18 13:28:14 2009 Importance: bugfix ID: MDVA-2009:117 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:117 %pre On x86_64, rubygems assumes that the gem installation path is in /usr/lib64/ruby. This is problematic because all of the Mandriva ruby-* packages install their rb files under /usr/lib/ruby regardless of the machine architecture; rubygems consequently cannot find any of the installed gems. This update fixes this issue. %description RubyGems is the Ruby standard for publishing and managing third party libraries. %package java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-plugin java-1.6.0-openjdk-src rhino rhino-demo rhino-javadoc rhino-manual Update: Fri Jun 19 16:41:43 2009 Importance: security ID: MDVSA-2009:137 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:137 %pre Multiple security vulnerabilities has been identified and fixed in Little cms library embedded in OpenJDK: A memory leak flaw allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted image file (CVE-2009-0581). Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow (CVE-2009-0723). Multiple stack-based buffer overflows allow remote attackers to execute arbitrary code via a crafted image file associated with a large integer value for the (1) input or (2) output channel (CVE-2009-0733). A flaw in the transformations of monochrome profiles allows remote attackers to cause denial of service triggered by a NULL pointer dereference via a crafted image file (CVE-2009-0793). Further security fixes in the JRE and in the Java API of OpenJDK: A flaw in handling temporary font files by the Java Virtual Machine (JVM) allows remote attackers to cause denial of service (CVE-2006-2426). An integer overflow flaw was found in Pulse-Java when handling Pulse audio source data lines. An attacker could use this flaw to cause an applet to crash, leading to a denial of service (CVE-2009-0794). A flaw in Java Runtime Environment initialized LDAP connections allows authenticated remote users to cause denial of service on the LDAP service (CVE-2009-1093). A flaw in the Java Runtime Environment LDAP client in handling server LDAP responses allows remote attackers to execute arbitrary code on the client side via malicious server response (CVE-2009-1094). Buffer overflows in the the Java Runtime Environment unpack200 utility allow remote attackers to execute arbitrary code via an crafted applet (CVE-2009-1095, CVE-2009-1096). A buffer overflow in the splash screen processing allows a attackers to execute arbitrary code (CVE-2009-1097). A buffer overflow in GIF images handling allows remote attackers to execute arbitrary code via an crafted GIF image (CVE-2009-1098). A flaw in the Java API for XML Web Services (JAX-WS) service endpoint handling allows remote attackers to cause a denial of service on the service endpoint's server side (CVE-2009-1101). A flaw in the Java Runtime Environment Virtual Machine code generation allows remote attackers to execute arbitrary code via a crafted applet (CVE-2009-1102). This update provides fixes for these issues. Update: java-1.6.0-openjdk requires rhino packages and these has been further updated. %description Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically embedded into Java applications to provide scripting to end users. This version contains Dojo's JavaScript compression patch. This version does not contain E4X due to missing xmlbeans/xbean.jar. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-eclipse tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Mon Jun 22 22:56:27 2009 Importance: security ID: MDVSA-2009:136 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:136 %pre Multiple security vulnerabilities has been identified and fixed in tomcat5: Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, 6.0.0 through 6.0.18, and possibly earlier versions normalizes the target pathname before filtering the query string when using the RequestDispatcher method, which allows remote attackers to bypass intended access restrictions and conduct directory traversal attacks via .. (dot dot) sequences and the WEB-INF directory in a Request (CVE-2008-5515). Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when the Java AJP connector and mod_jk load balancing are used, allows remote attackers to cause a denial of service (application outage) via a crafted request with invalid headers, related to temporary blocking of connectors that have encountered errors, as demonstrated by an error involving a malformed HTTP Host header (CVE-2009-0033). Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18, when FORM authentication is used, allows remote attackers to enumerate valid usernames via requests to /j_security_check with malformed URL encoding of passwords, related to improper error checking in the (1) MemoryRealm, (2) DataSourceRealm, and (3) JDBCRealm authentication realms, as demonstrated by a % (percent) value for the j_password parameter (CVE-2009-0580). The calendar application in the examples web application contains an XSS flaw due to invalid HTML which renders the XSS filtering protection ineffective (CVE-2009-0781). Apache Tomcat 4.1.0 through 4.1.39, 5.5.0 through 5.5.27, and 6.0.0 through 6.0.18 permits web applications to replace an XML parser used for other web applications, which allows local users to read or modify the (1) web.xml, (2) context.xml, or (3) tld files of arbitrary web applications via a crafted application that is loaded earlier than the target application (CVE-2009-0783). The updated packages have been patched to prevent this. Additionally Apache Tomcat has been upgraded to the latest 5.5.27 version for 2009.0. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package lib64torrent-rasterbar1 lib64torrent-rasterbar-devel python-libtorrent-rasterbar Update: Wed Jun 24 13:53:24 2009 Importance: security ID: MDVSA-2009:139 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:139 %pre A security vulnerability has been identified and corrected in libtorrent-rasterbar: Directory traversal vulnerability in src/torrent_info.cpp in Rasterbar libtorrent before 0.14.4, as used in firetorrent, qBittorrent, deluge Torrent, and other applications, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) and partial relative pathname in a Multiple File Mode list element in a .torrent file (CVE-2009-1760). The updated packages have been patched to prevent this. %description libtorrent-rasterbar is a C++ library that aims to be a good alternative to all the other bittorrent implementations around. It is a library and not a full featured client. It is not the same as the other libtorrent, as used by the 'rtorrent' application, that is in the 'libtorrent' package. The two are completely different and incompatible. %package yelp Update: Fri Jun 26 13:56:22 2009 Importance: bugfix ID: MDVA-2009:119 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:119 %pre The Yelp help browser shipped with Mandriva 2009 Spring was built without support for LZMA compression. As this is needed to view the compressed manual and GNU Info pages, LZMA support was enabled in this update. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package dkms-lzma lib64lzmadec0 lib64lzmadec-devel Update: Fri Jun 26 14:06:02 2009 Importance: bugfix ID: MDVA-2009:119-1 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:119-1 %pre The Yelp help browser shipped with Mandriva 2009 Spring was built without support for LZMA compression. As this is needed to view the compressed manual and GNU Info pages, LZMA support was enabled in this update. Update: On the previous yelp update we added a require on liblzmadec0 for i586 and lib64lzmadec for x86_64. This fixes the update, which would not work via MandrivaUpdate. %description LZMA provides very high compression ratio and fast decompression. The core of the LZMA utils is Igor Pavlov's LZMA SDK containing the actual LZMA encoder/decoder. LZMA utils add a few scripts which provide gzip-like command line interface and a couple of other LZMA related tools. Also provides: - Average compression ratio 30% better than that of gzip and 15% better than that of bzip2. - Decompression speed is only little slower than that of gzip, being two to five times faster than bzip2. - In fast mode, compresses faster than bzip2 with a comparable compression ratio. - Achieving the best compression ratios takes four to even twelve times longer than with bzip2. However. this doesn't affect decompressing speed. - Very similar command line interface than what gzip and bzip2 have. %package aspell-nb Update: Fri Jun 26 14:15:55 2009 Importance: bugfix ID: MDVA-2009:120 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:120 %pre The outdated aspell-no package was deprecated due to change of the 'no' (Norwegian) language code to 'nb' (Norwegian Bokml) resulting in breakage with tools attempting to use the 'nb' dictionary. %description A Norwegian Bokmaal dictionary for use with aspell, a spelling checker. %package lib64pulseaudio0 lib64pulseaudio-devel lib64pulseglib20 lib64pulsezeroconf0 pulseaudio pulseaudio-esound-compat pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils Update: Fri Jun 26 14:44:10 2009 Importance: bugfix ID: MDVA-2009:121 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:121 %pre Multiple bugs has been identified and corrected in pulseaudio: - alsa: allow configuration of fallback device strings in profiles util: if NULL is passed to pa_path_get_filename() just hand it through alsa: don't hit an assert when invalid module arguments are passed - alsa: fix wording, we are speaking of card profiles, not output profiles - alsa: initialize buffer size before number of periods to improve compat with some backends - conf: remove obsolete module-idle-time directive from default config file/man page - core: make sure soft mute status stays in sync with hw mute status endian: fix LE/BE order for 24 bit accessor functions - log: print file name only when we have it - man: document 24bit sample types in man page - man: document log related daemon.conf options - man: document that tsched doesn't use fragment settings - mutex: when we fail to fill in mutex into static mutex ptr free it again - oss: don't deadlock when we try to resume an OSS device that lacks a mixer - simple-protocol: don't hit an assert when we call connection_unlink() early - idxset: add enumeration macro PA_IDXSET_FOREACH - rescue-streams: when one stream move fails try to continue with the remaining ones - sample: correctly pass s24-32 formats - sample-util: fix iteration loop when adjusting volume of s24 samples - sample-util: properly allocate silence block for s24-32 formats - sconv: fix a few minor conversion issues - alsa: be a bit more verbose when a hwparam call fails - rescue: make we don't end up in an endless loop when we can't move a sink input - core: introduce pa_{sink,source}_set_fixed_latency() - core: cache requested latency only when we are running, not while we are still constructing - sample: fix build on BE archs - alsa: properly convert return values of snd_strerror() to utf8 - alsa: remove debug codeAdditional In addition to these fixes, several patches were recommended by upstream and QAed with help from Mandriva volunteers. These patches are also included. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (EsounD). In addition to the features EsounD provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ro mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-ga mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-moztraybiff mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Fri Jun 26 15:51:28 2009 Importance: security ID: MDVSA-2009:083 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:083 %pre A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21 (CVE-2009-0040, CVE-2009-0776, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0352, CVE-2009-0353). This update provides the latest Thunderbird to correct these issues. Additionaly, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architechture, would freeze whenever any Enigmail function was used (bug #45001). Also, when used on i586 architecture, Thunderbird would crash when sending an email, if a file with an unknown extension was attached to it. (bug #46107) This update also fixes those issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package jasper lib64jasper1 lib64jasper-devel lib64jasper-static-devel Update: Fri Jun 26 20:51:54 2009 Importance: security ID: MDVSA-2009:142 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:142 %pre Multiple security vulnerabilities has been identified and fixed in jasper: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert (CVE-2007-2721). Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation (CVE-2008-3520). The jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to overwrite arbitrary files via a symlink attack on a tmp.XXXXXXXXXX temporary file (CVE-2008-3521). Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (CVE-2008-3522). The updated packages have been patched to prevent this. %description JasPer is a software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1). This package contains tools for working with JPEG-2000 images. %package ghostscript ghostscript-common ghostscript-doc ghostscript-dvipdf ghostscript-module-X ghostscript-X lib64gs8 lib64gs8-devel lib64ijs1 lib64ijs1-devel Update: Sat Jun 27 17:53:37 2009 Importance: security ID: MDVSA-2009:144 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:144 %pre Multiple security vulnerabilities has been identified and fixed in ghostscript: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation (CVE-2008-3520). Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (CVE-2008-3522). Previousely the ghostscript packages were statically built against a bundled and private copy of the jasper library. This update makes ghostscript link against the shared system jasper library which makes it easier to address presumptive future security issues in the jasper library. %description Ghostscript is a set of software tools that provide a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped and vector formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. You should install ghostscript if you need to display PostScript or PDF files, or if you have a non-PostScript printer. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sun Jun 28 16:37:04 2009 Importance: security ID: MDVSA-2009:145 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:145 %pre A vulnerability has been found and corrected in PHP: - Fixed upstream bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package timezone timezone-java Update: Mon Jun 29 16:19:11 2009 Importance: normal ID: MDVA-2009:122 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:122 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-mono pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Tue Jun 30 19:13:36 2009 Importance: security ID: MDVSA-2009:147 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:147 %pre Security vulnerabilities has been identified and fixed in pidgin: Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information (CVE-2009-1373). Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet (CVE-2009-1374). The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol (CVE-2009-1375). Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows. NOTE: this issue exists because of an incomplete fix for CVE-2008-2927 (CVE-2009-1376). This update provides pidgin 2.5.8, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package akonadi-common akonadi-devel akregator amarok amarok-scripts amarok-utils amor ark blinken bomber bovo cervisia dolphin dragonplayer falcon-kde4 flash-kde4-config free-kde4-config gwenview juk kaddressbook kalarm kalgebra kalzium kamera kanagram kapman kappfinder kapptemplate kate katomic kbattleship kblackbox kblocks kbounce kbreakout kbruch kbugbuster kcachegrind kcalc kcharselect kcolorchooser kcron kde4-audiocd kde4-filesharing kde4-l10n-ar kde4-l10n-bg kde4-l10n-ca kde4-l10n-cs kde4-l10n-csb kde4-l10n-da kde4-l10n-de kde4-l10n-el kde4-l10n-en_GB kde4-l10n-es kde4-l10n-et kde4-l10n-eu kde4-l10n-fi kde4-l10n-fr kde4-l10n-ga kde4-l10n-gl kde4-l10n-gu kde4-l10n-he kde4-l10n-hi kde4-l10n-hu kde4-l10n-is kde4-l10n-it kde4-l10n-ja kde4-l10n-kk kde4-l10n-km kde4-l10n-kn kde4-l10n-ko kde4-l10n-ku kde4-l10n-lt kde4-l10n-lv kde4-l10n-mai kde4-l10n-mk kde4-l10n-ml kde4-l10n-nb kde4-l10n-nds kde4-l10n-nl kde4-l10n-nn kde4-l10n-pa kde4-l10n-pl kde4-l10n-pt kde4-l10n-pt_BR kde4-l10n-ro kde4-l10n-ru kde4-l10n-sk kde4-l10n-sl kde4-l10n-sr kde4-l10n-sv kde4-l10n-tg kde4-l10n-th kde4-l10n-tr kde4-l10n-uk kde4-l10n-wa kde4-l10n-zh_CN kde4-l10n-zh_TW kde4-lilo kde4-nsplugins kdeaccessibility4 kdeaccessibility4-core kdeaccessibility4-devel kdeadmin4 kdeartwork4 kdeartwork4-color-schemes kdeartwork4-emoticons kdeartwork4-icons-theme-kdeclassic kdeartwork4-kscreensaver kdeartwork4-sounds kdeartwork4-styles kdeartwork4-wallpapers kdebase4 kdebase4-devel kdebase4-runtime kdebase4-runtime-devel kdebase4-workspace kdebase4-workspace-devel kdeedu4 kdeedu4-core kdeedu4-devel kdegames4 kdegames4-core kdegames4-devel kdegraphics4 kdegraphics4-core kdegraphics4-devel kdelibs4-core kdelibs4-devel kdemultimedia4 kdemultimedia4-core kdemultimedia4-devel kdenetwork4 kdenetwork4-core kdenetwork4-devel kdenetwork4-kopete-latex kdepasswd kdepim4 kdepim4-akonadi kdepim4-core kdepim4-devel kdepim4-kresources kdepim4-wizards kdepimlibs4-core kdepimlibs4-devel kdeplasma-addons kdeplasma-addons-devel kdesdk4 kdesdk4-core kdesdk4-devel kdesdk4-po2xml kdesdk4-scripts kdesdk4-strigi-analyzer kdessh kdetoys4-devel kdeutils4 kdeutils4-core kdf kdialog kdiamond kdm kdnssd keditbookmarks kfind kfloppy kfourinline kgamma kgeography kget kgoldrunner kgpg khangman kig killbots kimono kimono-devel kinfocenter kipi-common kipi-plugins kipi-plugins-devel kiriki kiten kjots kjumpingcube kleopatra klettres klines kmag kmahjongg kmail kmailcvt kmines kmix kmousetool kmouth kmplot kmtrace knetwalk knetworkconf knode knotes kode kolf kollision kolourpaint kompare konqueror konquest konsole kontact kopete korganizer kpat kpilot kppp kppp-provider krdc kreversi krfb kruler ksame kscd ksendemail kshisen ksirk ksnapshot kspaceduel ksquares kstars ksudoku ksystemlog kteatime ktimer ktimetracker ktouch kttsd ktuberling kturtle ktux kubrick kuiviewer kuser kwallet kwallet-daemon kweather kwordquiz kwrite lib64akonadi-kabc4 lib64akonadi-kabccommon4 lib64akonadi-kcal4 lib64akonadi-kde4 lib64akonadi-kmime4 lib64akonadiprivate1 lib64akonadiprotocolinternals1 lib64akregatorinterfaces4 lib64akregatorprivate4 lib64amarok-devel lib64amaroklib1 lib64amarokpud1 lib64analitza4 lib64antlr4 lib64audiocdplugins4 lib64avogadro-kalzium0 lib64compoundviewer4 lib64dolphinprivate4 lib64gadu_kopete1 lib64gpgme++2 lib64gwenviewlib4 lib64gwsoap4 lib64imap4 lib64iris_kopete1 lib64iris_ksirk2 lib64kabc4 lib64kabc_file_core4 lib64kabc_groupdav4 lib64kabc_groupwise4 lib64kabckolab4 lib64kabcommon4 lib64kabcscalix4 lib64kabc_slox4 lib64kabc_xmlrpc4 lib64kabinterfaces4 lib64kaddressbookprivate4 lib64kalarm_resources4 lib64kateinterfaces4 lib64kblog4 lib64kcal4 lib64kcal_groupdav4 lib64kcal_groupwise4 lib64kcalkolab4 lib64kcal_resourceblog4 lib64kcal_resourcefeatureplan4 lib64kcal_resourceremote4 lib64kcalscalix4 lib64kcal_slox4 lib64kcal_xmlrpc4 lib64kcddb4 lib64kcompactdisc4 lib64kdcraw7 lib64kde3support4 lib64kdecorations4 lib64kdecore5 lib64kdeeduui4 lib64kdefakes5 lib64kdegames5 lib64kdepim4 lib64kdesu5 lib64kdeui5 lib64kdnssd4 lib64keduvocdocument4 lib64kephal4 lib64kerfuffle4 lib64kexiv2_7 lib64kfile4 lib64kfontinst4 lib64kfontinstui4 lib64kgetcore4 lib64kggzgames4 lib64kggzmod4 lib64kggznet4 lib64kgroupwarebase4 lib64kgroupwaredav4 lib64kholidays4 lib64khotkeysprivate4 lib64khtml5 lib64kimap4 lib64kimproxy4 lib64kio5 lib64kipi6 lib64kipiplugins1 lib64kiten4 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kldap4 lib64kleo4 lib64kleopatraclientcore4 lib64kleopatraclientgui4 lib64kmahjongglib4 lib64kmailprivate4 lib64kmediaplayer4 lib64kmime4 lib64knewstuff2_4 lib64knodecommon4 lib64knoteskolab4 lib64knotesscalix4 lib64knotes_xmlrpc4 lib64knotifyconfig4 lib64kntlm4 lib64kocorehelper4 lib64kode4 lib64kolfprivate4 lib64kolourpaint_lgpl4 lib64komparedialogpages4 lib64komparediff24 lib64kompareinterface4 lib64konq5 lib64konqsidebarplugin4 lib64konquerorprivate4 lib64kontactinterfaces4 lib64kontactprivate4 lib64kopete4 lib64kopeteaddaccountwizard1 lib64kopetechatwindow_shared1 lib64kopeteidentity1 lib64kopete_oscar4 lib64kopete_otr_shared1 lib64kopeteprivacy1 lib64kopetestatusmenu1 lib64kopete_videodevice4 lib64korganizer_calendar4 lib64korganizer_eventviewer4 lib64korganizer_interfaces4 lib64korganizerprivate4 lib64korg_stdprinting4 lib64kparts4 lib64kpgp4 lib64kpilot5 lib64kpimidentities4 lib64kpimutils4 lib64kpty4 lib64kresources4 lib64krosscore4 lib64krossui4 lib64ksane0 lib64kschema4 lib64kschemawidgets4 lib64kscreensaver5 lib64ksgrd4 lib64ksieve4 lib64kslox4 lib64kstartperf4 lib64ktexteditor4 lib64ktnef4 lib64ktrace4 lib64kttsd4 lib64kunittest4 lib64kutils4 lib64kwalletbackend4 lib64kwineffects1 lib64kwinnvidiahack4 lib64kworkspace4 lib64kxmlcommon4 lib64kxmlrpcclient4 lib64kyahoo1 lib64lancelot0 lib64lsofui4 lib64maildir4 lib64mailtransport4 lib64marblewidget4 lib64mediadevicelib1 lib64mimelib4 lib64nepomuk4 lib64nepomukquery4 lib64nepomukqueryclient4 lib64oktetacore4 lib64oktetagui4 lib64okularcore1 lib64oscar1 lib64plasma3 lib64plasma_applet_system_monitor4 lib64plasmaclock4 lib64plasmacomicprovidercore1 lib64plasmaconverter4 lib64processcore4 lib64processui4 lib64qassistant4 lib64qgpgme1 lib64qt3support4 lib64qt4-devel lib64qtclucene4 lib64qtcore4 lib64qtdbus4 lib64qtdesigner4 lib64qtgui4 lib64qthelp4 lib64qtnetwork4 lib64qtopengl4 lib64qtruby4shared2 lib64qtscript4 lib64qtscripttools4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtwebkit4 lib64qtxml4 lib64qtxmlpatterns4 lib64qyotoshared1 lib64SatLib4 lib64schema4 lib64science4 lib64smokeakonadi2 lib64smokekde2 lib64smokekhtml2 lib64smokenepomuk2 lib64smokeplasma2 lib64smokeqsci2 lib64smokeqt2 lib64smokeqtscript2 lib64smokeqttest2 lib64smokeqtuitools2 lib64smokeqtwebkit2 lib64smokesolid2 lib64smokesoprano2 lib64smoketexteditor2 lib64solid4 lib64solidcontrol4 lib64solidcontrolifaces4 lib64superkaramba4 lib64syndication4 lib64taskmanager4 lib64threadweaver4 lib64weather_ion4 lib64wscl4 lib64wsdl4 libkdcraw-common lokalize lskat mandriva-galaxy mandriva-galaxy-data mandriva-kde4-config-common mandriva-kde-translation mandriva-kdm4-config marble marble-common okteta okular one-kde4-config oxygen-icon-theme parley phpqt plasma-applet-battery plasma-applet-bball plasma-applet-binaryclock plasma-applet-bluemarble plasma-applet-calculator plasma-applet-calendar plasma-applet-charselect plasma-applet-comic plasma-applet-dict plasma-applet-didyouknow plasma-applet-eyes plasma-applet-fifteenpuzzle plasma-applet-filewatcher plasma-applet-folderview plasma-applet-frame plasma-applet-fuzzy-clock plasma-applet-incomingmsg plasma-applet-kolourpicker plasma-applet-konqprofiles plasma-applet-konsoleprofiles plasma-applet-kworldclock plasma-applet-lancelot plasma-applet-leavenote plasma-applet-life plasma-applet-luna plasma-applet-news plasma-applet-notes plasma-applet-nowplaying plasma-applet-paste plasma-applet-pastebin plasma-applet-previewer plasma-applet-quicklaunch plasma-applet-rssnow plasma-applet-showdashboard plasma-applet-showdesktop plasma-applet-system-monitor-cpu plasma-applet-system-monitor-hdd plasma-applet-system-monitor-hwinfo plasma-applet-system-monitor-net plasma-applet-system-monitor-temperature plasma-applet-timer plasma-applet-twitter plasma-applet-weatherstation plasma-applet-webbrowser plasma-applet-yawp plasma-dataengine-comic plasma-dataengine-twitter plasma-desktoptheme-aya plasma-desktoptheme-clean-blend plasma-desktoptheme-default plasma-desktoptheme-elegance plasma-desktoptheme-heron plasma-desktoptheme-silicon plasma-desktoptheme-slim-glow plasma-engine-kalzium plasma-krunner-powerdevil plasma-runner-browserhistory plasma-runner-contacts plasma-runner-converter plasma-runner-katesessions plasma-runner-konquerorsessions plasma-runner-konsolesessions plasma-runner-places plasma-runner-spellchecker powerpack-kde4-config python-kde4 python-kde4-doc qt4-accessibility-plugin qt4-assistant qt4-common qt4-database-plugin-mysql qt4-database-plugin-odbc qt4-database-plugin-pgsql qt4-database-plugin-sqlite qt4-database-plugin-tds qt4-designer qt4-doc qt4-examples qt4-graphicssystems-plugin qt4-linguist qt4-qdoc3 qt4-qtconfig qt4-qtdbus qt4-qvfb qt4-xmlpatterns qtscriptbindings qtscriptgenerator qyoto qyoto-devel ruby-kde4 ruby-kde4-devel ruby-qt4 ruby-qt4-devel smoke4-devel step superkaramba sweeper taglib-extras taglib-extras-devel task-kde4 task-kde4-devel task-kde4-minimal umbrello Update: Thu Jul 02 00:31:45 2009 Importance: normal ID: MDVA-2009:123 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:123 %pre Mandriva Linux 2009 Spring was released with KDE4 version 4.2.2. This update upgrades KDE4 in Mandriva Linux 2009 Spring to version 4.2.4, which brings many bugfixes and overall improvements. %description Software Development Kit for the K Desktop Environment. %package msec msec-gui Update: Thu Jul 02 21:55:19 2009 Importance: bugfix ID: MDVA-2009:124 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:124 %pre This update fixes a number of issues with msec shipped with Mandriva Linux 2009.1: - Msec would send an error message when desktop notification support (NOTIFY_WARN) was not found in the security configuration file (#51364, #51464) - In some locales, msec would show an error message or incorrectly translated messages when running in console (#50869) This update also adds updated translation files for msec. %description The Mandriva Linux Security package is designed to provide security features to the Mandriva Linux users. It allows to select from a set of preconfigured security levels, and supports custom permission settings, user-specified levels, and several security utilities. This packages includes main msec application and several programs that will be run periodically in order to test the security of your system and alert you if needed. %package kde4-style-iaora kde4-style-iaora-common qt4-style-iaora Update: Fri Jul 03 19:26:16 2009 Importance: bugfix ID: MDVA-2009:125 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:125 %pre This update of the IaOra theme for KDE4 contains several bugfixes, including: - check boxes are not visible (#50260) - arabic text overlaps in KDE 4.2 menus (#50993) %description IaOra theme for KDE 4 %package debugmode initscripts readahead Update: Sat Jul 04 16:59:24 2009 Importance: bugfix ID: MDVA-2009:126 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:126 %pre This package update fixes several issues when using speedboot mode in conjunction with failsafe mode, crypted filesystem, network profiles. It also improves readahead behaviour and reduce startup boot time. System installed from One edition will now have speedboot enabled. Bugs fixed : - Only enable CRDA domain if wireless cards are present (Mdv bug #51795) - readahead calls are now blocking and done earlier, for better performance (Mdv bug #44471) - disable speedboot if netprofiles are detected and not selected in kernel cmdline (Mdv bug #51550) - disable speedboot at each boot when /etc/crypttab is detected (Mdv bug #51518) - Fix speedboot status staying at STANDARD BOOT (Mdv bug #50238) - disable speedboot in failsafe mode (Mdv bug #51706) - disable speedboot only when LVM / RAID volumes are detected (Mdv bug #50270) - installing quota no longer disables speedboot (Mdv bug #50270) - hide error when readahead_later list isn't available (Mdv bug #51365) %description readahead reads the contents of a list of files into memory, which causes them to be read from cache when they are actually needed. Its goal is to speed up the boot process. %package alsa_raoppcm-kernel-2.6.29.6-desktop-1mnb alsa_raoppcm-kernel-2.6.29.6-server-1mnb alsa_raoppcm-kernel-desktop-latest alsa_raoppcm-kernel-server-latest broadcom-wl-kernel-2.6.29.6-desktop-1mnb broadcom-wl-kernel-2.6.29.6-server-1mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.29.6-desktop-1mnb em8300-kernel-2.6.29.6-server-1mnb em8300-kernel-desktop-latest em8300-kernel-server-latest fglrx-kernel-2.6.29.6-desktop-1mnb fglrx-kernel-2.6.29.6-server-1mnb fglrx-kernel-desktop-latest fglrx-kernel-server-latest hsfmodem-kernel-2.6.29.6-desktop-1mnb hsfmodem-kernel-2.6.29.6-server-1mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest hso-kernel-2.6.29.6-desktop-1mnb hso-kernel-2.6.29.6-server-1mnb hso-kernel-desktop-latest hso-kernel-server-latest kernel-2.6.29.6-1mnb kernel-desktop-2.6.29.6-1mnb kernel-desktop-devel-2.6.29.6-1mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.29.6-1mnb kernel-server-devel-2.6.29.6-1mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.29.6-1mnb kernel-source-latest kqemu-kernel-2.6.29.6-desktop-1mnb kqemu-kernel-2.6.29.6-server-1mnb kqemu-kernel-desktop-latest kqemu-kernel-server-latest libafs-kernel-2.6.29.6-desktop-1mnb libafs-kernel-2.6.29.6-server-1mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.29.6-desktop-1mnb lirc-kernel-2.6.29.6-server-1mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.29.6-desktop-1mnb lzma-kernel-2.6.29.6-server-1mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.29.6-desktop-1mnb madwifi-kernel-2.6.29.6-server-1mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest netfilter-rtsp-kernel-2.6.29.6-desktop-1mnb netfilter-rtsp-kernel-2.6.29.6-server-1mnb netfilter-rtsp-kernel-desktop-latest netfilter-rtsp-kernel-server-latest nouveau-kernel-2.6.29.6-desktop-1mnb nouveau-kernel-2.6.29.6-server-1mnb nouveau-kernel-desktop-latest nouveau-kernel-server-latest nvidia173-kernel-2.6.29.6-desktop-1mnb nvidia173-kernel-2.6.29.6-server-1mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.29.6-desktop-1mnb nvidia96xx-kernel-2.6.29.6-server-1mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.29.6-desktop-1mnb nvidia-current-kernel-2.6.29.6-server-1mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest opencbm-kernel-2.6.29.6-desktop-1mnb opencbm-kernel-2.6.29.6-server-1mnb opencbm-kernel-desktop-latest opencbm-kernel-server-latest rt2870-kernel-2.6.29.6-desktop-1mnb rt2870-kernel-2.6.29.6-server-1mnb rt2870-kernel-desktop-latest rt2870-kernel-server-latest squashfs-kernel-2.6.29.6-desktop-1mnb squashfs-kernel-2.6.29.6-server-1mnb squashfs-kernel-desktop-latest squashfs-kernel-server-latest squashfs-lzma-kernel-2.6.29.6-desktop-1mnb squashfs-lzma-kernel-2.6.29.6-server-1mnb squashfs-lzma-kernel-desktop-latest squashfs-lzma-kernel-server-latest tp_smapi-kernel-2.6.29.6-desktop-1mnb tp_smapi-kernel-2.6.29.6-server-1mnb tp_smapi-kernel-desktop-latest tp_smapi-kernel-server-latest vboxadditions-kernel-2.6.29.6-desktop-1mnb vboxadditions-kernel-2.6.29.6-server-1mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest vhba-kernel-2.6.29.6-desktop-1mnb vhba-kernel-2.6.29.6-server-1mnb vhba-kernel-desktop-latest vhba-kernel-server-latest virtualbox-kernel-2.6.29.6-desktop-1mnb virtualbox-kernel-2.6.29.6-server-1mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.29.6-desktop-1mnb vpnclient-kernel-2.6.29.6-server-1mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Tue Jul 07 17:52:21 2009 Importance: security ID: MDVSA-2009:148 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:148 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet. (CVE-2009-1389) The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice system calls that trigger a deadlock between the generic_file_splice_write, splice_from_pipe, and ocfs2_file_splice_write functions. (CVE-2009-1961) The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass permissions and execute files, as demonstrated by files on an NFSv4 fileserver. (CVE-2009-1630) Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. (CVE-2009-1385) Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to Unicode string area alignment in fs/cifs/sess.c; or (2) long Unicode characters, related to fs/cifs/cifssmb.c and the cifs_readdir function in fs/cifs/readdir.c. (CVE-2009-1633) Additionally, the kernel package was updated to the Linux upstream stable version 2.6.29.6. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Thu Jul 09 13:58:40 2009 Importance: security ID: MDVSA-2009:149 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:149 %pre Multiple vulnerabilities has been found and corrected in apache: The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests (CVE-2009-1890). Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). This update provides fixes for these vulnerabilities. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Thu Jul 09 14:00:20 2009 Importance: security ID: MDVSA-2009:149 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:149 %pre Multiple vulnerabilities has been found and corrected in apache: The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length value, which allows remote attackers to cause a denial of service (CPU consumption) via crafted requests (CVE-2009-1890). Fix a potential Denial-of-Service attack against mod_deflate or other modules, by forcing the server to consume CPU time in compressing a large file after a client disconnects (CVE-2009-1891). This update provides fixes for these vulnerabilities. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package gnokii gnokii-smsd gnokii-smsd-mysql gnokii-smsd-pgsql gnokii-xgnokii lib64gnokii4 lib64gnokii-devel lib64gnokii-static-devel Update: Sun Jul 12 15:31:11 2009 Importance: bugfix ID: MDVA-2009:128 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:128 %pre Latest kaddressbook update package for 2009.1 fails to install due to unresolved gnokii library dependencies. Additionally it was discovered gnokii wasn't rebuilt after the -Werror=format-security change and a patch for this had to be added. %description Gnokii is a Linux/Unix tool suite and (eventually) modem/fax driver for Nokia's mobile phones, released under the GPL. %package lib64tiff3 lib64tiff3-devel lib64tiff3-static-devel libtiff-progs Update: Mon Jul 13 19:25:59 2009 Importance: security ID: MDVSA-2009:150 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:150 %pre Multiple vulnerabilities has been found and corrected in libtiff: Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327 (CVE-2009-2285). Fix several places in tiff2rgba and rgb2ycbcr that were being careless about possible integer overflow in calculation of buffer sizes (CVE-2009-2347). This update provides fixes for these vulnerabilities. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package x11-driver-video-sisimedia Update: Mon Jul 13 20:55:26 2009 Importance: bugfix ID: MDVA-2009:129 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:129 %pre Update driver to a newer version provided by the video card manufacturer. This new version fixes a system freeze issue. %description x11-driver-video-sisimedia is the video driver for SiS 670 / 671 cards. These are not supported by the X.org 'sis' driver. This code is very different, so the two cannot be easily merged. %package null null-dummy Update: Mon Jul 13 22:26:18 2009 Importance: bugfix ID: MDVA-2009:999 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:999 %pre Testing mkadvisory for MES5. %description Dummy package. %package evolution evolution-data-server evolution-devel evolution-exchange evolution-mono evolution-pilot gtkhtml-3.14 lib64camel14 lib64ebackend0 lib64ebook9 lib64ecal7 lib64edata-book2 lib64edata-cal6 lib64edataserver11 lib64edataserver-devel lib64edataserverui8 lib64egroupwise13 lib64exchange-storage3 lib64gdata1 lib64gtkhtml-3.14_19 lib64gtkhtml-3.14-devel Update: Tue Jul 14 12:54:01 2009 Importance: bugfix ID: MDVA-2009:130 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:130 %pre Evolution had several bugs like a hanging user interface when dealing with virtual folders that have been fixed in this update. %description GtkHTML is a HTML rendering/editing library. GtkHTML is not designed to be the ultimate HTML browser/editor: instead, it is designed to be easily embedded into applications that require lightweight HTML functionality. GtkHTML was originally based on KDE's KHTMLW widget, but is now developed independently of it. The most important difference between KHTMLW and GtkHTML, besides being GTK-based, is that GtkHTML is also an editor. Thanks to the Bonobo editor component that comes with the library, it's extremely simple to add HTML editing to an existing application. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Wed Jul 15 19:29:11 2009 Importance: security ID: MDVSA-2009:151 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:151 %pre A vulnerability has been found and corrected in ISC DHCP: Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option (CVE-2009-0692). This update provides fixes for this vulnerability. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package lib64pulseaudio0 lib64pulseaudio-devel lib64pulseglib20 lib64pulsezeroconf0 pulseaudio pulseaudio-esound-compat pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils Update: Fri Jul 17 14:18:02 2009 Importance: security ID: MDVSA-2009:152 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:152 %pre A vulnerability has been found and corrected in pulseaudio: Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link (CVE-2009-1894). This update provides fixes for this vulnerability. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (EsounD). In addition to the features EsounD provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package lib64pulseaudio0 lib64pulseaudio-devel lib64pulseglib20 lib64pulsezeroconf0 pulseaudio pulseaudio-esound-compat pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils Update: Fri Jul 17 14:25:03 2009 Importance: security ID: MDVSA-2009:152 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:152 %pre A vulnerability has been found and corrected in pulseaudio: Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has write access to any directory on the file system containing /usr/bin to gain local root access. The user needs to exploit a race condition related to creating a hard link (CVE-2009-1894). This update provides fixes for this vulnerability. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (EsounD). In addition to the features EsounD provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Sun Jul 19 15:57:36 2009 Importance: security ID: MDVSA-2009:154 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:154 %pre A vulnerability has been found and corrected in ISC DHCP: ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding (CVE-2009-1892). This update provides fixes for this vulnerability. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Sun Jul 19 16:11:00 2009 Importance: security ID: MDVSA-2009:154 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:154 %pre A vulnerability has been found and corrected in ISC DHCP: ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding (CVE-2009-1892). This update provides fixes for this vulnerability. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package git git-arch git-core git-core-oldies git-cvs git-email gitk git-svn gitview gitweb lib64git-devel perl-Git Update: Sun Jul 19 18:47:49 2009 Importance: security ID: MDVSA-2009:155 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:155 %pre A vulnerability has been found and corrected in git: git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments (CVE-2009-2108). This update provides fixes for this vulnerability. %description This is a stupid (but extremely fast) directory content manager. It doesn't do a whole lot, but what it _does_ do is track directory contents efficiently. It is intended to be the base of an efficient, distributed source code management system. This package includes rudimentary tools that can be used as a SCM, but you should look elsewhere for tools for ordinary humans layered on top of this. This is a dummy package which brings in all subpackages. %package perl-Compress-Raw-Zlib Update: Sun Jul 19 22:43:32 2009 Importance: security ID: MDVSA-2009:157 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:157 %pre A vulnerability has been found and corrected in perl-Compress-Raw-Zlib: Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009 (CVE-2009-1391). This update provides fixes for this vulnerability. %description Low-Level Interface to zlib compression library. %package bluez bluez-alsa bluez-cups bluez-gstreamer lib64bluez3 lib64bluez-devel Update: Mon Jul 20 01:14:06 2009 Importance: bugfix ID: MDVA-2009:131 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:131 %pre In mandriva 2009.1 the bluetooth alsa plugins were installed on the root lib dir. This prevent A2DP bluetooth devices from working because they search those libs on the standart lib directory. %description These are the official Bluetooth communication libraries for Linux. %package gnome-power-manager Update: Mon Jul 20 12:08:10 2009 Importance: bugfix ID: MDVA-2009:132 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:132 %pre The gnome-power-manager package shipped in Mandriva 2009 Spring is not working without the gnome-session running in user's Desktop Environment. This update fixes this issue making gnome-power-manager work fine even if gnome-session is not started. %description GNOME Power Manager uses the information and facilities provided by HAL displaying icons and handling user callbacks in an interactive GNOME session. GNOME Power Preferences allows authorised users to set policy and change preferences. %package ruby ruby-devel ruby-doc ruby-tk Update: Mon Jul 27 21:25:32 2009 Importance: security ID: MDVSA-2009:160 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:160 %pre The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package squid squid-cachemgr Update: Mon Jul 27 22:39:07 2009 Importance: security ID: MDVSA-2009:161 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:161 %pre Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses. This update provides fixes for these vulnerabilities. %description %package debugmode initscripts Update: Tue Jul 28 22:05:00 2009 Importance: security ID: MDVSA-2009:170 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:170 %pre Mandriva Security team has identified and fixed a vulnerability in initscripts which could lead to partial wireless password disclosure for WPA/WPA2 passwords of certain length which contained spaces. This update fixes the vulnerability. %description The initscripts package contains the basic system scripts used to boot your Mandriva Linux system, change run levels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. %package debugmode initscripts Update: Tue Jul 28 22:06:48 2009 Importance: security ID: MDVSA-2009:170 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:170 %pre Mandriva Security team has identified and fixed a vulnerability in initscripts which could lead to partial wireless password disclosure for WPA/WPA2 passwords of certain length which contained spaces. This update fixes the vulnerability. %description The initscripts package contains the basic system scripts used to boot your Mandriva Linux system, change run levels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. %package bind bind-devel bind-doc bind-utils Update: Wed Jul 29 19:36:07 2009 Importance: security ID: MDVSA-2009:181 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:181 %pre A vulnerability has been found and corrected in ISC BIND: The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an ANY record in the prerequisite section of a crafted dynamic update message, as exploited in the wild in July 2009 (CVE-2009-0696). This update provides fixes for this vulnerability. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package lib64rpm4.6 lib64rpm-devel python-rpm rpm rpm-build Update: Thu Jul 30 20:22:16 2009 Importance: bugfix ID: MDVA-2009:137 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:137 %pre This update fixes an issue with rpm: o file triggers aren't properly invoked on package removal %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Fri Jul 31 02:13:59 2009 Importance: security ID: MDVSA-2009:182 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:182 %pre Security vulnerabilities have been discovered and corrected in Mozilla Firefox 3.0.x: Several flaws were discovered in the Firefox browser and JavaScript engines, which could allow a malicious website to cause a denial of service or possibly execute arbitrary code with user privileges. (CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2468, CVE-2009-2471) Attila Suszter discovered a flaw in the way Firefox processed Flash content, which could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-2467) It was discovered that Firefox did not properly handle some SVG content, which could lead to a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. (CVE-2009-2469) A flaw was discovered in the JavaScript engine which could be used to perform cross-site scripting attacks. (CVE-2009-2472) This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package lib64OpenEXR6 lib64OpenEXR-devel OpenEXR Update: Sun Aug 02 21:09:21 2009 Importance: security ID: MDVSA-2009:190 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:190 %pre Multiple vulnerabilities has been found and corrected in OpenEXR: Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information (CVE-2009-1720). The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer (CVE-2009-1721). This update provides fixes for these vulnerabilities. %description Industrial Light & Magic developed the OpenEXR format in response to the demand for higher color fidelity in the visual effects industry. %package ruby ruby-devel ruby-doc ruby-tk Update: Wed Aug 05 21:53:07 2009 Importance: security ID: MDVSA-2009:193 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:193 %pre ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate. This update corrects the problem, including for older ruby versions. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Thu Aug 06 02:07:13 2009 Importance: security ID: MDVSA-2009:194 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:194 %pre Vulnerabilities have been discovered in wireshark package, which could lead to application crash via radius, infiniband and afs dissectors (CVE-2009-2560, CVE-2009-2562, CVE-2009-2563). This update provides a fix for those vulnerabilities. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package apr-util-dbd-freetds apr-util-dbd-ldap apr-util-dbd-mysql apr-util-dbd-odbc apr-util-dbd-pgsql apr-util-dbd-sqlite3 lib64apr1 lib64apr-devel lib64apr-util1 lib64apr-util-devel Update: Thu Aug 06 13:38:29 2009 Importance: security ID: MDVSA-2009:195 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:195 %pre A vulnerability has been identified and corrected in apr and apr-util: Fix potential overflow in pools (apr) and rmm (apr-util), where size alignment was taking place (CVE-2009-2412). This update provides fixes for these vulnerabilities. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. %package x11-driver-video-openchrome Update: Fri Aug 07 17:30:11 2009 Importance: bugfix ID: MDVA-2009:140 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:140 %pre This update fixes three issues with the openchrome driver for VIA video cards. - Fix a segmentation fault when using the EXA acceleration architecture. - Fix a segmentation fault on hardware that do not support Xv. - Improve EXA performance on a fallback case. %description A free and Open Source video driver for the VIA/S3G UniChrome and UniChrome Pro graphics chipsets. (CLE266, KN400, KM400, K8M800, PM800, CN400, VN800) %package gurpmi urpmi urpmi-ldap urpmi-parallel-ka-run urpmi-parallel-ssh Update: Fri Aug 07 19:01:19 2009 Importance: bugfix ID: MDVA-2009:141 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:141 %pre This update fixes a minor issue with urpmi: - no error message and 0 exit code when using CD/DVD media and hal isn't running %description urpmi is Mandriva Linux's console-based software installation tool. You can use it to install software from the console in the same way as you use the graphical Install Software tool (rpmdrake) to install software from the desktop. urpmi will follow package dependencies -- in other words, it will install all the other software required by the software you ask it to install -- and it's capable of obtaining packages from a variety of media, including the Mandriva Linux installation CD-ROMs, your local hard disk, and remote sources such as web or FTP sites. %package lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel nss Update: Fri Aug 07 20:51:03 2009 Importance: security ID: MDVSA-2009:197 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:197 %pre Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408) and md2 algorithm flaws (CVE-2009-2409), and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate (CVE-2009-2404). This update provides the latest versions of NSS and NSPR libraries which are not vulnerable to those attacks. %description Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. For detailed information on standards supported, see http://www.mozilla.org/projects/security/pki/nss/overview.html. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Fri Aug 07 21:07:52 2009 Importance: security ID: MDVSA-2009:198 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:198 %pre Security issues were identified and fixed in firefox 3.0.x: Security researcher Juan Pablo Lopez Yacubian reported that an attacker could call window.open() on an invalid URL which looks similar to a legitimate URL and then use document.write() to place content within the new document, appearing to have come from the spoofed location (CVE-2009-2654). Moxie Marlinspike reported a heap overflow vulnerability in the code that handles regular expressions in certificate names. This vulnerability could be used to compromise the browser and run arbitrary code by presenting a specially crafted certificate to the client (CVE-2009-2404). IOActive security researcher Dan Kaminsky reported a mismatch in the treatment of domain names in SSL certificates between SSL clients and the Certificate Authorities (CA) which issue server certificates. These certificates could be used to intercept and potentially alter encrypted communication between the client and a server such as sensitive bank account transactions (CVE-2009-2408). This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package squid squid-cachemgr Update: Sat Aug 08 10:46:46 2009 Importance: security ID: MDVSA-2009:178-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:178-1 %pre Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses (CVE-2009-2621). Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses (CVE-2009-2622). This update provides fixes for these vulnerabilities. Update: Additional upstream security patches were applied: Debug warnings fills up the logs. Upstream Bug 2728: regression: assertion failed: http.cc:705: !eof %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package squid squid-cachemgr Update: Sat Aug 08 10:54:47 2009 Importance: security ID: MDVSA-2009:178-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:178-1 %pre Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses (CVE-2009-2621). Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses (CVE-2009-2622). This update provides fixes for these vulnerabilities. Update: Additional upstream security patches were applied: Debug warnings fills up the logs. Upstream Bug 2728: regression: assertion failed: http.cc:705: !eof %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package squid squid-cachemgr Update: Sat Aug 08 11:03:02 2009 Importance: security ID: MDVSA-2009:161-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:161-1 %pre Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses (CVE-2009-2621). Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses (CVE-2009-2622). This update provides fixes for these vulnerabilities. Update: Additional upstream security patches were applied: Debug warnings fills up the logs. Upstream Bug 2728: regression: assertion failed: http.cc:705: !eof %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package lib64v4l0 lib64v4l-devel lib64v4l-wrappers libv4l Update: Sat Aug 08 12:13:23 2009 Importance: bugfix ID: MDVA-2009:144 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:144 %pre This update addresses the issue of urpmi preventing installation of both i586/x86_64 versions of libv4l wrappers (Mandriva bug #45316). Updated packages are provided to fix this issue. %description libv4l is a collection of libraries which adds a thin abstraction layer on top of video4linux2 devices. The purpose of this (thin) layer is to make it easy for application writers to support a wide variety of devices without having to write separate code for different devices in the same class. %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svnjavahl1 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Sat Aug 08 22:11:46 2009 Importance: security ID: MDVSA-2009:199 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:199 %pre A vulnerability has been found and corrected in subversion: Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412 (CVE-2009-2411). This update provides a solution to this vulnerability and in turn upgrades subversion where possible to provide additional features and upstream bugfixes and adds required dependencies where needed. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package x11-driver-input-synaptics x11-driver-input-synaptics-devel Update: Sun Aug 09 13:30:30 2009 Importance: bugfix ID: MDVA-2009:145 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:145 %pre The synaptics touchpad driver shipped with 2009.1 has problems correctly identifying and scaling the right hand scroll zone on certain hardware (including the ASUS EeePC 701). This updated version addresses this and several other minor issues. Fixing (among others) Mandriva bug #51845. %description Synaptics touchpad devices are extremely popular on laptops and this driver is an MIT licensed alternative to the older GPL synaptics driver which is no longer actively maintained. %package gtkmm2.4-doc lib64gtkmm2.4_1 lib64gtkmm2.4-devel lib64gtkmm2.4-static-devel Update: Tue Aug 11 13:11:00 2009 Importance: bugfix ID: MDVA-2009:149 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:149 %pre A memory allocation bug in gtkmm would make applications using the library crash on the x86_64 architecture. This update corrects the problem. %description Gtkmm provides a C++ interface to the GTK+ GUI library. Gtkmm2 wraps GTK+ 2. Highlights include typesafe callbacks, widgets extensible via inheritance and a comprehensive set of widget classes that can be freely combined to quickly create complex user interfaces. %package lib64xml1 lib64xml1-devel lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Wed Aug 12 13:25:36 2009 Importance: security ID: MDVSA-2009:200 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:200 %pre Multiple vulnerabilities has been found and corrected in libxml: Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-2414). Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-2416). This update provides a solution to these vulnerabilities. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package fetchmail fetchmailconf fetchmail-daemon Update: Wed Aug 12 18:59:32 2009 Importance: security ID: MDVSA-2009:201 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:201 %pre A vulnerability has been found and corrected in fetchmail: socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2666). This update provides a solution to this vulnerability. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package memcached Update: Fri Aug 14 17:07:12 2009 Importance: security ID: MDVSA-2009:202 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:202 %pre A vulnerability has been found and corrected in memcached: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows (CVE-2009-2415). This update provides a solution to this vulnerability. Additionally memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES 5 that contains a number of upstream fixes, the repcached patch has been upgraded to 2.2 as well. %description memcached is a flexible memory object caching daemon designed to alleviate database load in dynamic web applications by storing objects in memory. It's based on libevent to scale to any size needed, and is specifically optimized to avoid swapping and always use non-blocking I/O. The memcached server binary comes in two flavours: o memcached - with threading support o memcached-replication - with replication support %package memcached Update: Fri Aug 14 17:08:14 2009 Importance: security ID: MDVSA-2009:202 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:202 %pre A vulnerability has been found and corrected in memcached: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows (CVE-2009-2415). This update provides a solution to this vulnerability. Additionally memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES 5 that contains a number of upstream fixes, the repcached patch has been upgraded to 2.2 as well. %description memcached is a flexible memory object caching daemon designed to alleviate database load in dynamic web applications by storing objects in memory. It's based on libevent to scale to any size needed, and is specifically optimized to avoid swapping and always use non-blocking I/O. The memcached server binary comes in two flavours: o memcached - with threading support o memcached-replication - with replication support %package memcached Update: Fri Aug 14 17:13:12 2009 Importance: security ID: MDVSA-2009:202 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:202 %pre A vulnerability has been found and corrected in memcached: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows (CVE-2009-2415). This update provides a solution to this vulnerability. Additionally memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES 5 that contains a number of upstream fixes, the repcached patch has been upgraded to 2.2 as well. %description memcached is a flexible memory object caching daemon designed to alleviate database load in dynamic web applications by storing objects in memory. It's based on libevent to scale to any size needed, and is specifically optimized to avoid swapping and always use non-blocking I/O. The memcached server binary comes in two flavours: o memcached - with threading support o memcached-replication - with replication support %package lib64wxgtk2.8 lib64wxgtk2.8-devel lib64wxgtkgl2.8 lib64wxgtkglu2.8 lib64wxgtku2.8 lib64wxgtku2.8-devel wxgtk2.8 Update: Sun Aug 16 22:57:20 2009 Importance: security ID: MDVSA-2009:204 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:204 %pre A vulnerability has been found and corrected in wxgtk: Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information (CVE-2009-2369). This update provides a solution to this vulnerability. %description wxWidgets is a free C++ library for cross-platform GUI development. With wxWidgets, you can create applications for different GUIs (GTK+, Motif/LessTif, MS Windows, Mac) from the same source code. %package alsa_raoppcm-kernel-2.6.29.6-desktop-2mnb alsa_raoppcm-kernel-2.6.29.6-server-2mnb alsa_raoppcm-kernel-desktop-latest alsa_raoppcm-kernel-server-latest broadcom-wl-kernel-2.6.29.6-desktop-2mnb broadcom-wl-kernel-2.6.29.6-server-2mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.29.6-desktop-2mnb em8300-kernel-2.6.29.6-server-2mnb em8300-kernel-desktop-latest em8300-kernel-server-latest fglrx-kernel-2.6.29.6-desktop-2mnb fglrx-kernel-2.6.29.6-server-2mnb fglrx-kernel-desktop-latest fglrx-kernel-server-latest hsfmodem-kernel-2.6.29.6-desktop-2mnb hsfmodem-kernel-2.6.29.6-server-2mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest hso-kernel-2.6.29.6-desktop-2mnb hso-kernel-2.6.29.6-server-2mnb hso-kernel-desktop-latest hso-kernel-server-latest kernel-2.6.29.6-2mnb kernel-desktop-2.6.29.6-2mnb kernel-desktop-devel-2.6.29.6-2mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.29.6-2mnb kernel-server-devel-2.6.29.6-2mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.29.6-2mnb kernel-source-latest kqemu-kernel-2.6.29.6-desktop-2mnb kqemu-kernel-2.6.29.6-server-2mnb kqemu-kernel-desktop-latest kqemu-kernel-server-latest libafs-kernel-2.6.29.6-desktop-2mnb libafs-kernel-2.6.29.6-server-2mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.29.6-desktop-2mnb lirc-kernel-2.6.29.6-server-2mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.29.6-desktop-2mnb lzma-kernel-2.6.29.6-server-2mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.29.6-desktop-2mnb madwifi-kernel-2.6.29.6-server-2mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest netfilter-rtsp-kernel-2.6.29.6-desktop-2mnb netfilter-rtsp-kernel-2.6.29.6-server-2mnb netfilter-rtsp-kernel-desktop-latest netfilter-rtsp-kernel-server-latest nouveau-kernel-2.6.29.6-desktop-2mnb nouveau-kernel-2.6.29.6-server-2mnb nouveau-kernel-desktop-latest nouveau-kernel-server-latest nvidia173-kernel-2.6.29.6-desktop-2mnb nvidia173-kernel-2.6.29.6-server-2mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.29.6-desktop-2mnb nvidia96xx-kernel-2.6.29.6-server-2mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.29.6-desktop-2mnb nvidia-current-kernel-2.6.29.6-server-2mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest opencbm-kernel-2.6.29.6-desktop-2mnb opencbm-kernel-2.6.29.6-server-2mnb opencbm-kernel-desktop-latest opencbm-kernel-server-latest rt2870-kernel-2.6.29.6-desktop-2mnb rt2870-kernel-2.6.29.6-server-2mnb rt2870-kernel-desktop-latest rt2870-kernel-server-latest squashfs-kernel-2.6.29.6-desktop-2mnb squashfs-kernel-2.6.29.6-server-2mnb squashfs-kernel-desktop-latest squashfs-kernel-server-latest squashfs-lzma-kernel-2.6.29.6-desktop-2mnb squashfs-lzma-kernel-2.6.29.6-server-2mnb squashfs-lzma-kernel-desktop-latest squashfs-lzma-kernel-server-latest tp_smapi-kernel-2.6.29.6-desktop-2mnb tp_smapi-kernel-2.6.29.6-server-2mnb tp_smapi-kernel-desktop-latest tp_smapi-kernel-server-latest vboxadditions-kernel-2.6.29.6-desktop-2mnb vboxadditions-kernel-2.6.29.6-server-2mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest vhba-kernel-2.6.29.6-desktop-2mnb vhba-kernel-2.6.29.6-server-2mnb vhba-kernel-desktop-latest vhba-kernel-server-latest virtualbox-kernel-2.6.29.6-desktop-2mnb virtualbox-kernel-2.6.29.6-server-2mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.29.6-desktop-2mnb vpnclient-kernel-2.6.29.6-server-2mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Mon Aug 17 23:10:41 2009 Importance: security ID: MDVSA-2009:205 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:205 %pre A vulnerability was discovered and corrected in the Linux 2.6 kernel: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on this page, and then invoking an unavailable operation, as demonstrated by the sendpage operation on a PF_PPPOX socket. (CVE-2009-2692) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package wget Update: Tue Aug 18 22:13:07 2009 Importance: security ID: MDVSA-2009:206 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:206 %pre A vulnerability has been found and corrected in wget: SUSE discovered a security issue in wget related to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2408 This update provides a solution to this vulnerability. %description GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you're logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with FTP servers and Range with HTTP servers to retrieve files over slow or unstable connections, support for Proxy servers, and configurability. %package perl-Compress-Raw-Bzip2 Update: Wed Aug 19 21:07:10 2009 Importance: security ID: MDVSA-2009:207 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:207 %pre A vulnerability has been found and corrected in perl-Compress-Raw-Bzip: Off-by-one error in the bzinflate function in Bzip2.xs in the Compress-Raw-Bzip2 module before 2.018 for Perl allows context-dependent attackers to cause a denial of service (application hang or crash) via a crafted bzip2 compressed stream that triggers a buffer overflow, a related issue to CVE-2009-1391 (CVE-2009-1884). This update provides a solution to this vulnerability. %description Low-Level Interface to bzip2 compression library. %package kde4-style-iaora kde4-style-iaora-common qt4-style-iaora Update: Thu Aug 20 14:19:18 2009 Importance: bugfix ID: MDVA-2009:153 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:153 %pre Iaora window decoration style has a bug when using compiz, it is noted when a window is maximised, the decoration goes off. You need to restore (unmaximize) to have the decorations back. This update fixes this problem. %description IaOra theme for KDE 4 %package java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-plugin java-1.6.0-openjdk-src Update: Thu Aug 20 23:45:00 2009 Importance: security ID: MDVSA-2009:209 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:209 %pre Multiple Java OpenJDK security vulnerabilities has been identified and fixed: The design of the W3C XML Signature Syntax and Processing (XMLDsig) recommendation specifies an HMAC truncation length (HMACOutputLength) but does not require a minimum for its length, which allows attackers to spoof HMAC-based signatures and bypass authentication by specifying a truncation length with a small number of bits (CVE-2009-0217). The Java Web Start framework does not properly check all application jar files trust and this allows context-dependent attackers to execute arbitrary code via a crafted application, related to NetX (CVE-2009-1896). Some variables and data structures without the final keyword definition allows context-depend attackers to obtain sensitive information. The target variables and data structures are stated as follow: (1) LayoutQueue, (2) Cursor.predefined, (3) AccessibleResourceBundle.getContents, (4) ImageReaderSpi.STANDARD_INPUT_TYPE, (5) ImageWriterSpi.STANDARD_OUTPUT_TYPE, (6) the imageio plugins, (7) DnsContext.debug, (8) RmfFileReader/StandardMidiFileWriter.types, (9) AbstractSaslImpl.logger, (10) Synth.Region.uiToRegionMap/lowerCaseNameMap, (11) the Introspector class and a cache of BeanInfo, and (12) JAX-WS (CVE-2009-2475). The Java Management Extensions (JMX) implementation does not properly enforce OpenType checks, which allows context-dependent attackers to bypass intended access restrictions by leveraging finalizer resurrection to obtain a reference to a privileged object (CVE-2009-2476). A flaw in the Xerces2 as used in OpenJDK allows remote attackers to cause denial of service via a malformed XML input (CVE-2009-2625). The audio system does not prevent access to java.lang.System properties either by untrusted applets and Java Web Start applications, which allows context-dependent attackers to obtain sensitive information by reading these properties (CVE-2009-2670). A flaw in the SOCKS proxy implementation allows remote attackers to discover the user name of the account that invoked either an untrusted applet or Java Web Start application via unspecified vectors (CVE-2009-2671). A flaw in the proxy mechanism implementation allows remote attackers to bypass intended access restrictions and connect to arbitrary sites via unspecified vectors, related to a declaration that lacks the final keyword (CVE-2009-2673). An integer overflow in the JPEG images parsing allows context-dependent attackers to gain privileges via an untrusted Java Web Start application that grants permissions to itself (CVE-2009-2674). An integer overflow in the unpack200 utility decompression allows context-dependent attackers to gain privileges via vectors involving either an untrusted applet or Java Web Start application that grants permissions to itself (CVE-2009-2675). A flaw in the JDK13Services.getProviders grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions either via an untrusted applet or application (CVE-2009-2689). A flaw in the OpenJDK's encoder, grants read access to private variables with unspecified names, which allows context-dependent attackers to obtain sensitive information either via an untrusted applet or application (CVE-2009-2690). %description The OpenJDK runtime environment. This version is built without netbeans, so jvisualvm is disabled. %package gnutls lib64gnutls26 lib64gnutls-devel Update: Fri Aug 21 02:19:44 2009 Importance: security ID: MDVSA-2009:210 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:210 %pre A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (CVE-2009-2730). This update fixes this vulnerability. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package expat lib64expat1 lib64expat1-devel Update: Sun Aug 23 16:19:10 2009 Importance: security ID: MDVSA-2009:211 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:211 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. %description Expat is an XML 1.0 parser written in C by James Clark. It aims to be fully conforming. It is currently not a validating XML parser. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Sun Aug 23 16:53:25 2009 Importance: security ID: MDVSA-2009:212 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:212 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Sun Aug 23 16:53:45 2009 Importance: security ID: MDVSA-2009:212 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:212 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package lib64wxgtk2.8 lib64wxgtk2.8-devel lib64wxgtkgl2.8 lib64wxgtkglu2.8 lib64wxgtku2.8 lib64wxgtku2.8-devel wxgtk2.8 Update: Sun Aug 23 17:43:31 2009 Importance: security ID: MDVSA-2009:213 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:213 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. %description wxWidgets is a free C++ library for cross-platform GUI development. With wxWidgets, you can create applications for different GUIs (GTK+, Motif/LessTif, MS Windows, Mac) from the same source code. %package python-celementtree Update: Sun Aug 23 19:25:07 2009 Importance: security ID: MDVSA-2009:214 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:214 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. %description This is an add-on to the standard ElementTree package, which adds a very fast and memory-efficient alternative implementation of the ElementTree API. %package mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ro mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-ga mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-moztraybiff mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Sun Aug 23 21:04:55 2009 Importance: security ID: MDVSA-2009:217 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:217 %pre A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package kompozer kompozer-devel Update: Mon Aug 24 17:10:12 2009 Importance: security ID: MDVSA-2009:219 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:219 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. Additionally on 2009.0 a patch was added to prevent kompozer from crashing (#44830), on 2009.1 a format string patch was added to make it build with the -Wformat -Werror=format-security gcc optimization switch added in 2009.1 This update fixes these issues. %description Kompozer is a complete Web authoring system that combines web file management and easy-to-use WYSIWYG web page editing. Kompozer is designed to be extremely easy to use, making it ideal for non-technical computer users who want to create an attractive, professional-looking web site without needing to know HTML or web coding. Kompozer is an unofficial continuation of nvu, which was apparently abandoned in 2005. %package davfs Update: Mon Aug 24 18:07:09 2009 Importance: security ID: MDVSA-2009:220 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:220 %pre A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. %description WebDAV is an acronym for Web-based Distributed Authoring and Versioning. Usually http is a read only protocol, but if you install DAV on your web server, it becomes writable. Furthermore, if you use DAVfs, you can mount your web server onto your filesystem and can use it as a normal disk. %package lib64neon0.27 lib64neon0.27-devel lib64neon0.27-static-devel Update: Mon Aug 24 22:07:00 2009 Importance: security ID: MDVSA-2009:221 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:221 %pre Multiple vulnerabilities has been found and corrected in libneon0.27: neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564 (CVE-2009-2473). neon before 0.28.6, when OpenSSL is used, does not properly handle a '\0' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2474). This update provides a solution to these vulnerabilities. %description neon is an HTTP and WebDAV client library for Unix systems, with a C language API. It provides high-level interfaces to HTTP/1.1 and WebDAV methods, and a low-level interface to HTTP request/response handling, allowing new methods to be easily implemented. %package timezone timezone-java Update: Tue Aug 25 15:45:57 2009 Importance: bugfix ID: MDVA-2009:154 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:154 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird-beagle Update: Wed Aug 26 16:34:07 2009 Importance: security ID: MDVSA-2009:217-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:217-1 %pre A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The mozilla-thunderbird-beagle package was not rebuilt for mozilla-thunderbird 2.0.0.23. This update solves this issue. %description Beagle is an indexing sub-system and search aggregator built on top of Lucene.Net. It can index your files, mailboxes, your web browsing behaviour and other things. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird-beagle Update: Wed Aug 26 16:35:09 2009 Importance: security ID: MDVSA-2009:217-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:217-1 %pre A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The mozilla-thunderbird-beagle package was not rebuilt for mozilla-thunderbird 2.0.0.23. This update solves this issue. %description Beagle is an indexing sub-system and search aggregator built on top of Lucene.Net. It can index your files, mailboxes, your web browsing behaviour and other things. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird-beagle Update: Wed Aug 26 16:40:10 2009 Importance: bugfix ID: MDVA-2009:155 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:155 %pre The mozilla-thunderbird-beagle package was not rebuilt for mozilla-thunderbird 2.0.0.23. This update solves this issue. %description Beagle is an indexing sub-system and search aggregator built on top of Lucene.Net. It can index your files, mailboxes, your web browsing behaviour and other things. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird-beagle Update: Wed Aug 26 16:40:38 2009 Importance: bugfix ID: MDVA-2009:155 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:155 %pre The mozilla-thunderbird-beagle package was not rebuilt for mozilla-thunderbird 2.0.0.23. This update solves this issue. %description Beagle is an indexing sub-system and search aggregator built on top of Lucene.Net. It can index your files, mailboxes, your web browsing behaviour and other things. %package lib64xerces-c28 lib64xerces-c-devel xerces-c-doc Update: Sun Aug 30 16:45:47 2009 Importance: security ID: MDVSA-2009:223 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:223 %pre A vulnerability has been found and corrected in xerces-c: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service (application crash) via vectors involving nested parentheses and invalid byte values in simply nested DTD structures, as demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-1885). This update provides a solution to this vulnerability. %description Xerces-C++ is a validating XML parser written in a portable subset of C++. Xerces-C++ makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents. The parser provides high performance, modularity, and scalability. Source code, samples and API documentation are provided with the parser. For portability, care has been taken to make minimal use of templates, no RTTI, and minimal use of #ifdefs. %package kdebase4-workspace kdebase4-workspace-devel kdm lib64kdecorations4 lib64kephal4 lib64kfontinst4 lib64kfontinstui4 lib64khotkeysprivate4 lib64kscreensaver5 lib64ksgrd4 lib64kwineffects1 lib64kwinnvidiahack4 lib64kworkspace4 lib64lsofui4 lib64nepomukquery4 lib64nepomukqueryclient4 lib64plasma_applet_system_monitor4 lib64plasmaclock4 lib64processcore4 lib64processui4 lib64solidcontrol4 lib64solidcontrolifaces4 lib64taskmanager4 lib64weather_ion4 plasma-applet-battery plasma-applet-calendar plasma-applet-quicklaunch plasma-applet-system-monitor-cpu plasma-applet-system-monitor-hdd plasma-applet-system-monitor-hwinfo plasma-applet-system-monitor-net plasma-applet-system-monitor-temperature plasma-applet-webbrowser plasma-krunner-powerdevil plasma-runner-places Update: Wed Sep 02 12:03:16 2009 Importance: bugfix ID: MDVA-2009:157 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:157 %pre krandrtray from KDE4 is known to have some issues. A patch was added that makes krandrtray open its configuration module when the system tray icon is clicked. %description This package contains the KDE 4 application workspace components. %package lib64qassistant4 lib64qt3support4 lib64qt4-devel lib64qtclucene4 lib64qtcore4 lib64qtdbus4 lib64qtdesigner4 lib64qtgui4 lib64qthelp4 lib64qtnetwork4 lib64qtopengl4 lib64qtscript4 lib64qtscripttools4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtwebkit4 lib64qtxml4 lib64qtxmlpatterns4 qt4-accessibility-plugin qt4-assistant qt4-common qt4-database-plugin-mysql qt4-database-plugin-odbc qt4-database-plugin-pgsql qt4-database-plugin-sqlite qt4-database-plugin-tds qt4-designer qt4-doc qt4-examples qt4-graphicssystems-plugin qt4-linguist qt4-qdoc3 qt4-qtconfig qt4-qtdbus qt4-qvfb qt4-xmlpatterns Update: Tue Sep 08 15:10:25 2009 Importance: security ID: MDVSA-2009:225 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:225 %pre A vulnerability has been found and corrected in qt4: src/network/ssl/qsslcertificate.cpp in Nokia Trolltech Qt 4.x does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2700). This update provides a solution to this vulnerability. %description Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt applications, as well as the README files for Qt. %package aria2 Update: Wed Sep 09 16:26:30 2009 Importance: security ID: MDVSA-2009:226 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:226 %pre A vulnerability has been found and corrected in aria2: aria2 has a buffer overflow which makes it crashing at least on mips. This update provides a solution to this vulnerability. %description Aria2 has segmented downloading engine in its core. It can download one file from multiple URLs or multiple connections from one URL. This results in very high speed downloading, very much faster than ordinary browsers. This engine is implemented with a single-thread model. It can also download BitTorrent files and supports Metalink version 3.0. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Update: Fri Sep 11 12:13:02 2009 Importance: security ID: MDVSA-2009:229 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:229 %pre A vulnerability has been found and corrected in cyrus-imapd: Buffer overflow in the SIEVE script component (sieve/script.c) in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect use of the sizeof operator for determining buffer length, combined with an integer signedness error (CVE-2009-2632). This update provides a solution to this vulnerability. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-mono pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Fri Sep 11 14:47:04 2009 Importance: security ID: MDVSA-2009:230 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:230 %pre Security vulnerabilities has been identified and fixed in pidgin: The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376 (CVE-2009-2694). Unspecified vulnerability in Pidgin 2.6.0 allows remote attackers to cause a denial of service (crash) via a link in a Yahoo IM (CVE-2009-3025) protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the require TLS/SSL preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect to the server without the expected encryption and allows remote attackers to sniff sessions (CVE-2009-3026). libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string (CVE-2009-2703). The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite message that lacks certain required fields, as demonstrated by a malformed message from a KMess client (CVE-2009-3083). The msn_slp_process_msg function in libpurple/protocols/msn/slpcall.c in the MSN protocol plugin in libpurple 2.6.0 and 2.6.1, as used in Pidgin before 2.6.2, allows remote attackers to cause a denial of service (application crash) via a handwritten (aka Ink) message, related to an uninitialized variable and the incorrect UTF16-LE charset name (CVE-2009-3084). The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content with cid: images (CVE-2009-3085). This update provides pidgin 2.6.2, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package htmldoc htmldoc-nogui Update: Fri Sep 11 16:24:11 2009 Importance: security ID: MDVSA-2009:231 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:231 %pre A security vulnerability has been identified and fixed in htmldoc: Buffer overflow in the set_page_size function in util.cxx in HTMLDOC 1.8.27 and earlier allows context-dependent attackers to execute arbitrary code via a long MEDIA SIZE comment. NOTE: it was later reported that there were additional vectors in htmllib.cxx and ps-pdf.cxx using an AFM font file with a long glyph name, but these vectors do not cross privilege boundaries (CVE-2009-3050). This update provides a solution to this vulnerability. %description HTMLDOC allow you to convert Html documents into PDF or PS format. Links and somes specific things of PDF format can be used. %package lib64neon0.26 lib64neon0.26-devel lib64neon0.26-static-devel Update: Fri Sep 11 17:08:59 2009 Importance: security ID: MDVSA-2009:228 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:228 %pre A vulnerability has been found and corrected in neon: neon before 0.28.6, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. (CVE-2009-2474) This update provides a solution to this vulnerability. %description neon is an HTTP and WebDAV client library for Unix systems, with a C language API. It provides high-level interfaces to HTTP/1.1 and WebDAV methods, and a low-level interface to HTTP request/response handling, allowing new methods to be easily implemented. %package lib64silc1.1_2 lib64silcclient1.1_3 silc-toolkit silc-toolkit-devel Update: Tue Sep 15 15:31:33 2009 Importance: security ID: MDVSA-2009:235 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:235 %pre Multiple vulnerabilities was discovered and corrected in silc-toolkit: Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string specifiers in a nickname field, related to the (1) silc_client_add_client, (2) silc_client_update_client, and (3) silc_client_nickname_format functions (CVE-2009-3051). Multiple format string vulnerabilities in lib/silcclient/command.c in Secure Internet Live Conferencing (SILC) Toolkit before 1.1.10, and SILC Client 1.1.8 and earlier, allow remote attackers to execute arbitrary code via format string specifiers in a channel name, related to (1) silc_client_command_topic, (2) silc_client_command_kick, (3) silc_client_command_leave, and (4) silc_client_command_users (CVE-2009-3163). This update provides a solution to these vulnerabilities. %description SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services on the Internet over insecure channel. SILC is IRC-like software although internally they are very different. The biggest similarity between SILC and IRC is that they both provide conferencing services and that SILC has almost the same commands as IRC. Other than that they are nothing alike. Major differences are that SILC is secure what IRC is not in any way. The network model is also entirely different compared to IRC. This package provides development related files for any application that has SILC support. %package lib64silc1.1_2 lib64silcclient1.1_3 silc-toolkit silc-toolkit-devel Update: Fri Sep 18 12:14:31 2009 Importance: bugfix ID: MDVA-2009:161 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:161 %pre The silc-toolkit was linked in a wrong way, it depended on symbols no longer exported by libidn. This made it impossible to use the SILC protocol from pidgin. This update changes the linking to use the included IDN resolver instead of libidn. %description SILC (Secure Internet Live Conferencing) is a protocol which provides secure conferencing services on the Internet over insecure channel. SILC is IRC-like software although internally they are very different. The biggest similarity between SILC and IRC is that they both provide conferencing services and that SILC has almost the same commands as IRC. Other than that they are nothing alike. Major differences are that SILC is secure what IRC is not in any way. The network model is also entirely different compared to IRC. This package provides development related files for any application that has SILC support. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Sun Sep 20 13:48:02 2009 Importance: security ID: MDVSA-2009:236 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:236 %pre Security issues were identified and fixed in firefox 3.0.x: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3069, CVE-2009-3070, CVE-2009-3071, CVE-2009-3072). Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3073, CVE-2009-3074, CVE-2009-3075). Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary PKCS11 module (CVE-2009-3076). Mozilla Firefox before 3.0.14 does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a dangling pointer vulnerability. (CVE-2009-3077). Visual truncation vulnerability in Mozilla Firefox before 3.0.14 allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property (CVE-2009-3078). Unspecified vulnerability in Mozilla Firefox before 3.0.14 allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter (CVE-2009-3079). This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel openssl Update: Tue Sep 22 11:00:19 2009 Importance: security ID: MDVSA-2009:239 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:239 %pre Multiple vulnerabilities was discovered and corrected in openssl: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate (CVE-2009-1379). The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a fragment bug. (CVE-2009-1387) The NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spooof certificates by using MD2 design flaws to generate a hash collision in less than brute-force time. NOTE: the scope of this issue is currently limited because the amount of computation required is still large (CVE-2009-2409). This update provides a solution to these vulnerabilities. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64qca2 lib64qca2-plugin-cyrus-sasl lib64qca2-plugin-gcrypt lib64qca2-plugin-gnupg lib64qca2-plugin-logger lib64qca2-plugin-nss lib64qca2-plugin-openssl lib64qca2-plugin-pkcs11 lib64qca2-plugin-softstore lib64qca-devel qca Update: Tue Sep 22 11:48:39 2009 Importance: bugfix ID: MDVA-2009:162 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:162 %pre This update resolves a new dependency introduced by okular added with the kde-4.2.x updates. %description The QCA library provides an easy API for a range of cryptographic features, including SSL/TLS, X.509 certificates, SASL, symmetric ciphers, public key ciphers, hashes and much more. Functionality is supplied via plugins. This is useful for avoiding dependence on a particular crypto library and makes upgrading easier, as there is no need to recompile your application when adding or upgrading a crypto plugin. Also, by pushing crypto functionality into plugins, applications are free of legal issues, such as export regulation. %package lib64xcb1 lib64xcb-devel lib64xcb-static-devel Update: Tue Sep 22 11:53:20 2009 Importance: bugfix ID: MDVA-2009:163 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:163 %pre In 2009.1, if you launch Firefox remotely via ssh, xdm, or rlogin, the menus are sluggish. When you right click on links, it takes 2-3 *seconds* for the menu to appear. A new libxcb package was build with fixes for this issue, bringing firefox back to it's normal speed when running remotely. %description the X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel lib64qassistant4 lib64qt3support4 lib64qt4-devel lib64qtclucene4 lib64qtcore4 lib64qtdbus4 lib64qtdesigner4 lib64qtgui4 lib64qthelp4 lib64qtnetwork4 lib64qtopengl4 lib64qtscript4 lib64qtscripttools4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtwebkit4 lib64qtxml4 lib64qtxmlpatterns4 lib64readline6 lib64readline-devel mysql mysql-bench mysql-client mysql-common mysql-doc mysql-max mysql-ndb-extra mysql-ndb-management mysql-ndb-storage mysql-ndb-tools qt4-accessibility-plugin qt4-assistant qt4-common qt4-database-plugin-mysql qt4-database-plugin-odbc qt4-database-plugin-pgsql qt4-database-plugin-sqlite qt4-database-plugin-tds qt4-designer qt4-doc qt4-examples qt4-graphicssystems-plugin qt4-linguist qt4-qdoc3 qt4-qtconfig qt4-qtdbus qt4-qvfb qt4-xmlpatterns readline-doc Update: Tue Sep 22 12:48:40 2009 Importance: bugfix ID: MDVA-2009:164 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:164 %pre A higher version of qt4 in 2009.0 updates was preventing a proper upgrade from 2009.0 -> 2009.1. Additional required dependencies is also provided. %description The "readline" library will read a line from the terminal and return it, allowing the user to edit the line with the standard emacs editing keys. It allows the programmer to give the user an easier-to-use and more intuitive interface. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Tue Sep 22 14:06:07 2009 Importance: security ID: MDVSA-2009:240 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:240 %pre Multiple vulnerabilities was discovered and corrected in apache: The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command (CVE-2009-3094). The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes (CVE-2009-3095). This update provides a solution to these vulnerabilities. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package cfengine-base cfengine-cfagent cfengine-cfenvd cfengine-cfexecd cfengine-cfservd lib64cfengine1 lib64cfengine-devel Update: Tue Sep 22 14:50:34 2009 Importance: bugfix ID: MDVA-2009:165 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:165 %pre The 'recurse' keyword in any editfile action trigger the following warning, for each file found: cfengine:hostname: Unknown action in editing of file XYZ. This update fixes this issue. %description Cfengine, the configuration engine, is a very high level language for simplifying the task of administrating and configuring large numbers of workstations. Cfengine uses the idea of classes and a primitive form of intelligence to define and automate the configuration of large systems in the most economical way possible. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Tue Sep 22 23:41:06 2009 Importance: security ID: MDVSA-2009:243 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:243 %pre Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package lib64rrdtool4 lib64rrdtool-devel perl-rrdtool python-rrdtool rrdtool tcl-rrdtool Update: Wed Sep 23 20:03:30 2009 Importance: bugfix ID: MDVA-2009:168 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:168 %pre This update addresses a problem where rrdtool-1.3.x required a font installed like for example the DejaVuSansMono.ttf font. A dependancy was added on fonts-ttf-dejavu to address this problem. %description RRD is the Acronym for Round Robin Database. RRD is a system to store and display time-series data (i.e. network bandwidth, machine-room temperature, server load average). It stores the data in a very compact way that will not expand over time, and it presents useful graphs by processing the data to enforce a certain data density. It can be used either via simple wrapper scripts (from shell or Perl) or via frontends that poll network devices and put a friendly user interface on it. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Wed Sep 23 23:18:41 2009 Importance: security ID: MDVSA-2009:243-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:243-1 %pre Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c. This update corrects the problem. Update: Correct a problem in the 2009.1 update of the lzw handling code. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package glib2.0-common glib-gettextize lib64gio2.0_0 lib64glib2.0_0 lib64glib2.0-devel Update: Thu Sep 24 12:35:13 2009 Importance: security ID: MDVSA-2009:245 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:245 %pre A vulnerability was discovered and corrected in glib2.0: The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link (777), which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissions of the user home directory (CVE-2009-3289). This update provides a solution to this vulnerability. %description Glib is a handy library of utility functions. This C library is designed to solve some portability problems and provide other useful functionality which most programs require. Glib is used by GDK, GTK+ and many applications. You should install Glib because many of your applications will depend on this library. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Sep 25 18:43:50 2009 Importance: security ID: MDVSA-2009:248 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:248 %pre Multiple vulnerabilities was discovered and corrected in php: The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates (CVE-2009-3291). Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. (CVE-2009-3292) Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. (CVE-2009-3293). However in Mandriva we don't use the bundled libgd source in php per default, there is a unsupported package in contrib named php-gd-bundled that eventually will get updated to pickup these fixes. This update provides a solution to these vulnerabilities. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package lib64newt0.52 lib64newt0.52-devel newt Update: Sun Sep 27 14:49:05 2009 Importance: security ID: MDVSA-2009:249 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:249 %pre A vulnerability was discovered and corrected in newt: A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request (direct or via a custom application), leading to a denial of service (application crash) or, potentially, arbitrary code execution with the privileges of the user running the application using the newt library (CVE-2009-2905). This update provides a solution to this vulnerability. %description Newt is a programming library for color text mode, widget based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, etc., to text mode user interfaces. This package contains a /usr/bin/dialog replacement called whiptail. Newt is based on the slang library. %package drakx-finish-install drakxtools drakxtools-backend drakxtools-curses drakxtools-http harddrake harddrake-ui Update: Tue Sep 29 16:39:36 2009 Importance: bugfix ID: MDVA-2009:172 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:172 %pre This update fixes several minor issues with draksound: - it fixes starting firefox for tools help (bug #29775) - it makes tools aware of the snd_ctxfi sound driver - it fixes memory detection in harddrake (bug #50106) It also enable harddrake not to configure framebuffer and splash removal for OEM. %description Contains many Mandriva Linux applications simplifying users and administrators life on a Mandriva Linux machine. Nearly all of them work both under XFree (graphical environment) and in console (text environment), allowing easy distant work. - drakbug: interactive bug report tool - drakbug_report: help find bugs in DrakX - drakclock: date & time configurator - drakfloppy: boot disk creator - drakfont: import fonts in the system - draklog: show extracted information from the system logs - drakperm: msec GUI (permissions configurator) - draksec: security options managment / msec frontend - draksplash: bootsplash themes creation %package ldetect-lst ldetect-lst-devel Update: Tue Sep 29 16:45:36 2009 Importance: bugfix ID: MDVA-2009:173 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:173 %pre This makes the configuration tools use the proper driver for two Matrox cards (bug #53564). It also adds support for ION video card (bug #53515) Last but not least, it defaults to use the nvidia driver instead of the nv one for nVidia Geforce2 MX/MX, thus enabling one to use 3D (bug #53841) %description The hardware device lists provided by this package are used as lookup table to get hardware autodetection. %package aria2 Update: Tue Sep 29 16:58:09 2009 Importance: bugfix ID: MDVA-2009:174 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:174 %pre This update fixes an issue with aria2: - the default path aria2c uses to look for certificates for public CAs isn't the right one on mandriva systems %description Aria2 has segmented downloading engine in its core. It can download one file from multiple URLs or multiple connections from one URL. This results in very high speed downloading, very much faster than ordinary browsers. This engine is implemented with a single-thread model. It can also download BitTorrent files and supports Metalink version 3.0. %package akregator kaddressbook kalarm kdepim4 kdepim4-akonadi kdepim4-core kdepim4-devel kdepim4-kresources kdepim4-wizards kjots kleopatra kmail kmailcvt knode knotes kode kontact korganizer kpilot ksendemail ktimetracker lib64akonadi-kabccommon4 lib64akonadi-kcal4 lib64akregatorinterfaces4 lib64akregatorprivate4 lib64gwsoap4 lib64imap4 lib64kabc_groupdav4 lib64kabc_groupwise4 lib64kabckolab4 lib64kabcommon4 lib64kabcscalix4 lib64kabc_slox4 lib64kabc_xmlrpc4 lib64kabinterfaces4 lib64kaddressbookprivate4 lib64kalarm_resources4 lib64kcal_groupdav4 lib64kcal_groupwise4 lib64kcalkolab4 lib64kcal_resourceblog4 lib64kcal_resourcefeatureplan4 lib64kcal_resourceremote4 lib64kcalscalix4 lib64kcal_slox4 lib64kcal_xmlrpc4 lib64kdepim4 lib64kgroupwarebase4 lib64kgroupwaredav4 lib64kholidays4 lib64kleo4 lib64kleopatraclientcore4 lib64kleopatraclientgui4 lib64kmailprivate4 lib64knodecommon4 lib64knoteskolab4 lib64knotesscalix4 lib64knotes_xmlrpc4 lib64kocorehelper4 lib64kode4 lib64kontactinterfaces4 lib64kontactprivate4 lib64korganizer_calendar4 lib64korganizer_eventviewer4 lib64korganizer_interfaces4 lib64korganizerprivate4 lib64korg_stdprinting4 lib64kpgp4 lib64kpilot5 lib64kschema4 lib64kschemawidgets4 lib64ksieve4 lib64kslox4 lib64kxmlcommon4 lib64maildir4 lib64mimelib4 lib64schema4 lib64wscl4 lib64wsdl4 Update: Tue Sep 29 18:12:00 2009 Importance: bugfix ID: MDVA-2009:175 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:175 %pre Kmail users using DIMAP ( Disconected IMAP ) can have occasional deletion of folder emails in server in situations of local/server name move. This fix solves this major bug. %description Information Management applications for the K Desktop Environment. - kaddressbook: The KDE addressbook application. - korganizer: a calendar-of-events and todo-list manager - kpilot: to sync with your PalmPilot - kalarm: gui for setting up personal alarm/reminder messages - kalarmd: personal alarm/reminder messages daemon, shared by korganizer and kalarm. - kaplan: A shell for the PIM apps, still experimental. - ktimetracker: Time tracker. - kfile-plugins: vCard KFIleItem plugin. - knotes: yellow notes application - konsolecalendar: Command line tool for accessing calendar files. - kmail: universal mail client - kmailcvt: converst addressbooks to kmail format %package lib64ecpg8.3_6 lib64pq8.3_5 postgresql8.3 postgresql8.3-contrib postgresql8.3-devel postgresql8.3-docs postgresql8.3-pl postgresql8.3-plperl postgresql8.3-plpgsql postgresql8.3-plpython postgresql8.3-pltcl postgresql8.3-server Update: Wed Sep 30 18:03:06 2009 Importance: security ID: MDVSA-2009:177 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:177 %pre The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service (backend shutdown) by re-LOAD-ing libraries from a certain plugins directory (CVE-2009-3229). The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZATION operations, which allows remote authenticated users to gain privileges. NOTE: this is due to an incomplete fix for CVE-2007-6600 (CVE-2009-3230). The core server component in PostgreSQL 8.3 before 8.3.8 and 8.2 before 8.2.14, when using LDAP authentication with anonymous binds, allows remote attackers to bypass authentication via an empty password (CVE-2009-3231). This update provides a fix for this vulnerability. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package mdadm Update: Thu Oct 01 12:44:00 2009 Importance: bugfix ID: MDVA-2009:176 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:176 %pre updated mdadm packages fix a bug causing raid arrays not being fully assembled at boot. %description mdadm is a program that can be used to create, manage, and monitor Linux MD (Software RAID) devices. As such is provides similar functionality to the raidtools packages. The particular differences to raidtools is that mdadm is a single program, and it can perform (almost) all functions without a configuration file (that a config file can be used to help with some common tasks). %package x11-server x11-server-common x11-server-devel x11-server-xephyr x11-server-xfbdev x11-server-xnest x11-server-xorg x11-server-xsdl x11-server-xvfb x11-server-xvnc Update: Thu Oct 01 12:58:55 2009 Importance: bugfix ID: MDVA-2009:177 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:177 %pre Display keeps sleeping. Settings set not to but within seconds on being idle screen sleeps or hibernates. This update fixes this issue making the users settings about display respected. %description X11 servers %package x11-data-xkbdata Update: Thu Oct 01 13:02:06 2009 Importance: bugfix ID: MDVA-2009:178 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:178 %pre The script mandriva-setup-keyboard, used to set the xkb options on HAL devices, did not set xkb.model. This would case Brazillian ABNT2 keyboards to output the wrong character for the keypad dot key. This update fixes this issue. You may need to restart the service haldaemon or reboot for this change to take effect. %description Xkeyboard-config provides consistent, well-structured, frequently released of X keyboard configuration data (XKB) for various X Window System implementations. %package lib64mesagl1 lib64mesagl1-devel lib64mesaglu1 lib64mesaglu1-devel lib64mesaglut3 lib64mesaglut3-devel lib64mesaglw1 lib64mesaglw1-devel mesa mesa-common-devel mesa-demos mesa-source Update: Fri Oct 02 13:52:44 2009 Importance: bugfix ID: MDVA-2009:179 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:179 %pre There was a minor problem with a faulty path in the generated pkg-config (*.pc) files. This update addresses this problem. %description Mesa is an OpenGL 2.1 compatible 3D graphics library. %package x11-driver-video-openchrome Update: Mon Oct 05 20:10:35 2009 Importance: bugfix ID: MDVA-2009:180 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:180 %pre The Openchrome driver had an issue where it could cause errors in the PCI bus after returning from DPMS, which could lead to errors in other devices. This new openchrome driver version fixes this problem, so it doesn't interfere with the other PCI devices anymore. %description A free and Open Source video driver for the VIA/S3G UniChrome and UniChrome Pro graphics chipsets. (CLE266, KN400, KM400, K8M800, PM800, CN400, VN800) %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel openssl Update: Wed Oct 07 15:33:00 2009 Importance: security ID: MDVSA-2009:258 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:258 %pre A regression was found with the self signed certificate signatures checking after applying the fix for CVE-2009-2409. An upstream patch has been applied to address this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package mozilla-thunderbird-moztraybiff Update: Thu Oct 08 13:11:38 2009 Importance: security ID: MDVSA-2009:217-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:217-1 %pre A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The mozilla-thunderbird-moztraybiff packages had the wrong release which prevented it to be upgraded (#53129). The new packages addresses this problem. %description Mozilla New Mail Icon is an extension which displays an icon in the system tray when new mail arrives in your Mozilla or Mozilla Thunderbird. It supports the standard (FreeDesktop.org) system tray, as used by GNOME, KDE and IceWM. This extension was previously called Mozilla Free Desktop Integration. %package mozilla-thunderbird-moztraybiff Update: Thu Oct 08 13:30:49 2009 Importance: security ID: MDVSA-2009:217-2 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:217-2 %pre A number of security vulnerabilities have been discovered in Mozilla Thunderbird: Security issues in thunderbird could lead to a man-in-the-middle attack via a spoofed X.509 certificate (CVE-2009-2408). A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update provides the latest version of Thunderbird which are not vulnerable to these issues. Update: The previous mozilla-thunderbird-moztraybiff packages had the wrong release which prevented it to be upgraded (#53129). The new packages addresses this problem. %description Mozilla New Mail Icon is an extension which displays an icon in the system tray when new mail arrives in your Mozilla or Mozilla Thunderbird. It supports the standard (FreeDesktop.org) system tray, as used by GNOME, KDE and IceWM. This extension was previously called Mozilla Free Desktop Integration. %package imagemagick imagemagick-desktop imagemagick-doc lib64magick2 lib64magick-devel perl-Image-Magick Update: Fri Oct 09 02:04:10 2009 Importance: security ID: MDVSA-2009:260 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:260 %pre A vulnerability has been found and corrected in ImageMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. ImageMagick can make use of the following delegate programs, available as packages in Mandriva Linux: curl enscript ffmpeg ghostscript ghostscript-X gimp gnuplot graphviz html2ps mplayer ncompress netpbm sane-backends tetex-dvips transfig ufraw xdg-utils zip autotrace povray %package graphicsmagick graphicsmagick-doc lib64graphicsmagick3 lib64graphicsmagick-devel lib64graphicsmagickwand2 perl-Graphics-Magick Update: Fri Oct 09 02:04:48 2009 Importance: security ID: MDVSA-2009:261 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:261 %pre A vulnerability has been found and corrected in GraphicsMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow (CVE-2009-1882). This update fixes this vulnerability. %description GraphicsMagick is the swiss army knife of image processing. It provides a robust collection of tools and libraries which support reading, writing, and manipulating an image in over 88 major formats including important formats like DPX, GIF, JPEG, JPEG-2000, PNG, PDF, SVG, and TIFF. GraphicsMagick supports huge images on systems that support large files, and has been tested with gigapixel-size images. GraphicsMagick can create new images on the fly, making it suitable for building dynamic Web applications. GraphicsMagick may be used to resize, rotate, sharpen, color reduce, or add special effects to an image and save the result in the same or differing image format. Image processing operations are available from the command line, as well as through C, C++, Perl, or Windows COM programming interfaces. Extensions are available from third-parties to support programming in Python, Tcl, and Ruby. With some modification, language extensions for ImageMagick may be used. %package lib64xmlsec1-1 lib64xmlsec1-devel lib64xmlsec1-gnutls1 lib64xmlsec1-gnutls-devel lib64xmlsec1-nss1 lib64xmlsec1-nss-devel lib64xmlsec1-openssl1 lib64xmlsec1-openssl-devel xmlsec1 Update: Sat Oct 10 15:48:35 2009 Importance: security ID: MDVSA-2009:267 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:267 %pre A vulnerability has been found and corrected in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, allowing the attacker to bypass authentication that is based on the XML Signature specification (CVE-2009-0217). This update fixes this vulnerability. %description XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption". %package jay lib64mono0 lib64mono-devel mono mono-bytefx-data-mysql mono-data mono-data-firebird mono-data-oracle mono-data-postgresql mono-data-sqlite mono-data-sybase mono-doc monodoc-core mono-extras mono-ibm-data-db2 mono-jscript mono-locale-extras mono-nunit mono-wcf mono-web mono-winforms Update: Mon Oct 12 12:58:58 2009 Importance: security ID: MDVSA-2009:269 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:269 %pre A vulnerability has been found and corrected in mono: The XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation (CVE-2009-0217). This update fixes this vulnerability. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. This package contains the core of the Mono runtime including its Virtual Machine, Just-in-time compiler, C# compiler, security tools and libraries (corlib, XML, System.Security, System.Drawing, ZipLib, I18N, Cairo and Mono.*). %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Mon Oct 12 15:52:31 2009 Importance: security ID: MDVSA-2009:270 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:270 %pre A vulnerability has been found and corrected in wireshark: Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets (CVE-2009-3241). This update fixes this vulnerability. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package python-django Update: Tue Oct 13 15:58:10 2009 Importance: security ID: MDVSA-2009:276 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:276 %pre Multiple vulnerabilities has been found and corrected in python-django: The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected static media files, which allows remote attackers to conduct directory traversal attacks and read arbitrary files via a crafted URL (CVE-2009-2659). Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression (CVE-2009-3695). The versions of Django shipping with Mandriva Linux have been updated to the latest patched version that include the fix for this issue. In addition, they provide other bug fixes. %description Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Developed and used over the past two years by a fast-moving online-news operation, Django was designed from scratch to handle two challenges: the intensive deadlines of a newsroom and the stringent requirements of experienced Web developers. It has convenient niceties for developing content-management systems, but it's an excellent tool for building any Web site. Django focuses on automating as much as possible and adhering to the DRY principle. %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-swat samba-winbind Update: Wed Oct 14 13:28:10 2009 Importance: security ID: MDVSA-2009:277 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:277 %pre Multiple vulnerabilities has been found and corrected in samba: The SMB (aka Samba) subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create, or modify files, in certain circumstances involving user accounts that lack home directories (CVE-2009-2813). smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet (CVE-2009-2906). mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain the password by specifying the path to the credentials file and using the --verbose or -v option (CVE-2009-2948). The versions of samba shipping with Mandriva Linux CS4/MES5/2008.1/2009.0/2009.1 have been updated to the latest version that includes the fixes for these issues. Additionally for 2009.1 the version upgrade provides many upstream bug fixes such as improved Windows(tm) 7 support. The version for CS3 has been patched to address these security issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package lib64poppler4 lib64poppler-devel lib64poppler-glib4 lib64poppler-glib-devel lib64poppler-qt2 lib64poppler-qt4-3 lib64poppler-qt4-devel lib64poppler-qt-devel poppler Update: Mon Oct 19 22:51:54 2009 Importance: security ID: MDVSA-2009:280 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:280 %pre Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. (CVE-2009-3608, CVE-2009-3609) This update corrects the problem. %description Poppler is a PDF rendering library based on the xpdf-3.0 code base. %package gd-utils lib64gd2 lib64gd-devel lib64gd-static-devel Update: Tue Oct 20 13:44:38 2009 Importance: security ID: MDVSA-2009:284 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:284 %pre A vulnerability has been found and corrected in gd: The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information (CVE-2009-3546). This update fixes this vulnerability. %description gd is a graphics library. It allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and write out the result as a PNG or JPEG file. This is particularly useful in World Wide Webapplications, where PNG and JPEG are two of the formats accepted for inlineimages by most browsers. gd is not a paint program. If you are looking for a paint program, you are looking in the wrong place. If you are not a programmer, you are looking in the wrong place. gd does not provide for every possible desirable graphics operation. It is not necessary or desirable for gd to become a kitchen-sink graphics package, but version 1.7.3 incorporates most of the commonly requested features for an 8-bit 2D package. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Tue Oct 20 19:28:46 2009 Importance: security ID: MDVSA-2009:285 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:285 %pre Multiple vulnerabilities has been found and corrected in php: The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.0, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-read attacks via a crafted GD file, a different vulnerability than CVE-2009-3293. NOTE: some of these details are obtained from third party information (CVE-2009-3546). Added two upstream patches to address a bypass vulnerability in open_basedir and safe_mode. Additionally on CS4 a regression was found and fixed when using the gd-bundled.so variant from the php-gd package. This update fixes these vulnerabilities. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Fri Oct 23 22:15:02 2009 Importance: security ID: MDVSA-2009:288 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:288 %pre A vulnerability has been identified and corrected in proftpd: The mod_tls module in proftpd < 1.3.2b is vulnerable to a similar security issue as CVE-2009-2408. This update fixes these vulnerability. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Thu Oct 29 13:53:10 2009 Importance: security ID: MDVSA-2009:290 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:290 %pre Security issues were identified and fixed in firefox 3.0.x: Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code containing a very long string to be converted to a floating point number which would result in improper memory allocation and the execution of an arbitrary memory location. This vulnerability could thus be leveraged by the attacker to run arbitrary code on a victim's computer (CVE-2009-1563). Security researcher Jeremy Brown reported that the file naming scheme used for downloading a file which already exists in the downloads folder is predictable. If an attacker had local access to a victim's computer and knew the name of a file the victim intended to open through the Download Manager, he could use this vulnerability to place a malicious file in the world-writable directory used to save temporary downloaded files and cause the browser to choose the incorrect file when opening it. Since this attack requires local access to the victim's machine, the severity of this vulnerability was determined to be low (CVE-2009-3274). Security researcher Paul Stone reported that a user's form history, both from web content as well as the smart location bar, was vulnerable to theft. A malicious web page could synthesize events such as mouse focus and key presses on behalf of the victim and trick the browser into auto-filling the form fields with history entries and then reading the entries (CVE-2009-3370). Security researcher Marco C. reported a flaw in the parsing of regular expressions used in Proxy Auto-configuration (PAC) files. In certain cases this flaw could be used by an attacker to crash a victim's browser and run arbitrary code on their computer. Since this vulnerability requires the victim to have PAC configured in their environment with specific regular expresssions which can trigger the crash, the severity of the issue was determined to be moderate (CVE-2009-3372). Security research firm iDefense reported that researcher regenrecht discovered a heap-based buffer overflow in Mozilla's GIF image parser. This vulnerability could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2009-3373). Mozilla security researcher moz_bug_r_a4 reported that the XPCOM utility XPCVariant::VariantDataToJS unwrapped doubly-wrapped objects before returning them to chrome callers. This could result in chrome privileged code calling methods on an object which had previously been created or modified by web content, potentially executing malicious JavaScript code with chrome privileges (CVE-2009-3374). Security researcher Gregory Fleischer reported that text within a selection on a web page can be read by JavaScript in a different domain using the document.getSelection function, violating the same-origin policy. Since this vulnerability requires user interaction to exploit, its severity was determined to be moderate (CVE-2009-3375). Mozilla security researchers Jesse Ruderman and Sid Stamm reported that when downloading a file containing a right-to-left override character (RTL) in the filename, the name displayed in the dialog title bar conflicts with the name of the file shown in the dialog body. An attacker could use this vulnerability to obfuscate the name and file extension of a file to be downloaded and opened, potentially causing a user to run an executable file when they expected to open a non-executable file (CVE-2009-3376). Mozilla developers and community members identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Vladimir Vukicevic, Jesse Ruderman, Martijn Wargers, Daniel Banchero, David Keeler, and Boris Zbarsky reported crashes in the browser engine which affected both Firefox 3 and Firefox 3.5 (CVE-2009-3380). Carsten Book reported a crash in the browser engine which affected only Firefox 3 (CVE-2009-3382). This update provides the latest Mozilla Firefox 3.0.x to correct these issues. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package jetty5 jetty5-demo jetty5-javadoc jetty5-manual Update: Thu Oct 29 17:54:17 2009 Importance: security ID: MDVSA-2009:291 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:291 %pre A vulnerability has been identified and corrected in jetty5: Directory traversal vulnerability in the HTTP server in Mort Bay Jetty before 6.1.17, and 7.0.0.M2 and earlier 7.x versions, allows remote attackers to access arbitrary files via directory traversal sequences in the URI (CVE-2009-1523). This update fixes this vulnerability. %description Jetty is a 100% Java HTTP Server and Servlet Container. This means that you do not need to configure and run a separate web server (like Apache) in order to use java, servlets and JSPs to generate dynamic content. Jetty is a fully featured web server for static and dynamic content. Unlike separate server/container solutions, this means that your web server and web application run in the same process, without interconnection overheads and complications. Furthermore, as a pure java component, Jetty can be simply included in your application for demonstration, distribution or deployment. Jetty is available on all Java supported platforms. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Tue Nov 03 14:09:35 2009 Importance: security ID: MDVSA-2009:292 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:292 %pre Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace (CVE-2009-3550); and in wiretap/erf.c which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file (CVE-2009-3829). The wireshark package has been updated to fix these vulnerabilities. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package squidGuard Update: Tue Nov 03 16:15:16 2009 Importance: security ID: MDVSA-2009:293 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:293 %pre Multiple vulnerabilities has been found and corrected in squidGuard: Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote attackers to cause a denial of service (application hang or loss of blocking functionality) via a long URL with many / (slash) characters, related to emergency mode. (CVE-2009-3700). Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL (CVE-2009-3826). squidGuard was upgraded to 1.2.1 for MNF2/CS3/CS4 with additional upstream security and bug fixes patches applied. This update fixes these vulnerabilities. %description SquidGuard is a combined filter, redirector and access controller plugin for Squid. It is free, very flexible, extremely fast, easily installed, portable. SquidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users. - enforce the use of domainnames/prohibit the use of IP address in URLs. - redirect blocked URLs to an "intelligent" CGI based info page. - redirect unregistered user to a registration form. - redirect popular downloads like Netscape, MSIE etc. to local copies. - redirect banners to an empty GIF. - have different access rules based on time of day, day of the week, date etc. - have different rules for different user groups. Neither squidGuard nor Squid can be used to - filter/censor/edit text inside documents - filter/censor/edit embeded scripting languages like JavaScript or VBscript inside HTML %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sun Nov 08 19:03:54 2009 Importance: security ID: MDVSA-2009:295 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:295 %pre A vulnerability was discovered and corrected in apache: Apache is affected by SSL injection or man-in-the-middle attacks due to a design flaw in the SSL and/or TLS protocols. A short term solution was released Sat Nov 07 2009 by the ASF team to mitigate these problems. Apache will now reject in-session renegotiation (CVE-2009-3555). Additionally the SNI patch was upgraded for 2009.0/MES5 and 2009.1. This update provides a solution to this vulnerability. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package urlview Update: Thu Nov 12 15:33:11 2009 Importance: bugfix ID: MDVA-2009:195 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:195 %pre A compilation problem made urlview crash when opening the wanted url. This update fixes the problem. %description urlview extracts URLs from a given text file, and presents a menu of URLs to view using a user specified command. %package squid squid-cachemgr Update: Thu Nov 12 18:23:33 2009 Importance: bugfix ID: MDVA-2009:199 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:199 %pre This is a bugfix and maintenance release for squid that upgrades squid to 3.0.STABLE20 and fixes some bugs: An outstanding issue with code 304 and code 200 replies being mixed up has now been resolved. This means requests which need to refresh cache objects will not cause temporary client software failures. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package squid squid-cachemgr Update: Thu Nov 12 18:26:33 2009 Importance: bugfix ID: MDVA-2009:199 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:199 %pre This is a bugfix and maintenance release for squid that upgrades squid to 3.0.STABLE20 and fixes some bugs: An outstanding issue with code 304 and code 200 replies being mixed up has now been resolved. This means requests which need to refresh cache objects will not cause temporary client software failures. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-swat samba-winbind Update: Fri Nov 13 12:35:52 2009 Importance: bugfix ID: MDVA-2009:201 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:201 %pre This is a maintenance and bugfix release of samba 3.3.x. Major enhancements in Samba 3.3.9 include: o Fix trust relationships to windows 2008 (2008 r2) (bug #6711). o Fix file corruption using smbclient with NT4 server (bug #6606). o Fix Windows 7 share access (which defaults to NTLMv2) (bug #6680). o Fix SAMR server for Winbind access (bug #6504). %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package gimp gimp-python lib64gimp2.0_0 lib64gimp2.0-devel Update: Fri Nov 13 14:13:02 2009 Importance: security ID: MDVSA-2009:296 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:296 %pre %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with lzw Enable LZW compression in GIF (default disabled) %package apache-conf apache-conf Update: Sun Nov 15 16:09:41 2009 Importance: security ID: MDVSA-2009:300 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:300 %pre A vulnerability was discovered and corrected in apache-conf: The Apache HTTP Server enables the HTTP TRACE method per default which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software (CVE-2009-2823). This update provides a solution to this vulnerability. %description %package kompozer Update: Mon Nov 16 17:49:55 2009 Importance: bugfix ID: MDVA-2009:204 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:204 %pre As mentioned on http://kompozer.net/, KompoZer 0.7.10 doesn't work with GTK 2.14 or higher. This is a update to version 0.8 making it work fine again. %description A complete Web authoring system for Linux Desktop users, similar to Microsoft Windows programs like FrontPage and Dreamweaver. KompoZer is an unofficial branch of Nvu, previously developed by Linspire Inc. It makes managing a Web site a snap. Now anyone can create Web pages and manage a Web site with no technical expertise or HTML knowledge. Features * WYSIWYG editing of pages, making Web creation as easy as typing a letter with your word processor. * Integrated file management via FTP. Simply log in to your Web site and navigate through your files, editing Web pages on the fly, directly from your site. * Reliable HTML code creation that works with today's most popular browsers. * Jump between WYSIWYG editing mode and HTML using tabs. * Tabbed editing to make working on multiple pages a snap. * Powerful support for frames, forms, tables, and templates. %package aoss lib64alsa-oss0 lib64alsa-oss-devel Update: Wed Nov 18 00:35:00 2009 Importance: bugfix ID: MDVA-2009:208 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:208 %pre The aoss script which redirect OSS sound output to Alsa contains an error which makes it fail to preload the correct library. Because of this error, old applications using OSS may fail to play sound if PulseAudio is not used. This update corrects this error. %description Advanced Linux Sound Architecture (ALSA) is a modularized architecture which supports quite a large range of ISA and PCI cards. It's fully compatible with old OSS drivers (either OSS/Lite, OSS/commercial). To use the features of alsa, one can either use: - the old OSS api - the new ALSA api that provides many enhanced features. Using the ALSA api requires to use the ALSA library. This library provides oss compatibility %package drakx-net drakx-net-text libdrakx-net Update: Wed Nov 18 23:21:21 2009 Importance: bugfix ID: MDVA-2009:209 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:209 %pre This update to drakx-net fixes two issues: - Wireless passwords for WPA networks which contain only hex-parseable characters could be corrupted by conversion to lower-case (#52128) - Pending Interactive Firewall notifications could show in tray even after modifying drakfirewall configuration (#48493) This update fixes these issues. %description This package contains the Mandriva network tools. net_applet: applet to check network connection net_monitor: connection monitoring %package perl-URPM Update: Thu Nov 19 21:07:13 2009 Importance: bugfix ID: MDVA-2009:213 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:213 %pre perl-URPM can sometimes get confused about which GPG pubkey belong to which media. This update fixes this issue. %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package fuse lib64fuse2 lib64fuse-devel lib64fuse-static-devel Update: Mon Nov 23 18:00:06 2009 Importance: bugfix ID: MDVA-2009:215 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:215 %pre Due to a bad interaction between fuse and audit framework, applications reading .gvfs would hang if audit is activated. This happens at least on first boot and every month due to readahead-collector. This was reported as bug #53208. These updated packages fix the issue. %description FUSE (Filesystem in USErspace) is a simple interface for userspace programs to export a virtual filesystem to the linux kernel. FUSE also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations. %package lib64xcb1 lib64xcb-devel lib64xcb-static-devel Update: Tue Nov 24 23:20:42 2009 Importance: bugfix ID: MDVA-2009:219 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:219 %pre Due to a packaging problem, the development version of the libxcb package on 64 bit systems could lead to file conflicts during the installation because it was not providing the libxcb-devel package. This update fixes this issue. %description the X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility. %package lib64xt6 lib64xt6-devel lib64xt6-static-devel Update: Tue Nov 24 23:37:36 2009 Importance: bugfix ID: MDVA-2009:220 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:220 %pre Due to a packaging problem, the development version of the libxt package on 64 bit systems could lead to file conflicts during the installation because it was not providing the libxt6-devel package. This update fixes this issue. %description X Toolkit Library %package bind bind-devel bind-doc bind-utils Update: Thu Nov 26 17:26:41 2009 Importance: security ID: MDVSA-2009:304 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:304 %pre Some vulnerabilities were discovered and corrected in bind: Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO). (CVE-2009-4022). Additionally BIND has been upgraded to the latest point release or closest supported version by ISC. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package apache-mod_php lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-dbx php-devel php-dio php-dom php-eaccelerator php-eaccelerator-admin php-exif php-fam php-fcgi php-fileinfo php-filepro php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-idn php-imap php-ini php-json php-ldap php-mbstring php-mcal php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-ssh2 php-suhosin php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sat Nov 28 18:35:29 2009 Importance: security ID: MDVSA-2009:303 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:303 %pre Some vulnerabilities were discovered and corrected in php-5.2.11: The tempnam function in ext/standard/file.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass safe_mode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments (CVE-2009-3557). The posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and earlier, and 5.3.x before 5.3.1, allows context-dependent attackers to bypass open_basedir restrictions, and create FIFO files, via the pathname and mode arguments, as demonstrated by creating a .htaccess file (CVE-2009-3558). PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier for remote attackers to exploit local file inclusion vulnerabilities, via multiple requests, related to lack of support for the max_file_uploads directive (CVE-2009-4017). The proc_open function in ext/standard/proc_open.c in PHP before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1) safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars directives, which allows context-dependent attackers to execute programs with an arbitrary environment via the env parameter, as demonstrated by a crafted value of the LD_LIBRARY_PATH environment variable (CVE-2009-4018). Intermittent segfaults occured on x86_64 with the latest phpmyadmin and with apache (#53735). Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sun Nov 29 19:32:04 2009 Importance: bugfix ID: MDVA-2009:226 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:226 %pre This is a minor bugfix release for apache (mod_ssl): The openssl and makedev packages is needed at install time from cdrom medias in %post for the apache-mod_ssl sub package in order to be able to generate the dummy ssl certificate (fixes #55951) The packages provided with this update addresses this problem. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package gcc gcc-c++ gcc-cpp gcc-doc gcc-doc-pdf gcc-gfortran gcc-java gcc-objc gcc-objc++ gcj-tools graphicsmagick graphicsmagick-doc heartbeat heartbeat-ldirectord heartbeat-pils heartbeat-stonith lib64braille14 lib64braille-devel lib64gcj9 lib64gcj-devel lib64gcj-static-devel lib64graphicsmagick3 lib64graphicsmagick-devel lib64graphicsmagickwand2 lib64heartbeat1 lib64heartbeat1-devel lib64heartbeat-apphb0 lib64heartbeat-pils1 lib64heartbeat-pils1-devel lib64heartbeat-stonith1 lib64heartbeat-stonith1-devel lib64ltdl7 lib64ltdl-devel lib64prelude2 lib64prelude-devel lib64prelude-static-devel lib64sane1 lib64sane1-devel lib64tunepimp5 lib64tunepimp-devel lib64xmlsec1-1 lib64xmlsec1-devel lib64xmlsec1-gnutls1 lib64xmlsec1-gnutls-devel lib64xmlsec1-nss1 lib64xmlsec1-nss-devel lib64xmlsec1-openssl1 lib64xmlsec1-openssl-devel libffi4 libffi4-devel libgcc1 libgcj9-base libgcj9-src libgfortran3 libgomp1 libgomp-devel libmudflap0 libmudflap-devel libobjc2 libstdc++6 libstdc++-devel libstdc++-static-devel libtool libtool-base perl-Graphics-Magick perl-prelude prelude-tools proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql python-braille python-prelude python-tunepimp sane-backends sane-backends-doc sane-backends-iscan saned tunepimp-plugins tunepimp-utils xmlsec1 Update: Mon Nov 30 15:33:28 2009 Importance: security ID: MDVSA-2009:307 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:307 %pre A vulnerability was discovered and corrected in libtool: All versions of libtool prior to 2.2.6b suffers from a local privilege escalation vulnerability that could be exploited under certain conditions to load arbitrary code (CVE-2009-3736). This advisory fixes this issue. Additionally, all applications embedding the libtool code were patched in order to avoid possible future exploitations of this issue. %description XML Security Library is a C library based on LibXML2 and OpenSSL. The library was created with a goal to support major XML security standards "XML Digital Signature" and "XML Encryption". %package flash-kde4-config free-kde4-config mandriva-kde4-config-common mandriva-kdm4-config one-kde4-config powerpack-kde4-config Update: Mon Nov 30 20:35:45 2009 Importance: bugfix ID: MDVA-2009:229 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:229 %pre When the user migrates from a kde3 desktop(Mandriva 2008.1) to a full kde4 desktop, kdm doesn't start. This update fixes this issue. %description This package regroups all specific Mandriva config file for KDE. (kicker config etc.) %package msec msec-gui Update: Tue Dec 01 20:06:19 2009 Importance: bugfix ID: MDVA-2009:234 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:234 %pre This update fixes two issues with msec: - msec would stop processing configuration file if a blank line is found (bug #53031) - msec would show a bogus error when checking permissions on non-local files (bug #56088) %description The Mandriva Linux Security package is designed to provide security features to the Mandriva Linux users. It allows to select from a set of preconfigured security levels, and supports custom permission settings, user-specified levels, and several security utilities. This packages includes main msec application and several programs that will be run periodically in order to test the security of your system and alert you if needed. %package lib64dmx1 lib64dmx-devel lib64dmx-static-devel lib64xp6 lib64xp-devel lib64xp-static-devel xdpyinfo Update: Thu Dec 03 17:00:38 2009 Importance: bugfix ID: MDVA-2009:237 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:237 %pre The xdpyinfo package was updated to allow handling more X11 extensions. %description Xdpyinfo is a utility for displaying information about an X server. It is used to examine the capabilities of a server, the predefined values for various parameters used in communicating between clients and the server, and the different types of screens and visuals that are available. %package flash-kde4-config free-kde4-config mandriva-kde4-config-common mandriva-kdm4-config one-kde4-config powerpack-kde4-config Update: Fri Dec 04 17:35:16 2009 Importance: bugfix ID: MDVA-2009:229-1 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:229-1 %pre When the user migrates from a kde3 desktop(Mandriva 2008.1) to a full kde4 desktop, kdm doesn't start. This update fixes this issue. Update: With previous mandriva-kde4-config advisory, the users plasma configurations, such as wallpaper and icon positioning could be lost. This update fixes this issue. If previous update caused you to lose your desktop settings, you may run the following commands to recover your configuration: Close KDE, and copy the file ~/.kde4/share/config/plasma-desktop-appletsrc to ~/.kde4/share/config/plasma-appletsrc and ~/.kde4/share/config/plasma-desktoprc to ~/.kde4/share/config/plasmarc %description This package regroups all specific Mandriva config file for KDE. (kicker config etc.) %package expat lib64expat1 lib64expat1-devel Update: Sat Dec 05 13:00:04 2009 Importance: security ID: MDVSA-2009:316 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:316 %pre A vulnerability has been found and corrected in expat: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 (CVE-2009-3560). Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities. %description Expat is an XML 1.0 parser written in C by James Clark. It aims to be fully conforming. It is currently not a validating XML parser. %package ntp ntp-client ntp-doc Update: Wed Dec 09 00:02:24 2009 Importance: security ID: MDVSA-2009:328 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:328 %pre A vulnerability has been found and corrected in ntp: Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled certain malformed NTP packets. ntpd logged information about all such packets and replied with an NTP packet that was treated as malformed when received by another ntpd. A remote attacker could use this flaw to create an NTP packet reply loop between two ntpd servers via a malformed packet with a spoofed source IP address and port, causing ntpd on those servers to use excessive amounts of CPU time and fill disk space with log messages (CVE-2009-3563). This update provides a solution to this vulnerability. %description The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package if you need tools for keeping your system's time synchronized via the NTP protocol. Note: Primary, original, big, HTML documentation, is in the package ntp-doc. %package broadcom-wl-kernel-2.6.29.6-desktop-3mnb broadcom-wl-kernel-2.6.29.6-server-3mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.29.6-desktop-3mnb em8300-kernel-2.6.29.6-server-3mnb em8300-kernel-desktop-latest em8300-kernel-server-latest hsfmodem-kernel-2.6.29.6-desktop-3mnb hsfmodem-kernel-2.6.29.6-server-3mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest kernel-2.6.29.6-3mnb kernel-desktop-2.6.29.6-3mnb kernel-desktop-devel-2.6.29.6-3mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.29.6-3mnb kernel-server-devel-2.6.29.6-3mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.29.6-3mnb kernel-source-latest libafs-kernel-2.6.29.6-desktop-3mnb libafs-kernel-2.6.29.6-server-3mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.29.6-desktop-3mnb lirc-kernel-2.6.29.6-server-3mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.29.6-desktop-3mnb lzma-kernel-2.6.29.6-server-3mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.29.6-desktop-3mnb madwifi-kernel-2.6.29.6-server-3mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest nvidia173-kernel-2.6.29.6-desktop-3mnb nvidia173-kernel-2.6.29.6-server-3mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.29.6-desktop-3mnb nvidia96xx-kernel-2.6.29.6-server-3mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.29.6-desktop-3mnb nvidia-current-kernel-2.6.29.6-server-3mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest vboxadditions-kernel-2.6.29.6-desktop-3mnb vboxadditions-kernel-2.6.29.6-server-3mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest virtualbox-kernel-2.6.29.6-desktop-3mnb virtualbox-kernel-2.6.29.6-server-3mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.29.6-desktop-3mnb vpnclient-kernel-2.6.29.6-server-3mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Wed Dec 09 23:17:37 2009 Importance: security ID: MDVSA-2009:329 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:329 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Memory leak in the appletalk subsystem in the Linux kernel 2.4.x through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and ipddp modules are loaded but the ipddpN device is not found, allows remote attackers to cause a denial of service (memory consumption) via IP-DDP datagrams. (CVE-2009-2903) Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547) The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612) net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. (CVE-2009-3621) Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. (CVE-2009-3638) The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect file attributes, which trigger attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726) The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel 2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with an incorrect argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and hang) via long IP packets, possibly related to the ip_defrag function. (CVE-2009-1298) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package wireless-regdb Update: Thu Dec 10 21:55:50 2009 Importance: bugfix ID: MDVA-2009:250 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:250 %pre This updates the wireless regulatory domain database to 2009-11-10 in order to follow the wireless regulations in the world. For Mandriva 2010.0: - add support for Aruba (AW) - update United States (US) rules for 5600 MHz - 5650 MHz For Mandriva 2009.1: - enable 5GHz band for Thailand (TH) - updates to 5GHz band for Korea (KR) - add missing 5GHz band for Brunei Darussalam (BN) - update / fix 5GHz bands for Germany (DE) %description Database with wireless regulatory information, used by crda or which can be used by another user space helpers to communicate wireless regulatory data to linux kernel. %package mdkonline Update: Thu Dec 10 22:45:55 2009 Importance: bugfix ID: MDVA-2009:248 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:248 %pre This update fixes several issues regarding the live upgrade to a more recent distribution, notably: - new distributions are now only presented after all updates were applied. - if current distribution is no more supported, we will about it and offer to upgrade to a newer release It also fix a couple crashes: - a rare crash (bug #55346) - gracefully handle (rare) server issues (bugs #51299 & #51548) %description The Mandriva Online tool allows users to be kept informed about security updates, hardware support/enhancements and other high value services. The package include : * Update daemon which allows you to install security updates automatically, * A KDE/Gnome/IceWM compliant applet for security updates notification and installation. %package gimp gimp-python lib64gimp2.0_0 lib64gimp2.0-devel Update: Fri Dec 11 11:47:08 2009 Importance: security ID: MDVSA-2009:332 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:332 %pre A vulnerability was discovered and corrected in gimp: Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow (CVE-2009-3909). Additionally the patch for CVE-2009-1570 in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with lzw Enable LZW compression in GIF (default disabled) %package lib64mpg123_0 lib64mpg123-devel mpg123 mpg123-esd mpg123-jack mpg123-nas mpg123-portaudio mpg123-pulse mpg123-sdl Update: Mon Dec 14 12:01:12 2009 Importance: bugfix ID: MDVA-2009:253 URL: http://www.mandriva.com/security/advisories?name=MDVA-2009:253 %pre A regression was found and fixed for mpg123 while attempting to load the mpg123 modules. This regression stems from MDVSA-2009:307 (libtool ltdl). %description Mpg123 is a fast, free and portable MPEG audio player for Unix. It supports MPEG 1.0/2.0 layers 1, 2 and 3 ("mp3" files). For full CD quality playback (44 kHz, 16 bit, stereo) a fast CPU is required. Mono and/or reduced quality playback (22 kHz or 11 kHz) is possible on slow CPUs (like Intel 486). For information on the MP3 License, please visit: http://www.mpeg.org %package lib64ecpg8.3_6 lib64pq8.3_5 postgresql8.3 postgresql8.3-contrib postgresql8.3-devel postgresql8.3-docs postgresql8.3-pl postgresql8.3-plperl postgresql8.3-plpgsql postgresql8.3-plpython postgresql8.3-pltcl postgresql8.3-server Update: Tue Dec 15 16:02:53 2009 Importance: security ID: MDVSA-2009:333 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:333 %pre Multiple vulnerabilities was discovered and corrected in postgresql: NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue (CVE-2009-4034). Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities CVE-2009-3230 and CVE-2007-6600 (CVE-2009-4136). Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Tue Dec 22 12:33:20 2009 Importance: security ID: MDVSA-2009:337 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:337 %pre A vulnerability has been identified and corrected in proftpd: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue (CVE-2009-3555). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update fixes this vulnerability. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Tue Dec 22 16:50:26 2009 Importance: security ID: MDVSA-2009:339 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:339 %pre Security issues were identified and fixed in firefox 3.0.x: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3979). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3980). Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2009-3981). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user (CVE-2009-3983). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with a No Content (aka 204) status code and an empty body (CVE-2009-3984). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the associated blank document, a related issue to CVE-2009-2654 (CVE-2009-3985). Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window.opener property (CVE-2009-3986). The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive information about installed software by making multiple calls that specify the ProgID values of different COM objects (CVE-2009-3987). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package acpid Update: Sat Dec 26 20:34:59 2009 Importance: security ID: MDVSA-2009:343 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:343 %pre A vulnerability has been found and corrected in acpid: acpid 1.0.4 sets an unrestrictive umask, which might allow local users to leverage weak permissions on /var/log/acpid, and obtain sensitive information by reading this file or cause a denial of service by overwriting this file, a different vulnerability than CVE-2009-4033 (CVE-2009-4235). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides a solution to this vulnerability. %description The ACPI specification defines power and system management functions for each computer, in a generic manner. The ACPI daemon coordinates the management of power and system functions when ACPI kernel support is enabled (kernel 2.3.x or later). %package acl lib64acl1 lib64acl-devel Update: Mon Dec 28 22:19:25 2009 Importance: security ID: MDVSA-2009:345 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:345 %pre A vulnerability was discovered and corrected in acl: The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when running in recursive (-R) mode, follow symbolic links even when the --physical (aka -P) or -L option is specified, which might allow local users to modify the ACL for arbitrary files or directories via a symlink attack (CVE-2009-4411). This update provides a fix for this vulnerability. %description This package contains the getfacl and setfacl utilities needed for manipulating access control lists. %package timezone timezone-java Update: Wed Jan 06 14:54:16 2010 Importance: bugfix ID: MDVA-2010:006 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:006 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package apache-conf Update: Thu Jan 07 12:39:33 2010 Importance: security ID: MDVSA-2009:300-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:300-1 %pre A vulnerability was discovered and corrected in apache-conf: The Apache HTTP Server enables the HTTP TRACE method per default which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified web client software (CVE-2009-2823). This update provides a solution to this vulnerability. Update: The wrong package was uploaded for 2009.1. This update addresses that problem. %description This package contains configuration files for apache. It is necessary for operation of the apache webserver. Having those files into a separate modules provides better customization for OEMs and ISPs, who can modify the look and feel of the apache webserver without having to re-compile the whole suite to change a logo or config file. %package apache-conf Update: Thu Jan 07 13:32:50 2010 Importance: bugfix ID: MDVA-2010:011 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:011 %pre This is a maintenance and bugfix release of apache-conf that mainly fixes so that the httpd service is handled more gracefully when reloading the apache server (#56857). Other fixes (where appliable): - fix #53887 (obsolete favicon.ico file in Apache default www pages) - workaround #47992 (apache does not start occasionally) - added logic to make it possible to set limits from the init script in an attempt to address #30849 and similar problems - added logic to easy debugging with gdb in the initscript Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description This package contains configuration files for apache. It is necessary for operation of the apache webserver. Having those files into a separate modules provides better customization for OEMs and ISPs, who can modify the look and feel of the apache webserver without having to re-compile the whole suite to change a logo or config file. %package davfs kompozer lib64python2.6 lib64python2.6-devel lib64wxgtk2.8 lib64wxgtk2.8-devel lib64wxgtkgl2.8 lib64wxgtkglu2.8 lib64wxgtku2.8 lib64wxgtku2.8-devel mozilla-thunderbird mozilla-thunderbird-devel mozilla-thunderbird-enigmail nsinstall python python-celementtree python-docs tkinter tkinter-apps wxgtk2.8 Update: Fri Jan 08 14:18:03 2010 Importance: security ID: MDVSA-2009:316-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:316-1 %pre A vulnerability has been found and corrected in expat: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 (CVE-2009-3560). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities. Update: This vulnerability was discovered in the bundled expat code in various softwares besides expat itself. As a precaution the affected softwares has preemptively been patched to prevent presumptive future exploitations of this issue. %description wxWidgets is a free C++ library for cross-platform GUI development. With wxWidgets, you can create applications for different GUIs (GTK+, Motif/LessTif, MS Windows, Mac) from the same source code. %package davfs kompozer lib64python2.6 lib64python2.6-devel lib64wxgtk2.8 lib64wxgtk2.8-devel lib64wxgtkgl2.8 lib64wxgtkglu2.8 lib64wxgtku2.8 lib64wxgtku2.8-devel mozilla-thunderbird mozilla-thunderbird-devel mozilla-thunderbird-enigmail nsinstall python python-celementtree python-docs tkinter tkinter-apps wxgtk2.8 Update: Sat Jan 09 01:58:32 2010 Importance: security ID: MDVSA-2009:316-2 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:316-2 %pre A vulnerability has been found and corrected in expat: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 (CVE-2009-3560). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Update: SUSE discovered a regression with the previous patch fixing CVE-2009-3560. This regression is now being addressed with this update. %description wxWidgets is a free C++ library for cross-platform GUI development. With wxWidgets, you can create applications for different GUIs (GTK+, Motif/LessTif, MS Windows, Mac) from the same source code. %package expat lib64expat1 lib64expat1-devel Update: Sun Jan 10 11:40:11 2010 Importance: security ID: MDVSA-2009:316-3 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:316-3 %pre A vulnerability has been found and corrected in expat: The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720 (CVE-2009-3560). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Update: The previous (MDVSA-2009:316-2) updates provided packages for 2008.0/2009.0/2009.1/2010.0/mes5 that did not have an increased release number which prevented the packages from hitting the mirrors. %description Expat is an XML 1.0 parser written in C by James Clark. It aims to be fully conforming. It is currently not a validating XML parser. %package perl-Mail-SpamAssassin perl-Mail-SpamAssassin-Spamd spamassassin spamassassin-sa-compile spamassassin-spamc spamassassin-spamd spamassassin-tools Update: Sun Jan 10 17:54:30 2010 Importance: bugfix ID: MDVA-2010:014 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:014 %pre A bug was discovered in the FH_DATE_PAST_20XX rules that affects vanilla spamassassin 3.2 installations after the first of January 2010 (aka. the y2k10 rule bug). This update fixes this issue. %description SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. SpamAssassin also includes support for reporting spam messages automatically, and/or manually, to collaborative filtering databases such as Vipul's Razor, DCC or pyzor. Install perl-Razor-Agent package to get Vipul's Razor support. Install dcc package to get Distributed Checksum Clearinghouse (DCC) support. Install pyzor package to get Pyzor support. Install perl-Mail-SPF-Query package to get SPF support. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Sun Jan 10 20:07:47 2010 Importance: bugfix ID: MDVA-2010:015 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:015 %pre A regression was discovered with 3.0.16 when using NTLM authentication. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-mono pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Mon Jan 11 22:25:42 2010 Importance: security ID: MDVSA-2010:001 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:001 %pre Security vulnerabilities has been identified and fixed in pidgin: The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client (CVE-2009-3615). Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon (CVE-2010-0013). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.5, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package sendmail sendmail-cf sendmail-devel sendmail-doc Update: Tue Jan 12 16:12:15 2010 Importance: security ID: MDVSA-2010:003 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:003 %pre A security vulnerability has been identified and fixed in sendmail: sendmail before 8.14.4 does not properly handle a '\0' (NUL) character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-4565). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides a fix for this vulnerability. %description The Sendmail program is a very widely used Mail Transport Agent (MTA). MTAs send mail from one machine to another. Sendmail is not a client program, which you use to read your e-mail. Sendmail is a behind-the-scenes program which actually moves your e-mail over networks or the Internet to where you want it to go. If you ever need to reconfigure Sendmail, you'll also need to have the sendmail.cf package installed. If you need documentation on Sendmail, you can install the sendmail-doc package. %package lib64pyglib2.0_0 python-gobject python-gobject-devel Update: Tue Jan 12 17:24:52 2010 Importance: bugfix ID: MDVA-2010:022 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:022 %pre A programming error in the Python bindings for GObject would make programs like eliza and Moodvida take up all CPU resources for unnecessary operations while running. This update fixes the problem. %description This archive contains bindings for the GObject, to be used in Python It is a fairly complete set of bindings, it's already rather useful, and is usable to write moderately complex programs. (see the examples directory for some examples of the simpler programs you could write). %package bash bash-doc Update: Wed Jan 13 16:15:03 2010 Importance: security ID: MDVSA-2010:004 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:004 %pre A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences (CVE-2010-0002). This update fixes the issue by disabling the display of control characters by default. Additionally, this update fixes the unsafe file creation in bash-doc sample scripts (CVE-2008-5374). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description Bash is a GNU project sh-compatible shell or command language interpreter. Bash (Bourne Again shell) incorporates useful features from the Korn shell (ksh) and the C shell (csh). Most sh scripts can be run by bash without modification. Bash offers several improvements over sh, including command line editing, unlimited size command history, job control, shell functions and aliases, indexed arrays of unlimited size and integer arithmetic in any base from two to 64. Bash is ultimately intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. %package bash bash-doc Update: Wed Jan 13 16:16:25 2010 Importance: security ID: MDVSA-2010:004 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:004 %pre A vulnerability have been discovered in Mandriva bash package, which could allow a malicious user to hide files from the ls command, or garble its output by crafting files or directories which contain special characters or escape sequences (CVE-2010-0002). This update fixes the issue by disabling the display of control characters by default. Additionally, this update fixes the unsafe file creation in bash-doc sample scripts (CVE-2008-5374). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description Bash is a GNU project sh-compatible shell or command language interpreter. Bash (Bourne Again shell) incorporates useful features from the Korn shell (ksh) and the C shell (csh). Most sh scripts can be run by bash without modification. Bash offers several improvements over sh, including command line editing, unlimited size command history, job control, shell functions and aliases, indexed arrays of unlimited size and integer arithmetic in any base from two to 64. Bash is ultimately intended to conform to the IEEE POSIX P1003.2/ISO 9945.2 Shell and Tools standard. %package kdelibs4-core kdelibs4-devel lib64kde3support4 lib64kdecore5 lib64kdefakes5 lib64kdesu5 lib64kdeui5 lib64kdnssd4 lib64kfile4 lib64khtml5 lib64kimproxy4 lib64kio5 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kmediaplayer4 lib64knewstuff2_4 lib64knotifyconfig4 lib64kntlm4 lib64kparts4 lib64kpty4 lib64krosscore4 lib64krossui4 lib64ktexteditor4 lib64kunittest4 lib64kutils4 lib64nepomuk4 lib64plasma3 lib64solid4 lib64threadweaver4 Update: Wed Jan 13 19:27:51 2010 Importance: bugfix ID: MDVA-2010:024 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:024 %pre - In Mandriva 2009 Spring, plasma crashes when moving a plasmoid from the taskbar to the desktop. This Update fixes this issue. - In mandriva 2009 Spring, we used a specific kde certificate file. This update allows KDE to use rootcert certificate bundle. %description Libraries for the K Desktop Environment. %package ftp-client-krb5 ftp-server-krb5 krb5 krb5-server krb5-workstation lib64krb53 lib64krb53-devel telnet-client-krb5 telnet-server-krb5 Update: Thu Jan 14 00:03:08 2010 Importance: security ID: MDVSA-2010:006 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:006 %pre A vulnerability has been found and corrected in krb5: Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code by providing ciphertext with a length that is too short to be valid (CVE-2009-4212). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Jan 15 21:40:36 2010 Importance: security ID: MDVSA-2010:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:009 %pre A vulnerability has been found and corrected in php: The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character (CVE-2009-4142). The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package lib64thai0 lib64thai-devel thai-data Update: Sat Jan 16 16:20:02 2010 Importance: security ID: MDVSA-2010:010 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:010 %pre Multiple vulnerabilities has been found and corrected in libthai: Tim Starling discovered that libthai, a set of Thai language support routines, is vulnerable of integer/heap overflow. This vulnerability could allow an attacker to run arbitrary code by sending a very long string (CVE-2009-4012). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. %description LibThai is a set of Thai language support routines aimed to ease developers' tasks to incorporate Thai language support in their applications. It includes important Thai-specific functions e.g. word breaking, input and output methods as well as basic character and string supports. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-doc mysql-max mysql-ndb-extra mysql-ndb-management mysql-ndb-storage mysql-ndb-tools Update: Sun Jan 17 21:38:44 2010 Importance: security ID: MDVSA-2010:012 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:012 %pre Multiple vulnerabilities has been found and corrected in mysql: mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does not (1) properly handle errors during execution of certain SELECT statements with subqueries, and does not (2) preserve certain null_value flags during execution of statements that use the GeomFromWKB function, which allows remote authenticated users to cause a denial of service (daemon crash) via a crafted statement (CVE-2009-4019). The vio_verify_callback function in viosslfactories.c in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used, accepts a value of zero for the depth of X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL servers via a crafted certificate, as demonstrated by a certificate presented by a server linked against the yaSSL library (CVE-2009-4028). MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks, and that can point to tables created at a future time at which a pathname is modified to contain a symlink to a subdirectory of the MySQL data home directory, related to incorrect calculation of the mysql_unpacked_real_data_home value. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079 (CVE-2009-4030). The updated packages have been patched to correct these issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded to the latest stable 5.1 release (5.1.42). %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. Please see the documentation and the manual for more information. %package gnupg2 Update: Mon Jan 18 12:37:25 2010 Importance: bugfix ID: MDVA-2010:033 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:033 %pre A packaging mistake lead to that the gpg-agent was not started by default. The updated packages addresses this problem. %description GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. %package transmission Update: Mon Jan 18 16:44:29 2010 Importance: security ID: MDVSA-2010:013 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:013 %pre Multiple vulnerabilities has been found and corrected in transmission: Cross-site request forgery (CSRF) vulnerability in Transmission 1.5 before 1.53 and 1.6 before 1.61 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors (CVE-2009-1757). Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, and 1.76 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a pathname within a .torrent file (CVE-2010-0012). The updated packages have been patched to correct these issues. %description Transmission is a free, lightweight BitTorrent client. It features a simple, intuitive interface on top of an efficient back-end. %package ruby ruby-devel ruby-doc ruby-tk Update: Tue Jan 19 15:40:36 2010 Importance: security ID: MDVSA-2010:017 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:017 %pre A vulnerability has been found and corrected in ruby: WEBrick 1.3.1 in Ruby 1.8.6 through patchlevel 383, 1.8.7 through patchlevel 248, 1.8.8dev, 1.9.1 through patchlevel 376, and 1.9.2dev writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator (CVE-2009-4492). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package debugmode initscripts Update: Wed Jan 20 13:25:12 2010 Importance: bugfix ID: MDVA-2010:036 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:036 %pre The network detection routine could not detect the network connection properly in some cases, resulting in premature termination with incorrect return code. This could result in failure on startup for services which depend on network to be up, such as apache2 server. This update fixes this issue. %description The initscripts package contains the basic system scripts used to boot your Mandriva Linux system, change run levels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. %package gzip Update: Wed Jan 20 16:38:03 2010 Importance: security ID: MDVSA-2010:020 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:020 %pre Multiple vulnerabilities has been found and corrected in gzip: A missing input sanitation flaw was found in the way gzip used to decompress data blocks for dynamic Huffman codes. A remote attacker could provide a specially-crafted gzip compressed data archive, which once opened by a local, unsuspecting user would lead to denial of service (gzip crash) or, potentially, to arbitrary code execution with the privileges of the user running gzip (CVE-2009-26244). An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip (CVE-2010-0001). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. %description The gzip package contains the popular GNU gzip data compression program. Gzipped files have a .gz extension. Gzip should be installed on your Mandriva Linux system, because it is a very commonly used data compression program. %package bind bind-devel bind-doc bind-utils Update: Wed Jan 20 18:02:25 2010 Importance: security ID: MDVSA-2010:021 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:021 %pre Some vulnerabilities were discovered and corrected in bind: The original fix for CVE-2009-4022 was found to be incomplete. BIND was incorrectly caching certain responses without performing proper DNSSEC validation. CNAME and DNAME records could be cached, without proper DNSSEC validation, when received from processing recursive client queries that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries (CVE-2010-0290). There was an error in the DNSSEC NSEC/NSEC3 validation code that could cause bogus NXDOMAIN responses (that is, NXDOMAIN responses for records proven by NSEC or NSEC3 to exist) to be cached as if they had validated correctly, so that future queries to the resolver would return the bogus NXDOMAIN with the AD flag set (CVE-2010-0097). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally BIND has been upgraded to the latest patch release version. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel openssl Update: Thu Jan 21 10:52:46 2010 Importance: security ID: MDVSA-2010:022 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:022 %pre Some vulnerabilities were discovered and corrected in openssl: Memory leak in the zlib_stateful_finish function in crypto/comp/c_zlib.c in OpenSSL 0.9.8l and earlier and 1.0.0 Beta through Beta 4 allows remote attackers to cause a denial of service (memory consumption) via vectors that trigger incorrect calls to the CRYPTO_free_all_ex_data function, as demonstrated by use of SSLv3 and PHP with the Apache HTTP Server, a related issue to CVE-2008-1678 (CVE-2009-4355). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct thies issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package coreutils coreutils-doc Update: Sat Jan 23 20:25:21 2010 Importance: security ID: MDVSA-2010:024 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:024 %pre A vulnerability were discovered and corrected in coreutils: The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp (CVE-2009-4135). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description These are the GNU core utilities. This package is the union of the old GNU fileutils, sh-utils, and textutils packages. These tools are the GNU versions of common useful and popular file & text utilities which are used for: - file management - shell scripts - modifying text file (spliting, joining, comparing, modifying, ...) Most of these programs have significant advantages over their Unix counterparts, such as greater speed, additional options, and fewer arbitrary limits. %package php-pear Update: Mon Jan 25 13:32:04 2010 Importance: security ID: MDVSA-2010:025 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:025 %pre Multiple vulnerabilities were discovered and corrected in php-pear (Mail): Argument injection vulnerability in the sendmail implementation of the Mail::Send method (Mail/sendmail.php) in the Mail package 1.1.14 for PEAR allows remote attackers to read and write arbitrary files via a crafted parameter, a different vector than CVE-2009-4111 (CVE-2009-4023). Argument injection vulnerability in Mail/sendmail.php in the Mail package 1.1.14, 1.2.0b2, and possibly other versions for PEAR allows remote attackers to read and write arbitrary files via a crafted parameter, and possibly other parameters, a different vulnerability than CVE-2009-4023 (CVE-2009-4111). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. %description PEAR is short for "PHP Extension and Application Repository" and is pronounced just like the fruit. The purpose of PEAR is to provide: * A structured library of open-sourced code for PHP users * A system for code distribution and package maintenance * A standard style for code written in PHP, specified here * The PHP Foundation Classes (PFC), see more below * The PHP Extension Code Library (PECL), see more below * A web site, mailing lists and download mirrors to support the PHP/PEAR community %package lib64ldap2.4_2 lib64ldap2.4_2-devel lib64ldap2.4_2-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Tue Jan 26 16:00:23 2010 Importance: security ID: MDVSA-2010:026 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:026 %pre A vulnerability was discovered and corrected in openldap: libraries/libldap/tls_o.c in OpenLDAP, when OpenSSL is used, does not properly handle a \'\0\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-3767). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) which is in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes only configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package kdelibs4-core kdelibs4-devel lib64kde3support4 lib64kdecore5 lib64kdefakes5 lib64kdesu5 lib64kdeui5 lib64kdnssd4 lib64kfile4 lib64khtml5 lib64kimproxy4 lib64kio5 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kmediaplayer4 lib64knewstuff2_4 lib64knotifyconfig4 lib64kntlm4 lib64kparts4 lib64kpty4 lib64krosscore4 lib64krossui4 lib64ktexteditor4 lib64kunittest4 lib64kutils4 lib64nepomuk4 lib64plasma3 lib64solid4 lib64threadweaver4 Update: Wed Jan 27 09:48:48 2010 Importance: security ID: MDVSA-2010:027 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:027 %pre Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a \'\0\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2702). The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document that triggers write access to an offset of a NULL pointer. (CVE-2009-1687). WebKit in Apple Safari before 4.0.2, KHTML in kdelibs in KDE, QtWebKit (aka Qt toolkit), and possibly other products does not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1725). Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to recursion in certain DOM event handlers. (CVE-2009-1690). WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document (CVE-2009-1698). KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692 (CVE-2009-2537). The gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc in FreeBSD 6.4 and 7.2, NetBSD 5.0, and OpenBSD 4.5 allows context-dependent attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large precision value in the format argument to a printf function, related to an array overrun. (CVE-2009-0689). WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote attackers to execute arbitrary code via a crafted SVGList object that triggers memory corruption (CVE-2009-0945). The updated packages have been patched to correct these issues. %description Libraries for the K Desktop Environment. %package gurpmi urpmi urpmi-ldap urpmi-parallel-ka-run urpmi-parallel-ssh Update: Wed Jan 27 16:30:44 2010 Importance: bugfix ID: MDVA-2010:045 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:045 %pre There was a small typo in the french translation. The update packages addresses this issue. %description urpmi is Mandriva Linux's console-based software installation tool. You can use it to install software from the console in the same way as you use the graphical Install Software tool (rpmdrake) to install software from the desktop. urpmi will follow package dependencies -- in other words, it will install all the other software required by the software you ask it to install -- and it's capable of obtaining packages from a variety of media, including the Mandriva Linux installation CD-ROMs, your local hard disk, and remote sources such as web or FTP sites. %package lib64nss3 lib64nss-devel lib64nss-static-devel nss rootcerts rootcerts-java Update: Thu Jan 28 22:12:17 2010 Importance: security ID: MDVSA-2010:029 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:029 %pre The rootcerts package was added in Mandriva in 2005 and was meant to be updated when nessesary. The provided rootcerts packages has been upgraded using the latest certdata.txt file from the mozilla cvs repository, as of 2009/12/03. In Mandriva a number of additional CA root certificates has been added such as ICP-Brasil (Brazil government CA), cacert.org, IGC/A CA (French government CA). The IGC/A CA one was recently added upstream in the mozilla certdata.txt file. The rootcerts package provides the /etc/pki/tls/certs/ca-bundle.crt file which most sofwares in Mandriva, and where appliable is sharing such as KDE, curl, pidgin, neon, and more. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Wed Feb 03 00:52:44 2010 Importance: security ID: MDVSA-2010:031 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:031 %pre This advisory updates Wireshark to the version 1.0.11, which fixes the following vulnerabilities: The SMB and SMB2 dissectors could crash (CVE-2009-4377). The Infiniband dissector could crash on some platforms (CVE-2009-2563). Several buffer overflows were discovered and fixed in the LWRES dissector. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64nss3 lib64nss-devel lib64nss-static-devel nss rootcerts rootcerts-java Update: Thu Feb 04 13:40:33 2010 Importance: security ID: MDVSA-2010:032 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:032 %pre It was brought to our attention by Ludwig Nussel at SUSE the md5 collision certificate should not be included. This update removes the offending certificate. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package squid squid-cachemgr Update: Fri Feb 05 17:18:53 2010 Importance: security ID: MDVSA-2010:033 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:033 %pre A vulnerability have been discovered and corrected in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15, which allows remote attackers to cause a denial of service (assertion failure) via a crafted DNS packet that only contains a header (CVE-2010-0308). This update provides a fix to this vulnerability. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-swat samba-winbind Update: Thu Feb 11 11:55:29 2010 Importance: bugfix ID: MDVA-2010:056 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:056 %pre This is a maintenance update of samba in order to support Windows 7 hosts integration in Samba domain. Additionally on 2009.0 and MES5 samba has been upgraded from 3.2.15 to 3.3.10 which brings many upstream fixes besides those that mainly conserns Windows 7 interoperabilities. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package lib64vigra2 lib64vigra-devel openoffice.org openoffice.org-base openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-devel openoffice.org-devel-doc openoffice.org-draw openoffice.org-filter-binfilter openoffice.org-gnome openoffice.org-help-af openoffice.org-help-ar openoffice.org-help-bg openoffice.org-help-br openoffice.org-help-bs openoffice.org-help-ca openoffice.org-help-cs openoffice.org-help-cy openoffice.org-help-da openoffice.org-help-de openoffice.org-help-el openoffice.org-help-en_GB openoffice.org-help-en_US openoffice.org-help-es openoffice.org-help-et openoffice.org-help-eu openoffice.org-help-fi openoffice.org-help-fr openoffice.org-help-he openoffice.org-help-hi openoffice.org-help-hu openoffice.org-help-it openoffice.org-help-ja openoffice.org-help-ko openoffice.org-help-mk openoffice.org-help-nb openoffice.org-help-nl openoffice.org-help-nn openoffice.org-help-pl openoffice.org-help-pt openoffice.org-help-pt_BR openoffice.org-help-ru openoffice.org-help-sk openoffice.org-help-sl openoffice.org-help-sv openoffice.org-help-ta openoffice.org-help-tr openoffice.org-help-zh_CN openoffice.org-help-zh_TW openoffice.org-help-zu openoffice.org-impress openoffice.org-java-common openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-math openoffice.org-mono openoffice.org-openclipart openoffice.org-pdfimport openoffice.org-presentation-minimizer openoffice.org-presenter-screen openoffice.org-pyuno openoffice.org-style-crystal openoffice.org-style-galaxy openoffice.org-style-hicontrast openoffice.org-style-industrial openoffice.org-style-tango openoffice.org-testtool openoffice.org-wiki-publisher openoffice.org-writer Update: Thu Feb 11 13:17:08 2010 Importance: security ID: MDVSA-2010:035 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:035 %pre This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes described as follow: An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow (CVE-2009-0200). A heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to table parsing (CVE-2009-0201). A heap-based buffer overflow allows remote attackers to execute arbitrary code via a crafted EMF file (CVE-2009-2139). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled (CVE-2009-3736). Further this update provides following bug fixes: OpenOffice.org is not properly configure to use the xdg-email functionality of the FreeDesktop standard (#52195). As the template desktop icons are not properly set, it's not presented under the context menu of applications like Dolphin (#56439). The Firefox plugin which enables viewing of OpenOffice documents inside the browser was not enabled. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package webmin Update: Fri Feb 12 18:50:59 2010 Importance: security ID: MDVSA-2010:036 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:036 %pre This advisory updates webmin to the latest version 1.500, fixing several bugs and a cross-site scripting issue which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2009-4568). %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package webmin Update: Fri Feb 12 18:51:31 2010 Importance: security ID: MDVSA-2010:036 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:036 %pre This advisory updates webmin to the latest version 1.500, fixing several bugs and a cross-site scripting issue which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors (CVE-2009-4568). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package msec msec-gui Update: Fri Feb 12 22:35:13 2010 Importance: bugfix ID: MDVA-2010:059 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:059 %pre msec in Mandriva Linux 2009.1 and 2010.0 would not carry out the chkrootkit check correctly if the chkrootkit package was uninstalled after the test has been run at least once. This update fixes the issue. %description The Mandriva Linux Security package is designed to provide security features to the Mandriva Linux users. It allows to select from a set of preconfigured security levels, and supports custom permission settings, user-specified levels, and several security utilities. This packages includes main msec application and several programs that will be run periodically in order to test the security of your system and alert you if needed. %package openoffice.org-voikko Update: Sun Feb 14 15:51:56 2010 Importance: bugfix ID: MDVA-2010:060 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:060 %pre The previous update of openoffice.org missed openoffice.org-voikko, causing upgrade problems for Finnish users. This update provides openoffice.org-voikko for openoffice.org 3.1.1. %description Finnish spellchecker and hyphenator component for OpenOffice.org. Usually Voikko is automatically activated after the installation. If that won't happen, you can manually activate it from the Writing Aids section of the OpenOffice.org options. %package pptp-linux Update: Mon Feb 15 18:25:17 2010 Importance: bugfix ID: MDVA-2010:064 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:064 %pre The pptp-linux packages in Mandriva Linux 2009.0, MES5, 2009.1 and 2010.0 try to call /bin/ip instead of /sbin/ip. The updated packages fix this issue. %description PPTP-linux allows you to connect to a PPTP server from a Linux or other Unix box (ports of pptp-linuxto other Unix variants should be trivial, but have not yet been performed). See the IPfwd page (http://www.pdos.lcs.mit.edu/~cananian/Projects/IPfwd) for information on tunnelling PPTP through Linux firewalls. %package drakx-finish-install drakxtools drakxtools-backend drakxtools-curses drakxtools-http harddrake harddrake-ui Update: Tue Feb 16 10:32:29 2010 Importance: bugfix ID: MDVA-2010:066 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:066 %pre Some bugs were found in drakxtools code dropping privileges to display help or other web pages. This updates make it more reliable on 2009.0 and 2009.1, and make it actually drop privileges on 2008.0. Additionally it fixes drakbug on 2008.0 to actually open the bug when launching the browser. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description Contains many Mandriva Linux applications simplifying users and administrators life on a Mandriva Linux machine. Nearly all of them work both under XFree (graphical environment) and in console (text environment), allowing easy distant work. - drakbug: interactive bug report tool - drakbug_report: help find bugs in DrakX - drakclock: date & time configurator - drakfloppy: boot disk creator - drakfont: import fonts in the system - draklog: show extracted information from the system logs - drakperm: msec GUI (permissions configurator) - draksec: security options managment / msec frontend - draksplash: bootsplash themes creation %package eject Update: Tue Feb 16 15:55:49 2010 Importance: bugfix ID: MDVA-2010:071 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:071 %pre The eject package shipped in Mandriva Linux 2009.0, 2009.1, 2010.0 contains a bug which will lead to a failure when ejecting a DVD which has space characters within its name. The updated package fixes this problem. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description The eject program allows the user to eject removable media (typically CD-ROMs, floppy disks or Iomega Jaz or Zip disks) using software control. Eject can also control some multi- disk CD changers and even some devices' auto-eject features. Install eject if you'd like to eject removable media using software control. %package lib64netpbm10 lib64netpbm-devel lib64netpbm-static-devel netpbm Update: Wed Feb 17 16:00:07 2010 Importance: security ID: MDVSA-2010:039 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:039 %pre A vulnerability have been discovered and corrected in netpbm: Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm before 10.47.07 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an XPM image file that contains a crafted header field associated with a large color index value (CVE-2009-4274). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description The netpbm package contains a library of functions which support programs for handling various graphics file formats, including .pbm (portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable pixmaps) and others. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-mono pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Thu Feb 18 12:31:19 2010 Importance: security ID: MDVSA-2010:041 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:041 %pre Multiple security vulnerabilities has been identified and fixed in pidgin: Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly (CVE-2010-0277). In a user in a multi-user chat room has a nickname containing '
' then libpurple ends up having two users with username ' ' in the room, and Finch crashes in this situation. We do not believe there is a possibility of remote code execution (CVE-2010-0420). oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusable slow (CVE-2010-0423). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.6, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Thu Feb 18 17:38:37 2010 Importance: bugfix ID: MDVA-2010:073 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:073 %pre The DHCP client ignores the interface-mtu option set by server. This update fixes the issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-foxmarks firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mn firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-theme-kde4ff firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64opensc2 lib64opensc-devel lib64xulrunner1.9 lib64xulrunner-devel lib64xulrunner-unstable-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc python-xpcom xulrunner yelp Update: Fri Feb 19 13:55:18 2010 Importance: security ID: MDVSA-2010:042 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:042 %pre Security issues were identified and fixed in firefox 3.0.x and 3.5.x: Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0159). Security researcher Orlando Barrera II reported via TippingPoint's Zero Day Initiative that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory and crash the browser, potentially running arbitrary code on a victim's computer (CVE-2010-0160). Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called (CVE-2009-1571). Security researcher Hidetake Jo of Microsoft Vulnerability Research reported that the properties set on an object passed to showModalDialog were readable by the document contained in the dialog, even when the document was from a different domain. This is a violation of the same-origin policy and could result in a website running untrusted JavaScript if it assumed the dialogArguments could not be initialized by another site. An anonymous security researcher, via TippingPoint's Zero Day Initiative, also independently reported this issue to Mozilla (CVE-2009-3988). Mozilla security researcher Georgi Guninski reported that when a SVG document which is served with Content-Type: application/octet-stream is embedded into another document via an tag with type=image/svg+xml, the Content-Type is ignored and the SVG document is processed normally. A website which allows arbitrary binary data to be uploaded but which relies on Content-Type: application/octet-stream to prevent script execution could have such protection bypassed. An attacker could upload a SVG document containing JavaScript as a binary file to a website, embed the SVG document into a malicous page on another site, and gain access to the script environment from the SVG-serving site, bypassing the same-origin policy (CVE-2010-0162). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package lib64theora0 lib64theoradec1 lib64theora-devel lib64theoraenc1 Update: Fri Feb 19 17:11:07 2010 Importance: security ID: MDVSA-2010:043 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:043 %pre A vulnerability have been discovered and corrected in libtheora: Integer overflow in libtheora in Xiph.Org Theora before 1.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions (CVE-2009-3389). The updated packages have been patched to correct this issue. %description Ogg Theora is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed video format. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-doc mysql-max mysql-ndb-extra mysql-ndb-management mysql-ndb-storage mysql-ndb-tools Update: Fri Feb 19 19:40:17 2010 Importance: security ID: MDVSA-2010:044 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:044 %pre A vulnerabilitiy has been found and corrected in mysql: MySQL is vulnerable to a symbolic link attack when the data home directory contains a symlink to a different filesystem which allows remote authenticated users to bypass intended access restrictions (CVE-2008-7247). The updated packages have been patched to correct these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. Please see the documentation and the manual for more information. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Tue Feb 23 11:43:10 2010 Importance: security ID: MDVSA-2010:045 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:045 %pre A vulnerability has been found and corrected in php: PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive (CVE-2009-4143). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package ipxutils lib64ncpfs2.3 lib64ncpfs-devel ncpfs Update: Tue Feb 23 17:33:58 2010 Importance: security ID: MDVSA-2010:046 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:046 %pre A vulnerability has been found in ncpfs which can be exploited by local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges (CVE-2009-3297). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Ncpfs is a filesystem which understands the Novell NetWare(TM) NCP protocol. Functionally, NCP is used for NetWare the way NFS is used in the TCP/IP world. For a Linux system to mount a NetWare filesystem, it needs a special mount program. The ncpfs package contains such a mount program plus other tools for configuring and using the ncpfs filesystem. Install the ncpfs package if you need to use the ncpfs filesystem to use Novell NetWare files or services. %package fuse lib64fuse2 lib64fuse-devel lib64fuse-static-devel Update: Tue Feb 23 18:09:51 2010 Importance: security ID: MDVSA-2010:047 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:047 %pre A race condition has been found in fuse that could escalate privileges for local users and lead to a DoS (Denial of Service) (CVE-2009-3297). The updated packages have been patched to correct this issue. %description FUSE (Filesystem in USErspace) is a simple interface for userspace programs to export a virtual filesystem to the linux kernel. FUSE also aims to provide a secure method for non privileged users to create and mount their own filesystem implementations. %package falcon-kde4 kimono kimono-devel lib64qtruby4shared2 lib64qyotoshared1 lib64smokeakonadi2 lib64smokekde2 lib64smokekhtml2 lib64smokenepomuk2 lib64smokeplasma2 lib64smokeqsci2 lib64smokeqt2 lib64smokeqtscript2 lib64smokeqttest2 lib64smokeqtuitools2 lib64smokeqtwebkit2 lib64smokesolid2 lib64smokesoprano2 lib64smoketexteditor2 php-qt4 python-kde4 python-kde4-doc python-qt4 python-qt4-assistant python-qt4-core python-qt4-designer python-qt4-devel python-qt4-gui python-qt4-help python-qt4-network python-qt4-opengl python-qt4-script python-qt4-scripttools python-qt4-sql python-qt4-svg python-qt4-test python-qt4-webkit python-qt4-xml python-qt4-xmlpatterns python-sip qyoto qyoto-devel ruby-kde4 ruby-kde4-devel ruby-qt4 ruby-qt4-devel smoke4-devel Update: Thu Feb 25 16:06:41 2010 Importance: bugfix ID: MDVA-2010:080 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:080 %pre python-qt4 packages released for Mandriva 2009.0 as update are in a higher version than python-qt4 released in Mandriva 2009 Spring. This breaks the kde-python part on a 2009.0 to 2009 Spring system upgrade. This fixes it by releasing updated python packages with a higher release number on Mandriva 2009 Spring. %description KDE4 bindings to non-C++ languages %package sudo Update: Thu Feb 25 19:23:29 2010 Importance: security ID: MDVSA-2010:049 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:049 %pre A vulnerabilitiy has been found and corrected in sudo: sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user's home directory (CVE-2010-0426). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Fri Feb 26 17:45:13 2010 Importance: bugfix ID: MDVA-2010:085 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:085 %pre Dhcp-server package shipped with Mandriva Linux 2009.1 and 2010.0 was using incorrect SV_LDAP definitions during the build, which resulted in ldap support being non-functional. This update fixes the issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package irqbalance Update: Mon Mar 01 12:15:24 2010 Importance: bugfix ID: MDVA-2010:086 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:086 %pre This update fixes a bug in irqbalance that makes it to fail to spread IRQs in a SMP or a muli core machine (#57523) %description irqbalance is a daemon that evenly distributes IRQ load across multiple CPUs for enhanced performance. %package mozilla-thunderbird mozilla-thunderbird-devel mozilla-thunderbird-enigmail nsinstall Update: Mon Mar 01 15:33:32 2010 Importance: security ID: MDVSA-2010:051 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:051 %pre A vulnerabilitiy has been found and corrected in mozilla-thunderbird: Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called (CVE-2009-1571). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package rsnapshot Update: Mon Mar 01 17:00:46 2010 Importance: bugfix ID: MDVA-2010:088 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:088 %pre Rsnapshot will automatically add --exclude=xxxx to the rsync options for backups of the filesystem on which the snapshot-root is located. This will be added to the rsync command-line AFTER the rsync_short_args and rsync_long_args, but BEFORE any backup-specific options. This means that the --exclude=xxxx will override whatever backup-specific excludes are defined. This can be a problem if the name of your snapshot-root is something which is common in many file names. This version resolves this problems. %description This is a remote backup program that uses rsync to take backup snapshots of filesystems. It uses hard links to save space on disk. For more details see http://www.rsnapshot.org/. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Tue Mar 02 18:02:46 2010 Importance: security ID: MDVSA-2010:053 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:053 %pre A vulnerabilitiy has been found and corrected in apache: mod_proxy_ajp: Respond with HTTP_BAD_REQUEST when the body is not sent after request headers indicate a request body is incoming; this is not a case of HTTP_INTERNAL_SERVER_ERROR (CVE-2010-0408). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Wed Mar 03 12:46:50 2010 Importance: bugfix ID: MDVA-2010:090 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:090 %pre This bugfix release addresses a long standing problem when issuing the halt or reboot commands on a remote Mandriva system. This led to that the session wasn't closed properly. This advisory corrects this problem. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftpcontrol sftp file control support (disabled) --with[out] hpn HPN ssh/scp support (disabled) --with[out] audit audit support (disabled) --with[out] libedit libedit support in sftp (enabled) %package pam_krb5 Update: Thu Mar 04 14:11:15 2010 Importance: security ID: MDVSA-2010:054 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:054 %pre Pam_krb5 2.2.14 through 2.3.4 generates different password prompts depending on whether the user account exists, which allows remote attackers to enumerate valid usernames (CVE-2009-1384). This update provides the version 2.3.5 of pam_krb5, which is not vulnerable to this issue. %description This is pam_krb5, a pluggable authentication module that can be used with Linux-PAM and Kerberos 5. This module supports password checking, ticket creation, and optional TGT verification and conversion to Kerberos IV tickets. The included pam_krb5afs module also gets AFS tokens if so configured. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sat Mar 06 20:00:36 2010 Importance: security ID: MDVSA-2010:057 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:057 %pre A vulnerabilitiy has been found and corrected in apache: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request (CVE-2010-0434). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Tue Mar 09 17:23:28 2010 Importance: security ID: MDVSA-2010:058 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:058 %pre Multiple vulnerabilities has been found and corrected in php: * Improved LCG entropy. (Rasmus, Samy Kamkar) * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) * Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak. (Ilia) Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package dkms-vboxadd dkms-virtualbox vboxadditions-kernel-2.6.29.6-desktop-3mnb vboxadditions-kernel-2.6.29.6-server-3mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest virtualbox virtualbox-guest-additions virtualbox-kernel-2.6.29.6-desktop-3mnb virtualbox-kernel-2.6.29.6-server-3mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest x11-driver-input-vboxmouse x11-driver-video-vboxvideo Update: Wed Mar 10 16:55:48 2010 Importance: security ID: MDVSA-2010:059 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:059 %pre A vulnerability has been found and corrected in virtualbox: Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors (CVE-2009-3940). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description VirtualBox Open Source Edition (OSE) is a general-purpose full virtualizer for x86 hardware. %package squid squid-cachemgr Update: Wed Mar 10 19:40:19 2010 Importance: security ID: MDVSA-2010:060 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:060 %pre A vulnerability has been found and corrected in squid: The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 through 3.0.STABLE23 allows remote attackers to cause a denial of service (crash) via crafted packets to the HTCP port, which triggers a NULL pointer dereference (CVE-2010-0639). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package ipxutils lib64ncpfs2.3 lib64ncpfs-devel ncpfs Update: Thu Mar 11 17:39:38 2010 Importance: security ID: MDVSA-2010:061 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:061 %pre Multiple vulnerabilities has been found and corrected in ncpfs: sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name (CVE-2010-0790). The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits (CVE-2010-0791). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. %description Ncpfs is a filesystem which understands the Novell NetWare(TM) NCP protocol. Functionally, NCP is used for NetWare the way NFS is used in the TCP/IP world. For a Linux system to mount a NetWare filesystem, it needs a special mount program. The ncpfs package contains such a mount program plus other tools for configuring and using the ncpfs filesystem. Install the ncpfs package if you need to use the ncpfs filesystem to use Novell NetWare files or services. %package lib64nss3 lib64nss-devel lib64nss-static-devel nss rootcerts rootcerts-java Update: Fri Mar 12 17:33:32 2010 Importance: bugfix ID: MDVA-2010:100 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:100 %pre The Adobe Flash plugin has https support, but only searches for SSL certificates in /etc/ssl/certs. This advisory provides a compatibility symlink at /etc/ssl/certs pointing to /etc/pki/tls/certs to remedy this problem. Additionally this advisory also brings the latest root CA certs from the mozilla cvs dated 2010-02-16. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package timezone timezone-java Update: Mon Mar 15 14:51:22 2010 Importance: bugfix ID: MDVA-2010:101 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:101 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package timezone timezone-java Update: Mon Mar 15 15:30:53 2010 Importance: bugfix ID: MDVA-2010:101 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:101 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package iptables lib64iptables1 lib64iptables-devel Update: Thu Mar 18 19:59:20 2010 Importance: bugfix ID: MDVA-2010:104 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:104 %pre This update adds missing header files which are necessary to compile third-party applications based on iptables. %description iptables controls the Linux kernel network packet filtering code. It allows you to set up firewalls and IP masquerading, etc. Install iptables if you need to set up firewalling for your network. %package curl curl-examples lib64curl4 lib64curl-devel Update: Fri Mar 19 22:47:32 2010 Importance: security ID: MDVSA-2010:062 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:062 %pre A vulnerability has been found and corrected in curl: content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit (CVE-2010-0734). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct theis issue. %description curl is a client to get documents/files from servers, using any of the supported protocols. The command is designed to work without user interaction or any kind of interactivity. curl offers a busload of useful tricks like proxy support, user authentication, ftp upload, HTTP post, file transfer resume and more. This version is compiled with SSL (https) support. %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Tue Mar 23 10:40:13 2010 Importance: security ID: MDVSA-2010:064 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:064 %pre A vulnerability has been found and corrected in libpng: The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of service (memory and CPU consumption, and application hang) via a crafted PNG file, as demonstrated by use of the deflate compression method on data composed of many occurrences of the same character, related to a decompression bomb attack (CVE-2010-0205). The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package cpio tar Update: Tue Mar 23 11:39:36 2010 Importance: security ID: MDVSA-2010:065 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:065 %pre A vulnerability has been found and corrected in cpio and tar: Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arbitrary code by sending more data than was requested, related to archive filenames that contain a : (colon) character (CVE-2010-0624). The Tar package as shipped with Mandriva Linux is not affected by this vulnerability, but it was patched nonetheless in order to provide additional security to customers who recompile the package while having the rsh package installed. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description The GNU tar program saves many files together into one archive and can restore individual files (or all of the files) from the archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/ decompression, the ability to perform remote archives and the ability to perform incremental and full backups. If you want to use Tar for remote backups, you'll also need to install the rmt package. You should install the tar package, because you'll find its compression and decompression utilities essential for working with files. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sat Mar 27 13:18:31 2010 Importance: security ID: MDVSA-2010:068 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:068 %pre A vulnerability has been found and corrected in php: The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument (CVE-2010-0397). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-dbase php-devel php-dom php-exif php-fcgi php-filter php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-json php-ldap php-mbstring php-mcrypt php-mhash php-mime_magic php-ming php-mssql php-mysql php-mysqli php-ncurses php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite php-sybase php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sat Mar 27 16:35:43 2010 Importance: security ID: MDVSA-2010:068 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:068 %pre A vulnerability has been found and corrected in php: The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first argument to the xmlrpc_decode_request function, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) and possibly have unspecified other impact via a crafted argument (CVE-2010-0397). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel nss Update: Tue Apr 06 23:15:20 2010 Importance: security ID: MDVSA-2010:069 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:069 %pre A vulnerability has been found and corrected in nss: The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue (CVE-2009-3555). Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack. %description Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. For detailed information on standards supported, see http://www.mozilla.org/projects/security/pki/nss/overview.html. %package rpmdrake Update: Thu Apr 08 22:28:48 2010 Importance: bugfix ID: MDVA-2010:114 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:114 %pre This update fixes rpmdrake to suggest packages from disabled backports media only when Backports view is used (#40556). %description This package contains the Mandriva graphical software manipulation tools. Rpmdrake provides a simple interface that makes it easy to install and remove software. MandrivaUpdate is a single-purpose application for keeping your system up to date with the latest official updates. There is also a tool for configuring package sources (medias), which can be run independently or accessed from within rpmdrake. %package beagle beagle-crawl-system beagle-doc beagle-epiphany beagle-evolution beagle-gui beagle-gui-qt beagle-libs epiphany epiphany-devel firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-kn firefox-ko firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sv_SE firefox-te firefox-th firefox-theme-kfirefox firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell google-gadgets-common google-gadgets-gtk google-gadgets-qt google-gadgets-xul lemon lib64ggadget1.0_0 lib64ggadget-gtk1.0_0 lib64ggadget-qt1.0_0 lib64google-gadgets-devel lib64opensc2 lib64opensc-devel lib64sqlite3_0 lib64sqlite3-devel lib64sqlite3-static-devel lib64xulrunner1.9.2.3 lib64xulrunner-devel mozilla-plugin-opensc mozilla-thunderbird-beagle opensc sqlite3-tools tcl-sqlite3 xulrunner yelp Update: Tue Apr 13 15:32:20 2010 Importance: security ID: MDVSA-2010:070 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:070 %pre Security issues were identified and fixed in firefox: Security researcher regenrecht reported (via TippingPoint's Zero Day Initiative) a potential reuse of a deleted image frame in Firefox 3.6's handling of multipart/x-mixed-replace images. Although no exploit was shown, re-use of freed memory has led to exploitable vulnerabilities in the past (CVE-2010-0164). Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0165, CVE-2010-0167). Mozilla developer Josh Soref of Nokia reported that documents failed to call certain security checks when attempting to preload images. Although the image content is not available to the page, it is possible to specify protocols that are normally not allowed in a web page such as file:. This includes internal schemes implemented by add-ons that might perform privileged actions resulting in something like a Cross-Site Request Forgery (CSRF) attack against the add-on. Potential severity would depend on the add-ons installed (CVE-2010-0168). Mozilla developer Blake Kaplan reported that the window.location object was made a normal overridable JavaScript object in the Firefox 3.6 browser engine (Gecko 1.9.2) because new mechanisms were developed to enforce the same-origin policy between windows and frames. This object is unfortunately also used by some plugins to determine the page origin used for access restrictions. A malicious page could override this object to fool a plugin into granting access to data on another site or the local file system. The behavior of older Firefox versions has been restored (CVE-2010-0170). Mozilla developer Justin Dolske reported that the new asynchronous Authorization Prompt (HTTP username and password) was not always attached to the correct window. Although we have not demonstrated this, it may be possible for a malicious page to convince a user to open a new tab or popup to a trusted service and then have the HTTP authorization prompt from the malicious page appear to be the login prompt for the trusted page. This potential attack is greatly mitigated by the fact that very few web sites use HTTP authorization, preferring instead to use web forms and cookies (CVE-2010-0172). Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028 (CVE-2010-1122). Mozilla developers identified and fixed several stability bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these crashes showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-0173, CVE-2010-0174) Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a select event handler for XUL tree items could be called after the tree item was deleted. This results in the execution of previously freed memory which an attacker could use to crash a victim's browser and run arbitrary code on the victim's computer (CVE-2010-0175). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative an error in the way . In certain cases, the number of references to an