%package php-xdebug Update: Tue Jul 13 15:07:45 2010 Importance: bugfix ID: MDVA-2010:181-1 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:181-1 %pre This is maintenance and bugfix release bringing php-xdebug-2.1.0 (final) that addreses some php-5.3.x specific issues. Update: Updated packages for Mandriva Linux 2010.1 is also provided. %description The Xdebug extension helps you debugging your script by providing a lot of valuable debug information. The debug information that Xdebug can provide includes the following: * stack and function traces in error messages with: o full parameter display for user defined functions o function name, file name and line indications o support for member functions * memory allocation * protection for infinite recursions Xdebug also provides: * profiling information for PHP scripts * script execution analysis * capabilities to debug your scripts interactively with a debug client %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Wed Jul 14 16:11:43 2010 Importance: security ID: MDVSA-2010:132 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:132 %pre Multiple vulnerabilities has been found and corrected in python: Multiple integer overflows in audioop.c in the audioop module in Ptthon allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5 (CVE-2010-1634). The audioop module in Python does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634 (CVE-2010-2089). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Thu Jul 15 21:23:33 2010 Importance: security ID: MDVSA-2010:133 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:133 %pre Multiple vulnerabilities has been found and corrected in libpng: Memory leak in the png_handle_tEXt function in pngrutil.c in libpng before 1.2.33 rc02 and 1.4.0 beta36 allows context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted PNG file (CVE-2008-6218. Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row (CVE-2010-1205). Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks (CVE-2010-2249). As a precaution htmldoc has been rebuilt to link against the system libpng library for CS4 and 2008.0. Latest xulrunner and mozilla-thunderbird has been patched as a precaution for 2008.0 wheres on 2009.0 and up the the system libpng library is used instead of the bundled copy. htmldoc, xulrunner and mozilla-thunderbird packages is therefore also being provided with this advisory. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package ghostscript ghostscript-common ghostscript-doc ghostscript-dvipdf ghostscript-module-X ghostscript-X lib64gs8 lib64gs8-devel lib64ijs1 lib64ijs1-devel Update: Thu Jul 15 23:43:01 2010 Importance: security ID: MDVSA-2010:136 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:136 %pre A vulnerability has been found and corrected in ghostscript: Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter (CVE-2010-1628). As a precaution ghostscriptc has been rebuilt to link against the system libpng library which was fixed with MDVSA-2010:133 The updated packages have been patched to correct this issue. %description Ghostscript is a set of software tools that provide a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped and vector formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. You should install ghostscript if you need to display PostScript or PDF files, or if you have a non-PostScript printer. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Sun Jul 18 18:36:40 2010 Importance: security ID: MDVSA-2010:137 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:137 %pre Multiple vulnerabilities has been found and corrected in freetype2: Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed (CVE-2010-2497, CVE-2010-2498, CVE-2010-2499, CVE-2010-2500, CVE-2010-2519). A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected (CVE-2010-2520). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package rpmdrake Update: Wed Jul 21 16:54:45 2010 Importance: bugfix ID: MDVA-2010:182 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:182 %pre This update fixes a bug in rpmdrake where it would crashes when clicking on details (bug #60153). %description This package contains the Mandriva graphical software manipulation tools. Rpmdrake provides a simple interface that makes it easy to install and remove software. MandrivaUpdate is a single-purpose application for keeping your system up to date with the latest official updates. There is also a tool for configuring package sources (medias), which can be run independently or accessed from within rpmdrake. %package iputils Update: Fri Jul 23 10:49:28 2010 Importance: security ID: MDVSA-2010:138 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:138 %pre Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply (CVE-2010-2529). The updated packages have been patched to correct these issues. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description The iputils package contains ping, a basic networking tool. The ping command sends a series of ICMP protocol ECHO_REQUEST packets to a specified network host and can tell you if that machine is alive and receiving network traffic. %package apache-mod_php lib64mbfl1 lib64mbfl-devel lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Tue Jul 27 13:54:43 2010 Importance: security ID: MDVSA-2010:140 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:140 %pre This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). * Fixed a possible resource destruction issues in shm_put_var(). * Fixed a possible information leak because of interruption of XOR operator. * Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. * Fixed a possible memory corruption in ArrayObject::uasort(). * Fixed a possible memory corruption in parse_str(). * Fixed a possible memory corruption in pack(). * Fixed a possible memory corruption in substr_replace(). * Fixed a possible memory corruption in addcslashes(). * Fixed a possible stack exhaustion inside fnmatch(). * Fixed a possible dechunking filter buffer overflow. * Fixed a possible arbitrary memory access inside sqlite extension. * Fixed string format validation inside phar extension. * Fixed handling of session variable serialization on certain prefix characters. * Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). * Fixed SplObjectStorage unserialization problems (CVE-2010-2225). * Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. * Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64ldap2.4_2 lib64ldap2.4_2-devel lib64ldap2.4_2-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Wed Jul 28 17:41:07 2010 Importance: security ID: MDVSA-2010:142 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:142 %pre Multiple vulnerabilities has been discovered and corrected in openldap: The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite (CVE-2010-0211). OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite (CVE-2010-0212). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) which is in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes only configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package gnupg2 Update: Fri Jul 30 18:06:41 2010 Importance: security ID: MDVSA-2010:143 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:143 %pre A vulnerability has been discovered and corrected in gnupg2: Importing a certificate with more than 98 Subject Alternate Names via GPGSM's import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that the reallocation code misses assigning the reallocated array to the old array variable and thus the old and freed array will be used. Usually this leads to a segv (CVE-2010-2547). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Wed Aug 04 18:36:04 2010 Importance: security ID: MDVSA-2010:144 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:144 %pre This advisory updates wireshark to the latest version(s), fixing several security issues: Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284). Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287). %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Fri Aug 06 18:05:21 2010 Importance: security ID: MDVSA-2010:146 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:146 %pre Multiple vulnerabilities has been discovered and corrected in libtiff: The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to downsampled OJPEG input. (CVE-2010-2595) Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow (CVE-2010-1411). Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow (CVE-2010-2065). The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values (CVE-2010-2483). The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to downsampled OJPEG input and possibly related to a compiler optimization that triggers a divide-by-zero error (CVE-2010-2597). The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file (CVE-2010-248). Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file (CVE-2010-2067). tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to downsampled OJPEG input. (CVE-2010-2233). LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443 (CVE-2010-2482). The updated packages have been patched to correct these issues. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-kn firefox-ko firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64xulrunner1.9.2.8 lib64xulrunner-devel mozilla-thunderbird-beagle xulrunner yelp Update: Tue Aug 10 15:26:01 2010 Importance: security ID: MDVSA-2010:147 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:147 %pre Security issues were identified and fixed in firefox: layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214 (CVE-2010-2755). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. The python packages contained a small dependency problem on 2008.0/2009.0/MES5 that is addressed as well with this advisory. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Thu Aug 12 13:25:29 2010 Importance: security ID: MDVSA-2010:148 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:148 %pre A security vulnerability has been identified and fixed in pidgin: The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and application crash) via an X-Status message that lacks the expected end tag for a (1) desc or (2) title element (CVE-2010-2528). Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. This update provides pidgin 2.7.3, which is not vulnerable to this issue. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Thu Aug 12 17:31:06 2010 Importance: security ID: MDVSA-2010:149 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:149 %pre A vulnerability has been discovered and corrected in freetype2: Multiple stack overflow flaws have been reported in the way FreeType font rendering engine processed certain CFF opcodes. An attacker could use these flaws to create a specially-crafted font file that, when opened, would cause an application linked against libfreetype to crash, or, possibly execute arbitrary code (CVE-2010-1797). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package lib64mikmod3 lib64mikmod-devel Update: Mon Aug 16 09:26:04 2010 Importance: security ID: MDVSA-2010:151 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:151 %pre A vulnerability has been discovered and corrected in libmikmod: Multiple heap-based buffer overflows might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file (CVE-2009-3995). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Libmikmod is a portable sound library, capable of playing samples as well as module files, originally written by Jean-Paul Mikkers (MikMak) for DOS. It has subsequently been hacked by many hands and now runs on many Unix flavours. It uses the OSS /dev/dsp driver including in all recent kernels for output, as well as ALSA and EsounD, and will also write wav files. Supported file formats include 669, AMF, APUN, DSM, FAR, GDM, IT, IMF,MOD, MED, MTM, OKT, S3M, STM, STX, ULT, UNI and XM. Full source included, use of this library for music/sound effects in your own programs is encouraged ! %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Mon Aug 16 13:50:59 2010 Importance: security ID: MDVSA-2010:152 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:152 %pre A vulnerabilitiy has been found and corrected in apache: The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote attackers to cause a denial of service (process crash) via a request that lacks a path (CVE-2010-1452). Packages for 2008.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package cabextract Update: Mon Aug 16 15:27:26 2010 Importance: security ID: MDVSA-2010:154 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:154 %pre Multiple vulnerabilities has been found and corrected in cabextract: The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed MSZIP archive in a .cab file during a test or extract action, related to the libmspack library (CVE-2010-2800). Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mode is used, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Quantum archive in a .cab file, related to the libmspack library (CVE-2010-2801). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages provides cabextract 1.3 which is not vulnerable to these issues. %description Cabinet (.CAB) files are a form of archive, which Microsoft use to distribute their software, and things like Windows Font Packs. The cabextract program simply unpacks such files. %package rsh rsh-server Update: Wed Aug 18 09:13:20 2010 Importance: bugfix ID: MDVA-2010:186 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:186 %pre Various packages of old unix utilities (rsh, rlogin, telnet, ...) available in mandriva used to be paralleously installable, though usage of setup-alternative utility. In 2010.1, the MIT-kerberized versions from krb5-appl package ceased to use this setup, for sake of simplicity, and was made conflicting with other packages. However, the netkit version of rsh wasn't modified accordingly, and still install its binaries as {rsh,rlogin,telnet}.netkit, making their usage impractical. %description The rsh package contains a set of programs which allow users to run commmands on remote machines, login to other machines and copy files between machines (rsh, rlogin and rcp). All three of these commands use rhosts style authentication. This package contains the clients needed for all of these services. The rsh package should be installed to enable remote access to other machines. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx mysql-plugin_spider Update: Fri Aug 20 13:14:22 2010 Importance: security ID: MDVSA-2010:155 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:155 %pre Multiple vulnerabilities has been found and corrected in mysql: MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a denial of service (server crash and database loss) via an ALTER DATABASE command with a #mysql50# string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which causes MySQL to move certain directories to the server data directory (CVE-2010-2008). Additionally many security issues noted in the 5.1.49 release notes has been addressed with this advisory as well, such as: * LOAD DATA INFILE did not check for SQL errors and sent an OK packet even when errors were already reported. Also, an assert related to client-server protocol checking in debug servers sometimes was raised when it should not have been. (Bug#52512) * Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711) * The server could crash if there were alternate reads from two indexes on a table using the HANDLER interface. (Bug#54007) * A malformed argument to the BINLOG statement could result in Valgrind warnings or a server crash. (Bug#54393) * Incorrect handling of NULL arguments could lead to a crash for IN() or CASE operations when NULL arguments were either passed explicitly as arguments (for IN()) or implicitly generated by the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477) * Joins involving a table with with a unique SET column could cause a server crash. (Bug#54575) * Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash. (Bug#54044) The updated packages have been patched to correct these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.10 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) - Spider Storage Engine 2.13 (urpmi mysql-plugin_spider) Please see the documentation and the manual for more information. %package rpmstats Update: Sat Aug 21 12:45:51 2010 Importance: bugfix ID: MDVA-2010:187 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:187 %pre The rpmstats package in 2010.0 updates had a higher release number than the one for 2010.1. This advisory corrects the problem. %description rpmstats retrieves statistics about installed packages. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Sun Aug 22 16:36:52 2010 Importance: security ID: MDVSA-2010:157 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:157 %pre Multiple vulnerabilities has been found and corrected in freetype2: The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly validate certain position values, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file (CVE-2010-2805). Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based buffer overflow (CVE-2010-2806). FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file (CVE-2010-2807). Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Adobe Type 1 Mac Font File (aka LWFN) font (CVE-2010-2808). bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (application crash) via a crafted BDF font file, related to an attempted modification of a value in a static string (CVE-2010-3053). The updated packages have been patched to correct these issues. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package slib Update: Mon Aug 23 11:22:19 2010 Importance: bugfix ID: MDVA-2010:188 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:188 %pre Gnucash would crash on startup for users who had updated from 2010.0 to 2010.1 as the slib package was not updated properly. This update is the correct build of slib for Mandriva 2010.1. %description "SLIB" is a portable library for the programming language Scheme. It provides a platform independent framework for using "packages" of Scheme procedures and syntax. As distributed, SLIB contains useful packages for all Scheme implementations. Its catalog can be transparently extended to accommodate packages specific to a site, implementation, user, or directory. %package gv Update: Mon Aug 23 15:00:59 2010 Importance: security ID: MDVSA-2010:159 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:159 %pre A vulnerability has been found and corrected in gv: GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file (CVE-2010-2056). This update provides gv 3.7.1, which is not vulnerable to this issue. %description Gv provides a user interface for the ghostscript PostScript(TM) interpreter. Derived from the ghostview program, gv can display PostScript and PDF documents using the X Window System. Install the gv package if you'd like to view PostScript and PDF documents on your system. You'll also need to have the ghostscript package installed, as well as the X Window System. %package gv Update: Mon Aug 23 15:39:57 2010 Importance: security ID: MDVSA-2010:159 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:159 %pre A vulnerability has been found and corrected in gv: GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file (CVE-2010-2056). This update provides gv 3.7.1, which is not vulnerable to this issue. %description Gv provides a user interface for the ghostscript PostScript(TM) interpreter. Derived from the ghostview program, gv can display PostScript and PDF documents using the X Window System. Install the gv package if you'd like to view PostScript and PDF documents on your system. You'll also need to have the ghostscript package installed, as well as the X Window System. %package lib64vte9 lib64vte-devel python-vte vte Update: Tue Aug 24 19:00:50 2010 Importance: security ID: MDVSA-2010:161 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:161 %pre A vulnerability has been found and corrected in vte: The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.25.1 and earlier, as used in gnome-terminal, does not properly handle escape sequences, which allows remote attackers to execute arbitrary commands or obtain potentially sensitive information via a (1) window title or (2) icon title sequence. NOTE: this issue exists because of a CVE-2003-0070 regression (CVE-2010-2713). The updated packages have been patched to correct this issue. %description VTE is a terminal emulator widget for use with GTK+ 2.0. %package gwenview kamera kcolorchooser kdegraphics4 kdegraphics4-core kdegraphics4-devel kgamma kipi-common kolourpaint kruler ksnapshot lib64gwenviewlib4 lib64kdcraw8 lib64kexiv2_8 lib64kipi7 lib64kolourpaint_lgpl4 lib64ksane0 lib64okularcore1 libkdcraw-common okular Update: Thu Aug 26 18:00:50 2010 Importance: security ID: MDVSA-2010:162 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:162 %pre A vulnerability has been found and corrected in okular (kdegraphics): A specially crafted PDF or PS file could cause okular to crash or execute arbitrary code (CVE-2010-2575). The updated packages have been patched to correct this issue. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications %package lib64HX22 lib64HX-devel Update: Mon Aug 30 15:36:28 2010 Importance: security ID: MDVSA-2010:165 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:165 %pre A vulnerability has been found and corrected in libHX: Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a string that is inconsistent with the expected number of fields (CVE-2010-2947). The updated packages have been patched to correct this issue. %description A library for: - A+R/B trees to use for lists or maps (associative arrays) - Deques (double-ended queues) (Stacks (LIFO) / Queues (FIFOs)) - platform independent opendir-style directory access - platform independent dlopen-style shared library access - auto-storage strings with direct access - command line option (argv) parser - shell-style config file parser - platform independent random number generator with transparent /dev/urandom support - various string, memory and zvec ops %package lib64gdiplus0 lib64gdiplus-devel Update: Tue Aug 31 15:32:21 2010 Importance: security ID: MDVSA-2010:166 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:166 %pre A vulnerability has been found and corrected in libgdiplus: Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or (3) a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows (CVE-2010-1526). The updated packages have been patched to correct this issue. %description An Open Source implementation of the GDI+ API. This is part of the Mono project. %package perl-libwww-perl Update: Tue Aug 31 21:49:26 2010 Importance: security ID: MDVSA-2010:167 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:167 %pre A vulnerability has been found and corrected in perl-libwww-perl: lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory (CVE-2010-2253). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The libwww-perl collection is a set of Perl modules which provides a simple and consistent application programming interface (API) to the World-Wide Web. The main focus of the library is to provide classes and functions that allow you to write WWW clients. The library also contain modules that are of more general use and even classes that help you implement simple HTTP servers. %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel openssl openssl-engines Update: Wed Sep 01 15:26:54 2010 Importance: security ID: MDVSA-2010:168 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:168 %pre A vulnerability has been found and corrected in openssl: Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted private key with an invalid prime. NOTE: some sources refer to this as a use-after-free issue (CVE-2010-2939). The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Thu Sep 02 12:30:01 2010 Importance: security ID: MDVSA-2010:169 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:169 %pre Multiple vulnerabilities has been found and corrected in mozilla-thunderbird: dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not properly suppress a script's URL in certain circumstances involving a redirect and an error message, which allows remote attackers to obtain sensitive information about script parameters via a crafted HTML document, related to the window.onerror handler (CVE-2010-2754). Mozilla Firefox permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote HTTP servers to obtain sensitive information via a crafted document (CVE-2010-0654). The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 does not verify that content is valid JavaScript code, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted HTML document (CVE-2010-1213). Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element (CVE-2010-2753). Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array (CVE-2010-2752). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-1211). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package wget Update: Thu Sep 02 20:43:45 2010 Importance: security ID: MDVSA-2010:170 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:170 %pre A vulnerability has been found and corrected in wget: GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a URL with a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory (CVE-2010-2252). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you're logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with FTP servers and Range with HTTP servers to retrieve files over slow or unstable connections, support for Proxy servers, and configurability. %package clvmd cmirror dmsetup lib64devmapper1.02 lib64devmapper-devel lib64devmapper-event1.02 lib64devmapper-event-devel lib64lvm2app2.1 lib64lvm2cmd2.02 lib64lvm2cmd-devel lib64lvm2-devel lvm2 Update: Mon Sep 06 12:52:49 2010 Importance: security ID: MDVSA-2010:171 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:171 %pre A vulnerability has been found and corrected in lvm2: The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in Red Hat Global File System (GFS) and other products, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service (daemon exit or logical-volume change) or possibly have unspecified other impact via crafted control commands (CVE-2010-2526). The updated packages have been patched to correct this issue. %description LVM includes all of the support for handling read/write operations on physical volumes (hard disks, RAID-Systems, magneto optical, etc., multiple devices (MD), see mdadm(8) or even loop devices, see losetup(8)), creating volume groups (kind of virtual disks) from one or more physical volumes and creating one or more logical volumes (kind of logical partitions) in volume groups. %package lib64cairo2 lib64cairo-devel lib64cairo-static-devel Update: Mon Sep 06 22:27:56 2010 Importance: bugfix ID: MDVA-2010:189 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:189 %pre The version of cairo shipped with Mandriva 2010.1 prevented several PDF viewers from working. This updates cairo to the newest version to fix these problems. %description Cairo provides anti-aliased vector-based rendering for X. Paths consist of line segments and cubic splines and can be rendered at any width with various join and cap styles. All colors may be specified with optional translucence (opacity/alpha) and combined using the extended Porter/Duff compositing algebra as found in the X Render Extension. Cairo exports a stateful rendering API similar in spirit to the path construction, text, and painting operators of PostScript, (with the significant addition of translucence in the imaging model). When complete, the API is intended to support the complete imaging model of PDF 1.4. Cairo relies on the Xc library for backend rendering. Xc provides an abstract interface for rendering to multiple target types. As of this writing, Xc allows Cairo to target X drawables as well as generic image buffers. Future backends such as PostScript, PDF, and perhaps OpenGL are currently being planned. %package broadcom-wl-kernel-2.6.33.7-desktop-1mnb broadcom-wl-kernel-2.6.33.7-server-1mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.33.7-desktop-1mnb em8300-kernel-2.6.33.7-server-1mnb em8300-kernel-desktop-latest em8300-kernel-server-latest fglrx-kernel-2.6.33.7-desktop-1mnb fglrx-kernel-2.6.33.7-server-1mnb fglrx-kernel-desktop-latest fglrx-kernel-server-latest hsfmodem-kernel-2.6.33.7-desktop-1mnb hsfmodem-kernel-2.6.33.7-server-1mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest kernel-2.6.33.7-1mnb kernel-desktop-2.6.33.7-1mnb kernel-desktop-devel-2.6.33.7-1mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.33.7-1mnb kernel-server-devel-2.6.33.7-1mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.33.7-1mnb kernel-source-latest libafs-kernel-2.6.33.7-desktop-1mnb libafs-kernel-2.6.33.7-server-1mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.33.7-desktop-1mnb lirc-kernel-2.6.33.7-server-1mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.33.7-desktop-1mnb lzma-kernel-2.6.33.7-server-1mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.33.7-desktop-1mnb madwifi-kernel-2.6.33.7-server-1mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest nvidia173-kernel-2.6.33.7-desktop-1mnb nvidia173-kernel-2.6.33.7-server-1mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.33.7-desktop-1mnb nvidia96xx-kernel-2.6.33.7-server-1mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.33.7-desktop-1mnb nvidia-current-kernel-2.6.33.7-server-1mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest squashfs-lzma-kernel-2.6.33.7-desktop-1mnb squashfs-lzma-kernel-2.6.33.7-server-1mnb squashfs-lzma-kernel-desktop-latest squashfs-lzma-kernel-server-latest vboxadditions-kernel-2.6.33.7-desktop-1mnb vboxadditions-kernel-2.6.33.7-server-1mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest virtualbox-kernel-2.6.33.7-desktop-1mnb virtualbox-kernel-2.6.33.7-server-1mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.33.7-desktop-1mnb vpnclient-kernel-2.6.33.7-server-1mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Thu Sep 09 20:44:46 2010 Importance: security ID: MDVSA-2010:172 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. (CVE-2010-2492) The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS queries and perform arbitrary CIFS mounts via vectors involving an add_key call, related to a cache stuffing issue and MS-DFS referrals. (CVE-2010-2524) The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. (CVE-2010-2240) Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operation on the last block of a large file, followed by a sync operation. (CVE-2010-3015) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-kn firefox-ko firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.9 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Sat Sep 11 12:47:57 2010 Importance: security ID: MDVSA-2010:173 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:173 %pre Security issues were identified and fixed in firefox and mozilla-thinderbird: Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict read access to the statusText property of XMLHttpRequest objects, which allows remote attackers to discover the existence of intranet web servers via cross-origin requests (CVE-2010-2764). Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML via a selection that is added to a document in which the designMode property is enabled (CVE-2010-2769). Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms via UTF-7 encoding (CVE-2010-2768). The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox 3.6.x before 3.6.9 and Thunderbird 3.1.x before 3.1.3 does not properly restrict objects at the end of scope chains, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via vectors related to a chrome privileged object and a chain ending in an outer object (CVE-2010-2762). The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might allow remote attackers to execute arbitrary code via vectors involving access to a deleted object (CVE-2010-2766). The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to execute arbitrary code via vectors involving access to deleted memory, related to a dangling pointer vulnerability. (CVE-2010-3167) Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to cause a denial of service (deleted memory access and application crash) or possibly execute arbitrary code by setting unspecified properties (CVE-2010-3168). Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via vectors involving a XUL tree selection, related to a dangling pointer vulnerability. NOTE: this issue exists because of an incomplete fix for CVE-2010-2753 (CVE-2010-2760). Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a large number of values in the cols (aka columns) attribute, leading to a heap-based buffer overflow (CVE-2010-2765). Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a bidirectional text run (CVE-2010-3166). The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted access to the navigator object, related to a dangling pointer vulnerability. (CVE-2010-2767) Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3169). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. The NSS and NSPR packages has been upgraded to the latest versions. The rootcerts package has been upgraded to the latest CVS version (as of 2010/08/27). %description Help browser for GNOME 2 which supports docbook documents, info and man. %package sudo Update: Sun Sep 12 09:10:47 2010 Importance: security ID: MDVSA-2010:175 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:175 %pre A vulnerability has been found and corrected in sudo: Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a -u root sequence (CVE-2010-2956). The updated packages have been patched to correct this issue. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-eclipse tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Sun Sep 12 14:31:38 2010 Importance: security ID: MDVSA-2010:177 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:177 %pre Multiple vulnerabilities has been found and corrected in tomcat5: Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in an entry in a WAR file, as demonstrated by a ../../bin/catalina.bat entry (CVE-2009-2693). The autodeployment process in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20, when autoDeploy is enabled, deploys appBase files that remain from a failed undeploy, which might allow remote attackers to bypass intended authentication requirements via HTTP requests (CVE-2009-2901). Directory traversal vulnerability in Apache Tomcat 5.5.0 through 5.5.28 and 6.0.0 through 6.0.20 allows remote attackers to delete work-directory files via directory traversal sequences in a WAR filename, as demonstrated by the ...war filename (CVE-2009-2902). Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply (CVE-2010-1157). Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (application outage) or obtain sensitive information via a crafted header that interferes with recycling of a buffer. (CVE-2010-2227) Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package lib64glpng1 lib64glpng-devel Update: Sun Sep 12 18:05:22 2010 Importance: security ID: MDVSA-2010:179 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:179 %pre A vulnerability has been found and corrected in libglpng: Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF function, leading to heap-based buffer overflows (CVE-2010-1519). The updated packages have been patched to correct this issue. %description glpng is a small toolkit to make loading PNG image files as an OpenGL texture as easy as possible. %package gthumb gthumb-devel Update: Tue Sep 14 09:31:31 2010 Importance: bugfix ID: MDVA-2010:190 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:190 %pre Gthumb would crash for users of Nvidia graphic cards. This is a new version that contains a fix for the crash. %description gThumb lets you browse your hard disk, showing you thumbnails of image files. It also lets you view single files (including GIF animations), add comments to images, organize images in catalogs, print images, view slideshows, set your desktop background, and more. %package xdg-utils xset Update: Tue Sep 14 13:27:09 2010 Importance: bugfix ID: MDVA-2010:191 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:191 %pre The cross-desktop screensaver tool was missing a dependency on the xset tool. This update adds it. %description The xset program is used to set various user preference options of the display. %package pcmanfm Update: Wed Sep 15 17:55:34 2010 Importance: bugfix ID: MDVA-2010:192 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:192 %pre Due to a bug in PCManFM, when using the detailed-list view users could only enter a folder once, double clicking any other folder wouldn't work. This update fixes this issue by patching exo, which is bundled with PCManFM, to make treeview work with GTK > 2.18 %description PCMan File Manager is an extremly fast and lightweight file manager which features tabbed browsing and user-friendly interface. %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel openssl openssl-engines Update: Wed Sep 15 20:56:19 2010 Importance: bugfix ID: MDVA-2010:193 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:193 %pre Openssl.cnf as shipped with Mandriva Linux 2010.1 has a typo in default locality name, this update fixes the issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Thu Sep 16 18:58:57 2010 Importance: security ID: MDVSA-2010:184 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:184 %pre A vulnerability has been found and corrected in samba: Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted Windows Security ID (SID) on a file share (CVE-2010-3069). The updated packages have been patched to correct this issue. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package boost-examples lib64boost_date_time1.42.0 lib64boost-devel lib64boost-devel-doc lib64boost_filesystem1.42.0 lib64boost_graph1.42.0 lib64boost_iostreams1.42.0 lib64boost_math_c99_1.42.0 lib64boost_math_c99f1.42.0 lib64boost_math_c99l1.42.0 lib64boost_math_tr1_1.42.0 lib64boost_math_tr1f1.42.0 lib64boost_math_tr1l1.42.0 lib64boost_prg_exec_monitor1.42.0 lib64boost_program_options1.42.0 lib64boost_python1.42.0 lib64boost_regex1.42.0 lib64boost_serialization1.42.0 lib64boost_signals1.42.0 lib64boost-static-devel lib64boost_system1.42.0 lib64boost_thread1.42.0 lib64boost_unit_test_framework1.42.0 lib64boost_wave1.42.0 lib64boost_wserialization1.42.0 Update: Fri Sep 17 10:13:03 2010 Importance: bugfix ID: MDVA-2010:194 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:194 %pre Due to a typo in the boost package in Mandriva 2010.1 some files in the lib(64)boost-static-devel were symlinked wrongly, this update fixes this issue. %description Boost is a collection of free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library. This package contains only the shared libraries needed for running programs using Boost. %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Mon Sep 20 12:27:29 2010 Importance: bugfix ID: MDVA-2010:195 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:195 %pre A dependency flaw in the openssl packages could under certain circumstances prevent the engines sub package from being upgraded. This update fixes this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-kn firefox-ko firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64xulrunner1.9.2.10 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner yelp Update: Mon Sep 20 13:02:49 2010 Importance: bugfix ID: MDVA-2010:196 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:196 %pre This is a maintenance release of mozilla firefox and thunderbird that upgrades firefox to 3.6.10 and thunderbird to 3.0.8. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package bzip2 lib64bzip2_1 lib64bzip2-devel Update: Mon Sep 20 16:34:13 2010 Importance: security ID: MDVSA-2010:185 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:185 %pre An integer overflow has been found and corrected in bzip2 which could be exploited by using a specially crafted bz2 file and cause a denial of service attack (CVE-2010-0405). Additionally clamav has been upgraded to 0.96.2 and has been patched for this issue. perl-Compress-Bzip2 in MES5 has been linked against the system bzip2 library to resolv this issue. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Bzip2 compresses files using the Burrows-Wheeler block-sorting text compression algorithm, and Huffman coding. Compression is generally considerably better than that achieved by more conventional LZ77/LZ78-based compressors, and approaches the performance of the PPM family of statistical compressors. The command-line options are deliberately very similar to those of GNU Gzip, but they are not identical. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird-beagle Update: Tue Sep 21 12:30:33 2010 Importance: bugfix ID: MDVA-2010:198 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:198 %pre It was discovered the mozilla-thunderbird-beagle packages wasn't built against the latest mozilla-thunderbird 3.0.8. The fixed packages addresses this problem. %description Beagle is an indexing sub-system and search aggregator built on top of Lucene.Net. It can index your files, mailboxes, your web browsing behaviour and other things. %package squid squid-cachemgr Update: Wed Sep 22 17:26:29 2010 Importance: security ID: MDVSA-2010:187 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:187 %pre A vulnerability has been found and corrected in squid: The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted request (CVE-2010-3072). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects over IPv4 or IPv6. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, asynchronous process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol (ICP) and HTTP Cache Protocol (HTCP) Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package broadcom-wl-kernel-2.6.33.7-desktop-2mnb broadcom-wl-kernel-2.6.33.7-server-2mnb broadcom-wl-kernel-desktop-latest broadcom-wl-kernel-server-latest em8300-kernel-2.6.33.7-desktop-2mnb em8300-kernel-2.6.33.7-server-2mnb em8300-kernel-desktop-latest em8300-kernel-server-latest fglrx-kernel-2.6.33.7-desktop-2mnb fglrx-kernel-2.6.33.7-server-2mnb fglrx-kernel-desktop-latest fglrx-kernel-server-latest hsfmodem-kernel-2.6.33.7-desktop-2mnb hsfmodem-kernel-2.6.33.7-server-2mnb hsfmodem-kernel-desktop-latest hsfmodem-kernel-server-latest kernel-2.6.33.7-2mnb kernel-desktop-2.6.33.7-2mnb kernel-desktop-devel-2.6.33.7-2mnb kernel-desktop-devel-latest kernel-desktop-latest kernel-doc kernel-server-2.6.33.7-2mnb kernel-server-devel-2.6.33.7-2mnb kernel-server-devel-latest kernel-server-latest kernel-source-2.6.33.7-2mnb kernel-source-latest libafs-kernel-2.6.33.7-desktop-2mnb libafs-kernel-2.6.33.7-server-2mnb libafs-kernel-desktop-latest libafs-kernel-server-latest lirc-kernel-2.6.33.7-desktop-2mnb lirc-kernel-2.6.33.7-server-2mnb lirc-kernel-desktop-latest lirc-kernel-server-latest lzma-kernel-2.6.33.7-desktop-2mnb lzma-kernel-2.6.33.7-server-2mnb lzma-kernel-desktop-latest lzma-kernel-server-latest madwifi-kernel-2.6.33.7-desktop-2mnb madwifi-kernel-2.6.33.7-server-2mnb madwifi-kernel-desktop-latest madwifi-kernel-server-latest nvidia173-kernel-2.6.33.7-desktop-2mnb nvidia173-kernel-2.6.33.7-server-2mnb nvidia173-kernel-desktop-latest nvidia173-kernel-server-latest nvidia96xx-kernel-2.6.33.7-desktop-2mnb nvidia96xx-kernel-2.6.33.7-server-2mnb nvidia96xx-kernel-desktop-latest nvidia96xx-kernel-server-latest nvidia-current-kernel-2.6.33.7-desktop-2mnb nvidia-current-kernel-2.6.33.7-server-2mnb nvidia-current-kernel-desktop-latest nvidia-current-kernel-server-latest squashfs-lzma-kernel-2.6.33.7-desktop-2mnb squashfs-lzma-kernel-2.6.33.7-server-2mnb squashfs-lzma-kernel-desktop-latest squashfs-lzma-kernel-server-latest vboxadditions-kernel-2.6.33.7-desktop-2mnb vboxadditions-kernel-2.6.33.7-server-2mnb vboxadditions-kernel-desktop-latest vboxadditions-kernel-server-latest virtualbox-kernel-2.6.33.7-desktop-2mnb virtualbox-kernel-2.6.33.7-server-2mnb virtualbox-kernel-desktop-latest virtualbox-kernel-server-latest vpnclient-kernel-2.6.33.7-desktop-2mnb vpnclient-kernel-2.6.33.7-server-2mnb vpnclient-kernel-desktop-latest vpnclient-kernel-server-latest Update: Thu Sep 23 04:23:28 2010 Importance: security ID: MDVSA-2010:188 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:188 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount symlinks, which allows attackers to have an unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088) The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors. (CVE-2009-3228) The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of the kernel node set. (CVE-2010-0415) The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioctl calls. (CVE-2009-3620) The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly handle certain unlock operations for a Priority Inheritance (PI) futex, which allows local users to cause a denial of service (OOPS) and possibly have unspecified other impact via vectors involving modification of the futex value from user space. (CVE-2010-0622) The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL pointer dereference in the gfn_to_rmap function. (CVE-2009-2287) The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 2.6.31.1 does not properly verify the Current Privilege Level (CPL) before accessing a debug register, which allows guest OS users to cause a denial of service (trap) on the host OS via a crafted application. (CVE-2009-3722) The ext4_decode_error function in fs/ext4/super.c in the ext4 filesystem in the Linux kernel before 2.6.32 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference), and possibly have unspecified other impact, via a crafted read-only filesystem that lacks a journal. (CVE-2009-4308) The eisa_eeprom_read function in the parisc isa-eeprom component (drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6 allows local users to access restricted memory via a negative ppos argument, which bypasses a check that assumes that ppos is positive and causes an out-of-bounds read in the readb function. (CVE-2009-2846) Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Linux kernel before 2.6.34-rc6 allow remote attackers to cause a denial of service (panic) or possibly execute arbitrary code via a crafted NFSv4 compound WRITE request, related to the read_buf and nfsd4_decode_compound functions. (CVE-2010-2521) mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1643. (CVE-2008-7256) The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits certain required calls to the put_pid function, which has unspecified impact and local attack vectors. (CVE-2010-1162) mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown vectors. (CVE-2010-1643) The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. (CVE-2010-1173) The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer dereference. (CVE-2010-1187) The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. (CVE-2010-1173) fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote attackers to cause a denial of service (panic) via an SMB response packet with an invalid CountHigh value, as demonstrated by a response from an OS/2 server, related to the CIFSSMBWrite and CIFSSMBWrite2 functions. (CVE-2010-2248) Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors. (CVE-2010-2492) The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly check the file descriptors passed to the SWAPEXT ioctl, which allows local users to leverage write access and obtain read access by swapping one file into another file. (CVE-2010-2226) The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact by renaming a file in a GFS2 filesystem, related to the gfs2_rename function in fs/gfs2/ops_inode.c. (CVE-2010-2798) The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4, and 2.6.35.x before 2.6.35.2 does not properly separate the stack and the heap, which allows context-dependent attackers to execute arbitrary code by writing to the bottom page of a shared memory segment, as demonstrated by a memory-exhaustion attack against the X.Org X server. (CVE-2010-2240) The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows local users to obtain potentially sensitive information from kernel memory by requesting a large memory-allocation amount. (CVE-2010-2803) Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4 allows attackers to execute arbitrary code or cause a denial of service (system crash) via crafted CAN traffic. (CVE-2010-2959) Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device. (CVE-2010-3080) A vulnerability in Linux kernel caused by insecure allocation of user space memory when translating system call inputs to 64-bit. A stack pointer underflow can occur when using the compat_alloc_user_space method with an arbitrary length input. (CVE-2010-3081) The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x86_64 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-bounds access to the system call table using the %rax register. NOTE: this vulnerability exists because of a CVE-2007-4573 regression. (CVE-2010-3301) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description %package rpmdrake Update: Thu Sep 23 16:49:59 2010 Importance: bugfix ID: MDVA-2010:200 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:200 %pre This update fixes a wrong notice message for updates regarding the reports of supported and unsupported packages (bug #60629). %description This package contains the Mandriva graphical software manipulation tools. Rpmdrake provides a simple interface that makes it easy to install and remove software. MandrivaUpdate is a single-purpose application for keeping your system up to date with the latest official updates. There is also a tool for configuring package sources (medias), which can be run independently or accessed from within rpmdrake. %package evolution evolution-data-server evolution-devel evolution-mono evolution-pilot gtkhtml-3.14 lib64camel14 lib64ebackend0 lib64ebook9 lib64ecal7 lib64edata-book2 lib64edata-cal7 lib64edataserver13 lib64edataserver-devel lib64edataserverui8 lib64egroupwise13 lib64gdata1 lib64gtkhtml-3.14_19 lib64gtkhtml-3.14-devel Update: Mon Sep 27 17:10:26 2010 Importance: bugfix ID: MDVA-2010:201 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:201 %pre Evolution would sometimes crash when you view and close messages quickly, while the preview panel is disabled. This updates Evolution to the latest version that prevents this problem. %description GtkHTML is a HTML rendering/editing library. GtkHTML is not designed to be the ultimate HTML browser/editor: instead, it is designed to be easily embedded into applications that require lightweight HTML functionality. GtkHTML was originally based on KDE's KHTMLW widget, but is now developed independently of it. The most important difference between KHTMLW and GtkHTML, besides being GTK-based, is that GtkHTML is also an editor. Thanks to the Bonobo editor component that comes with the library, it's extremely simple to add HTML editing to an existing application. %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Thu Sep 30 14:15:18 2010 Importance: security ID: MDVSA-2010:190 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:190 %pre A vulnerability has been found and corrected in libtiff: libtiff allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image (CVE-2010-3087). The updated packages have been patched to correct this issue. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package mailman Update: Fri Oct 01 17:50:19 2010 Importance: security ID: MDVSA-2010:191 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:191 %pre Multiple vulnerabilities has been found and corrected in mailman: Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving (1) the list information field or (2) the list description field (CVE-2010-3089). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Mailman -- The GNU Mailing List Management System -- is a mailing list management system written mostly in Python. Features: o Most standard mailing list features, including: moderation, mail based commands, digests, etc... o An extensive Web interface, customizable on a per-list basis. o Web based list administration interface for *all* admin-type tasks o Automatic Web based hypermail-style archives (using pipermail or other external archiver), including provisions for private archives o Integrated mail list to newsgroup gatewaying o Integrated newsgroup to mail list gatewaying (polling-based... if you have access to the nntp server, you should be able to easily do non-polling based news->mail list gatewaying; email viega@list.org, I'd like to help get that going and come up with instructions) o Smart bounce detection and correction o Integrated fast bulk mailing o Smart spam protection o Extensible logging o Multiple list owners and moderators are possible o Optional MIME-compliant digests o Nice about which machine you subscribed from if you're from the right domain Conditional build options: mailman uid --with uid mail mailman gid --with gid mail %package mdkonline Update: Fri Oct 01 23:10:42 2010 Importance: bugfix ID: MDVA-2010:202 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:202 %pre This update: - fixes bug related to loading png files after upgrading GTK (#59025) in distro upgrade; - Adds the mdkapplet restart feature to mdkapplet-upgrade-helper, triggered after a successful upgrade (#59481). %description The Mandriva Online tool allows users to be kept informed about security updates, hardware support/enhancements and other high value services. The package include : * Update daemon which allows you to install security updates automatically, * A KDE/Gnome/IceWM compliant applet for security updates notification and installation. %package apr-util-dbd-freetds apr-util-dbd-ldap apr-util-dbd-mysql apr-util-dbd-odbc apr-util-dbd-pgsql apr-util-dbd-sqlite3 apr-util-dbm-db lib64apr-util1 lib64apr-util-devel Update: Sat Oct 02 19:13:03 2010 Importance: security ID: MDVSA-2010:192 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:192 %pre A denial of service attack against apr_brigade_split_line() was discovered in apr-util (CVE-2010-1623). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. %package qt-creator qt-creator-doc Update: Sun Oct 03 11:21:22 2010 Importance: security ID: MDVSA-2010:193 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:193 %pre A vulnerability has been found in Qt Creator 2.0.0 and previous versions. The vulnerability occurs because of an insecure manipulation of a Unix environment variable by the qtcreator shell script. It manifests by causing Qt or Qt Creator to attempt to load certain library names from the current working directory (CVE-2010-3374). The updated packages have been patched to correct this issue. %description Qt Creator (previously known as Project Greenhouse) is a new, lightweight, cross-platform integrated development environment (IDE) designed to make development with the Qt application framework even faster and easier. %package gnupg2 Update: Sun Oct 03 12:37:12 2010 Importance: bugfix ID: MDVA-2010:204 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:204 %pre The gpg-agent has a problem making it stop to work after 1 minute or even not start at all. This update has fixes for this problems. %description GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. %package git git-arch git-core git-core-oldies git-cvs git-email gitk git-prompt git-svn gitview gitweb lib64git-devel perl-Git python-git Update: Sun Oct 03 18:18:12 2010 Importance: security ID: MDVSA-2010:194 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:194 %pre A vulnerability has been found and corrected in git: Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy (CVE-2010-2542). The updated packages have been patched to correct this issue. %description This is a stupid (but extremely fast) directory content manager. It doesn't do a whole lot, but what it _does_ do is track directory contents efficiently. It is intended to be the base of an efficient, distributed source code management system. This package includes rudimentary tools that can be used as a SCM, but you should look elsewhere for tools for ordinary humans layered on top of this. This is a dummy package which brings in all subpackages. %package lib64esmtp5 lib64esmtp-devel Update: Mon Oct 04 18:34:28 2010 Importance: security ID: MDVSA-2010:195 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:195 %pre Multiple vulnerabilities has been found and corrected in libesmtp: libESMTP, probably 1.0.4 and earlier, does not properly handle a \'\0\' (NUL) character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2010-1192). The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName (CVE-2010-1194). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description LibESMTP is a library to manage posting (or submission of) electronic mail using SMTP to a preconfigured Mail Transport Agent (MTA) such as Exim. It may be used as part of a Mail User Agent (MUA) or another program that must be able to post electronic mail but where mail functionality is not the program's primary purpose. %package xdg-user-dirs Update: Mon Oct 04 21:20:01 2010 Importance: bugfix ID: MDVA-2010:205 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:205 %pre The translations for the default download directory was missing for several languages. This update adds the missing translations. %description xdg-user-dirs is a tool to help manage "well known" user directories like the desktop folder and the music folder. It also handles localization (i.e. translation) of the filenames. %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Wed Oct 06 10:56:37 2010 Importance: security ID: MDVSA-2010:197 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:197 %pre Multiple vulnerabilities was discovered and corrected in postgresql: An authenticated database user can manipulate modules and tied variables in some external procedural languages to execute code with enhanced privileges (CVE-2010-3433). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides a solution to these vulnerabilities. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Update: Sun Oct 10 16:03:54 2010 Importance: bugfix ID: MDVA-2010:208 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:208 %pre A problem has been discovered with cyrus-imapd 2.3.15 on Mandriva 2010 Spring, in handling the IMAP COMPRESS option. Cyrus imapd 2.3.15 implements the IMAP COMPRESS option, in order to compress data between the imap server and clients that support this option, eg. Thunderbird 3. A problem has been discovered in the implementation which causes the inability to upload large messages to the imap server. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package wine64 wine64-devel Update: Mon Oct 11 13:16:26 2010 Importance: bugfix ID: MDVA-2010:211 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:211 %pre This update provides the latest stable wine. MDV2010.1 provided a release candidate of wine (1.2.0-rc4). This update pushes all the fixes accumulated between 1.2.0-rc4 and final 1.2.0). For further information, read: * http://www.winehq.org/announce/1.2 * http://www.winehq.org/announce/1.2-rc7 * http://www.winehq.org/announce/1.2-rc6 * http://www.winehq.org/announce/1.2-rc5 Special thanks to Diogo Travassos and his Mandriva based lan house for it's tests on this update candidate. %description Wine is a program which allows running Microsoft Windows programs (including DOS, Windows 3.x and Win32 executables) on Unix. It consists of a program loader which loads and executes a Microsoft Windows binary, and a library (called Winelib) that implements Windows API calls using their Unix or X11 equivalents. The library may also be used for porting Win32 code into native Unix executables. %package wine64 wine64-devel Update: Tue Oct 12 06:23:18 2010 Importance: bugfix ID: MDVA-2010:211 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:211 %pre This update provides the latest stable wine. MDV2010.1 provided a release candidate of wine (1.2.0-rc4). This update pushes all the fixes accumulated between 1.2.0-rc4 and final 1.2.0). For further information, read: * http://www.winehq.org/announce/1.2 * http://www.winehq.org/announce/1.2-rc7 * http://www.winehq.org/announce/1.2-rc6 * http://www.winehq.org/announce/1.2-rc5 Special thanks to Diogo Travassos and his Mandriva based lan house for it's tests on this update candidate. %description Wine is a program which allows running Microsoft Windows programs (including DOS, Windows 3.x and Win32 executables) on Unix. It consists of a program loader which loads and executes a Microsoft Windows binary, and a library (called Winelib) that implements Windows API calls using their Unix or X11 equivalents. The library may also be used for porting Win32 code into native Unix executables. %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svn-gnome-keyring0 lib64svnjavahl1 lib64svn-kwallet0 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Tue Oct 12 14:57:52 2010 Importance: security ID: MDVSA-2010:199 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:199 %pre A vulnerability was discovered and corrected in subversion: authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands (CVE-2010-3315). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svn-gnome-keyring0 lib64svnjavahl1 lib64svn-kwallet0 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Tue Oct 12 15:32:37 2010 Importance: security ID: MDVSA-2010:199 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:199 %pre A vulnerability was discovered and corrected in subversion: authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands (CVE-2010-3315). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Wed Oct 13 14:41:06 2010 Importance: security ID: MDVSA-2010:200 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:200 %pre It was discovered that the ASN.1 BER dissector in wireshark was susceptible to a stack overflow (CVE-2010-3445). For 2010.0 and 2010.1 wireshark was upgraded to v1.2.12 which is not vulnerable to this issue and was patched for CS4 and MES5 to resolve the vulnerability. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Wed Oct 13 16:43:29 2010 Importance: security ID: MDVSA-2010:201 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:201 %pre A vulnerability was discovered and corrected in freetype2: Marc Schoenefeld found an input stream position error in the way FreeType font rendering engine processed input file streams. If a user loaded a specially-crafted font file with an application linked against FreeType and relevant font glyphs were subsequently rendered with the X FreeType library (libXft), it could cause the application to crash or, possibly execute arbitrary code (integer overflow leading to heap-based buffer overflow in the libXft library) with the privileges of the user running the application. Different vulnerability than CVE-2010-1797 (CVE-2010-3311). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Wed Oct 13 18:09:41 2010 Importance: security ID: MDVSA-2010:202 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:202 %pre A vulnerability was discovered and corrected in krb5: The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8.x before 1.8.4 does not properly manage an index into an authorization-data list, which allows remote attackers to cause a denial of service (daemon crash), or possibly obtain sensitive information, spoof authorization, or execute arbitrary code, via a TGS request, as demonstrated by a request from a Windows Active Directory client (CVE-2010-1322). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package automake1.4 automake1.7 Update: Wed Oct 13 20:47:24 2010 Importance: security ID: MDVSA-2010:203 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:203 %pre A vulnerability was discovered and corrected in automake: The (1) dist or (2) distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions (777) to directories in the build tree, which introduces a race condition that allows local users to modify the contents of package files, introduce Trojan horse programs, or conduct other attacks before the build is complete (CVE-2009-4029). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Automake is a tool for automatically generating Makefiles compliant with the GNU Coding Standards. You should install Automake if you are developing software and would like to use its capabilities of automatically generating GNU standard Makefiles. If you install Automake, you will also need to install GNU's Autoconf package. %package avahi avahi-dnsconfd avahi-python avahi-sharp avahi-sharp-doc avahi-x11 lib64avahi-client3 lib64avahi-client-devel lib64avahi-common3 lib64avahi-common-devel lib64avahi-compat-howl0 lib64avahi-compat-howl-devel lib64avahi-compat-libdns_sd1 lib64avahi-compat-libdns_sd-devel lib64avahi-core6 lib64avahi-core-devel lib64avahi-glib1 lib64avahi-glib-devel lib64avahi-gobject0 lib64avahi-gobject-devel lib64avahi-qt3_1 lib64avahi-qt3-devel lib64avahi-qt4_1 lib64avahi-qt4-devel lib64avahi-ui1 lib64avahi-ui-devel Update: Thu Oct 14 19:23:41 2010 Importance: security ID: MDVSA-2010:204 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:204 %pre A vulnerability was discovered and corrected in avahi: The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability than CVE-2008-5081 (CVE-2010-2244). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. %package freeciv-client freeciv-data freeciv-server Update: Fri Oct 15 11:56:39 2010 Importance: security ID: MDVSA-2010:205 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:205 %pre A vulnerability was discovered and corrected in freeciv: freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions (CVE-2010-2445). The updated packages have been upgraded to v2.2.1 which is not vulnerable to this issue. %description Freeciv is a multiplayer strategy game, released under the GNU General Public License. It is generally comparable with Civilization II(r), published by Microprose(r). Default configuration uses the Civilization II(r) style Isometric view. If you prefer classic Civilization(r) 2-d view, invoke the client with "civclient --tiles trident". %package glibc glibc-devel glibc-doc glibc-doc-pdf glibc-i18ndata glibc-profile glibc-static-devel glibc-utils nscd Update: Wed Oct 20 20:46:42 2010 Importance: security ID: MDVSA-2010:207 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:207 %pre A vulnerability in the GNU C library (glibc) was discovered which could escalate the privilegies for local users (CVE-2010-3847). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. The glibc package also contains national language (locale) support. This package now also provides ldconfig which was package seperately in the past. Ldconfig is a basic system program which determines run-time link bindings between ld.so and shared libraries. Ldconfig scans a running system and sets up the symbolic links that are used to load shared libraries properly. It also creates a cache (/etc/ld.so.cache) which speeds the loading of programs which use shared libraries. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Thu Oct 21 12:40:23 2010 Importance: security ID: MDVSA-2010:208 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:208 %pre A security vulnerability has been identified and fixed in pidgin: It has been discovered that eight denial of service conditions exist in libpurple all due to insufficient validation of the return value from purple_base64_decode(). Invalid or malformed data received in place of a valid base64-encoded value in portions of the Yahoo!, MSN, MySpaceIM, and XMPP protocol plugins and the NTLM authentication support trigger a crash. These vulnerabilities can be leveraged by a remote user for denial of service (CVE-2010-3711). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides pidgin 2.7.4, which is not vulnerable to this issue. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package lib64smi2 lib64smi-devel libsmi-mibs-ext libsmi-mibs-std smi-tools Update: Fri Oct 22 16:32:55 2010 Importance: security ID: MDVSA-2010:209 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:209 %pre A buffer overflow was discovered in libsmi when long OID was given in numerical form. This could lead to arbitraty code execution (CVE-2010-2891). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This package contains the SMI library and standard IETF and IANA Mibs. This library provides a programmer-friendly interface to access MIB module information. System config file: /etc/smi.conf User config file: .smirc %package lib64smi2 lib64smi-devel libsmi-mibs-ext libsmi-mibs-std smi-tools Update: Fri Oct 22 16:37:29 2010 Importance: security ID: MDVSA-2010:209 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:209 %pre A buffer overflow was discovered in libsmi when long OID was given in numerical form. This could lead to arbitraty code execution (CVE-2010-2891). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This package contains the SMI library and standard IETF and IANA Mibs. This library provides a programmer-friendly interface to access MIB module information. System config file: /etc/smi.conf User config file: .smirc %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-kn firefox-ko firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lemon lib64nss3 lib64nss-devel lib64nss-static-devel lib64sqlite3_0 lib64sqlite3-devel lib64sqlite3-static-devel lib64xulrunner1.9.2.11 lib64xulrunner-devel mozilla-thunderbird-beagle nss sqlite3-tools tcl-sqlite3 xulrunner yelp Update: Fri Oct 22 17:24:10 2010 Importance: security ID: MDVSA-2010:210 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:210 %pre Security issues were identified and fixed in firefox: Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 recognize a wildcard IP address in the subject's Common Name field of an X.509 certificate, which might allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority (CVE-2010-3170). The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack (CVE-2010-3173). Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176). Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitrary web script or HTML via a crafted name of a (1) file or (2) directory on a Gopher server (CVE-2010-3177). Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document (CVE-2010-3178). Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method (CVE-2010-3179). Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window (CVE-2010-3180). A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-3182). The LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted HTML document (CVE-2010-3183). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. The NSS and SQLite3 packages has been upgraded to the latest versions. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Fri Oct 22 20:09:33 2010 Importance: security ID: MDVSA-2010:211 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:211 %pre Security issues were identified and fixed in mozilla-thunderbird: The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly set the minimum key length for Diffie-Hellman Ephemeral (DHE) mode, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack (CVE-2010-3173). Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3174, CVE-2010-3175, CVE-2010-3176). Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs in circumstances related to opening a new window and performing cross-domain navigation, which allows remote attackers to bypass the Same Origin Policy via a crafted HTML document (CVE-2010-3178). Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a long argument to the document.write method (CVE-2010-3179). Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the locationbar property of a closed window (CVE-2010-3180). A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-3182). The LookupGetterOrSetter function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly support window.__lookupGetter__ function calls that lack arguments, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference and application crash) via a crafted HTML document (CVE-2010-3183). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package glibc glibc-devel glibc-doc glibc-doc-pdf glibc-i18ndata glibc-profile glibc-static-devel glibc-utils nscd Update: Sun Oct 24 09:18:37 2010 Importance: security ID: MDVSA-2010:212 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:212 %pre A vulnerability in the GNU C library (glibc) was discovered which could escalate the privilegies for local users (CVE-2010-3856). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. The glibc package also contains national language (locale) support. This package now also provides ldconfig which was package seperately in the past. Ldconfig is a basic system program which determines run-time link bindings between ld.so and shared libraries. Ldconfig scans a running system and sets up the symbolic links that are used to load shared libraries properly. It also creates a cache (/etc/ld.so.cache) which speeds the loading of programs which use shared libraries. %package mailman Update: Mon Oct 25 18:40:54 2010 Importance: bugfix ID: MDVA-2010:212 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:212 %pre The install of mailman failed because of a problem in the rpm scripts, additionally the logrotation script was fixed. %description Mailman -- The GNU Mailing List Management System -- is a mailing list management system written mostly in Python. Features: o Most standard mailing list features, including: moderation, mail based commands, digests, etc... o An extensive Web interface, customizable on a per-list basis. o Web based list administration interface for *all* admin-type tasks o Automatic Web based hypermail-style archives (using pipermail or other external archiver), including provisions for private archives o Integrated mail list to newsgroup gatewaying o Integrated newsgroup to mail list gatewaying (polling-based... if you have access to the nntp server, you should be able to easily do non-polling based news->mail list gatewaying; email viega@list.org, I'd like to help get that going and come up with instructions) o Smart bounce detection and correction o Integrated fast bulk mailing o Smart spam protection o Extensible logging o Multiple list owners and moderators are possible o Optional MIME-compliant digests o Nice about which machine you subscribed from if you're from the right domain Conditional build options: mailman uid --with uid mail mailman gid --with gid mail %package perl-URPM Update: Wed Oct 27 18:09:33 2010 Importance: bugfix ID: MDVA-2010:214 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:214 %pre This update fixes several major issues in perl-URPM: - it fixes a crash in rpmdrake (#40309, #54521) - it fixes a segfault in rpmdrake & urpmi on 32bit machines (#61144) %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package lib64gpod4 lib64gpod-devel libgpod python-gpod Update: Wed Oct 27 18:49:43 2010 Importance: bugfix ID: MDVA-2010:215 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:215 %pre libgpod as shipped with Mandriva 2010.1 does not have support for HAL, the Hardware Abstraction Layer anymore. This is still needed for iPod support in KDE, so the update reenables HAL support. %description libgpod is a library meant to abstract access to an iPod content. It provides an easy to use API to retrieve the list of files and playlist stored on an iPod, to modify them and to save them back to the iPod. %package gkrellm gkrellm-devel gkrellm-server Update: Wed Oct 27 20:19:12 2010 Importance: bugfix ID: MDVA-2010:216 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:216 %pre The gkrellm package shipped in 2010.0 and 2010.1 was build without libsensor support, preventing the usage of hardware sensors in some cases, as reported in bug #55400. %description GKrellM charts SMP CPU, load, Disk, and all active net interfaces automatically. An on/off button and online timer for the PPP interface is provided. Monitors for memory and swap usage, file system, internet connections, APM laptop battery, mbox style mailboxes, and cpu temps. Also includes an uptime monitor, a hostname label, and a clock/calendar. Additional features are: * Autoscaling grid lines with configurable grid line resolution. * LED indicators for the net interfaces. * A gui popup for configuration of chart sizes and resolutions. %package lib64xulrunner1.9.2.11 lib64xulrunner-devel xulrunner Update: Thu Oct 28 12:01:03 2010 Importance: security ID: MDVSA-2010:213 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:213 %pre A vulnerability was discovered and corrected in xulrunner: Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Belmoo malware (CVE-2010-3765). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It will provide mechanisms for installing, upgrading, and uninstalling these applications. XULRunner will also provide libxul, a solution which allows the embedding of Mozilla technologies in other projects and products. %package gjs lib64gjs0 lib64gjs-devel Update: Thu Oct 28 13:24:36 2010 Importance: bugfix ID: MDVA-2010:217 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:217 %pre It was discovered that the gjs packages wasn't rebuilt for the latest xulrunner version, this advisory fixes the problem. %description This package contains JavaScript bindings based on gobject-introspection. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Sat Oct 30 13:58:12 2010 Importance: security ID: MDVSA-2010:216 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:216 %pre Multiple vulnerabilities was discovered and corrected in python: The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections (CVE-2010-3492). Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492 (CVE-2010-3493). The updated packages have been patched to correct these issues. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package dovecot dovecot-devel dovecot-plugins-gssapi dovecot-plugins-ldap dovecot-plugins-managesieve dovecot-plugins-mysql dovecot-plugins-pgsql dovecot-plugins-sieve dovecot-plugins-sqlite Update: Sat Oct 30 15:45:27 2010 Importance: security ID: MDVSA-2010:217 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:217 %pre Multiple vulnerabilities was discovered and corrected in dovecot: Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of each mailbox in a non-public namespace, which might allow remote authenticated users to bypass intended access restrictions by changing the ACL of a mailbox, as demonstrated by a symlinked shared mailbox (CVE-2010-3779). Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions (CVE-2010-3780). The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs (CVE-2010-3304). plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving the private namespace of a user, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox (CVE-2010-3706). plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a directive to replace the permissions granted by another ACL entry, in certain circumstances involving more specific entries that occur after less specific entries, which allows remote authenticated users to bypass intended access restrictions via a request to read or modify a mailbox (CVE-2010-3707). This advisory provides dovecot 1.2.15 which is not vulnerable to these issues %description Dovecot is an IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind. Although it's written with C, it uses several coding techniques to avoid most of the common pitfalls. Dovecot can work with standard mbox and maildir formats and it's fully compatible with UW-IMAP and Courier IMAP servers as well as mail clients accessing the mailboxes directly. You can build dovecot with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] gssapi GSSAPI support (enabled) --with[out] ldap LDAP support (enabled) --with[out] lucene Lucene support (enabled) --with[out] mysql MySQL support (enabled) --with[out] pgsql PostgreSQL support (enabled) --with[out] sqlite SQLite support (enabled) --with[out] sieve CMU Sieve support (enabled) --with[out] managesieve MmanageSieve support (enabled) %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sun Oct 31 10:31:32 2010 Importance: security ID: MDVSA-2010:218 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 %pre Multiple vulnerabilities were discovered and corrected in php: Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string (CVE-2010-3710). A NULL pointer dereference was discovered in ZipArchive::getArchiveComment (CVE-2010-3709). A possible flaw was discovered in open_basedir (CVE-2010-3436). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sun Oct 31 10:35:26 2010 Importance: security ID: MDVSA-2010:218 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:218 %pre Multiple vulnerabilities were discovered and corrected in php: Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3, when FILTER_VALIDATE_EMAIL mode is used, allows remote attackers to cause a denial of service (memory consumption and application crash) via a long e-mail address string (CVE-2010-3710). A NULL pointer dereference was discovered in ZipArchive::getArchiveComment (CVE-2010-3709). A possible flaw was discovered in open_basedir (CVE-2010-3436). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Mon Nov 01 08:28:31 2010 Importance: security ID: MDVSA-2010:219 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:219 %pre A security issue was identified and fixed in mozilla-thunderbird: Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, when JavaScript is enabled, allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in October 2010 by the Belmoo malware (CVE-2010-3765). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package lib64pam0 lib64pam-devel pam pam-doc Update: Thu Nov 04 10:04:19 2010 Importance: security ID: MDVSA-2010:220 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:220 %pre Multiple vulnerabilities were discovered and corrected in pam: The pam_xauth module did not verify the return values of the setuid() and setgid() system calls. A local, unprivileged user could use this flaw to execute the xauth command with root privileges and make it read an arbitrary input file (CVE-2010-3316). The pam_mail module used root privileges while accessing users' files. In certain configurations, a local, unprivileged user could use this flaw to obtain limited information about files or directories that they do not have access to (CVE-2010-3435). The pam_namespace module executed the external script namespace.init with an unchanged environment inherited from an application calling PAM. In cases where such an environment was untrusted (for example, when pam_namespace was configured for setuid applications such as su or sudo), a local, unprivileged user could possibly use this flaw to escalate their privileges (CVE-2010-3853). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description PAM (Pluggable Authentication Modules) is a system security tool that allows system administrators to set authentication policy without having to recompile programs that handle authentication. %package sudo Update: Thu Nov 04 10:57:14 2010 Importance: bugfix ID: MDVA-2010:218 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:218 %pre This is a maintenance and bugfix release of sudo which upgrades sudo to the latest 1.7.4p4 version. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package openoffice.org openoffice.org-base openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-devel openoffice.org-devel-doc openoffice.org-draw openoffice.org-filter-binfilter openoffice.org-gnome openoffice.org-help-af openoffice.org-help-ar openoffice.org-help-bg openoffice.org-help-br openoffice.org-help-bs openoffice.org-help-ca openoffice.org-help-cs openoffice.org-help-cy openoffice.org-help-da openoffice.org-help-de openoffice.org-help-el openoffice.org-help-en_GB openoffice.org-help-en_US openoffice.org-help-es openoffice.org-help-et openoffice.org-help-eu openoffice.org-help-fi openoffice.org-help-fr openoffice.org-help-he openoffice.org-help-hi openoffice.org-help-hu openoffice.org-help-it openoffice.org-help-ja openoffice.org-help-ko openoffice.org-help-mk openoffice.org-help-nb openoffice.org-help-nl openoffice.org-help-nn openoffice.org-help-pl openoffice.org-help-pt openoffice.org-help-pt_AO openoffice.org-help-pt_BR openoffice.org-help-ru openoffice.org-help-sk openoffice.org-help-sl openoffice.org-help-sv openoffice.org-help-ta openoffice.org-help-tr openoffice.org-help-zh_CN openoffice.org-help-zh_TW openoffice.org-help-zu openoffice.org-impress openoffice.org-java-common openoffice.org-kde4 openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_AO openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-math openoffice.org-mono openoffice.org-openclipart openoffice.org-pdfimport openoffice.org-presentation-minimizer openoffice.org-presenter-screen openoffice.org-pyuno openoffice.org-style-crystal openoffice.org-style-galaxy openoffice.org-style-hicontrast openoffice.org-style-industrial openoffice.org-style-oxygen openoffice.org-style-tango openoffice.org-testtool openoffice.org-voikko openoffice.org-wiki-publisher openoffice.org-writer Update: Fri Nov 05 17:18:18 2010 Importance: security ID: MDVSA-2010:221 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:221 %pre Multiple vulnerabilities was discovered and corrected in the OpenOffice.org: Integer overflow allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow (CVE-2009-2949). Heap-based buffer overflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression (CVE-2009-2950). Integer underflow allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document (CVE-2009-3301). boundary error flaw allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document (CVE-2009-3302). Lack of properly enforcing Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document (CVE-2010-0136). User-assisted remote attackers are able to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory structure is previewed (CVE-2010-0395). Impress module does not properly handle integer values associated with dictionary property items, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PowerPoint document that triggers a heap-based buffer overflow, related to an integer truncation error (CVE-2010-2935). Integer overflow in the Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow (CVE-2010-2936). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides OpenOffice.org packages have been patched to correct these issues and additional dependent packages. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx mysql-plugin_spider Update: Tue Nov 09 16:27:59 2010 Importance: security ID: MDVSA-2010:223 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:223 %pre Multiple vulnerabilities were discovered and corrected in mysql: * During evaluation of arguments to extreme-value functions (such as LEAST() and GREATEST()), type errors did not propagate properly, causing the server to crash (CVE-2010-3833). * The server could crash after materializing a derived table that required a temporary table for grouping (CVE-2010-3834). * A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted (CVE-2010-3835). * Pre-evaluation of LIKE predicates during view preparation could cause a server crash (CVE-2010-3836). * GROUP_CONCAT() and WITH ROLLUP together could cause a server crash (CVE-2010-3837). * Queries could cause a server crash if the GREATEST() or LEAST() function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table (CVE-2010-3838). * Queries with nested joins could cause an infinite loop in the server when used from stored procedures and prepared statements (CVE-2010-3839). * The PolyFromWKB() function could crash the server when improper WKB data was passed to the function (CVE-2010-3840). The updated packages have been patched to correct these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.10 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) - Spider Storage Engine 2.13 (urpmi mysql-plugin_spider) Please see the documentation and the manual for more information. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Tue Nov 09 18:00:22 2010 Importance: security ID: MDVSA-2010:224 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:224 %pre A vulnerability was discovered and corrected in php: A flaw in ext/xml/xml.c could cause a cross-site scripting (XSS) vulnerability (CVE-2010-3870). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64mbfl1 lib64mbfl-devel Update: Tue Nov 09 20:05:50 2010 Importance: security ID: MDVSA-2010:225 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:225 %pre A vulnerability was discovered and corrected in libmbfl (php): * Fix bug #53273 (mb_strcut() returns garbage with the excessive length parameter) (CVE-2010-4156). The updated packages have been patched to correct these issues. %description This is Libmbfl, a streamable multibyte character code filter and converter library. %package lib64mbfl1 lib64mbfl-devel Update: Wed Nov 10 09:22:48 2010 Importance: security ID: MDVSA-2010:225-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:225-1 %pre A vulnerability was discovered and corrected in libmbfl (php): * Fix bug #53273 (mb_strcut() returns garbage with the excessive length parameter) (CVE-2010-4156). The updated packages have been patched to correct these issues. Update: The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the corect upstream patch. %description This is Libmbfl, a streamable multibyte character code filter and converter library. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Wed Nov 10 16:09:23 2010 Importance: security ID: MDVSA-2010:226 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:226 %pre A vulnerability was discovered and corrected in ISC dhcp: ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of service (crash) via a DHCPv6 packet containing a Relay-Forward message without an address in the Relay-Forward link-address field (CVE-2010-3611). The updated packages have been upgraded to 4.1.2 which is not vulnerable to this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Thu Nov 11 10:14:47 2010 Importance: bugfix ID: MDVA-2010:221 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:221 %pre A dependency problem with the postgresql packages was discovered which under certain circumstances prevented a smooth upgrade. This advisory addresses this problem. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package tomboy Update: Thu Nov 11 17:53:16 2010 Importance: bugfix ID: MDVA-2010:222 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:222 %pre Users who have migrated from gnote to tomboy and use online note syncing could lose their notes. This update fixes the note parsing to prevent data loss. %description Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information you deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking system, organizing ideas is as simple as typing a name. Branching an idea off is easy as pressing the Link button. And links between your ideas won't break, even when renaming and reorganizing them. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Thu Nov 11 18:29:41 2010 Importance: security ID: MDVSA-2010:227 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:227 %pre Multiple vulnerabilities were discovered and corrected in proftpd: Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a (1) SITE MKDIR, (2) SITE RMDIR, (3) SITE SYMLINK, or (4) SITE UTIME command (CVE-2010-3867). Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a (1) FTP or (2) FTPS server (CVE-2010-4221). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package nss_updatedb Update: Fri Nov 12 10:03:31 2010 Importance: bugfix ID: MDVA-2010:223 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:223 %pre Due to bug in nss_updatedb package old BDB transaction logs were not removed from /var/lib/misc directory, possibly filling the /var filesystem. The fixed package corrects this bug, and will also remove all leftover transaction logs from the system. %description The nss_updatedb utility maintains a local cache of network directory user and group information. Used in conjunction with the pam_ccreds module, it provides a mechanism for disconnected use of network directories. These tools are designed to work with pam_ldap and nss_ldap, also available from PADL. %package snort snort-bloat snort-inline snort-inline+flexresp snort-mysql snort-mysql+flexresp snort-plain+flexresp snort-postgresql snort-postgresql+flexresp snort-prelude snort-prelude+flexresp Update: Fri Nov 12 10:48:04 2010 Importance: bugfix ID: MDVA-2010:224 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:224 %pre Thus is a bug and maintenance release of snort that fixes numerous of issues such as: * Fix installer packages to include correct version of sensitive data preprocessor for linux and Windows * Eliminate false positives when using fast_pattern:only and having only one http content in the pattern matcher. * Address false positives in FTP preprocessor with string format verification. This advisory provides snort v2.8.6.1 where these problems has been resolved. %description Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a separate "alert" file, or as a WinPopup message via Samba's smbclient This rpm is different from previous rpms and while it will not clobber your current snort file, you will need to modify it. There are 9 different packages available All of them require the base snort rpm. Additionally, you will need to chose a binary to install. /usr/sbin/snort should end up being a symlink to a binary in one of the following configurations. We use update-alternatives for this. Here are the different packages along with their priorities. plain(10) plain+flexresp(11) mysql(12) mysql+flexresp(13) postgresql(14) postgresql+flexresp(15) bloat(16) inline(17) inline+flexresp(18) prelude(19) prelude+flexresp(20) Please see the documentation in /usr/share/doc/snort %package lib64commoncpp2_1.8 lib64commoncpp-devel Update: Fri Nov 12 10:58:43 2010 Importance: bugfix ID: MDVA-2010:225 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:225 %pre This updates fixes two major bugs: - applog subcription/unsubscription needed to get a thread safe usage of applog were buggy and not thread safe themselves. - disabling slog usage form printout level > error was not respected. %description Common C++2 is a GNU package which offers portable "abstraction" of system services such as threads, networks, and sockets. Common C++ also offers individual frameworks generally useful to developing portable C++ applications including a object persistance engine, math libraries, threading, sockets, etc. Common C++2 is small, and highly portable. Common C++ will support most Unix operating systems as well as Win32, in addition to GNU/Linux. %package lib64poppler5 lib64poppler-devel lib64poppler-glib4 lib64poppler-glib-devel lib64poppler-qt2 lib64poppler-qt4-3 lib64poppler-qt4-devel lib64poppler-qt-devel poppler Update: Fri Nov 12 16:11:08 2010 Importance: security ID: MDVSA-2010:231 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:231 %pre Multiple vulnerabilities were discovered and corrected in poppler: The Gfx::getPos function in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service (crash) via unknown vectors that trigger an uninitialized pointer dereference (CVE-2010-3702). The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service (crash) via a PDF file that triggers an uninitialized pointer dereference (CVE-2010-3703). The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in poppler, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PDF file with a crafted Type1 font that contains a negative array index, which bypasses input validation and which triggers memory corruption (CVE-2010-3704). The updated packages have been patched to correct these issues. %description Poppler is a PDF rendering library based on the xpdf-3.0 code base. %package cups cups-common cups-serial lib64cups2 lib64cups2-devel php-cups Update: Mon Nov 15 22:01:57 2010 Importance: security ID: MDVSA-2010:233 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:233 %pre Multiple vulnerabilities were discovered and corrected in cups: Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS, allows remote attackers to hijack the authentication of administrators for requests that change settings (CVE-2010-0540). ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data types, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted IPP request (CVE-2010-2941). The updated packages have been patched to correct these issues. %description The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Tue Nov 16 09:58:46 2010 Importance: security ID: MDVSA-2010:236 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:236 %pre Multiple vulnerabilities were discovered and corrected in freetype2: An error within the "Ins_SHZ()" function in src/truetype/ttinterp.c when handling the "SHZ" bytecode instruction can be exploited to cause a crash and potentially execute arbitrary code via a specially crafted font (CVE-2010-3814). An error exists in the "ft_var_readpackedpoints()" function in src/truetype/ttgxvar.c when processing TrueType GX fonts and can be exploited to cause a heap-based buffer overflow via a specially crafted font (CVE-2010-3855). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package perl-CGI perl-CGI-Fast Update: Tue Nov 16 15:21:29 2010 Importance: security ID: MDVSA-2010:237 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:237 %pre A new version of the CGI Perl module has been released to CPAN, which fixes several security bugs which directly affect Bugzilla (these two security bugs where first discovered as affecting Bugzilla, then identified as being bugs in CGI.pm itself). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to perl-CGI 3.50 to solve these security issues. %description This perl library uses perl5 objects to make it easy to create Web fill-out forms and parse their contents. This package defines CGI objects, entities that contain the values of the current query string and other state variables. Using a CGI object's methods, you can examine keywords and parameters passed to your script, and create forms whose initial values are taken from the current query (thereby preserving state information). %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Wed Nov 17 14:36:47 2010 Importance: security ID: MDVSA-2010:238 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:238 %pre A vulnerability was discovered in openssl that causes a race condition within the TLS extension parsing code and which can be exploited to cause a heap-based buffer overflow (CVE-2010-3864). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Nov 19 12:31:32 2010 Importance: security ID: MDVSA-2010:239 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:239 %pre A possible double free flaw was found in the imap extension for php (CVE-2010-4150). A GC corrupting flaw was found in Zend/zend_gc.c for php-5.3.x that under certain circumstances could case a segmention fault (crash). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package perl-URPM Update: Fri Nov 19 17:49:37 2010 Importance: bugfix ID: MDVA-2010:226 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:226 %pre This advisory fixes the gpg keys parsing, which were resulting in some warnings (bug 61636). %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package perl-URPM Update: Sat Nov 20 08:22:46 2010 Importance: bugfix ID: MDVA-2010:226 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:226 %pre This advisory fixes the gpg keys parsing, which were resulting in some warnings (bug 61636). %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package gstreamer0.10-aalib gstreamer0.10-caca gstreamer0.10-dv gstreamer0.10-esound gstreamer0.10-flac gstreamer0.10-plugins-good gstreamer0.10-pulse gstreamer0.10-raw1394 gstreamer0.10-soup gstreamer0.10-speex gstreamer0.10-wavpack lib64alsa2 lib64alsa2-devel lib64alsa2-static-devel lib64phonon4 lib64phononexperimental4 lib64pulseaudio0 lib64pulseaudio-devel lib64pulseglib20 lib64pulsezeroconf0 libalsa2-docs libalsa-data phonon-devel phonon-gstreamer phonon-xine pulseaudio pulseaudio-client-config pulseaudio-esound-compat pulseaudio-module-bluetooth pulseaudio-module-gconf pulseaudio-module-jack pulseaudio-module-lirc pulseaudio-module-x11 pulseaudio-module-zeroconf pulseaudio-utils Update: Sat Nov 20 09:57:55 2010 Importance: bugfix ID: MDVA-2010:227 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:227 %pre This is a bugfix and maintenance update bundle that addresses various issues in a number of packages. * Some thread-related problems were found in the libalsa2 library that could cause segmentation faults in some audio applications (one example being phonon when used with gstreamer output and accessing pulseaudio via ALSA plugin). The updated libalsa2 package contains an upstream fix to correct this problem. On a related note the PulseAudio package has also been updated to include several important upstream bugfixes including: * Much improved handling of capture stream latencies and timing * Client side XCB implementation to replace Xlib (and thus solve some thread-related issues). * Support for the a52 alsa plugin when combined with an appropriate ~/.asoundrc file. * Several bugs in the pulseaudio plugin for the GStreamer audio framework could lead to application crashes, for instance in pidgin. This update contains fixes for memory allocation and lock handling of the pulseaudio plugin. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (EsounD). In addition to the features EsounD provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.12 lib64xulrunner-devel mozilla-thunderbird-beagle xulrunner yelp Update: Tue Nov 23 11:15:36 2010 Importance: bugfix ID: MDVA-2010:228 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:228 %pre This is a maintenance and bugfix release of firefox that upgrades firefox to the 3.6.12 version and adds missing localization packages for the Georgian, Kurdish, Occitan and Serbian languages. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package kolab-webadmin Update: Wed Nov 24 13:04:41 2010 Importance: bugfix ID: MDVA-2010:230 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:230 %pre Normal users lacks permission to change their own personal information on kolab web interface, this update fixes this issue. %description Web based administration interface for The Kolab Groupware Server. %package jay lib64mono0 lib64mono-devel mono mono-bytefx-data-mysql mono-data mono-data-firebird mono-data-oracle mono-data-postgresql mono-data-sqlite mono-data-sybase mono-doc monodoc-core mono-extras mono-ibm-data-db2 mono-jscript mono-locale-extras mono-nunit mono-wcf mono-web mono-winforms mono-winfxcore Update: Wed Nov 24 17:15:58 2010 Importance: security ID: MDVSA-2010:240 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:240 %pre A vulnerability was discovered and corrected in mono: Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-4159). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. This package contains the core of the Mono runtime including its Virtual Machine, Just-in-time compiler, C# compiler, security tools and libraries (corlib, XML, System.Security, System.Drawing, ZipLib, I18N, Cairo and Mono.*). %package gnucash gnucash-hbci gnucash-ofx gnucash-sql lib64gnucash0 lib64gnucash-devel Update: Wed Nov 24 18:31:49 2010 Importance: security ID: MDVSA-2010:241 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:241 %pre A vulnerability was discovered and corrected in gnucash: gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-3999). The affected /usr/bin/gnc-test-env file has been removed to mitigate the CVE-2010-3999 vulnerability as gnc-test-env is only used for tests and while building gnucash. Additionally for Mandriva 2010.1 gnucash-2.2.9 was not compatible with guile. This update adapts gnucash to the new API of guile. %description GnuCash is a personal finance manager. A check-book like register GUI allows you to enter and track bank accounts, stocks, income and even currency trades. The interface is designed to be simple and easy to use, but is backed with double-entry accounting principles to ensure balanced books. %package x11-driver-input-evtouch Update: Wed Nov 24 21:38:29 2010 Importance: bugfix ID: MDVA-2010:231 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:231 %pre The evtouch Xorg driver was not working because its ABI (Application Binary Interface) was too old. The new version contains the necessary ABI updates, so the driver can now work correctly. %description Evtouch is a Touchscreen-Driver for X. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Thu Nov 25 11:42:09 2010 Importance: normal ID: MDVA-2010:232 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:232 %pre This is a bugfix and maintenance advisory that upgrades pidgin to the latest version (2.7.7) that addresses various issues with upstream service providers (icq, msn). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Sun Nov 28 13:42:16 2010 Importance: security ID: MDVSA-2010:242 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:242 %pre This advisory updates wireshark to the latest version (1.2.13), fixing one security issue: Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption (CVE-2010-4300). %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Mon Nov 29 14:53:32 2010 Importance: security ID: MDVSA-2010:243 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:243 %pre A vulnerability was discovered and corrected in libxml2: libxml2 before 2.7.8 reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to cause a denial of service (application crash) via a crafted XML document (CVE-2010-4008). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Wed Dec 01 00:07:20 2010 Importance: security ID: MDVSA-2010:246 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:246 %pre Multiple vulnerabilities were discovered and corrected in krb5: An unauthenticated remote attacker could alter a SAM-2 challenge, affecting the prompt text seen by the user or the kind of response sent to the KDC. Under some circumstances, this can negate the incremental security benefit of using a single-use authentication mechanism token. An unauthenticated remote attacker has a 1/256 chance of forging KRB-SAFE messages in an application protocol if the targeted pre-existing session uses an RC4 session key. Few application protocols use KRB-SAFE messages (CVE-2010-1323). An unauthenticated remote attacker can forge GSS tokens that are intended to be integrity-protected but unencrypted, if the targeted pre-existing application session uses a DES session key. An authenticated remote attacker can forge PACs if using a KDC that does not filter client-provided PAC data. This can result in privilege escalation against a service that relies on PAC contents to make authorization decisions. An unauthenticated remote attacker has a 1/256 chance of swapping a client-issued KrbFastReq into a different KDC-REQ, if the armor key is RC4. The consequences are believed to be minor (CVE-2010-1324). An authenticated remote attacker that controls a legitimate service principal has a 1/256 chance of forging the AD-SIGNEDPATH signature if the TGT key is RC4, allowing it to use self-generated evidence tickets for S4U2Proxy, instead of tickets obtained from the user or with S4U2Self. Configurations using RC4 for the TGT key are believed to be rare. An authenticated remote attacker has a 1/256 chance of forging AD-KDC-ISSUED signatures on authdata elements in tickets having an RC4 service key, resulting in privilege escalation against a service that relies on these signatures. There are no known uses of the KDC-ISSUED authdata container at this time (CVE-2010-4020. An authenticated remote attacker that controls a legitimate service principal could obtain a valid service ticket to itself containing valid KDC-generated authorization data for a client whose TGS-REQ it has intercepted. The attacker could then use this ticket for S4U2Proxy to impersonate the targeted client even if the client never authenticated to the subverted service. The vulnerable configuration is believed to be rare (CVE-2010-4021). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package nautilus-sendto nautilus-sendto-devel nautilus-sendto-evolution nautilus-sendto-pidgin nautilus-sendto-upnp Update: Wed Dec 01 16:14:27 2010 Importance: bugfix ID: MDVA-2010:233 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:233 %pre nautilus-sendto would crash on startup. This update was rebuilt with the right linking flags corrects the problem. %description This application provides integration between nautilus and mail or IM clients. It adds a Nautilus context menu component ("Send To...") and features a dialog for insert the email or IM account which you want to send the file/files. %package lib64xaw7 lib64xaw-devel lib64xaw-static-devel x11-data-bitmaps Update: Thu Dec 02 22:16:58 2010 Importance: bugfix ID: MDVA-2010:234 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:234 %pre * Some applications that use libXaw were printing error messages when started. Their appearance was also slightly different from the expected. This update stops the error messages and fixes their appearance. * The libXaw package had a poor description. This updates improves the package description and summary. %description Bitmaps that are shared between X applications %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Tue Dec 07 14:10:23 2010 Importance: security ID: MDVSA-2010:248 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:248 %pre A vulnerability was discovered and corrected in openssl: OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of an unintended cipher via vectors involving sniffing network traffic to discover a session identifier (CVE-2010-4180). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package keychain Update: Wed Dec 08 17:48:08 2010 Importance: bugfix ID: MDVA-2010:235 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:235 %pre Due to a bug in the keychain package the '--noask' option wasn't always used, this caused the Qt4 ssh-askpass dialogue to get loaded before a window manager was fully-started, preventing the user from entering the passphrase as the dialogue never gets focus without a window manager running. This update fixes this issue by insuring the '--noask' option is used when logging into a DE (the Qt4 ssh-askpass dialogue is only shown when the user opens a new terminal emulator window). %description Keychain is a manager for OpenSSH, ssh.com, Sun SSH and GnuPG agents. It acts as a front-end to the agents, allowing you to easily have one long-running agent process per system, rather than per login session. This dramatically reduces the number of times you need to enter your passphrase from once per new login session to once every time your local machine is rebooted. Run keychain once manually per user, after which keychain will run (quietly) every time you log in (from a profile script). Hint: If you get tired of keychain, delete ~/.keychain . %package lib64xt6 lib64xt-devel lib64xt-static-devel Update: Thu Dec 09 13:56:57 2010 Importance: bugfix ID: MDVA-2010:237 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:237 %pre If the fonts required by libXt are not present, a lot of time is spent looking for them, which makes simple apps like xmessage and xcalc take almost 10 seconds to start on systems with a lot of fonts. This update makes the application startup time go back to normal. %description X Toolkit Library. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.13 lib64xulrunner-devel mozilla-thunderbird-beagle xulrunner yelp Update: Fri Dec 10 00:33:19 2010 Importance: security ID: MDVSA-2010:251 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:251 %pre Security issues were identified and fixed in firefox: Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Sites using these character encodings would thus be potentially vulnerable to script injection attacks if their script filtering code fails to strip out these specific characters (CVE-2010-3770). Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were (CVE-2010-3774). Mozilla security researcher moz_bug_r_a4 reported that the fix for CVE-2010-0179 could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges (CVE-2010-3773). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. The report demonstrated that an array could be constructed containing a very large number of items such that when memory was allocated to store the array items, the integer value used to calculate the buffer size would overflow resulting in too small a buffer being allocated. Subsequent use of the array object could then result in data being written past the end of the buffer and causing memory corruption (CVE-2010-3767). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a nsDOMAttribute node can be modified without informing the iterator object responsible for various DOM traversals. This flaw could lead to a inconsistent state where the iterator points to an object it believes is part of the DOM but actually points to some other object. If such an object had been deleted and its memory reclaimed by the system, then the iterator could be used to call into attacker-controlled memory (CVE-2010-3766). Security researcher Gregory Fleischer reported that when a Java LiveConnect script was loaded via a data: URL which redirects via a meta refresh, then the resulting plugin object was created with the wrong security principal and thus received elevated privileges such as the abilities to read local files, launch processes, and create network connections (CVE-2010-3775). Mozilla added the OTS font sanitizing library to prevent downloadable fonts from exposing vulnerabilities in the underlying OS font code. This library mitigates against several issues independently reported by Red Hat Security Response Team member Marc Schoenefeld and Mozilla security researcher Christoph Diehl (CVE-2010-3768). Security researcher wushi of team509 reported that when a XUL tree had an HTML
element nested inside a element then code attempting to display content in the XUL tree would incorrectly treat the
element as a parent node to tree content underneath it resulting in incorrect indexes being calculated for the child content. These incorrect indexes were used in subsequent array operations which resulted in writing data past the end of an allocated buffer. An attacker could use this issue to crash a victim's browser and run arbitrary code on their machine (CVE-2010-3772). Security researcher echo reported that a web page could open a window with an about:blank location and then inject an element into that page which upon submission would redirect to a chrome: document. The effect of this defect was that the original page would wind up with a reference to a chrome-privileged object, the opened window, which could be leveraged for privilege escalation attacks (CVE-2010-3771). Dirk Heinrich reported that on Windows platforms when document.write() was called with a very long string a buffer overflow was caused in line breaking routines attempting to process the string for display. Such cases triggered an invalid read past the end of an array causing a crash which an attacker could potentially use to run arbitrary code on a victim's computer (CVE-2010-3769). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2010-3776, CVE-2010-3777). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package bind bind-devel bind-doc bind-utils Update: Tue Dec 14 17:14:18 2010 Importance: security ID: MDVSA-2010:253 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:253 %pre Multiple vulnerabilities were discovered and corrected in bind: named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle the combination of signed negative responses and corresponding RRSIG records in the cache, which allows remote attackers to cause a denial of service (daemon crash) via a query for cached data (CVE-2010-3613). named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 does not properly determine the security status of an NS RRset during a DNSKEY algorithm rollover, which might allow remote attackers to cause a denial of service (DNSSEC validation error) by triggering a rollover (CVE-2010-3614). ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a denial of service (daemon crash) via a DNS query (CVE-2010-3762). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages for Corporate Server 4.0 has been patched to address these issues. The updated packages for Mandriva Linux 2009.0, 2010.0 and Mandriva Linux Enterprise Server 5.1 has been upgraded to bind-9.6.2-P3 and patched to address the CVE-2010-3762 security issue. The updated packages for Mandriva Linux 2010.1 has been upgraded to bind-9.7.2-P3 which is not vulnerable to these issues. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package apache-mod_php lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Wed Dec 15 12:24:46 2010 Importance: security ID: MDVSA-2010:254 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:254 %pre This is a maintenance and security update that upgrades php to 5.3.4 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.4: * Paths with NULL in them (foo\0bar.txt) are now considered as invalid (CVE-2006-7243). * Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus values) (CVE-2010-4409) Please note that CVE-2010-4150, CVE-2010-3870, CVE-2010-3436, CVE-2010-3709, CVE-2010-3710 were fixed in previous advisories. Key Bug Fixes in PHP 5.3.4 include: * Added stat support for zip stream. * Added follow_location (enabled by default) option for the http stream support. * Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al. * Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime. * Multiple improvements to the FPM SAPI. * Over 100 other bug fixes. Additional post 5.3.4 fixes: * Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). * Fixed bug #53541 (format string bug in ext/phar). Additionally some of the PECL extensions has been upgraded and/or rebuilt for the new php version. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package git git-arch git-core git-core-oldies git-cvs git-email gitk git-prompt git-svn gitview gitweb lib64git-devel perl-Git python-git Update: Thu Dec 16 11:55:54 2010 Importance: security ID: MDVSA-2010:256 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:256 %pre A vulnerability was discovered and corrected in git (gitweb): A cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and previous versions allows remote attackers to inject arbitrary web script or HTML code via f and fp variables (CVE-2010-3906). The updated packages have been patched to correct this issue. %description This is a stupid (but extremely fast) directory content manager. It doesn't do a whole lot, but what it _does_ do is track directory contents efficiently. It is intended to be the base of an efficient, distributed source code management system. This package includes rudimentary tools that can be used as a SCM, but you should look elsewhere for tools for ordinary humans layered on top of this. This is a dummy package which brings in all subpackages. %package drakx-installer-stage2 indexhtml mandriva-galaxy-data mandriva-gfxboot-theme mandriva-release-common mandriva-release-Flash mandriva-release-Free mandriva-release-Mini mandriva-release-One mandriva-release-Powerpack Update: Fri Dec 17 15:41:00 2010 Importance: normal ID: MDVA-2010:239 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:239 %pre This update provides a visual refresh for packages artwork to mark the Mandriva 2010.2 release. %description Mandriva Linux release file. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Mon Dec 20 16:37:28 2010 Importance: security ID: MDVSA-2010:258 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:258 %pre Security issues were identified and fixed in mozilla-thunderbird: Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remote attackers to execute arbitrary code via vectors related to @font-face Cascading Style Sheets (CSS) rules (CVE-2010-3768). The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly handle long strings, which allows remote attackers to execute arbitrary code via a crafted document.write call that triggers a buffer over-read (CVE-2010-3769). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3776). Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3777). Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2010-3778). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Thu Dec 23 17:49:55 2010 Importance: security ID: MDVSA-2010:259 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:259 %pre A null pointer dereference due to receiving a short packet for a direct connection in the MSN code could potentially cause a denial of service. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides pidgin 2.7.8 that has been patched to address this flaw. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx mysql-plugin_spider Update: Sat Dec 25 13:55:44 2010 Importance: bugfix ID: MDVA-2010:240 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:240 %pre It was discovered that the mysql server was built without partitioning support. This advisory adds partitioning support to the mysql server. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.10 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) - Spider Storage Engine 2.13 (urpmi mysql-plugin_spider) Please see the documentation and the manual for more information. %package lib64nss3 lib64nss-devel lib64nss-static-devel nss rootcerts rootcerts-java Update: Sun Dec 26 12:30:19 2010 Importance: bugfix ID: MDVA-2010:241 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:241 %pre A bug it the NSS source rpm package did not pull in the latest and required version of NSPR (4.8.6) when building NSS (#61964). Additionally the rootcerts package was updated with the latest certdata.txt file from the mozilla cvs (20101202) and is also provided with this advisory. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Wed Dec 29 16:51:43 2010 Importance: security ID: MDVSA-2010:260 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:260 %pre A vulnerability was discovered and corrected in libxml2: A double free vulnerability in libxml2 (xpath.c) allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling (CVE-2010-4494). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Wed Dec 29 17:03:50 2010 Importance: security ID: MDVSA-2010:260 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2010:260 %pre A vulnerability was discovered and corrected in libxml2: A double free vulnerability in libxml2 (xpath.c) allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to XPath handling (CVE-2010-4494). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64xulrunner1.9.2.13 lib64xulrunner-devel xulrunner Update: Thu Dec 30 15:53:49 2010 Importance: bugfix ID: MDVA-2010:242 URL: http://www.mandriva.com/security/advisories?name=MDVA-2010:242 %pre A bug in the integration with CUPS causes programs that rely on xulrunner(Firefox, Thunderbird) to crash when trying to print (#61009). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It will provide mechanisms for installing, upgrading, and uninstalling these applications. XULRunner will also provide libxul, a solution which allows the embedding of Mozilla technologies in other projects and products. %package openoffice.org openoffice.org-base openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-devel openoffice.org-devel-doc openoffice.org-draw openoffice.org-filter-binfilter openoffice.org-gnome openoffice.org-help-af openoffice.org-help-ar openoffice.org-help-bg openoffice.org-help-br openoffice.org-help-bs openoffice.org-help-ca openoffice.org-help-cs openoffice.org-help-cy openoffice.org-help-da openoffice.org-help-de openoffice.org-help-el openoffice.org-help-en_GB openoffice.org-help-en_US openoffice.org-help-es openoffice.org-help-et openoffice.org-help-eu openoffice.org-help-fi openoffice.org-help-fr openoffice.org-help-he openoffice.org-help-hi openoffice.org-help-hu openoffice.org-help-it openoffice.org-help-ja openoffice.org-help-ko openoffice.org-help-mk openoffice.org-help-nb openoffice.org-help-nl openoffice.org-help-nn openoffice.org-help-pl openoffice.org-help-pt openoffice.org-help-pt_AO openoffice.org-help-pt_BR openoffice.org-help-ru openoffice.org-help-sk openoffice.org-help-sl openoffice.org-help-sv openoffice.org-help-ta openoffice.org-help-tr openoffice.org-help-zh_CN openoffice.org-help-zh_TW openoffice.org-help-zu openoffice.org-impress openoffice.org-java-common openoffice.org-kde4 openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_AO openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-math openoffice.org-mono openoffice.org-openclipart openoffice.org-pdfimport openoffice.org-presentation-minimizer openoffice.org-presenter-screen openoffice.org-pyuno openoffice.org-style-crystal openoffice.org-style-galaxy openoffice.org-style-hicontrast openoffice.org-style-industrial openoffice.org-style-oxygen openoffice.org-style-tango openoffice.org-testtool openoffice.org-wiki-publisher openoffice.org-writer saxon9 saxon9-demo saxon9-javadoc saxon9-manual saxon9-scripts Update: Tue Jan 04 10:41:39 2011 Importance: bugfix ID: MDVA-2011:000 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:000 %pre This is a bugfix and maintenance advisory that upgrades OpenOffice.org to the 3.2.1 version. Additionally a couple of Mandriva reported bugs has been fixed as described as follows: Openoffice.org status bar items got hidden whenever using openoffice.org-kde4 package integration. Viewing OpenOffice.org documents inside Firefox under 64bits 2010.1 version was not possible. Additionally OpenOffice.org 3.2.1 requires saxon9 that is also provided with this advisory. %description Saxon HE is Saxonica's non-schema-aware implementation of the XPath 2.0, XSLT 2.0, and XQuery 1.0 specifications aligned with the W3C Candidate Recommendation published on 3 November 2005. It is a complete and conformant implementation, providing all the mandatory features of those specifications and nearly all the optional features. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Fri Jan 07 13:49:42 2011 Importance: security ID: MDVSA-2011:001 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:001 %pre A vulnerability has been found and corrected in dhcp: ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss) by connecting to a port that is only intended for a failover peer, as demonstrated by a Nagios check_tcp process check to TCP port 520 (CVE-2010-3616). The updated packages have been patched to correct this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Sun Jan 09 13:51:12 2011 Importance: security ID: MDVSA-2011:002 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:002 %pre A vulnerability has been found and corrected in wireshark: Buffer overflow in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression (CVE-2010-4538). The updated packages have been patched to correct this issue. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package MHonArc Update: Mon Jan 10 13:17:00 2011 Importance: security ID: MDVSA-2011:003 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:003 %pre Multiple vulnerabilities has been found and corrected in MHonArc: MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, a different vulnerability than CVE-2010-4524 (CVE-2010-1677). Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonArc 2.6.16 allows remote attackers to inject arbitrary web script or HTML via a malformed start tag and end tag for a SCRIPT element, as demonstrated by <scr<body>ipt> and </scr<body>ipt> sequences (CVE-2010-4524). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the latest version (2.6.18) which is not vulnerable to these issues. %description MHonArc provides HTML mail archiving with index, mail thread linking, etc; plus other capabilities including support for MIME and powerful user customization features. %package evince lib64evince2 lib64evince-devel Update: Thu Jan 13 13:14:35 2011 Importance: security ID: MDVSA-2011:005 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:005 %pre Multiple vulnerabilities has been found and corrected in evince: Array index error in the PK and VF font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2640, CVE-2010-2641). Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2642). Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file that is processed by the thumbnailer (CVE-2010-2643). The updated packages have been patched to correct these issues. %description Evince is the GNOME Document viewer. Its supports PDF, PostScript and other formats. %package openoffice.org-voikko Update: Thu Jan 13 14:18:42 2011 Importance: bugfix ID: MDVA-2011:001 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:001 %pre The previous advisory MDVA-2011:000 updated openoffice.org to 3.2.1 but didn't include a rebuilt openoffice.org-voikko, thus preventing installation of the update when the openoffice.org Finnish language package is installed. This advisory fixes the issue by providing the missing packages. %description Finnish spellchecker and hyphenator component for OpenOffice.org. Usually Voikko is automatically activated after the installation. If that won't happen, you can manually activate it from the Writing Aids section of the OpenOffice.org options. %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svn-gnome-keyring0 lib64svnjavahl1 lib64svn-kwallet0 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Fri Jan 14 10:31:17 2011 Importance: security ID: MDVSA-2011:006 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:006 %pre Multiple vulnerabilities has been found and corrected in subversion: The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections (CVE-2010-4539). Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command (CVE-2010-4644). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the latest versions (1.5.9, 1.6.15) which is not affected by these issues and in turn contains many bugfixes as well. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Fri Jan 14 13:40:18 2011 Importance: security ID: MDVSA-2011:007 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:007 %pre A vulnerability has been found and corrected in wireshark: Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs (CVE-2011-0444). The updated packages have been upgraded to the latest version (1.2.14) which is not affected by this issue. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package perl-CGI perl-CGI-Fast Update: Fri Jan 14 17:29:22 2011 Importance: security ID: MDVSA-2011:008 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:008 %pre A vulnerability has been found and corrected in perl-CGI: Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unknown vectors. NOTE: this issue exists because of an incomplete fix for CVE-2010-2761 (CVE-2010-4411). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the latest version (3.51) which is not affected by this issue and in turn also brings many bugfixes. %description This perl library uses perl5 objects to make it easy to create Web fill-out forms and parse their contents. This package defines CGI objects, entities that contain the values of the current query string and other state variables. Using a CGI object's methods, you can examine keywords and parameters passed to your script, and create forms whose initial values are taken from the current query (thereby preserving state information). %package gif2png Update: Fri Jan 14 18:03:33 2011 Importance: security ID: MDVSA-2011:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:009 %pre A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png (CVE-2009-5018). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Tools for converting GIFs to PNGs. The program gif2png converts GIF files to PNG files. The Python script web2png converts an entire web tree, also patching HTML pages to keep IMG SRC references correct. %package gif2png Update: Fri Jan 14 18:09:18 2011 Importance: security ID: MDVSA-2011:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:009 %pre A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png (CVE-2009-5018). Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018 (CVE-2010-4694). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Tools for converting GIFs to PNGs. The program gif2png converts GIF files to PNG files. The Python script web2png converts an entire web tree, also patching HTML pages to keep IMG SRC references correct. %package gif2png Update: Fri Jan 14 18:15:39 2011 Importance: security ID: MDVSA-2011:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:009 %pre A vulnerability has been found and corrected in gif2png: Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png (CVE-2009-5018). Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018 (CVE-2010-4694). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Tools for converting GIFs to PNGs. The program gif2png converts GIF files to PNG files. The Python script web2png converts an entire web tree, also patching HTML pages to keep IMG SRC references correct. %package xfig Update: Sat Jan 15 20:18:42 2011 Importance: security ID: MDVSA-2011:010 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:010 %pre Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information (CVE-2009-4227). Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c (CVE-2009-4228). Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition (CVE-2010-4262). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Xfig is an X Window System tool for creating basic vector graphics, including bezier curves, lines, rulers and more. The resulting graphics can be saved, printed on PostScript printers or converted to a variety of other formats (e.g., X11 bitmaps, Encapsulated PostScript, LaTeX). You should install xfig if you need a simple program to create vector graphics. %package lib64opensc2 lib64opensc-devel mozilla-plugin-opensc opensc Update: Sat Jan 15 22:43:41 2011 Importance: security ID: MDVSA-2011:011 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:011 %pre A vulnerability has been found and corrected in opensc: Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c (CVE-2010-4523). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description opensc is a library for accessing smart card devices using PC/SC Lite middleware package. It is also the core library of the OpenSC project. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the SmartCard is at the moment possible only with PKCS #15 compatible cards. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Mon Jan 17 17:52:14 2011 Importance: security ID: MDVSA-2011:012 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:012 %pre Multiple vulnerabilities has been found and corrected in mysql: storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (assertion failure) by modifying the (1) innodb_file_format or (2) innodb_file_per_table configuration parameters for the InnoDB storage engine, then executing a DDL statement (CVE-2010-3676). MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a join query that uses a table with a unique SET column (CVE-2010-3677). MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash) via (1) IN or (2) CASE operations with NULL arguments that are explicitly specified or indirectly provided by the WITH ROLLUP modifier (CVE-2010-3678). MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) via certain arguments to the BINLOG command, which triggers an access of uninitialized memory, as demonstrated by valgrind (CVE-2010-3679). MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by creating temporary tables while using InnoDB, which triggers an assertion failure (CVE-2010-3680). MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using the HANDLER interface and performing alternate reads from two indexes on a table, which triggers an assertion failure (CVE-2010-3681). MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a denial of service (mysqld daemon crash) by using EXPLAIN with crafted "SELECT ... UNION ... ORDER BY \(SELECT ... WHERE ...\)" statements, which triggers a NULL pointer dereference in the Item_singlerow_subselect::store function (CVE-2010-3682). MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE request generates SQL errors, which allows remote authenticated users to cause a denial of service (mysqld daemon crash) via a crafted request (CVE-2010-3683). The updated packages have been upgraded to the latest (last) stable 5.1 release (5.1.54) to address these issues for both Mandriva Linux 2010.0 and 2010.2. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package hplip hplip-doc hplip-gui hplip-hpijs hplip-hpijs-ppds hplip-model-data lib64hpip0 lib64hpip0-devel lib64sane-hpaio1 Update: Wed Jan 19 15:39:33 2011 Importance: security ID: MDVSA-2011:013 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:013 %pre A vulnerability has been found and corrected in hplip: A flaw was found in the way certain HPLIP tools discovered devices using the SNMP protocol. If a user ran certain HPLIP tools that search for supported devices using SNMP, and a malicious user is able to send specially-crafted SNMP responses, it could cause those HPLIP tools to crash or, possibly, execute arbitrary code with the privileges of the user running them (CVE-2010-4267). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This is the HP driver package to supply Linux support for most Hewlett-Packard DeskJet, LaserJet, PSC, OfficeJet, and PhotoSmart printers and all-in-one peripherals (also known as Multi-Function Peripherals or MFPs), which can print, scan, copy, fax, and/or access flash memory cards. It is work in progress, but printing, scanning, memory card access, ink/toner/battery/consumable level checking, and inkjet printer maintenance are supported on most models, when either connected to the USB or LAN (built-in interfaces or selected HP JetDirect models) on a Linux workstation with CUPS printing system. For status and consumable checking and also for inkjet maintenance there is the graphical tool "hp-toolbox" available (Menu: "System"/"Monitoring"/"HP Printer Toolbox"). %package lib64pcsclite1 lib64pcsclite-devel lib64pcsclite-static-devel pcsc-lite Update: Thu Jan 20 19:28:21 2011 Importance: security ID: MDVSA-2011:015 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:015 %pre A vulnerability has been found and corrected in pcsc-lite: Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value (CVE-2010-4531). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description pcscd is the daemon program for PC/SC Lite. It is a resource manager that coorinates communications with Smart Card readers and Smart Cards that are connected to the system. The purpose of PCSC Lite is to provide a Windows(R) SCard interface in a very small form factor for communicating to smartcards and readers. PCSC Lite uses the same winscard api as used under Windows(R) This package was tested to work with A.E.T. Europe SafeSign. This package is supported by A.E.T. Europe B.V. when used in combination with SafeSign. %package lib64t1lib5 lib64t1lib-devel lib64t1lib-static-devel t1lib-config t1lib-progs Update: Fri Jan 21 13:44:48 2011 Importance: security ID: MDVSA-2011:016 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:016 %pre It was discovered that t1lib suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution t1lib has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description T1lib is a library for generating character and string-glyphs from Adobe Type 1 fonts under UNIX. T1lib uses most of the code of the X11 rasterizer donated by IBM to the X11-project. But some disadvantages of the rasterizer being included in X11 have been eliminated. T1lib also includes a support for antialiasing. %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-usrlocal tetex-xdvi xmltex Update: Fri Jan 21 14:17:10 2011 Importance: security ID: MDVSA-2011:017 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:017 %pre It was discovered that tetex suffered from the same vulnerability as previousely addressed in Evince with MDVSA-2011:005 (CVE-2010-2642). As a precaution tetex has been patched to address this flaw. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package sudo Update: Fri Jan 21 17:04:45 2011 Importance: security ID: MDVSA-2011:018 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:018 %pre Multiple vulnerabilities has been found and corrected in sudo: A a patch for parse.c in sudo does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression (CVE-2011-0008). check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command (CVE-2011-0010). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the latest versions (1.7.4p6) which is not affected by these issues. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package lib64user1 lib64user-devel libuser libuser-ldap libuser-python Update: Wed Jan 26 14:40:57 2011 Importance: security ID: MDVSA-2011:019 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:019 %pre A vulnerability has been found and corrected in libuser: libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values (CVE-2011-0002). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The libuser library implements a standardized interface for manipulating and administering user and group accounts. The library uses pluggable back-ends to interface to its data sources. Sample applications modeled after those included with the shadow password suite are included. %package lib64pango1.0_0 lib64pango1.0_0-modules lib64pango1.0-devel pango pango-doc Update: Thu Feb 03 17:35:46 2011 Importance: security ID: MDVSA-2011:020 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:020 %pre A vulnerability has been found and corrected in pango: Heap-based buffer overflow in the pango_ft2_font_render_box_glyph function in pango/pangoft2-render.c in libpango in Pango 1.28.3 and earlier, when the FreeType2 backend is enabled, allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file, related to the glyph box for an FT_Bitmap object (CVE-2011-0020). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description A library to handle unicode strings as well as complex bidirectional or context dependent shaped strings. It is the next step on Gtk+ internationalization. %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Mon Feb 07 10:22:51 2011 Importance: security ID: MDVSA-2011:021 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:021 %pre A vulnerability was discovered and corrected in postgresql: Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions (CVE-2010-4015). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides a solution to this vulnerability. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Mon Feb 07 14:01:44 2011 Importance: security ID: MDVSA-2011:022 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:022 %pre A vulnerability has been found and corrected in dhcp: The DHCPv6 server in ISC DHCP 4.0.x and 4.1.x before 4.1.2-P1, 4.0-ESV and 4.1-ESV before 4.1-ESV-R1, and 4.2.x before 4.2.1b1 allows remote attackers to cause a denial of service (assertion failure and daemon crash) by sending a message over IPv6 for a declined and abandoned address (CVE-2011-0413). The updated packages have been patched to correct this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Tue Feb 08 15:54:15 2011 Importance: security ID: MDVSA-2011:023 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:023 %pre A vulnerability has been found and corrected in proftpd: Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1.3.3d, when mod_sql is enabled, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted username containing substitution tags, which are not properly handled during construction of an SQL query (CVE-2010-4652). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Wed Feb 09 15:08:42 2011 Importance: security ID: MDVSA-2011:025 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:025 %pre Multiple vulnerabilities were discovered and corrected in krb5: The MIT krb5 KDC database propagation daemon (kpropd) is vulnerable to a denial-of-service attack triggered by invalid network input. If a kpropd worker process receives invalid input that causes it to exit with an abnormal status, it can cause the termination of the listening process that spawned it, preventing the slave KDC it was running on From receiving database updates from the master KDC (CVE-2010-4022). The MIT krb5 Key Distribution Center (KDC) daemon is vulnerable to denial of service attacks from unauthenticated remote attackers (CVE-2011-0281, CVE-2011-0282). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package lsb-release Update: Fri Feb 11 08:27:03 2011 Importance: bugfix ID: MDVA-2011:004 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:004 %pre This updates the version of lsb_release to 2010.2, fixes also an issues related to path. %description LSB version query program This program forms part of the required functionality of the LSB (Linux Standard Base) specification. The program queries the installed state of the distribution to display certain properties such as the version of the LSB against which the distribution claims compliance as well. It can also attempt to display the name and release of the distribution along with an identifier of who produces the distribution. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Fri Feb 11 08:43:39 2011 Importance: bugfix ID: MDVA-2011:005 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:005 %pre This is a maintenance and bugfix release that upgrades mysql to the latest 5.0 and 5.1 versions which solves numerous upstream bugs. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to mysql 5.0.92 and 5.1.55. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package apache-mod_php lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Feb 11 14:14:00 2011 Importance: bugfix ID: MDVA-2011:006 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:006 %pre This is a maintenance and bugfix release that upgrades php to the latest 5.2 and 5.3 versions which solves numerous upstream bugs. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to php 5.2.17 and 5.3.5. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package openoffice.org openoffice.org-base openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-devel openoffice.org-devel-doc openoffice.org-draw openoffice.org-filter-binfilter openoffice.org-gnome openoffice.org-help-af openoffice.org-help-ar openoffice.org-help-bg openoffice.org-help-br openoffice.org-help-bs openoffice.org-help-ca openoffice.org-help-cs openoffice.org-help-cy openoffice.org-help-da openoffice.org-help-de openoffice.org-help-el openoffice.org-help-en_GB openoffice.org-help-en_US openoffice.org-help-es openoffice.org-help-et openoffice.org-help-eu openoffice.org-help-fi openoffice.org-help-fr openoffice.org-help-he openoffice.org-help-hi openoffice.org-help-hu openoffice.org-help-it openoffice.org-help-ja openoffice.org-help-ko openoffice.org-help-mk openoffice.org-help-nb openoffice.org-help-nl openoffice.org-help-nn openoffice.org-help-pl openoffice.org-help-pt openoffice.org-help-pt_AO openoffice.org-help-pt_BR openoffice.org-help-ru openoffice.org-help-sk openoffice.org-help-sl openoffice.org-help-sv openoffice.org-help-ta openoffice.org-help-tr openoffice.org-help-zh_CN openoffice.org-help-zh_TW openoffice.org-help-zu openoffice.org-impress openoffice.org-java-common openoffice.org-kde4 openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_AO openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-math openoffice.org-mono openoffice.org-openclipart openoffice.org-pdfimport openoffice.org-presentation-minimizer openoffice.org-presenter-screen openoffice.org-pyuno openoffice.org-style-crystal openoffice.org-style-galaxy openoffice.org-style-hicontrast openoffice.org-style-industrial openoffice.org-style-oxygen openoffice.org-style-tango openoffice.org-testtool openoffice.org-voikko openoffice.org-wiki-publisher openoffice.org-writer Update: Mon Feb 14 16:58:36 2011 Importance: security ID: MDVSA-2011:027 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:027 %pre Multiple vulnerabilities were discovered and corrected in OpenOffice.org: Multiple directory traversal vulnerabilities allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in an XSLT JAR filter description file, an Extension (aka OXT) file, or unspecified other JAR or ZIP files (CVE-2010-3450). Use-after-free vulnerability in oowriter allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via malformed tables in an RTF document (CVE-2010-3451). Use-after-free vulnerability in oowriter allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted tags in an RTF document (CVE-2010-3452). The WW8ListManager::WW8ListManager function in oowriter does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted .DOC file that triggers an out-of-bounds write (CVE-2010-3453). Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted typography information in a Microsoft Word .DOC file that triggers an out-of-bounds write (CVE-2010-3454). soffice places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-3689). Heap-based buffer overflow in Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document, as demonstrated by a PowerPoint (aka PPT) document (CVE-2010-4253). Heap-based buffer overflow in Impress allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TGA file in an ODF or Microsoft Office document (CVE-2010-4643). OpenOffice.org packages have been updated in order to fix these issues. Additionally openoffice.org-voikko packages that require OpenOffice.org are also being provided and voikko package is upgraded from 2.0 to 2.2.1 version in MES5.1. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Tue Feb 15 10:03:13 2011 Importance: security ID: MDVSA-2011:028 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:028 %pre A vulnerability has been found and corrected in openssl: Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension (CVE-2011-0014). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-eclipse tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Fri Feb 18 18:44:53 2011 Importance: security ID: MDVSA-2011:030 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:030 %pre Multiple vulnerabilities has been found and corrected in tomcat5: When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate files generated when compiling JSPs to Servlets. The location of the work directory is specified by a ServletContect attribute that is meant to be read-only to web applications. However, due to a coding error, the read-only setting was not applied. Therefore, a malicious web application may modify the attribute before Tomcat applies the file permissions. This can be used to grant read/write permissions to any area on the file system which a malicious web application may then take advantage of. This vulnerability is only applicable when hosting web applications from untrusted sources such as shared hosting environments (CVE-2010-3718). The HTML Manager interface displayed web applciation provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administartive user when viewing the manager pages (CVE-2011-0013). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package python-django Update: Fri Feb 18 19:37:22 2011 Importance: security ID: MDVSA-2011:031 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:031 %pre Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a combination of browser plugins and redirects, a related issue to CVE-2011-0447 (CVE-2011-0696). Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload (CVE-2011-0697). Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays (CVE-2011-0698). The updated packages have been upgraded to the 1.1.4 version which is not vulnerable to these issues. %description Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Developed and used over the past two years by a fast-moving online-news operation, Django was designed from scratch to handle two challenges: the intensive deadlines of a newsroom and the stringent requirements of experienced Web developers. It has convenient niceties for developing content-management systems, but it's an excellent tool for building any Web site. Django focuses on automating as much as possible and adhering to the DRY principle. %package python-django Update: Fri Feb 18 19:59:59 2011 Importance: security ID: MDVSA-2011:031 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:031 %pre Multiple vulnerabilities has been found and corrected in python-django: Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged AJAX requests that leverage a combination of browser plugins and redirects, a related issue to CVE-2011-0447 (CVE-2011-0696). Cross-site scripting (XSS) vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload (CVE-2011-0697). Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / (slash) character in a key in a session cookie, related to session replays (CVE-2011-0698). The updated packages have been upgraded to the 1.1.4 version which is not vulnerable to these issues. %description Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Developed and used over the past two years by a fast-moving online-news operation, Django was designed from scratch to handle two challenges: the intensive deadlines of a newsroom and the stringent requirements of experienced Web developers. It has convenient niceties for developing content-management systems, but it's an excellent tool for building any Web site. Django focuses on automating as much as possible and adhering to the DRY principle. %package eclipse-ecj eclipse-jdt eclipse-pde eclipse-platform eclipse-rcp eclipse-swt Update: Sun Feb 20 10:20:44 2011 Importance: security ID: MDVSA-2011:032 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:032 %pre A vulnerability has been found and corrected in eclipse: Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the Help Server) in Eclipse IDE before 3.6.2 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) help/index.jsp or (2) help/advanced/content.jsp (CVE-2010-4647). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The Eclipse platform is designed for building integrated development environments (IDEs), server-side applications, desktop applications, and everything in between. %package banshee banshee-doc banshee-ipod banshee-karma banshee-mtp Update: Mon Feb 21 17:28:23 2011 Importance: security ID: MDVSA-2011:034 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:034 %pre A vulnerability has been found and corrected in banshee: The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory (CVE-2010-3998). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description With Banshee you can easily import, manage, and play selections from your music collection. Banshee allows you to import CDs, sync your music collection to an mobile device, play music directly from an mobile player, create playlists with songs from your library, and create audio and MP3 CDs from subsets of your library. %package tomboy Update: Tue Feb 22 09:59:03 2011 Importance: security ID: MDVSA-2011:035 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:035 %pre A vulnerability has been found and corrected in tomboy: The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: vector 1 exists because of an incorrect fix for CVE-2005-4790.2 (CVE-2010-4005). The updated packages have been patched to correct this issue. %description Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information you deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking system, organizing ideas is as simple as typing a name. Branching an idea off is easy as pressing the Link button. And links between your ideas won't break, even when renaming and reorganizing them. %package mailman Update: Wed Feb 23 15:07:30 2011 Importance: security ID: MDVSA-2011:036 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:036 %pre A vulnerability has been found and corrected in mailman: Multiple cross-site scripting (XSS) vulnerabilities in Cgi/confirm.py in GNU Mailman 2.1.14 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) full name or (2) username field in a confirmation message (CVE-2011-0707). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Mailman -- The GNU Mailing List Management System -- is a mailing list management system written mostly in Python. Features: o Most standard mailing list features, including: moderation, mail based commands, digests, etc... o An extensive Web interface, customizable on a per-list basis. o Web based list administration interface for *all* admin-type tasks o Automatic Web based hypermail-style archives (using pipermail or other external archiver), including provisions for private archives o Integrated mail list to newsgroup gatewaying o Integrated newsgroup to mail list gatewaying (polling-based... if you have access to the nntp server, you should be able to easily do non-polling based news->mail list gatewaying; email viega@list.org, I'd like to help get that going and come up with instructions) o Smart bounce detection and correction o Integrated fast bulk mailing o Smart spam protection o Extensible logging o Multiple list owners and moderators are possible o Optional MIME-compliant digests o Nice about which machine you subscribed from if you're from the right domain Conditional build options: mailman uid --with uid mail mailman gid --with gid mail %package avahi avahi-dnsconfd avahi-python avahi-sharp avahi-sharp-doc avahi-x11 lib64avahi-client3 lib64avahi-client-devel lib64avahi-common3 lib64avahi-common-devel lib64avahi-compat-howl0 lib64avahi-compat-howl-devel lib64avahi-compat-libdns_sd1 lib64avahi-compat-libdns_sd-devel lib64avahi-core6 lib64avahi-core-devel lib64avahi-glib1 lib64avahi-glib-devel lib64avahi-gobject0 lib64avahi-gobject-devel lib64avahi-qt3_1 lib64avahi-qt3-devel lib64avahi-qt4_1 lib64avahi-qt4-devel lib64avahi-ui1 lib64avahi-ui-devel Update: Thu Feb 24 09:15:26 2011 Importance: security ID: MDVSA-2011:037 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:037 %pre A vulnerability has been found and corrected in avahi: avahi-core/socket.c in avahi-daemon in Avahi before 0.6.29 allows remote attackers to cause a denial of service (infinite loop) via an empty (1) IPv4 or (2) IPv6 UDP packet to port 5353. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-2244 (CVE-2011-1002). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Mon Feb 28 15:49:28 2011 Importance: security ID: MDVSA-2011:038 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:038 %pre A vulnerability has been found and corrected in samba: All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set (CVE-2011-0719). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package lib64webkitgtk1.0_2 lib64webkitgtk1.0-devel webkit1.0 webkit1.0-webinspector webkit webkit-gtklauncher webkit-jsc Update: Wed Mar 02 09:59:10 2011 Importance: security ID: MDVSA-2011:039 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:039 %pre Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. Please consult the CVE web links for further information. The updated packages have been upgraded to the latest version (1.2.7) to correct these issues. %description WebKit is an open source web browser engine. %package lib64pango1.0_0 lib64pango1.0_0-modules lib64pango1.0-devel pango pango-doc Update: Thu Mar 03 10:30:50 2011 Importance: security ID: MDVSA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:040 %pre A vulnerability has been found and corrected in pango: It was discovered that pango did not check for memory reallocation failures in hb_buffer_ensure() function. This could trigger a NULL pointer dereference in hb_buffer_add_glyph(), where possibly untrusted input is used as an index used for accessing members of the incorrectly reallocated array, resulting in the use of NULL address as the base array address. This can result in application crash or, possibly, code execution (CVE-2011-1002). The updated packages have been patched to correct this issue. %description A library to handle unicode strings as well as complex bidirectional or context dependent shaped strings. It is the next step on Gtk+ internationalization. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.14 lib64xulrunner-devel mozilla-thunderbird-beagle xulrunner yelp Update: Fri Mar 04 20:49:18 2011 Importance: security ID: MDVSA-2011:041 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:041 %pre Cross-site request forgery (CSRF) vulnerability in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to hijack the authentication of arbitrary users for requests that were initiated by a plugin and received a 307 redirect to a page on a different web site. (CVE-2011-0059) Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image. (CVE-2011-0061) The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element. (CVE-2010-1585) Buffer overflow in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long string that triggers construction of a long text run. (CVE-2011-0058) Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection. (CVE-2011-0057) Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving exception timing and a large number of string values, aka an atom map issue. (CVE-2011-0056) Buffer overflow in the JavaScript engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via vectors involving non-local JavaScript variables, aka an upvarMap issue. (CVE-2011-0054) Use-after-free vulnerability in the JSON.stringify method in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, might allow remote attackers to execute arbitrary code via unspecified vectors. (CVE-2011-0055) Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, does not properly handle certain recursive eval calls, which makes it easier for remote attackers to force a user to respond positively to a dialog question, as demonstrated by a question about granting privileges. (CVE-2011-0051) Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. (CVE-2011-0062) Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.15 lib64xulrunner-devel mozilla-thunderbird-beagle xulrunner yelp Update: Mon Mar 07 15:52:05 2011 Importance: bugfix ID: MDVA-2011:008 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:008 %pre This is a bugfix release that upgrades firefox to the latest version (3.6.15) due to issues where some Java applets would fail to load. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 %description Help browser for GNOME 2 which supports docbook documents, info and man. %package mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Mon Mar 07 17:21:43 2011 Importance: security ID: MDVSA-2011:042 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:042 %pre Security issues were identified and fixed in mozilla-thunderbird: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0053). Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image (CVE-2011-0061). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.14 and Thunderbird 3.1.x before 3.1.8 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-0062). The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 does not properly sanitize HTML in a chrome document, which makes it easier for remote attackers to execute arbitrary JavaScript with chrome privileges via a javascript: URI in input to an extension, as demonstrated by a javascript:alert sequence in (1) the HREF attribute of an A element or (2) the ACTION attribute of a FORM element (CVE-2010-1585). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Tue Mar 08 10:15:56 2011 Importance: security ID: MDVSA-2011:043 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:043 %pre A buffer overflow was discovered in libtiff which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding (CVE-2011-0192). Additionally it was discovered that the fixes for CVE-2009-2347 and CVE-2010-2065 were incomplete for Mandriva Linux 2010.0 and 2010.2 and being resolved as well. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Tue Mar 08 15:10:59 2011 Importance: security ID: MDVSA-2011:044 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:044 %pre This advisory updates wireshark to the latest version (1.2.15), fixing several security issues: Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file (CVE-2011-0538). Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file (CVE-2011-0713). wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field (CVE-2011-1139). Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet (CVE-2011-1140). epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements (CVE-2011-1141). Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values (CVE-2011-1142). The updated packages have been upgraded to the latest 1.2.x version (1.2.15) and patched to correct these issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package djvulibre lib64djvulibre21 lib64djvulibre-devel Update: Fri Mar 11 10:34:45 2011 Importance: bugfix ID: MDVA-2011:010 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:010 %pre Various problems were discovered with the DJVULibre firefox browser-plugin: * Browser plugin from dejavulibre is obsolete and was causing browser crashes when viewing DJVU content. This browser plugin is now disabled, mozilla-plugin-dejavu should now be used. * Djvulibre crashed when converting DJVU file to TIFF. This update solves it. This advisory provides djvulibre 3.5.22 that resolves these problems. %description DjVu is a web-centric format and software platform for distributing documents and images. DjVu content downloads faster, displays and renders faster, looks nicer on a screen, and consume less client resources than competing formats. DjVu was originally developed at AT&T Labs-Research by Leon Bottou, Yann LeCun, Patrick Haffner, and many others. In March 2000, AT&T sold DjVu to LizardTech Inc. who now distributes Windows/Mac plug-ins, and commercial encoders (mostly on Windows) In an effort to promote DjVu as a Web standard, the LizardTech management was enlightened enough to release the reference implementation of DjVu under the GNU GPL in October 2000. DjVuLibre (which means free DjVu), is an enhanced version of that code maintained by the original inventors of DjVu. It is compatible with version 3.5 of the LizardTech DjVu software suite. DjVulibre-3.5 contains: - A full-fledged wavelet-based compressor for pictures. - A simple compressor for bitonal (black and white) scanned pages. - A compressor for palettized images (a la GIF/PNG). - A set of utilities to manipulate and assemble DjVu images and documents. - A set of decoders to convert DjVu to a number of other formats. - An up-to-date version of the C++ DjVu Reference Library. %package lib64postfix1 postfix postfix-cdb postfix-ldap postfix-mysql postfix-pcre postfix-pgsql Update: Wed Mar 16 13:11:23 2011 Importance: security ID: MDVSA-2011:045 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:045 %pre A security flaw was discovered in postfix which allows plaintext command injection with SMTP sessions over TLS (CVE-2011-0411). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS and running in a chroot environment. Postfix is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different. This software was formerly known as VMailer. It was released by the end of 1998 as the IBM Secure Mailer. From then on it has lived on as Postfix. PLEASE READ THE /usr/share/doc/postfix/README.MDK FILE. This rpm supports different build time options, to enable or disable these features you must rebuild the source rpm using the --with ... or --without ... rpm option. Currently postfix has been built with: Smtpd multiline greeting: --without multiline Virtual Delivery Agent: --without VDA Munge bare CR: --without barecr TLS support: --with tls IPV6 support: --with ipv6 CDB support: --with cdb Chroot by default: --with chroot %package pure-ftpd pure-ftpd-anon-upload pure-ftpd-anonymous Update: Thu Mar 17 15:19:53 2011 Importance: security ID: MDVSA-2011:046 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:046 %pre A security flaw was discovered in pure-ftpd which allows plaintext command injection over TLS (similar to CVE-2011-0411). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels (setfsuid, sendfile, capabilities) . Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in LS, anti-warez system, bandwidth throttling, FXP, bounded ports for passive downloads, UL/DL ratios, native LDAP and SQL support, Apache log files and more. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Fri Mar 18 09:18:45 2011 Importance: security ID: MDVSA-2011:047 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:047 %pre A vulnerability was discovered and corrected in proftpd: Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH message (CVE-2011-1137). Additionally for Mandriva Linux 2010.0 proftpd was upgraded to the same version as in Mandriva Linux 2010.2. The updated packages have been patched to correct this issue. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Fri Mar 18 11:09:59 2011 Importance: security ID: MDVSA-2011:048 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:048 %pre A vulnerability was discovered and corrected in krb5: The MIT Kerberos 5 Key Distribution Center (KDC) daemon is vulnerable to a double-free condition if the Public Key Cryptography for Initial Authentication (PKINIT) capability is enabled, resulting in daemon crash or arbitrary code execution (which is believed to be difficult) (CVE-2011-0284). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package vsftpd Update: Mon Mar 21 08:18:34 2011 Importance: security ID: MDVSA-2011:049 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:049 %pre A vulnerability was discovered and corrected in vsftpd: The vsf_filename_passes_filter function in ls.c in vsftpd before 2.3.3 allows remote authenticated users to cause a denial of service (CPU consumption and process slot exhaustion) via crafted glob expressions in STAT commands in multiple FTP sessions, a different vulnerability than CVE-2010-2632 (CVE-2011-0762). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description A Very Secure FTP Daemon - written from scratch - by Chris "One Man Security Audit Team" Evans. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Mon Mar 21 10:53:37 2011 Importance: security ID: MDVSA-2011:050 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:050 %pre Multiple vulnerabilities has been identified and fixed in pidgin: It was discovered that libpurple versions prior to 2.7.10 do not properly clear certain data structures used in libpurple/cipher.c prior to freeing. An attacker could potentially extract partial information from memory regions freed by libpurple. The Yahoo protocol plugin in libpurple versions 2.6.0 through 2.7.10 do not properly handle malformed YMSG packets, leading to NULL pointer dereferences and application crash (CVE-2011-1091). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides pidgin 2.7.11, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package apache-mod_php lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Wed Mar 23 13:53:26 2011 Importance: security ID: MDVSA-2011:053 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:053 %pre Multiple vulnerabilities has been identified and fixed in php: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (application crash) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation (CVE-2011-0421). exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of service (application crash) via an image with a crafted Image File Directory (IFD) that triggers a buffer over-read (CVE-2011-0708). Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the shmop_read function (CVE-2011-1092). Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sensitive information from process memory, cause a denial of service (memory corruption), or possibly execute arbitrary code via format string specifiers in an argument to a class method, leading to an incorrect zend_throw_exception_ex call (CVE-2011-1153). Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent attackers to cause a denial of service (application crash) via a small numerical value in the argument (CVE-2011-1464). Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in the first argument to the cal_from_jd function (CVE-2011-1466). Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via an invalid argument, a related issue to CVE-2010-4409 (CVE-2011-1467). Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via (1) plaintext data to the openssl_encrypt function or (2) ciphertext data to the openssl_decrypt function (CVE-2011-1468). Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) by accessing an ftp:// URL during use of an HTTP proxy with the FTP wrapper (CVE-2011-1469). The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that is not properly handled by the stream_get_contents function (CVE-2011-1470). Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU consumption) via a malformed archive file that triggers errors in zip_fread function calls (CVE-2011-1471). The updated php packages have been upgraded to 5.3.6 which is not vulnerable to these issues. Additionally some of the PECL extensions has been upgraded and/or rebuilt for the new php version. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-plugin java-1.6.0-openjdk-src Update: Sun Mar 27 20:21:41 2011 Importance: security ID: MDVSA-2011:054 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:054 %pre Multiple vulnerabilities has been identified and fixed in java-1.6.0-openjdk: The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before 1.9.4 for Java OpenJDK returns from the checkPermission method instead of throwing an exception in certain circumstances, which might allow context-dependent attackers to bypass the intended security policy by creating instances of ClassLoader (CVE-2010-4351). Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Networking. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves DNS cache poisoning by untrusted applets. (CVE-2010-4448) Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.2_29 and earlier for Solaris and Linux allows local standalone applications to affect confidentiality, integrity, and availability via unknown vectors related to Launcher. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is an untrusted search path vulnerability involving an empty LD_LIBRARY_PATH environment variable (CVE-2010-4450). Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the lack of framework support by AWT event dispatch, and/or clipboard access in Applets. (CVE-2010-4465) Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is heap corruption related to the Verifier and backward jsrs. (CVE-2010-4469) Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23, and, and earlier allows remote attackers to affect availability via unknown vectors related to JAXP and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to Features set on SchemaFactory not inherited by Validator. (CVE-2010-4470) Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, and 5.0 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to 2D. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue is related to the exposure of system properties via vectors related to Font.createFont and exception text (CVE-2010-4471). Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote attackers to affect availability, related to XML Digital Signature and unspecified APIs. NOTE: the previous information was obtained from the February 2011 CPU. Oracle has not commented on claims from a downstream vendor that this issue involves the replacement of the XML DSig Transform or C14N algorithm implementations. (CVE-2010-4472) The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308 (CVE-2010-4476). IcedTea 1.7 before 1.7.8, 1.8 before 1.8.5, and 1.9 before 1.9.5 does not properly verify signatures for JAR files that (1) are partially signed or (2) signed by multiple entities, which allows remote attackers to trick users into executing code that appears to come from a trusted source (CVE-2011-0025). The JNLPClassLoader class in IcedTea-Web before 1.0.1, as used in OpenJDK Runtime Environment 1.6.0, allows remote attackers to gain privileges via unknown vectors related to multiple signers and the assignment of an inappropriate security descriptor. (CVE-2011-0706) Additionally the java-1.5.0-gcj packages were not rebuilt with the shipped version on GCC for 2009.0 and Enterprise Server 5 which caused problems while building the java-1.6.0-openjdk updates, therefore rebuilt java-1.5.0-gcj packages are being provided with this advisory as well. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The OpenJDK runtime environment. This version is built without netbeans, so jvisualvm is disabled. %package lib64ldap2.4_2 lib64ldap2.4_2-devel lib64ldap2.4_2-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Wed Mar 30 12:38:56 2011 Importance: security ID: MDVSA-2011:056 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:056 %pre Multiple vulnerabilities has been identified and fixed in openldap: chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates (aka authentication-failure forwarding) is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server (CVE-2011-1024). bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name (DN), which allows remote attackers to bypass intended access restrictions via an arbitrary password (CVE-2011-1025). modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service (daemon crash) via a relative Distinguished Name (DN) modification request (aka MODRDN operation) that contains an empty value for the OldDN field (CVE-2011-1081). The updated packages have been patched to correct these issues. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) which is in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes only configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Thu Mar 31 15:55:40 2011 Importance: security ID: MDVSA-2011:057 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:057 %pre The configuration merger in itk.c in the Steinar H. Gunderson mpm-itk Multi-Processing Module (apache-mpm-itk) for the Apache HTTP Server does not properly handle certain configuration sections that specify NiceValue but not AssignUserID, which might allow remote attackers to gain privileges by leveraging the root uid and root gid of an mpm-itk process (CVE-2011-1176). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages uses the latest upstream ITK patch for apache that is unaffected by this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package ffmpeg lib64avformats52 lib64avutil50 lib64ffmpeg52 lib64ffmpeg-devel lib64ffmpeg-static-devel lib64postproc51 lib64swscaler0 Update: Fri Apr 01 20:18:31 2011 Importance: security ID: MDVSA-2011:062 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:062 %pre Multiple vulnerabilities has been identified and fixed in ffmpeg: FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636) flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429) libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704) Fix heap corruption crashes (CVE-2011-0722) Fix invalid reads in VC-1 decoding (CVE-2011-0723) And several additional vulnerabilites originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues. %description ffmpeg is a hyper fast realtime audio/video encoder, a streaming server and a generic audio and video file converter. It can grab from a standard Video4Linux video source and convert it into several file formats based on DCT/motion compensation encoding. Sound is compressed in MPEG audio layer 2 or using an AC3 compatible stream. %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Mon Apr 04 14:18:29 2011 Importance: security ID: MDVSA-2011:064 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:064 %pre Multiple vulnerabilities were discovered and corrected in libtiff: Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding (CVE-2011-0191). Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value (CVE-2011-1167). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package logrotate Update: Tue Apr 05 12:44:33 2011 Importance: security ID: MDVSA-2011:065 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:065 %pre Multiple vulnerabilities were discovered and corrected in logrotate: Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the intended permissions are in place (CVE-2011-1098). The shred_file function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name (CVE-2011-1154). The writeState function in logrotate.c in logrotate 3.7.9 and earlier might allow context-dependent attackers to cause a denial of service (rotation outage) via a (1) \n (newline) or (2) \ (backslash) character in a log filename, as demonstrated by a filename that is automatically constructed on the basis of a hostname or virtual machine name (CVE-2011-1155). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 3.7.9 version and patched to correct these issues. %description The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job. Install the logrotate package if you need a utility to deal with the log files on your system. %package rsync Update: Tue Apr 05 14:34:08 2011 Importance: security ID: MDVSA-2011:066 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:066 %pre A vulnerability wase discovered and corrected in rsync: rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data (CVE-2011-1097). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has these patches applied from rsync tree: - acl: allow to mirror acl Rebuild the source rpm with `--without patches' if you don't want these patches %package rsync Update: Tue Apr 05 14:34:46 2011 Importance: security ID: MDVSA-2011:066 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:066 %pre A vulnerability wase discovered and corrected in rsync: rsync 3.x before 3.0.8, when certain recursion, deletion, and ownership options are used, allows remote rsync servers to cause a denial of service (heap memory corruption and application crash) or possibly execute arbitrary code via malformed data (CVE-2011-1097). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has these patches applied from rsync tree: - acl: allow to mirror acl Rebuild the source rpm with `--without patches' if you don't want these patches %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svn-gnome-keyring0 lib64svnjavahl1 lib64svn-kwallet0 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Wed Apr 06 09:35:24 2011 Importance: security ID: MDVSA-2011:067 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:067 %pre A vulnerability was discovered and corrected in subversion: The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token (CVE-2011-0715). Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 1.6.16 version which is not vulnerable to this issue. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.16 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-beagle mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-lightning nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Thu Apr 07 13:22:03 2011 Importance: security ID: MDVSA-2011:068 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:068 %pre Several invalid HTTPS certificates were placed on the certificate blacklist to prevent their misuse. Users on a compromised network could be directed to sites using the fraudulent certificates and mistake them for the legitimate sites. This could deceive them into revealing personal information such as usernames and passwords. It may also deceive users into downloading malware if they believe it's coming from a trusted site. The NSS and NSPR packages were updated to the latest versions as well as the rootcerts packages providing the latest root CA certs from mozilla as of 2011/03/23. The firefox packages were updated to the latest 3.6.16 version which is not vulnarable to this issue. The mozilla thunderbird 3.1.9 packages were patched with the same fix as of firefox as a precaution. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Apr 08 09:01:15 2011 Importance: security ID: MDVSA-2011:069 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:069 %pre It was discovered that the /etc/cron.d/php cron job for php-session allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php (CVE-2011-0441). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages contains a fix that corrects this flaw. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package gdm gdm-user-switch-applet Update: Fri Apr 08 09:51:45 2011 Importance: security ID: MDVSA-2011:070 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:070 %pre A vulnerability has been found and corrected in gdm: GNOME Display Manager (gdm) 2.x before 2.32.1 allows local users to change the ownership of arbitrary files via a symlink attack on a (1) dmrc or (2) face icon file under /var/cache/gdm/ (CVE-2011-0727). The updated packages have been patched to correct this issue. %description Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. %package kdelibs4-core kdelibs4-devel lib64kde3support4 lib64kdecore5 lib64kdefakes5 lib64kdesu5 lib64kdeui5 lib64kdewebkit5 lib64kdnssd4 lib64kfile4 lib64khtml5 lib64kimproxy4 lib64kio5 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kmediaplayer4 lib64knewstuff2_4 lib64knewstuff34 lib64knotifyconfig4 lib64kntlm4 lib64kparts4 lib64kpty4 lib64krosscore4 lib64krossui4 lib64ktexteditor4 lib64kunitconversion4 lib64kunittest4 lib64kutils4 lib64nepomuk4 lib64nepomukquery4 lib64plasma3 lib64solid4 lib64threadweaver4 Update: Fri Apr 08 12:17:34 2011 Importance: security ID: MDVSA-2011:071 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:071 %pre A vulnerability has been found and corrected in kdelibs4: kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702 (CVE-2011-1094). Additionally it was discovered that kdelibs4 for 2009.0 was using an old private copy of the ca-bundle.crt file containing the root CA certs, this has now been resolved so that it uses the system wide and up to date /etc/pki/tls/certs/ca-bundle.crt file last updated with the MDVSA-2011:068 advisory. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Libraries for the K Desktop Environment. %package gwenhywfar lib64gwengui-qt4_0 lib64gwenhywfar47 lib64gwenhywfar-devel Update: Fri Apr 08 13:13:22 2011 Importance: security ID: MDVSA-2011:072 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:072 %pre It was discovered that gwenhywfar was using an old private copy of the ca-bundle.crt file containing the root CA certs, this has now been resolved so that it uses the system wide and up to date /etc/pki/tls/certs/ca-bundle.crt file last updated with the MDVSA-2011:068 advisory. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages provides a solution to this issue. %description This is Gwenhywfar, a multi-platform helper library for networking and security applications and libraries. It is heavily used by libchipcard and OpenHBCI-TNG (The Next Generation). %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Mon Apr 11 12:20:44 2011 Importance: security ID: MDVSA-2011:073 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:073 %pre A vulnerability has been found and corrected in ISC DHCP: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message (CVE-2011-0997). Additionally for Corporate Server 4 and Enterprise Server 5 ISC DHCP has been upgraded from the 3.0.7 version to the 4.1.2-P1 version which brings many enhancements such as ipv6 support. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have upgraded to the 4.1.2-P1 version and patched to correct this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Mon Apr 11 12:22:31 2011 Importance: security ID: MDVSA-2011:073 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:073 %pre A vulnerability has been found and corrected in ISC DHCP: dhclient in ISC DHCP 3.0.x through 4.2.x before 4.2.1-P1, 3.1-ESV before 3.1-ESV-R1, and 4.1-ESV before 4.1-ESV-R2 allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a DHCP message (CVE-2011-0997). Additionally for Corporate Server 4 and Enterprise Server 5 ISC DHCP has been upgraded from the 3.0.7 version to the 4.1.2-P1 version which brings many enhancements such as better ipv6 support. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have upgraded to the 4.1.2-P1 version and patched to correct this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package lib64qassistant4 lib64qt3support4 lib64qt4-devel lib64qtclucene4 lib64qtcore4 lib64qtdbus4 lib64qtdesigner4 lib64qtgui4 lib64qthelp4 lib64qtmultimedia4 lib64qtnetwork4 lib64qtopengl4 lib64qtscript4 lib64qtscripttools4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtwebkit4 lib64qtxml4 lib64qtxmlpatterns4 qt4-accessibility-plugin qt4-assistant qt4-common qt4-database-plugin-mysql qt4-database-plugin-odbc qt4-database-plugin-pgsql qt4-database-plugin-sqlite qt4-database-plugin-tds qt4-designer qt4-designer-plugin-phonon qt4-designer-plugin-qt3support qt4-designer-plugin-webkit qt4-doc qt4-examples qt4-graphicssystems-plugin qt4-linguist qt4-qdoc3 qt4-qtconfig qt4-qtdbus qt4-qvfb qt4-xmlpatterns Update: Tue Apr 12 15:55:36 2011 Importance: security ID: MDVSA-2011:074 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:074 %pre It was discovered that the QT packages were affected by the fraudalent certificates problem as well, the same issue as with firefox (MDVSA-2011:068). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updates packages has been patched to solve this issue. %description Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt applications, as well as the README files for Qt. %package akonadiconsole akonadi-kde akregator amor ark blinken blogilo bomber bovo cantor cervisia dolphin dragonplayer ffmpegthumbs granatier gwenview juk kaddressbook kalarm kalgebra kalzium kamera kanagram kapman kappfinder kapptemplate kate katomic kbattleship kblackbox kblocks kbounce kbreakout kbruch kbugbuster kcachegrind kcalc kcharselect kcolorchooser kcron kde4-audiocd kde4-filesharing kde4-nsplugins kdeaccessibility4 kdeaccessibility4-core kdeaccessibility4-devel kdeadmin4 kdeartwork4 kdeartwork4-color-schemes kdeartwork4-emoticons kdeartwork4-icons-theme-nuvola kdeartwork4-kscreensaver kdeartwork4-sounds kdeartwork4-styles kdeartwork4-wallpapers kdebase4 kdebase4-devel kdebase4-runtime kdebase4-runtime-devel kdebase4-workspace kdebase4-workspace-devel kdebase4-workspace-googlegadgets kdeedu4 kdeedu4-core kdeedu4-devel kdegames4 kdegames4-core kdegames4-devel kdegraphics4 kdegraphics4-core kdegraphics4-devel kde-l10n-ar kde-l10n-bg kde-l10n-ca kde-l10n-cs kde-l10n-csb kde-l10n-da kde-l10n-de kde-l10n-el kde-l10n-en_GB kde-l10n-eo kde-l10n-es kde-l10n-et kde-l10n-eu kde-l10n-fi kde-l10n-fr kde-l10n-fy kde-l10n-ga kde-l10n-gl kde-l10n-gu kde-l10n-he kde-l10n-hi kde-l10n-hr kde-l10n-hu kde-l10n-id kde-l10n-is kde-l10n-it kde-l10n-ja kde-l10n-kk kde-l10n-km kde-l10n-kn kde-l10n-ko kde-l10n-lt kde-l10n-lv kde-l10n-mai kde-l10n-mk kde-l10n-ml kde-l10n-nb kde-l10n-nds kde-l10n-nl kde-l10n-nn kde-l10n-pa kde-l10n-pl kde-l10n-pt kde-l10n-pt_BR kde-l10n-ro kde-l10n-ru kde-l10n-si kde-l10n-sk kde-l10n-sl kde-l10n-sr kde-l10n-sv kde-l10n-tg kde-l10n-tr kde-l10n-uk kde-l10n-wa kde-l10n-zh_CN kde-l10n-zh_TW kdelibs4-core kdelibs4-devel kdelirc kdemultimedia4 kdemultimedia4-core kdemultimedia4-devel kdenetwork4 kdenetwork4-core kdenetwork4-devel kdenetwork4-kopete-latex kdepasswd kdepim4 kdepim4-core kdepim4-devel kdepim4-kresources kdepim4-runtime-devel kdepim4-wizards kdepimlibs4-core kdepimlibs4-devel kdeplasma-addons kdeplasma-addons-devel kdesdk4 kdesdk4-core kdesdk4-devel kdesdk4-po2xml kdesdk4-scripts kdesdk4-strigi-analyzer kdesnake kdetoys4-devel kdeutils4 kdeutils4-core kdeutils4-devel kdewebdev4 kdewebdev4-devel kdf kdialog kdiamond kdm kdnssd keditbookmarks kfilereplace kfind kfloppy kfourinline kgamma kgeography kget kgoldrunner kgpg khangman kig kigo killbots kimagemapeditor kimono kimono-devel kinfocenter kio4-imap kio4-ldap kio4-mbox kio4-nntp kio4-pop3 kio4-sieve kio4-smtp kipi-common kiriki kiten kjots kjumpingcube kleopatra klettres klines klinkstatus kmag kmahjongg kmahjongglib kmail kmailcvt kmines kmix kmousetool kmouth kmplot kmtrace knetwalk knetworkconf knode knotes kolf kollision kolourpaint kommander kompare konqueror konquest konsole kontact kopete korganizer kpat kppp kppp-provider krdc kreversi krfb kruler ksame kscd ksendemail kshisen ksirk ksnapshot kspaceduel ksquares kstars ksudoku ksystemlog kteatime ktimer ktimetracker ktouch ktron kttsd ktuberling kturtle ktux kubrick kuiviewer kuser kwallet kwallet-daemon kweather kwordquiz kwrite lib64akonadi-contact4 lib64akonadi-kabc4 lib64akonadi-kcal4 lib64akonadi-kcal_next4 lib64akonadi-kde4 lib64akonadi-kmime4 lib64akonadi-next4 lib64akonadi-xml4 lib64akregatorinterfaces4 lib64akregatorprivate4 lib64analitza4 lib64analitzagui4 lib64antlr4 lib64audiocdplugins4 lib64avogadro-kalzium0 lib64cantorlibs0 lib64compoundviewer4 lib64dolphinprivate4 lib64gpgme++2 lib64gwenviewlib4 lib64gwsoap4 lib64iris_ksirk2 lib64kabc4 lib64kabc_file_core4 lib64kabc_groupdav4 lib64kabc_groupwise4 lib64kabckolab4 lib64kabc_slox4 lib64kaddressbookprivate4 lib64kalarm_calendar4 lib64kalarm_resources4 lib64kastencontrollers4 lib64kastencore4 lib64kastengui4 lib64kateinterfaces4 lib64kblog4 lib64kcal4 lib64kcal_groupdav4 lib64kcal_groupwise4 lib64kcalkolab4 lib64kcal_resourceblog4 lib64kcal_resourceremote4 lib64kcal_slox4 lib64kcddb4 lib64kcompactdisc4 lib64kdcraw8 lib64kde3support4 lib64kdecorations4 lib64kdecore5 lib64kdeeduui4 lib64kdefakes5 lib64kdegames5 lib64kdelirc_shared1 lib64kdepim4 lib64kdepim-copy4 lib64kdesu5 lib64kdeui5 lib64kdewebkit5 lib64kdnssd4 lib64keduvocdocument4 lib64kephal4 lib64kerfuffle4 lib64kexiv2_8 lib64kfile4 lib64kfontinst4 lib64kfontinstui4 lib64kgetcore4 lib64kggzgames4 lib64kggzmod4 lib64kggznet4 lib64kgroupwarebase4 lib64kgroupwaredav4 lib64kholidays4 lib64khotkeysprivate4 lib64khtml5 lib64kimap4 lib64kimproxy4 lib64kio5 lib64kipi7 lib64kiten4 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kldap4 lib64kleo4 lib64klinkstatuscommon4 lib64kmahjongglib4 lib64kmailprivate4 lib64kmediaplayer4 lib64kmime4 lib64knewstuff2_4 lib64knewstuff34 lib64knodecommon4 lib64knoteskolab4 lib64knotifyconfig4 lib64kntlm4 lib64kolfprivate4 lib64kolourpaint_lgpl4 lib64kommandercore4 lib64kommanderwidgets4 lib64komparedialogpages4 lib64komparediff24 lib64kompareinterface4 lib64konq5 lib64konqsidebarplugin4 lib64konquerorprivate4 lib64kontactinterface4 lib64kontactprivate4 lib64kopete4 lib64kopeteaddaccountwizard1 lib64kopetechatwindow_shared1 lib64kopetecontactlist1 lib64kopeteidentity1 lib64kopete_oscar4 lib64kopete_otr_shared1 lib64kopeteprivacy1 lib64kopetestatusmenu1 lib64kopete_videodevice4 lib64korganizer_calendar4 lib64korganizer_core4 lib64korganizer_eventviewer4 lib64korganizer_interfaces4 lib64korganizerprivate4 lib64korg_stdprinting4 lib64kparts4 lib64kpgp4 lib64kpimidentities4 lib64kpimtextedit4 lib64kpimutils4 lib64kpty4 lib64krdccore1 lib64kresources4 lib64krfbprivate4 lib64krosscore4 lib64krossui4 lib64ksane0 lib64kscreensaver5 lib64ksgrd4 lib64ksieve4 lib64ksignalplotter4 lib64kslox4 lib64ktexteditor4 lib64ktexteditor_codesnippets_core0 lib64ktnef4 lib64ktrace4 lib64kttsd4 lib64kunitconversion4 lib64kunittest4 lib64kupnp4 lib64kutils4 lib64kwalletbackend4 lib64kwineffects1 lib64kwinnvidiahack4 lib64kworkspace4 lib64kxmlrpcclient4 lib64kyahoo1 lib64lancelot1 lib64lsofui4 lib64maildir4 lib64mailtransport4 lib64marblewidget4 lib64mbox4 lib64messagecore4 lib64messagelist4 lib64messageviewer0 lib64microblog4 lib64mimelib4 lib64molletnetwork4 lib64nepomuk4 lib64nepomukquery4 lib64oktetacore4 lib64oktetagui4 lib64oktetakastencontrollers4 lib64oktetakastencore4 lib64oktetakastengui4 lib64okularcore1 lib64oscar1 lib64pala0 lib64plasma3 lib64plasma_applet_system_monitor4 lib64plasmaclock4 lib64plasmacomicprovidercore1 lib64plasmagenericshell4 lib64plasma-geolocation-interface4 lib64plasmapotdprovidercore1 lib64plasmaweather4 lib64polkitkdeprivate4 lib64processcore4 lib64processui4 lib64qassistant4 lib64qgpgme1 lib64qt3support4 lib64qt4-devel lib64qtclucene4 lib64qtcore4 lib64qtdbus4 lib64qtdesigner4 lib64qtgui4 lib64qthelp4 lib64qtmultimedia4 lib64qtnetwork4 lib64qtopengl4 lib64qtruby4shared2 lib64qtscript4 lib64qtscripttools4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtwebkit4 lib64qtxml4 lib64qtxmlpatterns4 lib64qyotoshared1 lib64rtm4 lib64SatLib4 lib64science4 lib64smokeakonadi3 lib64smokeattica3 lib64smokekdecore3 lib64smokekdeui3 lib64smokekfile3 lib64smokekhtml3 lib64smokekio3 lib64smokeknewstuff2_3 lib64smokeknewstuff3_3 lib64smokekparts3 lib64smokekutils3 lib64smokenepomuk3 lib64smokenepomukquery3 lib64smokeokular3 lib64smokephonon3 lib64smokeplasma3 lib64smokeqimageblitz3 lib64smokeqsci3 lib64smokeqt3 lib64smokeqtcore3 lib64smokeqtdbus3 lib64smokeqtgui3 lib64smokeqtmultimedia3 lib64smokeqtnetwork3 lib64smokeqtopengl3 lib64smokeqtscript3 lib64smokeqtsql3 lib64smokeqtsvg3 lib64smokeqttest3 lib64smokeqtuitools3 lib64smokeqtwebkit3 lib64smokeqtxml3 lib64smokeqtxmlpatterns3 lib64smokesolid3 lib64smokesoprano3 lib64smokesopranoclient3 lib64smokesopranoserver3 lib64smoketexteditor3 lib64solid4 lib64solidcontrol4 lib64solidcontrolifaces4 lib64superkaramba4 lib64syndication4 lib64systemsettingsview1 lib64taskmanager4 lib64threadweaver4 lib64weather_ion4 libkdcraw-common lokalize lskat marble marble-common mplayerthumbs okteta okular oxygen-icon-theme palapeli parley phonon-xine-kcm php-qt4 plasma-applet-battery plasma-applet-bball plasma-applet-binaryclock plasma-applet-blackboard plasma-applet-bubblemon plasma-applet-calculator plasma-applet-calendar plasma-applet-charselect plasma-applet-comic plasma-applet-dict plasma-applet-didyouknow plasma-applet-eyes plasma-applet-fifteenpuzzle plasma-applet-filewatcher plasma-applet-folderview plasma-applet-frame plasma-applet-fuzzy-clock plasma-applet-incomingmsg plasma-applet-kimpanel plasma-applet-kimpanel-backend-scim plasma-applet-knowledgebase plasma-applet-kolourpicker plasma-applet-konqprofiles plasma-applet-konsoleprofiles plasma-applet-kworldclock plasma-applet-lancelot plasma-applet-leavenote plasma-applet-life plasma-applet-luna plasma-applet-magnifique plasma-applet-mediaplayer plasma-applet-microblog plasma-applet-news plasma-applet-notes plasma-applet-nowplaying plasma-applet-opendesktop plasma-applet-paste plasma-applet-pastebin plasma-applet-plasmaboard plasma-applet-previewer plasma-applet-qalculate plasma-applet-quicklaunch plasma-applet-rssnow plasma-applet-rtm plasma-applet-showdashboard plasma-applet-showdesktop plasma-applet-spellcheck plasma-applet-systemloadviewer plasma-applet-system-monitor-cpu plasma-applet-system-monitor-hdd plasma-applet-system-monitor-hwinfo plasma-applet-system-monitor-net plasma-applet-system-monitor-temperature plasma-applet-timer plasma-applet-unitconverter plasma-applet-weather plasma-applet-weatherstation plasma-applet-webbrowser plasma-applet-webslice plasma-dataengine-comic plasma-dataengine-microblog plasma-dataengine-ocs plasma-dataengine-pastebin plasma-dataengine-potd plasma-dataengine-rtm plasma-desktoptheme-aya plasma-desktoptheme-clean-blend plasma-desktoptheme-default plasma-desktoptheme-elegance plasma-desktoptheme-heron plasma-desktoptheme-silicon plasma-desktoptheme-slim-glow plasma-engine-kalzium plasma-krunner-powerdevil plasma-runner-audioplayercontrol plasma-runner-browserhistory plasma-runner-contacts plasma-runner-converter plasma-runner-katesessions plasma-runner-konquerorsessions plasma-runner-konsolesessions plasma-runner-kopete plasma-runner-mediawiki plasma-runner-places plasma-runner-spellchecker plasma-wallpaper-mandelbrot plasma-wallpaper-marble plasma-wallpaper-pattern plasma-wallpaper-virus plasma-wallpaper-weather policykit-kde python-kde4 python-kde4-doc qt4-accessibility-plugin qt4-assistant qt4-common qt4-database-plugin-mysql qt4-database-plugin-odbc qt4-database-plugin-pgsql qt4-database-plugin-sqlite qt4-database-plugin-tds qt4-designer qt4-designer-plugin-phonon qt4-designer-plugin-qt3support qt4-designer-plugin-webkit qt4-doc qt4-examples qt4-graphicssystems-plugin qt4-linguist qt4-qdoc3 qt4-qtconfig qt4-qtdbus qt4-qvfb qt4-xmlpatterns qyoto qyoto-devel rocs ruby-kde4 ruby-kde4-devel ruby-qt4 ruby-qt4-devel smoke4-devel step superkaramba sweeper system-config-printer-kde umbrello Update: Thu Apr 14 21:04:20 2011 Importance: bugfix ID: MDVA-2011:014 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:014 %pre In mdv 2010.1 we provided kde 4.4.3 ,this update provides kde 4.4.5 and Qt 4.6.3, which fixed several bugs in kde/qt. %description Software Development Kit for the K Desktop Environment. %package kdelibs4-core kdelibs4-devel lib64kde3support4 lib64kdecore5 lib64kdefakes5 lib64kdesu5 lib64kdeui5 lib64kdewebkit5 lib64kdnssd4 lib64kfile4 lib64khtml5 lib64kimproxy4 lib64kio5 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kmediaplayer4 lib64knewstuff2_4 lib64knewstuff34 lib64knotifyconfig4 lib64kntlm4 lib64kparts4 lib64kpty4 lib64krosscore4 lib64krossui4 lib64ktexteditor4 lib64kunitconversion4 lib64kunittest4 lib64kutils4 lib64nepomuk4 lib64nepomukquery4 lib64plasma3 lib64solid4 lib64threadweaver4 Update: Wed Apr 20 15:28:42 2011 Importance: security ID: MDVSA-2011:075 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:075 %pre A vulnerability has been found and corrected in kdelibs4: Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError function in khtml/khtml_part.cpp in Konqueror in KDE SC 4.4.0 through 4.6.1 allows remote attackers to inject arbitrary web script or HTML via the URI in a URL corresponding to an unavailable web site (CVE-2011-1168). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Libraries for the K Desktop Environment. %package xrdb Update: Thu Apr 21 14:12:24 2011 Importance: security ID: MDVSA-2011:076 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:076 %pre A vulnerability has been found and corrected in xrdb: xrdb.c in xrdb before 1.0.9 in X.Org X11R7.6 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a hostname obtained from a (1) DHCP or (2) XDMCP message (CVE-2011-0465). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Xrdb is used to get or set the contents of the RESOURCE_MANAGER property on the root window of screen 0, or the SCREEN_RESOURCES property on the root window of any or all screens, or everything combined. %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Fri Apr 22 08:36:47 2011 Importance: security ID: MDVSA-2011:077 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:077 %pre A vulnerability has been found and corrected in krb5: The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in MIT Kerberos 5 (aka krb5) 1.7 through 1.9 frees an invalid pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted request that triggers an error condition (CVE-2011-0285). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Sat Apr 23 10:29:05 2011 Importance: security ID: MDVSA-2011:078 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:078 %pre A vulnerability has been found and corrected in libtiff: The libtiff OJPEG decoder contains a heap buffer overflow when decoding certain malformed data (CVE-2009-5022). The updated packages have been patched to correct this issue. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package perl-URPM Update: Tue Apr 26 23:27:13 2011 Importance: bugfix ID: MDVA-2011:018 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:018 %pre This advisory updates perl-URPM package to a version compatible with disttag and rpm5 features. This update is mandatory to be able to update to Mandriva 2011 version via online update. %description The URPM module allows you to manipulate rpm files, rpm header files and hdlist files and manage them in memory. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lemon lib64gjs0 lib64gjs-devel lib64sqlite3_0 lib64sqlite3-devel lib64sqlite3-static-devel lib64xulrunner1.9.2.17 lib64xulrunner-devel mozilla-thunderbird-beagle sqlite3-tools xulrunner yelp Update: Sat Apr 30 11:31:11 2011 Importance: security ID: MDVSA-2011:079 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:079 %pre Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system (CVE-2011-1202). Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed (CVE-2011-0071). David Remahl of Apple Product Security reported that the Java Embedding Plugin (JEP) shipped with the Mac OS X versions of Firefox could be exploited to obtain elevated access to resources on a user's system (CVE-2011-0076). Security researcher Paul Stone reported that a Java applet could be used to mimic interaction with form autocomplete controls and steal entries from the form history (CVE-2011-0067). Security researcher regenrecht reported several dangling pointer vulnerabilities via TippingPoint's Zero Day Initiative (CVE-2011-0065, CVE-2011-0066, CVE-2011-0073). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072). Additionally the sqlite3 packages were upgraded to the 3.7.6.2 version. A new package that provides /usr/bin/lemon was added. The lemon software was previousely provided with sqlite3 and is used in some cases when building php. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox-ext-beagle mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Sun May 01 10:28:04 2011 Importance: security ID: MDVSA-2011:080 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:080 %pre Security issues were identified and fixed in mozilla-thunderbird: Security researcher Soroush Dalili reported that the resource: protocol could be exploited to allow directory traversal on Windows and the potential loading of resources from non-permitted locations. The impact would depend on whether interesting files existed in predictable locations in a useful format. For example, the existence or non-existence of particular images might indicate whether certain software was installed (CVE-2011-0071). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072). The mozilla-thunderbird-lightning package shipped with MDVSA-2011:042 had a packaging bug that prevented extension to be loaded (#59951). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package kde4-filesharing kdenetwork4 kdenetwork4-core kdenetwork4-devel kdenetwork4-kopete-latex kdnssd kget kopete kppp kppp-provider krdc krfb lib64kgetcore4 lib64kopete4 lib64kopeteaddaccountwizard1 lib64kopetechatwindow_shared1 lib64kopetecontactlist1 lib64kopeteidentity1 lib64kopete_oscar4 lib64kopete_otr_shared1 lib64kopeteprivacy1 lib64kopetestatusmenu1 lib64kopete_videodevice4 lib64krdccore1 lib64krfbprivate4 lib64kyahoo1 lib64oscar1 Update: Mon May 02 12:05:02 2011 Importance: security ID: MDVSA-2011:081 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:081 %pre A vulnerability has been found and corrected in kdenetwork4: Directory traversal vulnerability in the KGetMetalink::File::isValidNameAttr function in ui/metalinkcreator/metalinker.cpp in KGet in KDE SC 4.6.2 and earlier allows remote attackers to create arbitrary files via a .. (dot dot) in the name attribute of a file element in a metalink file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1000 (CVE-2011-1586). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Networking applications for the K Desktop Environment. - kdict: graphical client for the DICT protocol. - kit: AOL instant messenger client, using the TOC protocol - kpf: public fileserver applet - krfb: Desktop Sharing server, allow others to access your desktop via VNC - krdc: a client for Desktop Sharing and other VNC servers %package python-feedparser Update: Mon May 02 13:20:08 2011 Importance: security ID: MDVSA-2011:082 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:082 %pre Multiple vulnerabilities has been found and corrected in python-feedparser: Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0 allows remote attackers to inject arbitrary web script or HTML via vectors involving nested CDATA stanzas (CVE-2009-5065). feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) before 5.0.1 allows remote attackers to cause a denial of service (application crash) via a malformed DOCTYPE declaration (CVE-2011-1156). Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via malformed XML comments (CVE-2011-1157). Cross-site scripting (XSS) vulnerability in feedparser.py in Universal Feed Parser (aka feedparser or python-feedparser) 5.x before 5.0.1 allows remote attackers to inject arbitrary web script or HTML via an unexpected URI scheme, as demonstrated by a javascript: URI (CVE-2011-1158). The updated packages have been patched to correct these issues. %description Feedparser is the "Universal Feed Parser" library for python, which handles RSS 0.9x, RSS 1.0, RSS 2.0, CDF, Atom 0.3, and Atom 1.0 feeds %package tcl-sqlite3 Update: Sun May 08 08:05:14 2011 Importance: bugfix ID: MDVA-2011:019 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:019 %pre The TCL extension for sqlite3 was not provided with the the MDVSA-2011:079 advisory. This advisory addresses the problem and provides the missing packages. %description SQLite is a C library that implements an embeddable SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. The distribution comes with a standalone command-line access program (sqlite) that can be used to administer an SQLite database and which serves as an example of how to use the SQLite library. This package contains tcl binding for tcl-sqlite3. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Thu May 12 19:52:39 2011 Importance: security ID: MDVSA-2011:083 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:083 %pre This advisory updates wireshark to the latest version (1.2.16), fixing several security issues: The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1590). Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file (CVE-2011-1591). The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file (CVE-2011-1592). The updated packages have been upgraded to the latest 1.2.x version (1.2.16) which is not vulnerable to these issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64apr1 lib64apr-devel Update: Fri May 13 13:24:08 2011 Importance: security ID: MDVSA-2011:084 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:084 %pre It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching (CVE-2011-0419). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. %package lib64modplug0 lib64modplug-devel Update: Fri May 13 18:53:13 2011 Importance: security ID: MDVSA-2011:085 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:085 %pre A vulnerability has been found and corrected in libmodplug: Stack-based buffer overflow in the ReadS3M method in load_s3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file (CVE-2011-1574). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Olivier Lapicque, author of Modplug, which is arguably the best quality MOD-playing software available, has placed his sound rendering code in the public domain. This library and plugin is based on that code. It can play 22 different mod formats, including: MOD, S3M, XM, IT, 669, AMF (both of them), AMS, DBM, DMF, DSM, FAR, MDL, MED, MTM, OKT, PTM, STM, ULT, UMX, MT2, PSM %package lib64polkit1_0 lib64polkit1-devel polkit Update: Mon May 16 06:33:27 2011 Importance: security ID: MDVSA-2011:086 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:086 %pre A vulnerability has been found and corrected in polkit: A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec (CVE-2011-1485). The updated packages have been patched to correct this issue. %description PolicyKit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes. %package ffmpeg lib64avformats52 lib64avutil50 lib64ffmpeg52 lib64ffmpeg-devel lib64ffmpeg-static-devel lib64postproc51 lib64swscaler0 Update: Mon May 16 09:34:55 2011 Importance: bugfix ID: MDVA-2011:020 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:020 %pre ffmpeg as shipped in Mandriva 2010.2 was built without PNG support. This update enables PNG in ffmpeg's libavcodec library. %description ffmpeg is a hyper fast realtime audio/video encoder, a streaming server and a generic audio and video file converter. It can grab from a standard Video4Linux video source and convert it into several file formats based on DCT/motion compensation encoding. Sound is compressed in MPEG audio layer 2 or using an AC3 compatible stream. %package vino Update: Mon May 16 11:46:47 2011 Importance: security ID: MDVSA-2011:087 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:087 %pre Multile vulnerabilities has been found and corrected in vino: The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via a large (1) X position or (2) Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions (CVE-2011-0904). The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service (daemon crash) via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation (CVE-2011-0905). The updated packages have been upgraded to 2.28.3 which is not vulnerable to these isssues. %description The package contains an integrated GNOME VNC server. %package mencoder mplayer mplayer-doc mplayer-gui Update: Mon May 16 15:47:47 2011 Importance: security ID: MDVSA-2011:089 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:089 %pre Multiple vulnerabilities have been identified and fixed in mplayer: FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636) flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429) libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704) Fix heap corruption crashes (CVE-2011-0722) Fix invalid reads in VC-1 decoding (CVE-2011-0723) And several additional vulnerabilites originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/codecs/ %package lib64postfix1 postfix postfix-cdb postfix-ldap postfix-mysql postfix-pcre postfix-pgsql Update: Tue May 17 08:27:28 2011 Importance: security ID: MDVSA-2011:090 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:090 %pre A vulnerability has been found and corrected in postfix: The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service (heap memory corruption and daemon crash) or possibly execute arbitrary code via an invalid AUTH command with one method followed by an AUTH command with a different method (CVE-2011-1720). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS and running in a chroot environment. Postfix is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different. This software was formerly known as VMailer. It was released by the end of 1998 as the IBM Secure Mailer. From then on it has lived on as Postfix. PLEASE READ THE /usr/share/doc/postfix/README.MDK FILE. This rpm supports different build time options, to enable or disable these features you must rebuild the source rpm using the --with ... or --without ... rpm option. Currently postfix has been built with: Smtpd multiline greeting: --without multiline Virtual Delivery Agent: --without VDA Munge bare CR: --without barecr TLS support: --with tls IPV6 support: --with ipv6 CDB support: --with cdb Chroot by default: --with chroot %package perl perl-base perl-devel perl-doc perl-suid Update: Wed May 18 10:53:21 2011 Importance: security ID: MDVSA-2011:091 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:091 %pre A vulnerability has been found and corrected in perl: The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string (CVE-2011-1487). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. You need perl-base to have a full perl. %package perl-IO-Socket-SSL Update: Wed May 18 13:40:34 2011 Importance: security ID: MDVSA-2011:092 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:092 %pre A vulnerability has been found and corrected in perl-IO-Socket-SSL: IO::Socket::SSL Perl module 1.35, when verify_mode is not VERIFY_NONE, fails open to VERIFY_NONE instead of throwing an error when a ca_file/ca_path cannot be verified, which allows remote attackers to bypass intended certificate restrictions (CVE-2010-4334). The updated packages have been patched to correct this issue. %description IO::Socket::SSL is a class implementing an object oriented interface to SSL sockets. The class is a descendent of IO::Socket::INET and provides a subset of the base class's interface methods. %package pure-ftpd pure-ftpd-anon-upload pure-ftpd-anonymous Update: Thu May 19 15:52:23 2011 Importance: security ID: MDVSA-2011:094 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:094 %pre A denial-of-service (DoS) attack related to glob brace expansion was discovered and fixed in pure-ftpd (CVE-2011-0418). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the latest 1.0.32 version which is not vulnerable to this issue. %description Pure-FTPd is a fast, production-quality, standard-comformant FTP server, based upon Troll-FTPd. Unlike other popular FTP servers, it has no known security flaw, it is really trivial to set up and it is especially designed for modern Linux and FreeBSD kernels (setfsuid, sendfile, capabilities) . Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in LS, anti-warez system, bandwidth throttling, FXP, bounded ports for passive downloads, UL/DL ratios, native LDAP and SQL support, Apache log files and more. %package lib64apr1 lib64apr-devel Update: Fri May 20 12:14:12 2011 Importance: security ID: MDVSA-2011:095 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:095 %pre It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service (DoS) attack in APR (CVE-2011-1928). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Sun May 22 13:19:36 2011 Importance: security ID: MDVSA-2011:096 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:096 %pre Multiple vulnerabilities have been identified and fixed in python: The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI (CVE-2011-1015). A flaw was found in the Python urllib and urllib2 libraries where they would not differentiate between different target URLs when handling automatic redirects. This caused Python applications using these modules to follow any new URL that they understood, including the file:// URL type. This could allow a remote server to force a local Python application to read a local file instead of the remote one, possibly exposing local files that were not meant to be exposed (CVE-2011-1521). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package ruby ruby-devel ruby-doc ruby-tk Update: Mon May 23 12:44:49 2011 Importance: security ID: MDVSA-2011:097 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:097 %pre Multiple vulnerabilities have been identified and fixed in ruby: Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page (CVE-2010-0541). The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack (CVE-2011-1004). The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname (CVE-2011-1005). The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue. (CVE-2011-0188). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package lib64zip1 lib64zip-devel libzip Update: Tue May 24 08:26:24 2011 Importance: security ID: MDVSA-2011:099 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:099 %pre A vulnerability has been identified and fixed in libzip: The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argument, which might allow context-dependent attackers to cause a denial of service (application crash) via an empty ZIP archive that is processed with a (1) locateName or (2) statName operation (CVE-2011-0421). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Update: Tue May 24 11:38:43 2011 Importance: security ID: MDVSA-2011:100 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:100 %pre A vulnerability has been identified and fixed in cyrus-imapd: The STARTTLS implementation in Cyrus IMAP Server before 2.4.7 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted sessions by sending a cleartext command that is processed after TLS is in place, related to a plaintext command injection attack, a similar issue to CVE-2011-0411 (CVE-2011-1926). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package dovecot dovecot-devel dovecot-plugins-gssapi dovecot-plugins-ldap dovecot-plugins-managesieve dovecot-plugins-mysql dovecot-plugins-pgsql dovecot-plugins-sieve dovecot-plugins-sqlite Update: Thu May 26 08:12:37 2011 Importance: security ID: MDVSA-2011:101 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:101 %pre A vulnerability has been identified and fixed in dovecot: lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' (NUL) characters in header names, which allows remote attackers to cause a denial of service (daemon crash or mailbox corruption) via a crafted e-mail message (CVE-2011-1929). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490 The updated packages have been patched to correct this issue. %description Dovecot is an IMAP and POP3 server for Linux/UNIX-like systems, written with security primarily in mind. Although it's written with C, it uses several coding techniques to avoid most of the common pitfalls. Dovecot can work with standard mbox and maildir formats and it's fully compatible with UW-IMAP and Courier IMAP servers as well as mail clients accessing the mailboxes directly. You can build dovecot with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] gssapi GSSAPI support (enabled) --with[out] ldap LDAP support (enabled) --with[out] lucene Lucene support (enabled) --with[out] mysql MySQL support (enabled) --with[out] pgsql PostgreSQL support (enabled) --with[out] sqlite SQLite support (enabled) --with[out] sieve CMU Sieve support (enabled) --with[out] managesieve MmanageSieve support (enabled) %package rdesktop Update: Sat May 28 14:07:36 2011 Importance: security ID: MDVSA-2011:102 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:102 %pre A vulnerability has been identified and fixed in rdesktop: Directory traversal vulnerability in the disk_create function in disk.c in rdesktop before 1.7.0, when disk redirection is enabled, allows remote RDP servers to read or overwrite arbitrary files via a .. (dot dot) in a pathname (CVE-2011-1595). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490 The updated packages have been patched to correct this issue. %description rdesktop is an open source client for Windows NT Terminal Server and Windows 2000 Terminal Services, capable of natively speaking Remote Desktop Protocol (RDP) in order to present the user's NT desktop. Unlike Citrix ICA, no server extensions are required. rdesktop currently runs on most UNIX based platforms with the X Window System, and other ports should be fairly straightforward. rdesktop is used through rfbdrake. %package gimp gimp-python lib64gimp2.0_0 lib64gimp2.0-devel Update: Sun May 29 15:15:10 2011 Importance: security ID: MDVSA-2011:103 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:103 %pre Multiple vulnerabilities was discovered and fixed in gimp: Stack-based buffer overflow in the "LIGHTING EFFECTS > LIGHT" plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself (CVE-2010-4540). Stack-based buffer overflow in the SPHERE DESIGNER plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Number of lights field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself (CVE-2010-4541). Stack-based buffer overflow in the GFIG plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long Foreground field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file from an untrusted source that is separate from the distribution of the plugin itself (CVE-2010-4542). Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PSP) plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a PSP_COMP_RLE (aka RLE compression) image file that begins a long run count at the end of the image (CVE-2010-4543, CVE-2011-1782). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490 The updated packages have been patched to correct these issues. %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with lzw Enable LZW compression in GIF (default disabled) %package bind bind-devel bind-doc bind-utils Update: Wed Jun 01 10:56:02 2011 Importance: security ID: MDVSA-2011:104 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:104 %pre A vulnerability has been identified and fixed in ISC BIND: Off-by-one error in named in ISC BIND 9.x before 9.7.3-P1, 9.8.x before 9.8.0-P2, 9.4-ESV before 9.4-ESV-R4-P1, and 9.6-ESV before 9.6-ESV-R4-P1 allows remote DNS servers to cause a denial of service (assertion failure and daemon exit) via a negative response containing large RRSIG RRsets (CVE-2011-1910). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php\?cPath=149\&products_id=490 The updated packages have been patched to correct this issue. For 2010.2 ISC BIND was upgraded to 9.7.3-P1 which is not vulnerable to this issue. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Wed Jun 01 12:12:42 2011 Importance: security ID: MDVSA-2011:105 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:105 %pre This advisory updates wireshark to the latest version (1.2.17), fixing several security issues: * Large/infinite loop in the DICOM dissector. (Bug 5876) Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. * Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Diameter dictionary file could crash Wireshark. Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. * Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted snoop file could crash Wireshark. (Bug 5912) Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. * David Maciejak of Fortinet's FortiGuard Labs discovered that malformed compressed capture data could crash Wireshark. (Bug 5908) Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. * Huzaifa Sidhpurwala of the Red Hat Security Response Team discovered that a corrupted Visual Networks file could crash Wireshark. (Bug 5934) Versions affected: 1.2.0 to 1.2.16 and 1.4.0 to 1.4.6. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package apache-mod_dav_svn apache-mod_dontdothat lib64svn0 lib64svn-gnome-keyring0 lib64svnjavahl1 lib64svn-kwallet0 perl-SVN python-svn ruby-svn subversion subversion-devel subversion-doc subversion-server subversion-tools svn-javahl Update: Sat Jun 04 07:52:54 2011 Importance: security ID: MDVSA-2011:106 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:106 %pre Multiple vulnerabilities were discovered and corrected in subversion: The mod_dav_svn Apache HTTPD server module will dereference a NULL pointer if asked to deliver baselined WebDAV resources which can lead to a DoS (Denial Of Service) (CVE-2011-1752). The mod_dav_svn Apache HTTPD server module may in certain cenarios enter a logic loop which does not exit and which allocates emory in each iteration, ultimately exhausting all the available emory on the server which can lead to a DoS (Denial Of Service) (CVE-2011-1783). The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users (CVE-2011-1921). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 1.6.17 version which is not vulnerable to these issues. %description Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package fetchmail fetchmailconf fetchmail-daemon Update: Tue Jun 07 10:16:39 2011 Importance: security ID: MDVSA-2011:107 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:107 %pre Multiple vulnerabilities were discovered and corrected in fetchmail: fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted (1) message header or (2) POP3 UIDL list (CVE-2010-1167). NOTE: This vulnerability did not affect Mandriva Linux 2010.2. fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a (1) STARTTLS or (2) STLS request, which allows remote servers to cause a denial of service (application hang) by acknowledging the request but not sending additional packets (CVE-2011-1947). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 6.3.20 version which is not vulnerable to these issues. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package xerces-j2 xerces-j2-demo xerces-j2-javadoc-apis xerces-j2-javadoc-impl xerces-j2-javadoc-other xerces-j2-javadoc-xni xerces-j2-scripts Update: Mon Jun 13 13:44:39 2011 Importance: security ID: MDVSA-2011:108 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:108 %pre A vulnerability was discovered and corrected in xerces-j2: Apache Xerces2 Java, as used in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service (infinite loop and application hang) via malformed XML input, as demonstrated by the Codenomicon XML fuzzing framework (CVE-2009-2625). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Welcome to the future! Xerces2 is the next generation of high performance, fully compliant XML parsers in the Apache Xerces family. This new version of Xerces introduces the Xerces Native Interface (XNI), a complete framework for building parser components and configurations that is extremely modular and easy to program. The Apache Xerces2 parser is the reference implementation of XNI but other parser components, configurations, and parsers can be written using the Xerces Native Interface. For complete design and implementation documents, refer to the XNI Manual. Xerces 2 is a fully conforming XML Schema processor. For more information, refer to the XML Schema page. Xerces 2 also provides a partial implementation of Document Object Model Level 3 Core, Load and Save and Abstract Schemas [deprecated] Working Drafts. For more information, refer to the DOM Level 3 Implementation page. %package webmin Update: Mon Jun 13 15:41:29 2011 Importance: security ID: MDVSA-2011:109 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:109 %pre A vulnerability was discovered and corrected in webmin: Cross-site scripting (XSS) vulnerability in Webmin 1.540 and earlier allows local users to inject arbitrary web script or HTML via a chfn command that changes the real (aka Full Name) field, related to useradmin/index.cgi and useradmin/user-lib.pl (CVE-2011-1937). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to the 1.550 version which is not vulnerable to this issue. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.18 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner yelp Update: Wed Jun 22 10:12:08 2011 Importance: security ID: MDVSA-2011:111 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:111 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the element-modifying code could wind up accessing deleted memory and potentially executing attacker-controlled memory. regenrecht also reported via TippingPoint's Zero Day Initiative that a XUL document could force the nsXULCommandDispatcher to remove all command updaters from the queue, including the one currently in use. This could result in the execution of deleted memory which an attacker could use to run arbitrary code on a victim's computer (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363). Mozilla security researcher David Chan reported that cookies set for example.com. (note the trailing dot) and example.com were treated as interchangeable. This is a violation of same-origin conventions and could potentially lead to leakage of cookie data to the wrong party (CVE-2011-2362). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376). Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano Security reported that when a JavaScript Array object had its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method was subsequently called could result in the execution of attacker controlled memory due to an invalid index value being used to access element properties (CVE-2011-2371). Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2011-2373). Security researcher Jordi Chancel reported a crash on multipart/x-mixed-replace images due to memory corruption (CVE-2011-2377). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.18 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner yelp Update: Wed Jun 22 13:26:14 2011 Importance: security ID: MDVSA-2011:111 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:111 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Security researcher regenrecht reported via TippingPoint's Zero Day Initiative two instances of code which modifies SVG element lists failed to account for changes made to the list by user-supplied callbacks before accessing list elements. If a user-supplied callback deleted such an object, the element-modifying code could wind up accessing deleted memory and potentially executing attacker-controlled memory. regenrecht also reported via TippingPoint's Zero Day Initiative that a XUL document could force the nsXULCommandDispatcher to remove all command updaters from the queue, including the one currently in use. This could result in the execution of deleted memory which an attacker could use to run arbitrary code on a victim's computer (CVE-2011-0083, CVE-2011-0085, CVE-2011-2363). Mozilla security researcher David Chan reported that cookies set for example.com. (note the trailing dot) and example.com were treated as interchangeable. This is a violation of same-origin conventions and could potentially lead to leakage of cookie data to the wrong party (CVE-2011-2362). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2375, CVE-2011-2376). Security researchers Chris Rohlf and Yan Ivnitskiy of Matasano Security reported that when a JavaScript Array object had its length set to an extremely large value, the iteration of array elements that occurs when its reduceRight method was subsequently called could result in the execution of attacker controlled memory due to an invalid index value being used to access element properties (CVE-2011-2371). Security researcher Martin Barbella reported that under certain conditions, viewing a XUL document while JavaScript was disabled caused deleted memory to be accessed. This flaw could potentially be used by an attacker to crash a victim's browser and run arbitrary code on their computer (CVE-2011-2373). Security researcher Jordi Chancel reported a crash on multipart/x-mixed-replace images due to memory corruption (CVE-2011-2377). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Mon Jul 18 15:56:24 2011 Importance: bugfix ID: MDVA-2011:025 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:025 %pre This is a maintenance and bugfix release that upgrades mysql to the latest 5.1 version which solves numerous upstream bugs. The updated packages have been upgraded to mysql 5.1.58. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package blender Update: Mon Jul 18 16:49:46 2011 Importance: security ID: MDVSA-2011:114 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:114 %pre Multiple vulnerabilities have been identified and fixed in blender: oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. (CVE-2009-4632) vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. (CVE-2009-4633) Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that (1) bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or (2) access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. (CVE-2009-4634) FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause (1) mov.c and (2) utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. (CVE-2009-4635) FFmpeg 0.5 allows remote attackers to cause a denial of service (hang) via a crafted file that triggers an infinite loop. (CVE-2009-4636) Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. (CVE-2009-4640) flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. (CVE-2010-3429) libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. (CVE-2010-4704) Fix heap corruption crashes (CVE-2011-0722) Fix invalid reads in VC-1 decoding (CVE-2011-0723) The updated packages have been patched to correct these issues. %description Blender is the in-house software of a high quality animation studio. It has proven to be an extremely fast and versatile design instrument. The software has a personal touch, offering a unique approach to the world of three dimensions. Blender can be used to create TV commercials, to make technical visualizations or business graphics, to do some morphing, or to design user interfaces. Developers can easily build and manage complex environments. The renderer is versatile and extremely fast. All basic animation principles (curves and keys) are implemented. Please note that the ability of Blender to export to h.264 and Xvid video formats, and MP3 audio format, has been disabled in this build due to patent issues. %package bind bind-devel bind-doc bind-utils Update: Wed Jul 20 13:17:11 2011 Importance: security ID: MDVSA-2011:115 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:115 %pre A vulnerability was discovered and corrected in bind: Unspecified vulnerability in ISC BIND 9 9.6.x before 9.6-ESV-R4-P3, 9.7.x before 9.7.3-P3, and 9.8.x before 9.8.0-P4 allows remote attackers to cause a denial of service (named daemon crash) via a crafted UPDATE request (CVE-2011-2464). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to bind 9.7.3-P3 which is not vulnerable to this issue. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package curl curl-examples lib64curl4 lib64curl-devel Update: Fri Jul 22 12:14:21 2011 Importance: security ID: MDVSA-2011:116 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:116 %pre A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests (CVE-2011-2192). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description curl is a client to get documents/files from servers, using any of the supported protocols. The command is designed to work without user interaction or any kind of interactivity. curl offers a busload of useful tricks like proxy support, user authentication, ftp upload, HTTP post, file transfer resume and more. This version is compiled with SSL (https) support. %package krb5-appl-clients krb5-appl-servers Update: Fri Jul 22 13:32:07 2011 Importance: security ID: MDVSA-2011:117 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:117 %pre A vulnerability was discovered and corrected in krb5-appl: ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and earlier does not check the krb5_setegid return value, which allows remote authenticated users to bypass intended group access restrictions, and create, overwrite, delete, or read files, via standard FTP commands, related to missing autoconf tests in a configure script (CVE-2011-1526). The updated packages have been patched to correct this issue. %description This package contains Kerberos-aware versions of the telnet, ftp, rcp, rsh, and rlogin clients and servers. While these have been replaced by tools such as OpenSSH in most environments, they remain in use in others. %package dumpcap lib64wireshark0 lib64wireshark-devel rawshark tshark wireshark wireshark-tools Update: Sun Jul 24 10:38:09 2011 Importance: security ID: MDVSA-2011:118 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:118 %pre This advisory updates wireshark to the latest version (1.2.18), fixing one security issue: The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets (CVE-2011-2597). %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64sndfile1 lib64sndfile-devel lib64sndfile-static-devel libsndfile-progs Update: Mon Jul 25 13:12:48 2011 Importance: security ID: MDVSA-2011:119 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:119 %pre A vulnerability was discovered and corrected in libsndfile: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the libsndfile library processed certain Ensoniq PARIS Audio Format (PAF) audio files. An attacker could create a specially-crafted PAF file that, when opened, could cause an application using libsndfile to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2011-2696). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description libsndfile is a C library for reading and writing sound files such as AIFF, AU and WAV files through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Tue Jul 26 13:33:03 2011 Importance: security ID: MDVSA-2011:120 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:120 %pre A vulnerability was discovered and corrected in freetype2: Integer signedness error in psaux/t1decode.c in FreeType before 2.4.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Type 1 font in a PDF document, as exploited in the wild in July 2011 (CVE-2011-0226). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Wed Jul 27 12:57:43 2011 Importance: security ID: MDVSA-2011:121 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:121 %pre Multiple vulnerabilities has been discovered and corrected in samba: All current released versions of Samba are vulnerable to a cross-site request forgery in the Samba Web Administration Tool (SWAT). By tricking a user who is authenticated with SWAT into clicking a manipulated URL on a different web page, it is possible to manipulate SWAT (CVE-2011-2522). All current released versions of Samba are vulnerable to a cross-site scripting issue in the Samba Web Administration Tool (SWAT). On the Change Password field, it is possible to insert arbitrary content into the user field (CVE-2011-2694). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package bind bind-devel bind-doc bind-utils Update: Sat Aug 06 11:03:28 2011 Importance: bugfix ID: MDVA-2011:027 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:027 %pre This is maintenance release that upgrades ISC BIND to the 9.7.4 version that addresses a lot of upstream bugs and fixes. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package hplip hplip-doc hplip-gui hplip-hpijs hplip-hpijs-ppds hplip-model-data lib64hpip0 lib64hpip0-devel lib64sane-hpaio1 Update: Fri Aug 12 09:13:21 2011 Importance: bugfix ID: MDVA-2011:029 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:029 %pre This package updates hplip to the latest version, bringing a lot of bugfixes. %description This is the HP driver package to supply Linux support for most Hewlett-Packard DeskJet, LaserJet, PSC, OfficeJet, and PhotoSmart printers and all-in-one peripherals (also known as Multi-Function Peripherals or MFPs), which can print, scan, copy, fax, and/or access flash memory cards. It is work in progress, but printing, scanning, memory card access, ink/toner/battery/consumable level checking, and inkjet printer maintenance are supported on most models, when either connected to the USB or LAN (built-in interfaces or selected HP JetDirect models) on a Linux workstation with CUPS printing system. For status and consumable checking and also for inkjet maintenance there is the graphical tool "hp-toolbox" available (Menu: "System"/"Monitoring"/"HP Printer Toolbox"). %package foomatic-filters Update: Sun Aug 14 14:14:33 2011 Importance: security ID: MDVSA-2011:125 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:125 %pre A vulnerability has been discovered and corrected in foomatic-filters: foomatic-rip allows remote attackers to execute arbitrary code via a crafted *FoomaticRIPCommandLine field in a .ppd file (CVE-2011-2697, CVE-2011-2964). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Foomatic is a comprehensive, spooler-independent database of printers, printer drivers, and driver descriptions. It contains utilities to generate PPD (Postscript Printer Description) files and printer queues for CUPS, LPD, GNUlpr, LPRng, PPR, and PDQ using the database. There is also the possibility to read the PJL options out of PJL-capable laser printers and take them into account at the driver description file generation. There are spooler-independent command line interfaces to manipulate queues (foomatic-configure) and to print files/manipulate jobs (foomatic printjob). This package contains the filters needed to run print queues based on Foomatic PPD files. %package icedtea-web java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-src lib64xrender1 lib64xrender-devel lib64xrender-static-devel Update: Mon Aug 15 15:34:42 2011 Importance: security ID: MDVSA-2011:126 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:126 %pre Multiple vulnerabilities were discovered and corrected in java-1.6.0-openjdk: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect integrity via unknown vectors related to Deserialization (CVE-2011-0865). Multiple unspecified vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (CVE-2011-0862). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking (CVE-2011-0867). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ (CVE-2011-0869). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D (CVE-2011-0868). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot (CVE-2011-0864). Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, 5.0 Update 29 and earlier, and 1.4.2_31 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Swing (CVE-2011-0871). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been upgraded to versions which is not vulnerable to these issues. %description X Render Library %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.20 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner yelp Update: Wed Aug 17 14:58:38 2011 Importance: security ID: MDVSA-2011:127 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:127 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers and community members identified and fixed several memory safety bugs in the browser engine used in Firefox 3.6 and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2011-2982). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that a SVG text manipulation routine contained a dangling pointer vulnerability (CVE-2011-0084). Mozilla security researcher moz_bug_r_a_4 reported a vulnerability in event management code that would permit JavaScript to be run in the wrong context, including that of a different website or potentially in a chrome-privileged context (CVE-2011-2981). Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that appendChild did not correctly account for DOM objects it operated upon and could be exploited to dereference an invalid pointer (CVE-2011-2378). Mozilla security researcher moz_bug_r_a4 reported that web content could receive chrome privileges if it registered for drop events and a browser tab element was dropped into the content area (CVE-2011-2984). Security researcher Mitja Kolsek of Acros Security reported that ThinkPadSensor::Startup could potentially be exploited to load a malicious DLL into the running process (CVE-2011-2980). Security researcher shutdown reported that data from other domains could be read when RegExp.input was set (CVE-2011-2983). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Thu Aug 18 12:41:25 2011 Importance: security ID: MDVSA-2011:128 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:128 %pre Multiple vulnerabilities has been discovered and corrected in dhcp: The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted DHCP packet (CVE-2011-2748). The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4.1-ESV-R3 allows remote attackers to cause a denial of service (daemon exit) via a crafted BOOTP packet (CVE-2011-2749). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.21 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Sat Sep 03 09:52:46 2011 Importance: security ID: MDVSA-2011:129 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:129 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Google Chrome user alibo encountered an active man in the middle (MITM) attack on secure SSL connections to Google servers. The fraudulent certificate was mis-issued by DigiNotar, a Dutch Certificate Authority. DigiNotar has reported evidence that other fraudulent certificates were issued and in active use but the full extent of the compromise is not known. For the protection of our users Mozilla has removed the DigiNotar root certificate. Sites using certificates issued by DigiNotar will need to seek another certificate vendor. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sun Sep 04 16:08:30 2011 Importance: security ID: MDVSA-2011:130 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:130 %pre Multiple vulnerabilities has been discovered and corrected in apache: The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service (memory and CPU consumption) via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different vulnerability than CVE-2007-0086 (CVE-2011-3192). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package lib64xml1 lib64xml1-devel lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Mon Sep 05 09:14:53 2011 Importance: security ID: MDVSA-2011:131 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:131 %pre Multiple vulnerabilities has been discovered and corrected in libxml/libxml2: Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions (CVE-2011-1944). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Tue Sep 06 12:37:11 2011 Importance: security ID: MDVSA-2011:132 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:132 %pre Multiple vulnerabilities has been identified and fixed in pidgin: It was found that the gdk-pixbuf GIF image loader routine gdk_pixbuf__gif_image_load() did not properly handle certain return values from its subroutines. A remote attacker could provide a specially-crafted GIF image, which, once opened in Pidgin, would lead gdk-pixbuf to return a partially initialized pixbuf structure. Using this structure, possibly containing a huge width and height, could lead to the application being terminated due to excessive memory use (CVE-2011-2485). Certain characters in the nicknames of IRC users can trigger a null pointer dereference in the IRC protocol plugin's handling of responses to WHO requests. This can cause a crash on some operating systems. Clients based on libpurple 2.8.0 through 2.9.0 are affected (CVE-2011-2943). Incorrect handling of HTTP 100 responses in the MSN protocol plugin can cause the application to attempt to access memory that it does not have access to. This only affects users who have turned on the HTTP connection method for their accounts (it's off by default). This might only be triggerable by a malicious server and not a malicious peer. We believe remote code execution is not possible (CVE-2011-3184). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 This update provides pidgin 2.10.0, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.22 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Wed Sep 07 19:46:09 2011 Importance: security ID: MDVSA-2011:133 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:133 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: As more information has come to light about the attack on the DigiNotar Certificate Authority we have improved the protections added in MFSA 2011-34. The main change is to add explicit distrust to the DigiNotar root certificate and several intermediates. Removing the root as in our previous fix meant the certificates could be considered valid if cross-signed by another Certificate Authority. Importantly this list of distrusted certificates includes the PKIOverheid (PKIGovernment) intermediates under DigiNotar's control that did not chain to DigiNotar's root and were not previously blocked. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package akonadiconsole akregator blogilo kaddressbook kalarm kdepim4 kdepim4-core kdepim4-devel kdepim4-kresources kdepim4-wizards kjots kleopatra kmail kmailcvt knode knotes kontact korganizer ksendemail ktimetracker lib64akonadi-kcal_next4 lib64akonadi-next4 lib64akregatorinterfaces4 lib64akregatorprivate4 lib64gwsoap4 lib64kabc_groupdav4 lib64kabc_groupwise4 lib64kabckolab4 lib64kabc_slox4 lib64kaddressbookprivate4 lib64kalarm_calendar4 lib64kalarm_resources4 lib64kcal_groupdav4 lib64kcal_groupwise4 lib64kcalkolab4 lib64kcal_resourceblog4 lib64kcal_resourceremote4 lib64kcal_slox4 lib64kdepim4 lib64kgroupwarebase4 lib64kgroupwaredav4 lib64kleo4 lib64kmailprivate4 lib64knodecommon4 lib64knoteskolab4 lib64kontactprivate4 lib64korganizer_calendar4 lib64korganizer_core4 lib64korganizer_eventviewer4 lib64korganizer_interfaces4 lib64korganizerprivate4 lib64korg_stdprinting4 lib64kpgp4 lib64ksieve4 lib64kslox4 lib64messagecore4 lib64messagelist4 lib64messageviewer0 lib64mimelib4 Update: Fri Sep 09 08:38:21 2011 Importance: bugfix ID: MDVA-2011:032 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:032 %pre It was discovered that kmail crashed sometimes when deleting mail due to a broken patch for nepomuk support. The updated packages have been patched to correct this issue. %description Information Management applications for the K Desktop Environment. - kaddressbook: The KDE addressbook application. - korganizer: a calendar-of-events and todo-list manager - kalarm: gui for setting up personal alarm/reminder messages - kalarmd: personal alarm/reminder messages daemon, shared by korganizer and kalarm. - kaplan: A shell for the PIM apps, still experimental. - ktimetracker: Time tracker. - kfile-plugins: vCard KFIleItem plugin. - knotes: yellow notes application - konsolecalendar: Command line tool for accessing calendar files. - kmail: universal mail client - kmailcvt: converst addressbooks to kmail format %package rsyslog rsyslog-dbi rsyslog-docs rsyslog-gssapi rsyslog-mysql rsyslog-pgsql rsyslog-relp rsyslog-snmp Update: Fri Sep 09 09:27:35 2011 Importance: security ID: MDVSA-2011:134 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:134 %pre A vulnerability was discovered and corrected in rsyslog: Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service (application exit) via a long TAG in a legacy syslog message (CVE-2011-3200). The updated packages have been patched to correct this issue. %description Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, PostgreSQL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock sysklogd and can be used as a drop-in replacement. Its advanced features make it suitable for enterprise-class, encryption protected syslog relay chains while at the same time being very easy to setup for the novice user. o lmnet.so - Implementation of network related stuff. o lmregexp.so - Implementation of regexp related stuff. o lmtcpclt.so - This is the implementation of TCP-based syslog clients. o lmtcpsrv.so - Common code for plain TCP based servers. o imtcp.so - This is the implementation of the TCP input module. o imudp.so - This is the implementation of the UDP input module. o imuxsock.so - This is the implementation of the Unix sockets input module. o imklog.so - The kernel log input module for Linux. o immark.so - This is the implementation of the build-in mark message input module. o imfile.so - This is the input module for reading text file data. %package null null-dummy Update: Sun Sep 25 16:32:02 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:32:57 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:33:21 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:35:12 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:37:40 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:40:30 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:40:43 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:44:28 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 16:46:03 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 17:33:07 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 17:59:13 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 18:44:26 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 18:46:19 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 18:48:52 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 18:51:00 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Sun Sep 25 18:51:19 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Mon Sep 26 15:12:35 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package null null-dummy Update: Mon Sep 26 15:18:06 2011 Importance: bugfix ID: MDVA-2011:040 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:040 %pre This is a test to evaluate if all works as it should. This advisory (MDVA-2011:040) will be overwritten in the coming days. %description Dummy package. %package lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Wed Sep 28 16:40:24 2011 Importance: security ID: MDVSA-2011:137 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:137 %pre Multiple vulnerabilities has been discovered and corrected in openssl: The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic Curve Digital Signature Algorithm (ECDSA) is used for the ECDHE_ECDSA cipher suite, does not properly implement curves over binary fields, which makes it easier for context-dependent attackers to determine private keys via a timing attack and a lattice calculation (CVE-2011-1945). crypto/x509/x509_vfy.c in OpenSSL 1.0.x before 1.0.0e does not initialize certain structure members, which makes it easier for remote attackers to bypass CRL validation by using a nextUpdate value corresponding to a time in the past (CVE-2011-3207). The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8s and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages, which allows remote attackers to cause a denial of service (application crash) via out-of-order messages that violate the TLS protocol (CVE-2011-3210). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.23 lib64xulrunner-devel xulrunner yelp Update: Sat Oct 01 18:03:00 2011 Importance: security ID: MDVSA-2011:139 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:139 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site (CVE-2011-2372). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-2995). Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-2996). Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression (CVE-2011-2998). Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle location as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170 (CVE-2011-2999). Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values (CVE-2011-3000). Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error (CVE-2011-3001). Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression (CVE-2011-3867). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Sat Oct 01 19:20:36 2011 Importance: security ID: MDVSA-2011:140 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:140 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent the starting of a download in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site (CVE-2011-2372). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-2995). Unspecified vulnerability in the plugin API in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-2996). Mozilla Firefox before 3.6.23 and 4.x through 5, Thunderbird before 6.0, and SeaMonkey before 2.3 do not properly handle location as the name of a frame, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, a different vulnerability than CVE-2010-0170 (CVE-2011-2999). Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting attacks via crafted header values (CVE-2011-3000). Mozilla Firefox 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not prevent manual add-on installation in response to the holding of the Enter key, which allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that triggers an unspecified internal error (CVE-2011-3001). Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression (CVE-2011-3867). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package nspluginwrapper nspluginwrapper-i386 Update: Sat Oct 01 22:23:25 2011 Importance: bugfix ID: MDVA-2011:045 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:045 %pre This is a bugfix and maintenance release that upgrades nspluginwrapper to the latest version (1.4.4) which provides numerous fixes for firefox 3.6 and later. %description nspluginwrapper makes it possible to use Netscape 4 compatible plugins compiled for linux/i386 into Mozilla for another architecture, e.g. x86_64. This package consists in: * npviewer: the plugin viewer * npwrapper.so: the browser-side plugin * nspluginwrapper: a tool to manage plugins installation and update %package drakx-net drakx-net-text libdrakx-net Update: Wed Oct 05 09:00:55 2011 Importance: bugfix ID: MDVA-2011:046 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:046 %pre The network icon doesn't report the network status correctly with a kernel > 2.6.38. %description This package contains the Mandriva network tools. net_applet: applet to check network connection %package drakx-net drakx-net-text libdrakx-net Update: Wed Oct 05 09:01:50 2011 Importance: bugfix ID: MDVA-2011:046 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:046 %pre The network icon doesn't report the network status correctly with a kernel > 2.6.38. %description This package contains the Mandriva network tools. net_applet: applet to check network connection %package hostapd Update: Wed Oct 05 10:04:51 2011 Importance: bugfix ID: MDVA-2011:049 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:049 %pre The hostapd package contains a very old configuration file, so many new features including IEEE 802.11n support are disabled. %description Hostapd is an optional user space component for Host AP driver. It adds more features to the basic IEEE 802.11 management included in the kernel driver: using external RADIUS authentication server for MAC address based access control, IEEE 802.1X Authenticator and dynamic WEP keying, RADIUS accounting. %package lib64rpm4.6 lib64rpm-devel python-rpm rpm rpm-build Update: Wed Oct 05 17:48:05 2011 Importance: security ID: MDVSA-2011:143 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:143 %pre Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code (CVE-2011-3378). Additionally for Mandriva Linux 2009.0 and Mandriva Linux Enterprise Server 5 updated perl-URPM and lzma (xz v5) packages are being provided to support upgrading to Mandriva Linux 2011. The updated packages have been patched to correct these issues. %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package hplip hplip-doc hplip-gui hplip-hpijs hplip-hpijs-ppds hplip-model-data lib64hpip0 lib64hpip0-devel lib64sane-hpaio1 Update: Fri Oct 07 10:43:02 2011 Importance: bugfix ID: MDVA-2011:055 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:055 %pre In all recent Mandriva releases hpijs driver does not work because PPD files contain a link to foomatic-rip-hplip filter that is not installed. %description This is the HP driver package to supply Linux support for most Hewlett-Packard DeskJet, LaserJet, PSC, OfficeJet, and PhotoSmart printers and all-in-one peripherals (also known as Multi-Function Peripherals or MFPs), which can print, scan, copy, fax, and/or access flash memory cards. It is work in progress, but printing, scanning, memory card access, ink/toner/battery/consumable level checking, and inkjet printer maintenance are supported on most models, when either connected to the USB or LAN (built-in interfaces or selected HP JetDirect models) on a Linux workstation with CUPS printing system. For status and consumable checking and also for inkjet maintenance there is the graphical tool "hp-toolbox" available (Menu: "System"/"Monitoring"/"HP Printer Toolbox"). %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Sat Oct 08 11:24:32 2011 Importance: security ID: MDVSA-2011:144 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:144 %pre A vulnerability has been discovered and corrected in apache: The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21 does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an initial \@ (at sign) character (CVE-2011-3368). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Sun Oct 09 18:24:53 2011 Importance: security ID: MDVSA-2011:145 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:145 %pre Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling (CVE-2011-2821, CVE-2011-2834). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Sun Oct 09 18:35:19 2011 Importance: security ID: MDVSA-2011:145 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:145 %pre Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling (CVE-2011-2821, CVE-2011-2834). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package cups cups-common cups-serial lib64cups2 lib64cups2-devel php-cups Update: Mon Oct 10 13:33:35 2011 Importance: security ID: MDVSA-2011:146 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:146 %pre Multiple vulnerabilities has been discovered and corrected in cups: The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service (infinite loop) via HTTP_UNAUTHORIZED responses (CVE-2010-2432). The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895 (CVE-2011-2896). The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896 (CVE-2011-3170). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package cifs-utils lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Tue Oct 11 19:53:23 2011 Importance: security ID: MDVSA-2011:148 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:148 %pre Multiple vulnerabilities has been discovered and corrected in samba/cifs-utils: smbfs in Samba 3.5.8 and earlier attempts to use (1) mount.cifs to append to the /etc/mtab file and (2) umount.cifs to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1678). The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier does not properly verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-0547 (CVE-2011-2724). Additionally for Mandriva Linux 2010.2 the cifs-utils package has been upgraded to the 4.8.1 version that brings numerous additional fixes. Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Update: Fri Oct 14 17:04:32 2011 Importance: security ID: MDVSA-2011:149 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:149 %pre Multiple vulnerabilities has been discovered and corrected in cyrus-imapd: Stack-based buffer overflow in the split_wildmats function in nntpd.c in nntpd in Cyrus IMAP Server before 2.3.17 and 2.4.x before 2.4.11 allows remote attackers to execute arbitrary code via a crafted NNTP command (CVE-2011-3208). Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an AUTHINFO USER command without a following AUTHINFO PASS command (CVE-2011-3372). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package squid squid-cachemgr Update: Sat Oct 15 17:49:08 2011 Importance: security ID: MDVSA-2011:150 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:150 %pre A vulnerability has been discovered and corrected in squid: Buffer overflow in the gopherToHTML function in gopher.cc in the Gopher reply parser in Squid 3.0 before 3.0.STABLE26, 3.1 before 3.1.15, and 3.2 before 3.2.0.11 allows remote Gopher servers to cause a denial of service (memory corruption and daemon restart) or possibly have unspecified other impact via a long line in a response. NOTE: This issue exists because of a CVE-2005-0094 regression (CVE-2011-3205). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. %description Squid is a high-performance proxy caching server for web clients, supporting FTP, gopher, and HTTP data objects over IPv4 or IPv6. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, asynchronous process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid supports SSL, extensive access controls, and full request logging. By using the lightweight Internet Cache Protocol (ICP) and HTTP Cache Protocol (HTCP) Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings. Install squid if you need a proxy caching server. This package defaults to a maximum of 8192 filedescriptors. You can change these values at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 8192 filedescriptors. You can build squid with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] test Initiate the test suite %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Mon Oct 17 12:47:13 2011 Importance: security ID: MDVSA-2011:151 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:151 %pre Multiple vulnerabilities has been discovered and corrected in libpng: The png_format_buffer function in pngerror.c in libpng allows remote attackers to cause a denial of service (application crash) via a crafted PNG image that triggers an out-of-bounds read during the copying of error-message data. NOTE: this vulnerability exists because of a CVE-2004-0421 regression (CVE-2011-2501). Buffer overflow in libpng, when used by an application that calls the png_rgb_to_gray function but not the png_set_expand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and possibly have unspecified other impact, via a crafted PNG image (CVE-2011-2690). The png_err function in pngerror.c in libpng makes a function call using a NULL pointer argument instead of an empty-string argument, which allows remote attackers to cause a denial of service (application crash) via a crafted PNG image (CVE-2011-2691). NOTE: This does not affect the binary packages in Mandriva, but could affect users if PNG_NO_ERROR_TEXT is defined using the libpng-source-1.?.?? package. The png_handle_sCAL function in pngrutil.c in libpng does not properly handle invalid sCAL chunks, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted PNG image that triggers the reading of uninitialized memory (CVE-2011-2692). The updated packages have been patched to correct these issues. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package ncompress Update: Mon Oct 17 15:27:47 2011 Importance: security ID: MDVSA-2011:152 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:152 %pre A vulnerability has been found and corrected in ncompress: An integer underflow leading to array index error was found in the way gzip used to decompress files / archives, compressed with the Lempel-Ziv-Welch (LZW) compression algorithm. A remote attacker could provide a specially-crafted LZW compressed gzip archive, which once decompressed by a local, unsuspecting user would lead to gzip crash, or, potentially to arbitrary code execution with the privileges of the user running gzip (CVE-2010-0001). The updated packages have been upgraded to the 4.2.4.4 version which is not vulnerable to this issue. %description The ncompress package contains the compress and uncompress file compression and decompression utilities, which are compatible with the original UNIX compress utility (.Z file extensions). These utilities can't handle gzipped (.gz file extensions) files, but gzip can handle compressed files. %package lib64xfont1 lib64xfont1-devel lib64xfont1-static-devel Update: Mon Oct 17 15:41:12 2011 Importance: security ID: MDVSA-2011:153 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153 %pre A vulnerability has been discovered and corrected in libxfont: The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896 (CVE-2011-2895). The updated packages have been patched to correct this issue. %description X font Library %package systemtap Update: Mon Oct 17 17:02:18 2011 Importance: security ID: MDVSA-2011:154 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:154 %pre A vulnerability has been discovered and corrected in systemtap: SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access (CVE-2011-1769). The updated packages have been patched to correct this issue. %description SystemTap provides free software (GPL) infrastructure to simplify the gathering of information about the running Linux system. This assists diagnosis of a performance or functional problem. SystemTap eliminates the need for the developer to go through the tedious and disruptive instrument, recompile, install, and reboot sequence that may be otherwise required to collect data. SystemTap provides a simple command line interface and scripting language for writing instrumentation for a live running kernel. We are publishing samples, as well as enlarging the internal "tapset" script library to aid reuse and abstraction. We also plan to support probing userspace applications. We are investigating interfacing Systemtap with similar tools such as Frysk, Oprofile and LTT. Current project members include Red Hat, IBM, Intel, and Hitachi. %package timezone timezone-java Update: Tue Oct 18 09:41:37 2011 Importance: bugfix ID: MDVA-2011:058 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:058 %pre Timezone is a package that contains data files with rules for various timezones around the world. In autumn 2011 Russia, Belarus and Ukraine drop transition on winter time. Palestine suspends DST during Ramadan in 2011. Gaza and West Bank split in 2011. West Bank is tracked in the timezone Asia/Hebron. This package fix this. Also we fix some error on UK and China timezone definition. %description This package contains data files with rules for various timezones around the world. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-eclipse tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Tue Oct 18 14:53:17 2011 Importance: security ID: MDVSA-2011:156 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:156 %pre Multiple vulnerabilities has been discovered and corrected in tomcat 5.5.x: The implementation of HTTP DIGEST authentication in tomcat was discovered to have several weaknesses (CVE-2011-1184). Apache Tomcat, when the MemoryUserDatabase is used, creates log entries containing passwords upon encountering errors in JMX user creation, which allows local users to obtain sensitive information by reading a log file (CVE-2011-2204). Apache Tomcat, when sendfile is enabled for the HTTP APR or HTTP NIO connector, does not validate certain request attributes, which allows local users to bypass intended file access restrictions or cause a denial of service (infinite loop or JVM crash) by leveraging an untrusted web application (CVE-2011-2526). Certain AJP protocol connector implementations in Apache Tomcat allow remote attackers to spoof AJP requests, bypass authentication, and obtain sensitive information by causing the connector to interpret a request body as a new request (CVE-2011-3190). The updated packages have been patched to correct these issues. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Fri Oct 21 09:49:52 2011 Importance: security ID: MDVSA-2011:157 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:157 %pre A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font (CVE-2011-3256). A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox (#63892). Additionally, improvements conserning the LZW handling (as noted in the freetype-2.4.7 version) was added. The updated packages have been patched to correct these issues. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Sat Oct 22 20:29:50 2011 Importance: security ID: MDVSA-2011:160 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:160 %pre Multiple vulnerabilities has been found and corrected in krb5: The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors, related to the locked_check_p function (CVE-2011-1528). The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.8 through 1.8.4 and 1.9 through 1.9.1, when the db2 (aka Berkeley DB) or LDAP back end is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger certain process_as_req errors (CVE-2011-1529). The updated packages have been patched to correct these issues. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Mon Oct 24 18:01:27 2011 Importance: security ID: MDVSA-2011:161 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:161 %pre A vulnerability was discovered and corrected in postgresql: contrib/pg_crypto's blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be (CVE-2011-2483). Additionally corrected ossp-uuid packages as well as corrected support in postgresql 9.0.x are being provided for Mandriva Linux 2011. This update provides a solution to this vulnerability. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package kdelibs4-core kdelibs4-devel lib64kde3support4 lib64kdecore5 lib64kdefakes5 lib64kdesu5 lib64kdeui5 lib64kdewebkit5 lib64kdnssd4 lib64kfile4 lib64khtml5 lib64kimproxy4 lib64kio5 lib64kjs4 lib64kjsapi4 lib64kjsembed4 lib64kmediaplayer4 lib64knewstuff2_4 lib64knewstuff34 lib64knotifyconfig4 lib64kntlm4 lib64kparts4 lib64kpty4 lib64krosscore4 lib64krossui4 lib64ktexteditor4 lib64kunitconversion4 lib64kunittest4 lib64kutils4 lib64nepomuk4 lib64nepomukquery4 lib64plasma3 lib64solid4 lib64threadweaver4 Update: Tue Nov 01 13:32:43 2011 Importance: security ID: MDVSA-2011:162 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:162 %pre Multiple vulnerabilities was discovered and corrected in kdelibs4: KDE KSSL in kdelibs does not properly handle a \'\0\' (NUL) character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408 (CVE-2009-2702). An input sanitization flaw was found in the KSSL (KDE SSL Wrapper) API. An attacker could supply a specially-crafted SSL certificate (for example, via a web page) to an application using KSSL, such as the Konqueror web browser, causing misleading information to be presented to the user, possibly tricking them into accepting the certificate as valid (CVE-2011-3365). The updated packages have been patched to correct these issues. %description Libraries for the K Desktop Environment. %package apache-mod_php lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-sqlite php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Thu Nov 03 15:01:29 2011 Importance: security ID: MDVSA-2011:165 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:165 %pre Multiple vulnerabilities has been identified and fixed in php: Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact by using the same variable for multiple arguments (CVE-2011-1148). The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service (application crash) via certain flags arguments, as demonstrated by (a) GLOB_ALTDIRFUNC and (b) GLOB_APPEND (CVE-2011-1657). Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket (CVE-2011-1938). The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a file path injection vulnerability. (CVE-2011-2202). crypt_blowfish before 1.1, as used in PHP before 5.3.7 on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483). PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger a buffer overflow by leveraging the ability to provide an arbitrary value for a function argument, related to (1) ext/curl/interface.c, (2) ext/date/lib/parse_date.c, (3) ext/date/lib/parse_iso_intervals.c, (4) ext/date/lib/parse_tz.c, (5) ext/date/lib/timelib.c, (6) ext/pdo_odbc/pdo_odbc.c, (7) ext/reflection/php_reflection.c, (8) ext/soap/php_sdl.c, (9) ext/xmlrpc/libxmlrpc/base64.c, (10) TSRM/tsrm_win32.c, and (11) the strtotime function (CVE-2011-3182). PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (application crash) via unspecified vectors (CVE-2011-3267). Buffer overflow in the crypt function in PHP before 5.3.7 allows context-dependent attackers to have an unspecified impact via a long salt argument, a different vulnerability than CVE-2011-2483 (CVE-2011-3268). The updated php packages have been upgraded to 5.3.8 which is not vulnerable to these issues. Additionally some of the PECL extensions has been upgraded and/or rebuilt for the new php version. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Thu Nov 03 17:10:03 2011 Importance: security ID: MDVSA-2011:166 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:166 %pre A vulnerability has been identified and fixed in php: The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders (CVE-2011-3379). The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory and is now being provided, the php-timezonedb package was upgraded to the latest version (2011.14) for 2011. The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Thu Nov 03 17:12:21 2011 Importance: security ID: MDVSA-2011:166 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:166 %pre A vulnerability has been identified and fixed in php: The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders (CVE-2011-3379). The php-ini-5.3.8 package was missing with the MDVSA-2011:165 advisory and is now being provided, the php-timezonedb package was upgraded to the latest version (2011.14) for 2011. The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package gimp gimp-python lib64gimp2.0_0 lib64gimp2.0-devel Update: Fri Nov 04 16:00:43 2011 Importance: security ID: MDVSA-2011:167 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:167 %pre A vulnerability has been discovered and corrected in gimp: The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2895 (CVE-2011-2896). The updated packages have been patched to correct these issues. %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with lzw Enable LZW compression in GIF (default disabled) %package php-apc php-apc-admin Update: Fri Nov 04 19:58:34 2011 Importance: bugfix ID: MDVA-2011:068 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:068 %pre A regression was found with php-apc-3.1.9 and with php-5.3.8. The updates packages has been patched to corrrect this issue. %description APC was conceived of to provide a way of boosting the performance of PHP on heavily loaded sites by providing a way for scripts to be cached in a compiled state, so that the overhead of parsing and compiling can be almost completely eliminated. There are commercial products which provide this functionality, but they are neither open-source nor free. Our goal was to level the playing field by providing an implementation that allows greater flexibility and is universally accessible. NOTE!: php-apc has to be loaded last, very important! This package comes with four different flavours of APC (use only one of them): o apc-mmap.so - mmap (fcntl) based locks (default) o apc-sem.so - IPC semamphore based locks o apc-spinlocks.so - Hardware-dependent implementation of spinlocks o apc-pthread.so - NPTL pthread mutex based locks %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Wed Nov 09 14:11:11 2011 Importance: security ID: MDVSA-2011:168 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:168 %pre A vulnerability has been discovered and corrected in apache: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary error state in the backend server) via a malformed HTTP request (CVE-2011-3348). The fix for CVE-2011-3192 provided by the MDVSA-2011:130 advisory introduced regressions in the way httpd handled certain Range HTTP header values. The updated packages have been patched to correct these issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Wed Nov 09 15:22:15 2011 Importance: security ID: MDVSA-2011:168 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:168 %pre A vulnerability has been discovered and corrected in apache: The mod_proxy_ajp module in the Apache HTTP Server before 2.2.21, when used with mod_proxy_balancer in certain configurations, allows remote attackers to cause a denial of service (temporary error state in the backend server) via a malformed HTTP request (CVE-2011-3348). The fix for CVE-2011-3192 provided by the MDVSA-2011:130 advisory introduced regressions in the way httpd handled certain Range HTTP header values. The updated packages have been patched to correct these issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.24 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Wed Nov 09 19:25:39 2011 Importance: security ID: MDVSA-2011:169 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:169 %pre Security issues were identified and fixed in mozilla NSS, firefox and thunderbird: 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. This was fixed with rootcerts-20111103.00 and nss-3.13. DigiCert Sdn. Bhd is a Malaysian subordinate CA under Entrust and Verizon (GTE CyberTrust). It bears no affiliation whatsoever with the US-based corporation DigiCert, Inc., which is a member of Mozilla's root program. Untrusted search path vulnerability in Mozilla Network Security Services (NSS) might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory (CVE-2011-3640). Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding (CVE-2011-3648). Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug (CVE-2011-3650). The following vulnerabilities affetst Mandriva Linux 2011 only: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-3651). The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2011-3652). The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2011-3654). Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site (CVE-2011-3655). The following vulnerabilities affects Mandriva Enterpriser Server 5.2 and Mandriva Linux 2010.2 only: The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004 (CVE-2011-3647). Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner1.9.2.24 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java xulrunner yelp Update: Wed Nov 09 19:44:37 2011 Importance: security ID: MDVSA-2011:169 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:169 %pre Security issues were identified and fixed in mozilla NSS, firefox and thunderbird: 22 weak 512-bit certificates issued by the DigiCert Sdn. Bhd certificate authority has been revoked from the root CA storage. This was fixed with rootcerts-20111103.00 and nss-3.13. DigiCert Sdn. Bhd is a Malaysian subordinate CA under Entrust and Verizon (GTE CyberTrust). It bears no affiliation whatsoever with the US-based corporation DigiCert, Inc., which is a member of Mozilla's root program. Untrusted search path vulnerability in Mozilla Network Security Services (NSS) might allow local users to gain privileges via a Trojan horse pkcs11.txt file in a top-level directory (CVE-2011-3640). Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 allows remote attackers to inject arbitrary web script or HTML via crafted text with Shift JIS encoding (CVE-2011-3648). Mozilla Firefox before 3.6.24 and 4.x through 7.0 and Thunderbird before 3.1.6 and 5.0 through 7.0 do not properly handle JavaScript files that contain many functions, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a crafted file that is accessed by debugging APIs, as demonstrated by Firebug (CVE-2011-3650). The following vulnerabilities affetst Mandriva Linux 2011 only: Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 7.0 and Thunderbird 7.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2011-3651). The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly allocate memory, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2011-3652). The browser engine in Mozilla Firefox before 8.0 and Thunderbird before 8.0 does not properly handle links from SVG mpath elements to non-SVG elements, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors (CVE-2011-3654). Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site (CVE-2011-3655). The following vulnerabilities affects Mandriva Enterpriser Server 5.2 and Mandriva Linux 2010.2 only: The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a crafted web site that leverages certain unwrapping behavior, a related issue to CVE-2011-3004 (CVE-2011-3647). Additionally, some packages which require so, have been rebuilt and are being provided as updates. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package timezone timezone-java Update: Thu Nov 10 14:13:32 2011 Importance: bugfix ID: MDVA-2011:072 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:072 %pre Timezone is a package that contains data files with rules for various timezones around the world. This update addresses the following changes: - Fiji adopts DST for 2011 (effective Oct 23rd, 2011) - West Bank changes date for DST end in 2011 to Sep 30th - Fix DST for: Pridnestrovian Moldavian Republic, Ukraine, Bahia and Brazil. %description This package contains data files with rules for various timezones around the world. %package icedtea-web java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-src Update: Fri Nov 11 14:40:01 2011 Importance: security ID: MDVSA-2011:170 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:170 %pre Security issues were identified and fixed in openjdk (icedtea6) and icedtea-web: IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to Networking (CVE-2011-3547). IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability, related to AWT (CVE-2011-3548). IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D (CVE-2011-3551). IcedTea6 prior to 1.10.4 allows remote attackers to affect integrity via unknown vectors related to Networking (CVE-2011-3552). IcedTea6 prior to 1.10.4 allows remote authenticated users to affect confidentiality, related to JAXWS (CVE-2011-3553). IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting (CVE-2011-3544). IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deserialization (CVE-2011-3521). IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors (CVE-2011-3554). A flaw was found in the way the SSL 3 and TLS 1.0 protocols used block ciphers in cipher-block chaining (CBC) mode. An attacker able to perform a chosen plain text attack against a connection mixing trusted and untrusted data could use this flaw to recover portions of the trusted data sent over the connection (CVE-2011-3389). Note: This update mitigates the CVE-2011-3389 issue by splitting the first application data record byte to a separate SSL/TLS protocol record. This mitigation may cause compatibility issues with some SSL/TLS implementations and can be disabled using the jsse.enableCBCProtection boolean property. This can be done on the command line by appending the flag -Djsse.enableCBCProtection=false to the java command. IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to HotSpot (CVE-2011-3558). IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3556). IcedTea6 prior to 1.10.4 allows remote attackers to affect confidentiality, integrity, and availability, related to RMI (CVE-2011-3557). IcedTea6 prior to 1.10.4 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality and integrity, related to JSSE (CVE-2011-3560). Deepak Bhole discovered a flaw in the Same Origin Policy (SOP) implementation in the IcedTea project Web browser plugin. A malicious applet could use this flaw to bypass SOP protection and open connections to any sub-domain of the second-level domain of the applet's origin, as well as any sub-domain of the domain that is the suffix of the origin second-level domain. For example, IcedTea-Web plugin allowed applet from some.host.example.com to connect to other.host.example.com, www.example.com, and example.com, as well as www.ample.com or ample.com. (CVE-2011-3377). %description The OpenJDK runtime environment. %package lib64openssl0.9.8 Update: Sat Nov 12 11:56:51 2011 Importance: security ID: MDVSA-2011:173 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:173 %pre On Mandriva Linux 2010.2 we provided the old openssl 0.9.8 library but without a source RPM file. This could pose a security risk for third party commercial applications that still uses the older OpenSSL library, therefore the latest stable openssl 0.9.8r library is being provided. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. NOTE: Only the shared library and the engines are provided with this source rpm package. %package bind bind-devel bind-doc bind-utils Update: Wed Nov 16 22:21:52 2011 Importance: security ID: MDVSA-2011:176 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:176 %pre A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package bind bind-devel bind-doc bind-utils Update: Thu Nov 17 19:21:48 2011 Importance: security ID: MDVSA-2011:176-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:176-1 %pre A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Update: Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 advisory had a faulty release number effectively preventing installation without excessive force due to a previous packaging mistake. This advisory provides corrected packages to address the problem. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package bind bind-devel bind-doc bind-utils Update: Fri Nov 18 12:48:00 2011 Importance: security ID: MDVSA-2011:176-2 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:176-2 %pre A vulnerability was discovered and corrected in bind: Cache lookup could return RRSIG data associated with nonexistent records, leading to an assertion failure. [ISC RT #26590] (CVE-2011-4313). The updated packages have been upgraded to bind 9.7.4-P1 and 9.8.1-P1 which is not vulnerable to this issue. Update: Packages provided for Mandriva Enterprise Server 5.2 and Mandriva Linux 2010.2 with the MDVSA-2011:176 and MDVSA-2011:176-1 advisory had wrong release numbers effectively preventing installation without excessive force due previous packaging mistakes. This advisory provides corrected packages to address the problem. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package bind bind-devel bind-doc bind-utils Update: Fri Nov 18 16:58:41 2011 Importance: bugfix ID: MDVA-2011:083 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:083 %pre The default configuration (and compiled in) options for ISC BIND uses DNSSEC per default which under certain circumstances can result in huge latencies due to the overhead of trying to validate each lookup, and everytime. This has now been disabled in the configuration file (/var/lib/named/etc/named.conf) for performance reasons but can easily be enabled again. Please have a look at the dnssec-enable and dnssec-validation configuration options and set the preferred method there. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Mon Nov 21 15:38:01 2011 Importance: security ID: MDVSA-2011:177 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:177 %pre A vulnerability has been discovered and corrected in freetype2: FreeType allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted font in a document (CVE-2011-3439). The updated packages have been patched to correct these issues. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package glibc glibc-devel glibc-doc glibc-doc-pdf glibc-i18ndata glibc-profile glibc-static-devel glibc-utils nscd Update: Fri Nov 25 19:16:28 2011 Importance: security ID: MDVSA-2011:178 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:178 %pre Multiple vulnerabilities was discovered and fixed in glibc: Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library (aka glibc or libc6), including glibc-2.5-49.el5_5.6 and glibc-2.12-1.7.el6_0.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object (DSO) in a subdirectory of the current working directory during execution of a (1) setuid or (2) setgid program that has in (a) RPATH or (b) RUNPATH. NOTE: this issue exists because of an incorrect fix for CVE-2010-3847 (CVE-2011-0536). The GNU C Library (aka glibc or libc6) before 2.12.2 and Embedded GLIBC (EGLIBC) allow context-dependent attackers to execute arbitrary code or cause a denial of service (memory consumption) via a long UTF8 string that is used in an fnmatch call, aka a stack extension attack, a related issue to CVE-2010-2898, as originally reported for use of this library by Google Chrome (CVE-2011-1071). The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report an error status for failed attempts to write to the /etc/mtab file, which makes it easier for local users to trigger corruption of this file, as demonstrated by writes from a process with a small RLIMIT_FSIZE value, a different vulnerability than CVE-2010-0296 (CVE-2011-1089). locale/programs/locale.c in locale in the GNU C Library (aka glibc or libc6) before 2.13 does not quote its output, which might allow local users to gain privileges via a crafted localization environment variable, in conjunction with a program that executes a script that uses the eval function (CVE-2011-1095). Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than CVE-2011-1071 (CVE-2011-1659). crypt_blowfish before 1.1, as used in glibc on certain platforms, does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483). The updated packages have been patched to correct these issues. %description The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. The glibc package also contains national language (locale) support. This package now also provides ldconfig which was package seperately in the past. Ldconfig is a basic system program which determines run-time link bindings between ld.so and shared libraries. Ldconfig scans a running system and sets up the symbolic links that are used to load shared libraries properly. It also creates a cache (/etc/ld.so.cache) which speeds the loading of programs which use shared libraries. %package php-suhosin Update: Mon Nov 28 14:29:35 2011 Importance: security ID: MDVSA-2011:180 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:180 %pre A vulnerability was discovered and fixed in php-suhosin: crypt_blowfish before 1.1, as used in suhosin does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483). The updated packages have been patched to correct this issue. %description Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. Suhosin is binary compatible to normal PHP installation, which means it is compatible to 3rd party binary extension like ZendOptimizer. %package lib64msn0.3 libmsn-devel libmsn-test Update: Mon Dec 05 13:50:00 2011 Importance: bugfix ID: MDVA-2011:081-1 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:081-1 %pre An error has been found in libmsn library used by Kopete Instant Messaging Application, in the way SOAP redirects where handled which was preventing Windows Live Messenger users from logging into their accounts. The updated package have been patched to correct this issue. Update: Packages for 2010.2 was forgotten with the previous MDVA-2011:081 advisory. The missing packages are now being provided. %description Libmsn is a reusable, open-source, fully documented library for connecting to Microsoft's MSN Messenger service. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_sftp proftpd-mod_sftp_pam proftpd-mod_sftp_sql proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_passwd proftpd-mod_sql_postgres proftpd-mod_sql_sqlite proftpd-mod_time proftpd-mod_tls proftpd-mod_tls_shmcache proftpd-mod_vroot proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Wed Dec 07 15:31:02 2011 Importance: security ID: MDVSA-2011:181 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:181 %pre A vulnerability was discovered and fixed in proftpd: Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer (CVE-2011-4130). The updated packages have been upgraded to the latest version 1.3.3g which is not vulnerable to this issue. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package dhcp-client dhcp-common dhcp-devel dhcp-doc dhcp-relay dhcp-server Update: Thu Dec 08 16:10:37 2011 Importance: security ID: MDVSA-2011:182 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:182 %pre A vulnerability has been discovered and corrected in dhcp: dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-R4 does not properly handle regular expressions in dhcpd.conf, which allows remote attackers to cause a denial of service (daemon crash) via a crafted request packet (CVE-2011-4539). The updated packages have been patched to correct this issue. %description DHCP (Dynamic Host Configuration Protocol) is a protocol which allows individual devices on an IP network to get their own network configuration information (IP address, subnetmask, broadcast address, etc.) from a DHCP server. The overall purpose of DHCP is to make it easier to administer a large network. The dhcp package includes the DHCP server and a DHCP relay agent. You will also need to install the dhcp-client or dhcpcd package, or pump or dhcpxd, which provides the DHCP client daemon, on client machines. If you want the DHCP server and/or relay, you will also need to install the dhcp-server and/or dhcp-relay packages. %package finch lib64finch0 lib64purple0 lib64purple-devel pidgin pidgin-bonjour pidgin-client pidgin-gevolution pidgin-i18n pidgin-meanwhile pidgin-perl pidgin-plugins pidgin-silc pidgin-tcl Update: Sat Dec 10 21:56:55 2011 Importance: security ID: MDVSA-2011:183 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:183 %pre Multiple vulnerabilities has been discovered and corrected in pidgin: When receiving various stanzas related to voice and video chat, the XMPP protocol plugin failed to ensure that the incoming message contained all required fields, and would crash if certain fields were missing. When receiving various messages related to requesting or receiving authorization for adding a buddy to a buddy list, the oscar protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash (CVE-2011-4601). When receiving various incoming messages, the SILC protocol plugin failed to validate that a piece of text was UTF-8. In some cases invalid UTF-8 data would lead to a crash (CVE-2011-3594). This update provides pidgin 2.10.1, which is not vulnerable to these issues. %description Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just add an account using the account editor. Pidgin supports many common features of other clients, as well as many unique features, such as perl scripting, TCL scripting and C plugins. Pidgin is not affiliated with or endorsed by America Online, Inc., Microsoft Corporation, Yahoo! Inc., or ICQ Inc. %package lib64cap2 lib64cap-devel libcap-utils pam_cap Update: Mon Dec 12 14:18:42 2011 Importance: security ID: MDVSA-2011:185 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:185 %pre A vulnerability has been discovered and corrected in libcap: capsh did not chdir(/) after callling chroot(). Programs could therefore access the current directory outside of the chroot (CVE-2011-4099). The updated packages have been patched to correct this issue. %description libcap is a library for getting and setting POSIX.1e (formerly POSIX 6) draft 15 capabilities. %package nfs-utils nfs-utils-clients Update: Mon Dec 12 19:04:53 2011 Importance: security ID: MDVSA-2011:186 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:186 %pre A vulnerability has been discovered and corrected in nfs-utils: It was found that the mount.nfs tool did not handle certain errors correctly when updating the mtab (mounted file systems table) file. A local attacker could use this flaw to corrupt the mtab file (CVE-2011-1749). The updated packages have been patched to correct this issue. %description This package provides various programs needed for NFS support on server. %package php-pear Update: Thu Dec 15 14:49:58 2011 Importance: security ID: MDVSA-2011:187 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:187 %pre A vulnerability has been discovered and corrected in php-pear: The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) download_dir, (2) cache_dir, (3) tmp_dir, and (4) pear-build-download directories, a different vulnerability than CVE-2007-2519 (CVE-2011-1072). This advisory provides PEAR 1.9.4 which is not vulnerable to this issue. Additionally for Mandriva Enterprise Server 5 many new or updated PEAR packages is being provided with the latest versions of respective packages as well as mitigating various dependency issues. %description PEAR is short for "PHP Extension and Application Repository" and is pronounced just like the fruit. The purpose of PEAR is to provide: * A structured library of open-sourced code for PHP users * A system for code distribution and package maintenance * A standard style for code written in PHP * The PHP Foundation Classes (PFC) * The PHP Extension Code Library (PECL) * A web site, mailing lists and download mirrors to support the PHP/PEAR community %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Thu Dec 15 17:10:32 2011 Importance: security ID: MDVSA-2011:188 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:188 %pre Multiple vulnerabilities has been discovered and corrected in libxml2: Off-by-one error in libxml allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site CVE-2011-0216). libxml2 allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors (CVE-2011-3905). The updated packages have been patched to correct these issues. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package jasper lib64jasper1 lib64jasper-devel lib64jasper-static-devel Update: Fri Dec 16 11:28:55 2011 Importance: security ID: MDVSA-2011:189 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:189 %pre Multiple vulnerabilities has been discovered and corrected in jasper: Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a JPEG2000 file (CVE-2011-4516). The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a malformed JPEG2000 file (CVE-2011-4517). The updated packages have been patched to correct these issues. %description JasPer is a software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1). This package contains tools for working with JPEG-2000 images. %package bsdcpio bsdtar lib64archive2 lib64archive-devel Update: Sun Dec 18 17:28:57 2011 Importance: security ID: MDVSA-2011:190 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:190 %pre Two heap-based buffer overflow flaws were discovered in libarchive. If a user were tricked into expanding a specially-crafted ISO 9660 CD-ROM image or tar archive with an application using libarchive, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2011-1777, CVE-2011-1778). The updated packages have been patched to correct these issues. %description Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants and several cpio formats. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. The bsdtar program is an implementation of tar(1) that is built on top of libarchive. It started as a test harness, but has grown and is now the standard system tar for FreeBSD 5 and 6. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Mon Dec 19 12:21:29 2011 Importance: bugfix ID: MDVA-2011:094 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:094 %pre This is a bugfix and maintenance update of the python package(s) that addresses the following issue(s): sys.plaform should return the name of the platform where the python binary had been built. It usually returns 'linux2'. However since the kernel has increased its major number to 3, building python on platforms running those new kernels would make sys.platform return 'linux3' (#64889). %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package psmisc Update: Mon Dec 19 12:45:48 2011 Importance: bugfix ID: MDVA-2011:093-1 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:093-1 %pre This is a bugfix and maintenance update of the psmisc package(s) that addresses the following issue(s): * Fixed bug with fuser is returning an incorrect return value when using -s option (#64846) Update: Packages for 2010.2 is also being provided. %description The psmisc package contains utilities for managing processes on your system: pstree, killall and fuser. The pstree command displays a tree structure of all of the running processes on your system. The killall command sends a specified signal (SIGTERM if nothing is specified) to processes identified by name. The fuser command identifies the PIDs of processes that are using specified files or filesystems. %package icu icu-doc lib64icu44 lib64icu-devel Update: Tue Dec 27 12:01:32 2011 Importance: security ID: MDVSA-2011:194 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:194 %pre A vulnerability has been discovered and corrected in icu: A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2011-4599). The updated packages have been patched to correct this issue. %description The International Components for Unicode (ICU) libraries provide robust and full-featured Unicode services on a wide variety of platforms. ICU supports the most current version of the Unicode standard, and they provide support for supplementary Unicode characters (needed for GB 18030 repertoire support). As computing environments become more heterogeneous, software portability becomes more important. ICU lets you produce the same results across all the various platforms you support, without sacrificing performance. It offers great flexibility to extend and customize the supplied services, which include: * Text: Unicode text handling, full character properties and character set conversions (500+ codepages) * Analysis: Unicode regular expressions; full Unicode sets; character, word and line boundaries * Comparison: Language sensitive collation and searching * Transformations: normalization, upper/lowercase, script transliterations (50+ pairs) * Locales: Comprehensive locale data (230+) and resource bundle architecture * Complex Text Layout: Arabic, Hebrew, Indic and Thai * Time: Multi-calendar and time zone * Formatting and Parsing: dates, times, numbers, currencies, messages and rule based %package krb5-appl-clients krb5-appl-servers Update: Wed Dec 28 12:46:35 2011 Importance: security ID: MDVSA-2011:195 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:195 %pre A vulnerability has been discovered and corrected in krb5-appl, heimdal and netkit-telnet: An unauthenticated remote attacker can cause a buffer overflow and probably execute arbitrary code with the privileges of the telnet daemon (CVE-2011-4862). In Mandriva the telnetd daemon from the netkit-telnet-server package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue. %description This package contains Kerberos-aware versions of the telnet, ftp, rcp, rsh, and rlogin clients and servers. While these have been replaced by tools such as OpenSSH in most environments, they remain in use in others. %package ipmitool Update: Wed Dec 28 13:33:03 2011 Importance: security ID: MDVSA-2011:196 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:196 %pre A vulnerability has been discovered and corrected in ipmitool: ipmievd as used in the ipmitool package uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this file (CVE-2011-4339). In Mandriva the ipmievd daemon from the ipmitool package does not have an initscript to start and stop the service, however one could rather easily craft an initscript or start the service by other means rendering the system vulnerable to this issue. The updated packages have been patched to correct this issue. %description IPMI stands for Intelligent Platform Management Interface and is an open standard for machine health, and (remote) control and is implemented by many hardware vendors - Intel is one of the originators, and early adopters of the standard. This package contains a utility for interfacing with IPMI-enabled devices through either the OpenIPMI kernel driver or with IPMI-over-LAN protocol. These functions include printing FRU(Field Replaceable Unit) information, LAN configuration, sensor readings, and remote chassis power control. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Dec 30 13:29:02 2011 Importance: security ID: MDVSA-2011:197 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2011:197 %pre Multiple vulnerabilities has been discovered and corrected in php: Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to read the contents of arbitrary memory locations or cause a denial of service via a crafted offset_val value in an EXIF header in a JPEG file, a different vulnerability than CVE-2011-0708 (CVE-2011-4566). PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters (CVE-2011-4885). The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Sat Dec 31 15:45:04 2011 Importance: bugfix ID: MDVA-2011:099 URL: http://www.mandriva.com/security/advisories?name=MDVA-2011:099 %pre This is a maintenance and bugfix release that upgrades mysql to the latest 5.1 version which solves numerous upstream bugs. The updated packages have been upgraded to mysql 5.1.60. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package perl-FCGI Update: Mon Jan 02 11:34:15 2012 Importance: security ID: MDVSA-2012:001 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:001 %pre A vulnerability has been found and corrected in fcgi: The FCGI (aka Fast CGI) module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers (CVE-2011-2766). The updated packages have been patched to correct this issue. %description This is a Fast CGI module for perl. It's based on the FCGI module that comes with Open Market's FastCGI Developer's Kit, but does not require you to recompile perl. See for more information about fastcgi. Lincoln D. Stein's perl CGI module also contains some information about fastcgi programming. %package lib64t1lib5 lib64t1lib-devel lib64t1lib-static-devel t1lib-config t1lib-progs Update: Mon Jan 02 16:54:24 2012 Importance: security ID: MDVSA-2012:002 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:002 %pre A vulnerability has been found and corrected in t1lib: t1lib 5.1.2 and earlier uses an invalid pointer in conjunction with a dereference operation, which allows remote attackers to execute arbitrary code via a specially crafted Type 1 font in a PDF document (CVE-2011-0764). The updated packages have been patched to correct this issue. %description T1lib is a library for generating character and string-glyphs from Adobe Type 1 fonts under UNIX. T1lib uses most of the code of the X11 rasterizer donated by IBM to the X11-project. But some disadvantages of the rasterizer being included in X11 have been eliminated. T1lib also includes a support for antialiasing. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source Update: Tue Jan 10 12:38:48 2012 Importance: security ID: MDVSA-2012:003 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:003 %pre Multiple vulnerabilities has been found and corrected in apache: Integer overflow in the ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the mod_setenvif module is enabled, allows local users to gain privileges via a .htaccess file with a crafted SetEnvIf directive, in conjunction with a crafted HTTP request header, leading to a heap-based buffer overflow (CVE-2011-3607). The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches for configuration of a reverse proxy, which allows remote attackers to send requests to intranet servers via a malformed URI containing an \@ (at sign) character and a : (colon) character in invalid positions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-3368 (CVE-2011-4317). The updated packages have been patched to correct these issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) This package defaults to a maximum of 128 dynamically loadable modules. This package defaults to a ServerLimit of 1024. You can change these values at RPM build time by using for example: --define 'maxmodules 512' --define 'serverlimit 2048' The package was built to support a maximum of 128 dynamically loadable modules. The package was built with a ServerLimit of 1024. %package lib64blkid1 lib64blkid-devel lib64uuid1 lib64uuid-devel util-linux-ng uuidd Update: Wed Jan 11 18:12:37 2012 Importance: bugfix ID: MDVA-2012:002 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:002 %pre This is a bugfix release that adds a personality flag to the setarch utility (--uname-2.6) that will make it possible to have uname -r report a kernel version of 2.6 even though you might be running the linux kernel 3.x. The updated package have been patched to correct this issue. %description The util-linux-ng package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux-ng contains the fdisk configuration tool and the login program. %package lib64t1lib5 lib64t1lib-devel lib64t1lib-static-devel t1lib-config t1lib-progs Update: Thu Jan 12 14:56:41 2012 Importance: security ID: MDVSA-2012:004 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:004 %pre Multiple vulnerabilities has been found and corrected in t1lib: A heap-based buffer overflow flaw was found in the way AFM font file parser, used for rendering of DVI files, in GNOME evince document viewer and other products, processed line tokens from the given input stream. A remote attacker could provide a DVI file, with embedded specially-crafted font file, and trick the local user to open it with an application using the AFM font parser, leading to that particular application crash or, potentially, arbitrary code execution with the privileges of the user running the application. Different vulnerability than CVE-2010-2642 (CVE-2011-0433). t1lib 5.1.2 and earlier reads from invalid memory locations, which allows remote attackers to cause a denial of service (application crash) via a crafted Type 1 font in a PDF document, a different vulnerability than CVE-2011-0764 (CVE-2011-1552). Use-after-free vulnerability in t1lib 5.1.2 and earlier allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different vulnerability than CVE-2011-0764 (CVE-2011-1553). Off-by-one error in t1lib 5.1.2 and earlier allows remote attackers to cause a denial of service (application crash) via a PDF document containing a crafted Type 1 font that triggers an invalid memory read, integer overflow, and invalid pointer dereference, a different vulnerability than CVE-2011-0764 (CVE-2011-1554). The updated packages have been patched to correct these issues. %description T1lib is a library for generating character and string-glyphs from Adobe Type 1 fonts under UNIX. T1lib uses most of the code of the X11 rasterizer donated by IBM to the X11-project. But some disadvantages of the rasterizer being included in X11 have been eliminated. T1lib also includes a support for antialiasing. %package apache-mod_php lib64mbfl1 lib64mbfl-devel lib64php5_common5 php-apc php-apc-admin php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-eaccelerator php-eaccelerator-admin php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gearman php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcal php-mcrypt php-mssql php-mysql php-mysqli php-mysqlnd php-odbc php-openssl php-optimizer php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-pinba php-posix php-pspell php-readline php-recode php-sasl php-session php-shmop php-snmp php-soap php-sockets php-sphinx php-sqlite3 php-sqlite php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tidy php-timezonedb php-tokenizer php-translit php-vld php-wddx php-xattr php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Sun Jan 15 15:22:06 2012 Importance: bugfix ID: MDVA-2012:004 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:004 %pre This is a maintenance and bugfix release that upgrades php to the latest 5.3.9 version which resolves numerous upstream bugs in php. php-mysqlnd packages are now also being provided with this advisory. The libmbfl packages has been upgraded to reflect the changes as of php-5.3.9. The php-ssh2 packages has been upgraded to the latest 0.11.3 version. The php-apc extension has been complemented with an additional flavour (apc-mmap+mutex.so) that resolves #64711. Note: in Mandriva you can easily switch between different flavours of APC, please have a look at the topmost lines in the /etc/php.d/99_apc.ini file. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Mon Jan 16 15:42:08 2012 Importance: security ID: MDVSA-2012:005 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:005 %pre A vulnerability has been found and corrected in libxml2: A heap-based buffer overflow in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors (CVE-2011-3919). The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64openssl0.9.8 lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Mon Jan 16 17:43:34 2012 Importance: security ID: MDVSA-2012:006 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:006 %pre Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack (CVE-2011-4108). Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check (CVE-2011-4109). The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer (CVE-2011-4576). The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors (CVE-2011-4619). The updated packages have been patched to correct these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64openssl0.9.8 lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Mon Jan 16 17:44:24 2012 Importance: security ID: MDVSA-2012:006 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:006 %pre Multiple vulnerabilities has been found and corrected in openssl: The DTLS implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f performs a MAC check only if certain padding is valid, which makes it easier for remote attackers to recover plaintext via a padding oracle attack (CVE-2011-4108). Double free vulnerability in OpenSSL 0.9.8 before 0.9.8s, when X509_V_FLAG_POLICY_CHECK is enabled, allows remote attackers to have an unspecified impact by triggering failure of a policy check (CVE-2011-4109). The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly initialize data structures for block cipher padding, which might allow remote attackers to obtain sensitive information by decrypting the padding data sent by an SSL peer (CVE-2011-4576). The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service via unspecified vectors (CVE-2011-4619). The updated packages have been patched to correct these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package perl perl-base perl-devel perl-doc perl-suid Update: Wed Jan 18 13:13:59 2012 Importance: security ID: MDVSA-2012:008 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:008 %pre Multiple vulnerabilities has been found and corrected in perl: Off-by-one error in the decode_xs function in Unicode/Unicode.xs in the Encode module before 2.44, as used in Perl before 5.15.6, might allow context-dependent attackers to cause a denial of service (memory corruption) via a crafted Unicode string, which triggers a heap-based buffer overflow (CVE-2011-2939). Eval injection in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor (CVE-2011-3597). The updated packages have been patched to correct these issues. %description Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. You need perl-base to have a full perl. %package lib64openssl0.9.8 lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Sun Jan 29 17:08:14 2012 Importance: security ID: MDVSA-2012:011 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:011 %pre A vulnerability has been found and corrected in openssl: OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108 (CVE-2012-0050). The updated packages have been patched to correct this issue. The openssl0.9.8 packages for 2010.2 have been upgraded to the 0.9.8t version which is not vulnerable to this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Tue Jan 31 14:52:55 2012 Importance: bugfix ID: MDVA-2012:005 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:005 %pre This is a maintenance and bugfix release that upgrades mysql to the latest 5.1 version which solves numerous upstream bugs. The updated packages have been upgraded to mysql 5.1.61. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package apache-base apache-conf apache-devel apache-doc apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_proxy_scgi apache-mod_reqtimeout apache-mod_ssl apache-mod_suexec apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source apr-util-dbd-freetds apr-util-dbd-ldap apr-util-dbd-mysql apr-util-dbd-odbc apr-util-dbd-pgsql apr-util-dbd-sqlite3 apr-util-dbm-db apr-util-nss apr-util-openssl lib64apr1 lib64apr-devel lib64apr-util1 lib64apr-util-devel Update: Thu Feb 02 13:31:08 2012 Importance: security ID: MDVSA-2012:012 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:012 %pre Multiple vulnerabilities has been found and corrected in apache (ASF HTTPD): The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a \%{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value (CVE-2012-0021). scoreboard.c in the Apache HTTP Server 2.2.21 and earlier might allow local users to cause a denial of service (daemon crash during shutdown) or possibly have unspecified other impact by modifying a certain type field within a scoreboard shared memory segment, leading to an invalid call to the free function (CVE-2012-0031). protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request (aka 400) error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a (1) long or (2) malformed header in conjunction with crafted web script (CVE-2012-0053). The updated packages have been upgraded to the latest 2.2.22 version which is not vulnerable to this issue. Additionally APR and APR-UTIL has been upgraded to the latest versions 1.4.5 and 1.4.1 respectively which holds many improvments over the previous versions. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more. %package beagle beagle-crawl-system beagle-doc beagle-evolution beagle-gui beagle-gui-qt beagle-libs firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-ext-beagle firefox-ext-blogrovr firefox-ext-mozvoikko firefox-ext-r-kiosk firefox-ext-scribefire firefox-ext-weave-sync firefox-ext-xmarks firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW gjs gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64gjs0 lib64gjs-devel lib64xulrunner1.9.2.26 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-af mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-beagle mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ka mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sr mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner yelp Update: Fri Feb 03 14:33:04 2012 Importance: security ID: MDVSA-2012:013 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:013 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes (CVE-2011-3659). Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages (CVE-2011-3670). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2012-0442). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2012-0443). Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Ogg Vorbis file (CVE-2012-0444). Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to bypass the HTML5 frame-navigation policy and replace arbitrary sub-frames by creating a form submission target with a sub-frame's name attribute (CVE-2012-0445). Multiple cross-site scripting (XSS) vulnerabilities in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to inject arbitrary web script or HTML via a (1) web page or (2) Firefox extension, related to improper enforcement of XPConnect security restrictions for frame scripts that call untrusted objects (CVE-2012-0446). Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize data for image/vnd.microsoft.icon images, which allows remote attackers to obtain potentially sensitive information by reading a PNG image that was created through conversion from an ICO image (CVE-2012-0447). Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a malformed XSLT stylesheet that is embedded in a document (CVE-2012-0449). Mozilla Firefox 4.x through 9.0 and SeaMonkey before 2.7 on Linux and Mac OS X set weak permissions for Firefox Recovery Key.html, which might allow local users to read a Firefox Sync key via standard filesystem operations (CVE-2012-0450). Additionally the libvpx packages has been upgraded to the 0.9.7 version for Mandriva Linux 2011 which is required by firefox 10.0. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu lib64modman1 lib64nm-glib2 lib64nm-glib-devel lib64nm-glib-vpn1 lib64nm-glib-vpn-devel lib64nm-util1 lib64nm-util-devel lib64proxy1 lib64proxy-devel lib64sqlite3_0 lib64sqlite3-devel lib64sqlite3-static-devel lib64vpx0 lib64vpx-devel libproxy-gnome libproxy-kde libproxy-networkmanager libproxy-perl libproxy-utils libvpx-utils networkmanager networkmanager-applet networkmanager-openvpn networkmanager-pptp networkmanager-vpnc python-cython python-libproxy sqlite3-tools yasm yasm-devel yasm-python Update: Fri Feb 03 22:13:53 2012 Importance: bugfix ID: MDVA-2012:006 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:006 %pre This is a maintenance and bugfix release that upgrades firefox to the latest version which brings new functionalities and notable speedups. This advisory also brings new packages needed for firefox at build time and at run time. %description Yasm is a complete rewrite of the NASM assembler under the "new" BSD License (some portions are under other licenses, see COPYING for details). It is designed from the ground up to allow for multiple assembler syntaxes to be supported (eg, NASM, TASM, GAS, etc.) in addition to multiple output object formats and even multiple instruction sets. Another primary module of the overall design is an optimizer module. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu Update: Sun Feb 05 15:41:43 2012 Importance: bugfix ID: MDVA-2012:007 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:007 %pre This is a maintenance and bugfix release for firefox 10.0 which utilizes better compilation optimizarions. Additionally a few more language packs has been added. %description Localizations for Firefox web browser. %package firefox firefox-devel Update: Thu Feb 09 12:06:22 2012 Importance: bugfix ID: MDVA-2012:014 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:014 %pre This is a maintenance and bugfix release for firefox 10.0 which utilizes slightlty better compilation optimizarions and fixes a problem with an empty printer list on Mandriva Linux 2011 (#65237). %description Mozilla Firefox is a web browser %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu Update: Sun Feb 12 18:11:21 2012 Importance: security ID: MDVSA-2012:017 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:017 %pre Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding (CVE-2012-0452). %description Localizations for Firefox web browser. %package mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Mon Feb 13 18:16:00 2012 Importance: bugfix ID: MDVA-2012:019 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:019 %pre This is a maintenance and bugfix release that provides thunderbird 10.0.1 which utilizes better compilation optimizarions. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package lib64apr1 lib64apr-devel Update: Tue Feb 14 11:26:06 2012 Importance: security ID: MDVSA-2012:019 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:019 %pre A vulnerability has been found and corrected in ASF APR: tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2012-0840). APR has been upgraded to the latest version (1.4.6) which holds many improvments over the previous versions and is not vulnerable to this issue. %description The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. %package java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-src Update: Fri Feb 17 16:29:57 2012 Importance: security ID: MDVSA-2012:021 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:021 %pre Multiple security issues were identified and fixed in OpenJDK (icedtea6): Fix issues in java sound (CVE-2011-3563). Fix in AtomicReferenceArray (CVE-2011-3571). Add property to limit number of request headers to the HTTP Server (CVE-2011-5035). Incorect checking for graphics rendering object (CVE-2012-0497). Multiple unspecified vulnerabilities allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors (CVE-2012-0498. CVE-2012-0499, CVE-2012-0500). Better input parameter checking in zip file processing (CVE-2012-0501). Issues with some KeyboardFocusManager method (CVE-2012-0502). Issues with TimeZone class (CVE-2012-0503). Enhance exception throwing mechanism in ObjectStreamClass (CVE-2012-0505). Issues with some method in corba (CVE-2012-0506). The updated packages provides icedtea6-1.10.6 which is not vulnerable to these issues. %description The OpenJDK runtime environment. %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Wed Feb 22 09:43:55 2012 Importance: security ID: MDVSA-2012:022 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:022 %pre A vulnerability has been found and corrected in libpng: Integer overflow in libpng allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an integer truncation (CVE-2011-3026). The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Wed Feb 22 11:03:48 2012 Importance: security ID: MDVSA-2012:023 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:023 %pre A vulnerability has been found and corrected in libxml2: It was found that the hashing routine used by libxml2 arrays was susceptible to predictable hash collisions. Sending a specially-crafted message to an XML service could result in longer processing time, which could lead to a denial of service. To mitigate this issue, randomization has been added to the hashing function to reduce the chance of an attacker successfully causing intentional collisions (CVE-2012-0841). The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu lib64nss3 lib64nss-devel lib64nss-static-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java Update: Thu Feb 23 18:18:40 2012 Importance: security ID: MDVSA-2012:022 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:022 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable (CVE-2011-3026). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions whish is not affecte dby this security flaw. Additionally the rootcerts packages (root CA cerificates bundle) has been upgraded to the latest version as of 2012/02/18 and the NSS library has been rebuilt accordingly to pickup the changes. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package lib64vpx0 lib64vpx-devel libvpx-utils Update: Mon Feb 27 10:25:45 2012 Importance: security ID: MDVSA-2012:023 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:023 %pre A vulnerability has been found and corrected in libvpx: VP8 Codec SDK (libvpx) before 1.0.0 Duclair allows remote attackers to cause a denial of service (application crash) via (1) unspecified corrupt input or (2) by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in SPLITMV blocks (CVE-2012-0823). The updated packages have been patched to correct this issue. %description libvpx provides the VP8 SDK, which allows you to integrate your applications with the VP8 video codec, a high quality, royalty free, open source codec deployed on millions of computers and devices worldwide. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu lib64nss3 lib64nss-devel lib64nss-static-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java Update: Tue Feb 28 12:11:13 2012 Importance: security ID: MDVSA-2012:022-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:022-1 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable (CVE-2011-3026). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions whish is not affecte dby this security flaw. Additionally the rootcerts packages (root CA cerificates bundle) has been upgraded to the latest version as of 2012/02/18 and the NSS library has been rebuilt accordingly to pickup the changes. Update: This is a symbolic advisory correction because there was a clash with MDVSA-2012:022 that addressed libpng. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu lib64nss3 lib64nss-devel lib64nss-static-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss rootcerts rootcerts-java Update: Tue Feb 28 12:16:29 2012 Importance: security ID: MDVSA-2012:022-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:022-1 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: An integer overflow in the libpng library can lead to a heap-buffer overflow when decompressing certain PNG images. This leads to a crash, which may be potentially exploitable (CVE-2011-3026). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions whish is not affecte dby this security flaw. Additionally the rootcerts packages (root CA cerificates bundle) has been upgraded to the latest version as of 2012/02/18 and the NSS library has been rebuilt accordingly to pickup the changes. Update: This is a symbolic advisory correction because there was a clash with MDVSA-2012:022 that addressed libpng. %description This is a bundle of X.509 certificates of public Certificate Authorities (CA). These were automatically extracted from Mozilla's root CA list (the file "certdata.txt"). It contains the certificates in both plain text and PEM format and therefore can be directly used with an Apache/mod_ssl webserver for SSL client authentication. Just configure this file as the SSLCACertificateFile. %package lib64vpx0 lib64vpx-devel libvpx-utils Update: Tue Feb 28 12:40:42 2012 Importance: security ID: MDVSA-2012:023-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:023-1 %pre A vulnerability has been found and corrected in libvpx: VP8 Codec SDK (libvpx) before 1.0.0 Duclair allows remote attackers to cause a denial of service (application crash) via (1) unspecified corrupt input or (2) by starting decoding from a P-frame, which triggers an out-of-bounds read, related to the clamping of motion vectors in SPLITMV blocks (CVE-2012-0823). The updated packages have been patched to correct this issue. Update: This is a symbolic advisory correction because there was a clash with MDVSA-2012:023 that addressed libxml2. %description libvpx provides the VP8 SDK, which allows you to integrate your applications with the VP8 video codec, a high quality, royalty free, open source codec deployed on millions of computers and devices worldwide. %package ruby ruby-devel ruby-doc ruby-tk Update: Tue Feb 28 15:58:42 2012 Importance: security ID: MDVSA-2012:024 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:024 %pre A vulnerability has been found and corrected in ruby: Ruby (aka CRuby) before 1.8.7-p357 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table (CVE-2011-4815). The updated packages have been patched to correct this issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package rpm-mandriva-setup rpm-mandriva-setup-build Update: Wed Feb 29 10:45:09 2012 Importance: bugfix ID: MDVA-2012:024 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:024 %pre Add support for partial strip for the debug info package generation. %description The Mandriva rpm configuration and scripts. %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Wed Feb 29 13:20:41 2012 Importance: security ID: MDVSA-2012:026 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:026 %pre Multiple vulnerabilities has been discovered and corrected in postgresql: Permissions on a function called by a trigger are not properly checked (CVE-2012-0866). SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities (CVE-2012-0867). Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file (CVE-2012-0868). This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package lib64xslt1 lib64xslt-devel python-libxslt xsltproc Update: Thu Mar 01 05:59:48 2012 Importance: security ID: MDVSA-2012:028 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:028 %pre A vulnerability has been found and corrected in libxslt: libxslt allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors (CVE-2011-3970). The updated packages have been patched to correct this issue. %description This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. %package gwenview kamera kcolorchooser kdegraphics4 kdegraphics4-core kdegraphics4-devel kgamma kipi-common kolourpaint kruler ksnapshot lib64gwenviewlib4 lib64kdcraw8 lib64kexiv2_8 lib64kipi7 lib64kolourpaint_lgpl4 lib64ksane0 lib64okularcore1 libkdcraw-common okular Update: Thu Mar 01 11:58:30 2012 Importance: bugfix ID: MDVA-2012:025 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:025 %pre In kdegraphics4-4.4.5-0.2 there is subpackage kdegraphics4-devel. It has 3 unversioned Obsoletes. These obsoletes cause problems for future updates. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications %package blinken cantor kalgebra kalzium kanagram kbruch kdeedu4 kdeedu4-core kdeedu4-devel kgeography khangman kig kiten klettres kmplot kstars ktouch kturtle kwordquiz lib64analitza4 lib64analitzagui4 lib64avogadro-kalzium0 lib64cantorlibs0 lib64compoundviewer4 lib64kdeeduui4 lib64keduvocdocument4 lib64kiten4 lib64marblewidget4 lib64SatLib4 lib64science4 marble marble-common parley plasma-applet-didyouknow plasma-applet-kworldclock plasma-engine-kalzium rocs step Update: Thu Mar 01 12:10:33 2012 Importance: bugfix ID: MDVA-2012:026 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:026 %pre This update removes some obsoletes, needed on old upgrades, from the kdeedu spec file. %description kdeedu4 metapackage, which contains: * blinken: Simon Says Game * kalgebra: MathML-based graph calculator * kbruch: Exercise Fractions * kgeography: Geography Trainer * khangman: Hangman Game * kig: Interactive Geometry * kiten: Japanese Reference/Study Tool * klettres: French alphabet tutor * kmplot: Mathematical Function Plotter * kpercentage: Excersie Percentages * ktouch: Touch Typing Tutor * kturtle: Logo Programming Environment * kvoctrain: Vocabulary Trainer * kwordquiz: Vocabulary Trainer * marble: Virtual Globe %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Wed Mar 21 09:45:31 2012 Importance: security ID: MDVSA-2012:033 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:033 %pre A vulnerability has been found and corrected in libpng: A heap-based buffer overflow flaw was found in the way libpng processed compressed chunks in PNG image files. An attacker could create a specially-crafted PNG image file that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2011-3045). The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Thu Mar 22 14:21:15 2012 Importance: bugfix ID: MDVA-2012:031 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:031 %pre This is a maintenance and bugfix release that upgrades mysql to the latest respective version which resolves various upstream bugs. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package lib64zip2 lib64zip-devel libzip Update: Fri Mar 23 08:06:32 2012 Importance: security ID: MDVSA-2012:034 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:034 %pre Multiple vulnerabilities has been found and corrected in libzip: libzip (version <= 0.10) uses an incorrect loop construct, which can result in a heap overflow on corrupted zip files (CVE-2012-1162). libzip (version <= 0.10) has a numeric overflow condition, which, for example, results in improper restrictions of operations within the bounds of a memory buffer (e.g., allowing information leaks) (CVE-2012-1163). The updated packages have been upgraded to the 0.10.1 version to correct these issues. %description libzip is a C library for reading, creating, and modifying zip archives. Files can be added from data buffers, files, or compressed data copied directly from other zip archives. Changes made without closing the archive can be reverted. The API is documented by man pages. %package file lib64magic1 lib64magic-devel lib64magic-static-devel python-magic Update: Fri Mar 23 08:36:31 2012 Importance: security ID: MDVSA-2012:035 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:035 %pre Multiple out-of heap-based buffer read flaws and invalid pointer dereference flaws were found in the way file, utility for determining of file types processed header section for certain Composite Document Format (CDF) files. A remote attacker could provide a specially-crafted CDF file, which once inspected by the file utility of the victim would lead to file executable crash (CVE-2012-1571). The updated packages for Mandriva Linux 2011 have been upgraded to the 5.11 version and the packages for Mandriva Linux 2010.2 has been patched to correct these issues. %description The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. You should install the file package, since the file command is such a useful utility. %package lib64soup-2.4_1 lib64soup-2.4-devel Update: Fri Mar 23 12:11:44 2012 Importance: security ID: MDVSA-2012:036 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:036 %pre A vulnerability has been found and corrected in libsoup: Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a \%2e\%2e (encoded dot dot) in a URI (CVE-2011-2524). The updated packages have been patched to correct this issue. %description Soup is a SOAP (Simple Object Access Protocol) implementation in C. It provides an queued asynchronous callback-based mechanism for sending and servicing SOAP requests, and a WSDL (Web Service Definition Language) to C compiler which generates client stubs and server skeletons for easily calling and implementing SOAP methods. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Update: Fri Mar 23 13:05:09 2012 Importance: security ID: MDVSA-2012:037 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:037 %pre A vulnerability has been found and corrected in cyrus-imapd: The index_get_ids function in index.c in imapd in Cyrus IMAP Server before 2.4.11, when server-side threading is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted References header in an e-mail message (CVE-2011-3481). The updated packages have been patched to correct this issue. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package lib64openssl0.9.8 lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Mon Mar 26 15:26:24 2012 Importance: security ID: MDVSA-2012:038 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:038 %pre Multiple vulnerabilities has been found and corrected in openssl: The implementation of Cryptographic Message Syntax (CMS) and PKCS #7 in OpenSSL before 0.9.8u and 1.x before 1.0.0h does not properly restrict certain oracle behavior, which makes it easier for context-dependent attackers to decrypt data via a Million Message Attack (MMA) adaptive chosen ciphertext attack (CVE-2012-0884). The mime_param_cmp function in crypto/asn1/asn_mime.c in OpenSSL before 0.9.8u and 1.x before 1.0.0h allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted S/MIME message, a different vulnerability than CVE-2006-7250 (CVE-2012-1165). The updated packages have been patched to correct these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64tasn1_3 lib64tasn1-devel libtasn1-tools Update: Tue Mar 27 09:25:33 2012 Importance: security ID: MDVSA-2012:039 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:039 %pre A vulnerability has been found and corrected in libtasn1: The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other products, does not properly handle certain large length values, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) or possibly have unspecified other impact via a crafted ASN.1 structure (CVE-2012-1569). The updated packages have been patched to correct this issue. %description Libtasn1 is an implementation of the ASN.1 standard used by GnuTLS and others. %package gnutls lib64gnutls26 lib64gnutls-devel Update: Tue Mar 27 14:34:58 2012 Importance: security ID: MDVSA-2012:040 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:040 %pre A vulnerability has been found and corrected in GnuTLS: gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure (CVE-2012-1573). The updated packages have been patched to correct this issue. The GnuTLS packages for Mandriva Linux 2011 has been upgraded to the 2.12.8 version due to problems with the test suite while building it, additionally a new dependency was added on p11-kit for the PKCS #11 support. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package expat lib64expat1 lib64expat1-devel Update: Tue Mar 27 17:35:48 2012 Importance: security ID: MDVSA-2012:041 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:041 %pre A memory leak and a hash table collision flaw in expat could cause denial os service (DoS) attacks (CVE-2012-0876, CVE-2012-1148). The updated packages have been patched to correct this issue. %description Expat is an XML 1.0 parser written in C by James Clark. It aims to be fully conforming. It is currently not a validating XML parser. %package nginx Update: Thu Mar 29 08:10:35 2012 Importance: security ID: MDVSA-2012:043 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:043 %pre A vulnerability has been found and corrected in nginx: Specially crafted backend response could result in sensitive information leak (CVE-2012-1180). The updated packages have been patched to correct this issue. %description Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3 proxy server written by Igor Sysoev. %package cvs Update: Thu Mar 29 10:04:41 2012 Importance: security ID: MDVSA-2012:044 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:044 %pre A vulnerability has been found and corrected in cvs: A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client (CVE-2012-0804). The updated packages have been patched to correct this issue. %description CVS means Concurrent Version System; it is a version control system which can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred, among other aspects. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. Install the cvs package if you need to use a version control system. %package gnutls lib64gnutls26 lib64gnutls-devel Update: Fri Mar 30 15:28:23 2012 Importance: security ID: MDVSA-2012:045 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:045 %pre A vulnerability has been found and corrected in GnuTLS: Buffer overflow in the gnutls_session_get_data function in lib/gnutls_session.c in GnuTLS 2.12.x before 2.12.14 and 3.x before 3.0.7, when used on a client that performs nonstandard session resumption, allows remote TLS servers to cause a denial of service (application crash) via a large SessionTicket (CVE-2011-4128). The updated packages have been patched to correct this issue. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package lib64png3 lib64png-devel lib64png-static-devel libpng-source Update: Mon Apr 02 07:02:26 2012 Importance: security ID: MDVSA-2012:046 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:046 %pre A potential memory corruption has been found and corrected in libpng (CVE-2011-3048). The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package mutt mutt-doc mutt-utf8 Update: Mon Apr 02 13:33:53 2012 Importance: security ID: MDVSA-2012:048 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:048 %pre A vulnerability has been found and corrected in mutt: Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766 (CVE-2011-1429). The updated packages have been patched to correct this issue. %description Mutt is a text mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you've used mutt in the past and you prefer it, or if you're new to mail programs and you haven't decided which one you're going to use. %package lib64vorbis0 lib64vorbis-devel lib64vorbisenc2 lib64vorbisfile3 Update: Tue Apr 03 13:18:47 2012 Importance: security ID: MDVSA-2012:052 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:052 %pre A vulnerability has been found and corrected in libvorbis: If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0444). The updated packages have been patched to correct this issue. %description Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. Find some free Ogg Vorbis music here: http://www.vorbis.com/music.html %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Thu Apr 05 06:59:22 2012 Importance: security ID: MDVSA-2012:054 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:054 %pre A vulnerability has been found and corrected in libtiff: An integer overflow was discovered in the libtiff/tiff_getimage.c file in the tiff library which could cause execution of arbitrary code using a specially crafted TIFF image file (CVE-2012-1173). The updated packages have been patched to correct this issue. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package bind bind-devel bind-doc bind-utils Update: Thu Apr 05 11:00:13 2012 Importance: bugfix ID: MDVA-2012:034 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:034 %pre This is a bugfix and maintenance release that upgrades ISC BIND to the latest respective versions which resolves numerous upstream bugs. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Wed Apr 11 11:06:01 2012 Importance: security ID: MDVSA-2012:055 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:055 %pre A vulnerability has been found and corrected in samba: The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call (CVE-2012-1182). The updated packages have been patched to correct this issue. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package lib64rpm4.6 lib64rpm-devel python-rpm rpm rpm-build Update: Thu Apr 12 07:12:43 2012 Importance: security ID: MDVSA-2012:056 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:056 %pre Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815). The updated packages have been patched to correct this issue. %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package freetype2-demos lib64freetype6 lib64freetype6-devel lib64freetype6-static-devel Update: Thu Apr 12 12:47:44 2012 Importance: security ID: MDVSA-2012:057 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:057 %pre Multiple flaws were found in FreeType. Specially crafted files could cause application crashes or potentially execute arbitrary code (CVE-2012-1126, CVE-2012-1127, CVE-2012-1128, CVE-2012-1129, CVE-2012-1130, CVE-2012-1131, CVE-2012-1132, CVE-2012-1133, CVE-2012-1134, CVE-2012-1135, CVE-2012-1136, CVE-2012-1137, CVE-2012-1138, CVE-2012-1139, CVE-2012-1140, CVE-2012-1141, CVE-2012-1142, CVE-2012-1143, CVE-2012-1144). The updated packages have been patched to correct this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package curl curl-examples lib64curl4 lib64curl-devel Update: Fri Apr 13 11:50:34 2012 Importance: security ID: MDVSA-2012:058 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:058 %pre Multiple vulnerabilities has been found and corrected in curl: curl is vulnerable to a SSL CBC IV vulnerability when built to use OpenSSL for the SSL/TLS layer. A work-around has been added to mitigate the problem (CVE-2011-3389). curl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs (CVE-2012-0036). The updated packages have been patched to correct these issues. %description curl is a client to get documents/files from servers, using any of the supported protocols. The command is designed to work without user interaction or any kind of interactivity. curl offers a busload of useful tricks like proxy support, user authentication, ftp upload, HTTP post, file transfer resume and more. This version is compiled with SSL (https) support. %package bsdcpio bsdtar lib64archive2 lib64archive-devel Update: Sat Apr 14 09:39:01 2012 Importance: bugfix ID: MDVA-2012:035 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:035 %pre The MDVSA-2011:190 advisory introduced a regression conserning broken ISO support. The updated packages have been patched to correct this issue. %description Libarchive is a programming library that can create and read several different streaming archive formats, including most popular tar variants and several cpio formats. It can also write shar archives and read ISO9660 CDROM images and ZIP archives. The bsdtar program is an implementation of tar(1) that is built on top of libarchive. It started as a test harness, but has grown and is now the standard system tar for FreeBSD 5 and 6. %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu icedtea-web icedtea-web-javadoc lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner10.0.3 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss xulrunner Update: Tue Apr 17 16:58:17 2012 Importance: security ID: MDVSA-2012:032-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:032-1 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Security researchers Blair Strang and Scott Bell of Security Assessment found that when a parent window spawns and closes a child window that uses the file open dialog, a crash can be induced in shlwapi.dll on 32-bit Windows 7 systems. This crash may be potentially exploitable (CVE-2012-0454). Firefox prevents the dropping of javascript: links onto a frame to prevent malicious sites from tricking users into performing a cross-site scripting (XSS) attacks on themselves. Security researcher Soroush Dalili reported a way to bypass this protection (CVE-2012-0455). Security researcher Atte Kettunen from OUSPG found two issues with Firefox's handling of SVG using the Address Sanitizer tool. The first issue, critically rated, is a use-after-free in SVG animation that could potentially lead to arbitrary code execution. The second issue is rated moderate and is an out of bounds read in SVG Filters. This could potentially incorporate data from the user's memory, making it accessible to the page content (CVE-2012-0457, CVE-2012-0456). Security Researcher Mike Brooks of Sitewatch reported that if multiple Content Security Policy (CSP) headers are present on a page, they have an additive effect page policy. Using carriage return line feed (CRLF) injection, a new CSP rule can be introduced which allows for cross-site scripting (XSS) on sites with a separate header injection vulnerability (CVE-2012-0451). Security researcher Mariusz Mlynski reported that an attacker able to convince a potential victim to set a new home page by dragging a link to the home button can set that user's home page to a javascript: URL. Once this is done the attacker's page can cause repeated crashes of the browser, eventually getting the script URL loaded in the privileged about:sessionrestore context (CVE-2012-0458). Mozilla community member Daniel Glazman of Disruptive Innovations reported a crash when accessing a keyframe's cssText after dynamic modification. This crash may be potentially exploitable (CVE-2012-0459). Mozilla developer Matt Brubeck reported that window.fullScreen is writeable by untrusted content now that the DOM fullscreen API is enabled. Because window.fullScreen does not include mozRequestFullscreen's security protections, it could be used for UI spoofing. This code change makes window.fullScreen read only by untrusted content, forcing the use of the DOM fullscreen API in normal usage (CVE-2012-0460). Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2012-0461, CVE-2012-0462, CVE-2012-0464). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions which is unaffected by these security flaws. Additionally the NSS and NSPR packages has been upgraded to the latest versions. The OpenJDK java plugin (icedtea-web) has been upgraded to the 1.1.5 version whish bas better support for firefox 10.x+. Update: Updated packages for 2010.2 is being provided, despite the Mandriva products lifetime policy dictates otherwise. %description XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It will provide mechanisms for installing, upgrading, and uninstalling these applications. XULRunner will also provide libxul, a solution which allows the embedding of Mozilla technologies in other projects and products. %package lib64openssl0.9.8 lib64openssl1.0.0 lib64openssl1.0.0-devel lib64openssl1.0.0-static-devel lib64openssl-engines1.0.0 openssl Update: Thu Apr 19 16:38:26 2012 Importance: security ID: MDVSA-2012:060 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:060 %pre A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS (CVE-2012-2110). The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. %package lib64raptor1 lib64raptor-devel raptor Update: Sat Apr 21 13:42:31 2012 Importance: security ID: MDVSA-2012:061 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:061 %pre An XML External Entity expansion flaw was found in the way Raptor processed RDF files. If an application linked against Raptor were to open a specially-crafted RDF file, it could possibly allow a remote attacker to obtain a copy of an arbitrary local file that the user running the application had access to. A bug in the way Raptor handled external entities could cause that application to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2012-0037). The updated packages have been patched to correct this issue. raptor2 for Mandriva Linux 2011 has been upgraded to the 2.0.7 version which is not vulnerable to this issue. %description Raptor is the RDF Parser Toolkit for Redland that provides a set of standalone RDF parsers, generating triples from RDF/XML or N-Triples. %package lib64openssl0.9.8 Update: Tue Apr 24 12:57:14 2012 Importance: security ID: MDVSA-2012:064 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:064 %pre It was discovered that the fix for CVE-2012-2110 (MDVSA-2012:060) was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. NOTE: Only the shared library and the engines are provided with this source rpm package. %package apache-mod_php lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mailparse php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-mysqlnd php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-ssh2 php-suhosin php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-timezonedb php-tokenizer php-vld php-wddx php-xdebug php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Apr 27 09:05:36 2012 Importance: security ID: MDVSA-2012:065 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:065 %pre Multiple vulnerabilities has been identified and fixed in php: The PDORow implementation in PHP before 5.3.9 does not properly interact with the session feature, which allows remote attackers to cause a denial of service (application crash) via a crafted application that uses a PDO driver for a fetch and then calls the session_start function, as demonstrated by a crash of the Apache HTTP Server (CVE-2012-0788). Note: this was fixed with php-5.3.10 The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885 (CVE-2012-0830). Note: this was fixed with php-5.3.10 PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c (CVE-2012-0831). Insufficient validating of upload name leading to corrupted $_FILES indices (CVE-2012-1172). The updated php packages have been upgraded to 5.3.11 which is not vulnerable to these issues. Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute arbitrary code via a long string that is used in a Set-Cookie HTTP header (CVE-2012-0807). The php-suhosin packages has been upgraded to the 0.9.33 version which is not affected by this issue. Additionally some of the PECL extensions has been upgraded to their latest respective versions which resolves various upstream bugs. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package firefox firefox-af firefox-ar firefox-ast firefox-be firefox-bg firefox-bn_BD firefox-bn_IN firefox-br firefox-bs firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-en_ZA firefox-eo firefox-es_AR firefox-es_CL firefox-es_ES firefox-es_MX firefox-et firefox-eu firefox-fa firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gd firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hr firefox-hu firefox-hy firefox-id firefox-is firefox-it firefox-ja firefox-kk firefox-kn firefox-ko firefox-ku firefox-lg firefox-lt firefox-lv firefox-mai firefox-mk firefox-ml firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-nso firefox-or firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-ta firefox-ta_LK firefox-te firefox-th firefox-tr firefox-uk firefox-vi firefox-zh_CN firefox-zh_TW firefox-zu lib64xulrunner10.0.4 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall xulrunner Update: Fri Apr 27 10:23:38 2012 Importance: security ID: MDVSA-2012:066 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:066 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code (CVE-2012-0468, CVE-2012-0467). Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable (CVE-2012-0469). Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG found a heap corruption in gfxImageSurface which allows for invalid frees and possible remote code execution. This happens due to float error, resulting from graphics values being passed through different number systems (CVE-2012-0470). Anne van Kesteren of Opera Software found a multi-octet encoding issue where certain octets will destroy the following octets in the processing of some multibyte character sets. This can leave users vulnerable to cross-site scripting (XSS) attacks on maliciously crafted web pages (CVE-2012-0471). Security research firm iDefense reported that researcher wushi of team509 discovered a memory corruption on Windows Vista and Windows 7 systems with hardware acceleration disabled or using incompatible video drivers. This is created by using cairo-dwrite to attempt to render fonts on an unsupported code path. This corruption causes a potentially exploitable crash on affected systems (CVE-2012-0472). Mozilla community member Matias Juntunen discovered an error in WebGLBuffer where FindMaxElementInSubArray receives wrong template arguments from FindMaxUshortElement. This bug causes maximum index to be computed incorrectly within WebGL.drawElements, allowing the reading of illegal video memory (CVE-2012-0473). Security researchers Jordi Chancel and Eddy Bordi reported that they could short-circuit page loads to show the address of a different site than what is loaded in the window in the addressbar. Security researcher Chris McGowen independently reported the same flaw, and further demonstrated that this could lead to loading scripts from the attacker's site, leaving users vulnerable to cross-site scripting (XSS) attacks (CVE-2012-0474). Security researcher Masato Kinugawa found that during the decoding of ISO-2022-KR and ISO-2022-CN character sets, characters near 1024 bytes are treated incorrectly, either doubling or deleting bytes. On certain pages it might be possible for an attacker to pad the output of the page such that these errors fall in the right place to affect the structure of the page, allowing for cross-site script (XSS) injection (CVE-2012-0477). Mozilla community member Ms2ger found an image rendering issue with WebGL when texImage2D uses use JSVAL_TO_OBJECT on arbitrary objects. This can lead to a crash on a maliciously crafted web page. While there is no evidence that this is directly exploitable, there is a possibility of remote code execution (CVE-2012-0478). Mateusz Jurczyk of the Google Security Team discovered an off-by-one error in the OpenType Sanitizer using the Address Sanitizer tool. This can lead to an out-of-bounds read and execution of an uninitialized function pointer during parsing and possible remote code execution (CVE-2011-3062). Security researcher Jeroen van der Gun reported that if RSS or Atom XML invalid content is loaded over HTTPS, the addressbar updates to display the new location of the loaded resource, including SSL indicators, while the main window still displays the previously loaded content. This allows for phishing attacks where a malicious page can spoof the identify of another seemingly secure site (CVE-2012-0479). The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions which is unaffected by these security flaws. Additionally the SQLite packages has been upgraded to the 3.7.11 version and the cairo packages has been patched to work with firefox and thunderbird 12.0 for Mandriva Linux 2011. %description XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It will provide mechanisms for installing, upgrading, and uninstalling these applications. XULRunner will also provide libxul, a solution which allows the embedding of Mozilla technologies in other projects and products. %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Tue May 01 09:43:14 2012 Importance: security ID: MDVSA-2012:067 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:067 %pre A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority (LSA) remote proceedure calls (RPC) CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database (CVE-2012-2111). The updated packages have been patched to correct this issue. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-mysqlnd php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri May 04 10:23:40 2012 Importance: security ID: MDVSA-2012:068 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:068 %pre A vulnerability has been found and corrected in php(-cgi): PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server (CVE-2012-1823). The updated packages have been patched to correct this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package cifs-utils Update: Fri May 04 14:59:08 2012 Importance: security ID: MDVSA-2012:069 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:069 %pre A vulnerability has been found and corrected in cifs-utils: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). The updated packages have been patched to correct this issue. %description Tools for Managing Linux CIFS Client Filesystems. %package lib64netapi0 lib64netapi-devel lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel lib64smbsharemodes0 lib64smbsharemodes-devel lib64wbclient0 lib64wbclient-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-domainjoin-gui samba-server samba-swat samba-winbind Update: Fri May 04 15:55:54 2012 Importance: security ID: MDVSA-2012:070 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:070 %pre A vulnerability has been found and corrected in samba: A file existence dislosure flaw was found in the way mount.cifs tool of the Samba SMB/CIFS tools suite performed mount of a Linux CIFS (Common Internet File System) filesystem. A local user, able to mount a remote CIFS share / target to a local directory could use this flaw to confirm (non) existence of a file system object (file, directory or process descriptor) via error messages generated during the mount.cifs tool run (CVE-2012-1586). The updated packages have been patched to correct this issue. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package apache-mod_php lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-mysqlnd php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Thu May 10 11:08:16 2012 Importance: security ID: MDVSA-2012:068-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:068-1 %pre A vulnerability has been found and corrected in php(-cgi): PHP-CGI-based setups contain a vulnerability when parsing query string parameters from php files. A remote unauthenticated attacker could obtain sensitive information, cause a denial of service condition or may be able to execute arbitrary code with the privileges of the web server (CVE-2012-1823). The updated packages have been patched to correct this issue. Update: It was discovered that the previous fix for the CVE-2012-1823 vulnerability was incomplete (CVE-2012-2335, CVE-2012-2336). The updated packages provides the latest version (5.3.13) which provides a solution to this flaw. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package lib64openssl0.9.8 Update: Fri May 11 12:17:10 2012 Importance: security ID: MDVSA-2012:073 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:073 %pre A vulnerability has been found and corrected in openssl: A flaw in the OpenSSL handling of CBC mode ciphersuites in DTLS can be exploited in a denial of service attack on both clients and servers (CVE-2012-2333). The updated packages have been patched to correct this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. NOTE: Only the shared library and the engines are provided with this source rpm package. %package ffmpeg lib64avformats52 lib64avutil50 lib64ffmpeg52 lib64ffmpeg-devel lib64ffmpeg-static-devel lib64postproc51 lib64swscaler0 Update: Tue May 15 11:09:07 2012 Importance: security ID: MDVSA-2012:075 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:075 %pre Multiple vulnerabilities has been found and corrected in ffmpeg: The Matroska format decoder in FFmpeg does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted file (CVE-2011-3362, CVE-2011-3504). cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, related to the decode_residual_block, check_for_slice, and cavs_decode_frame functions, a different vulnerability than CVE-2011-3362 (CVE-2011-3973). Integer signedness error in the decode_residual_inter function in cavsdec.c in libavcodec in FFmpeg allows remote attackers to cause a denial of service (incorrect write operation and application crash) via an invalid bitstream in a Chinese AVS video (aka CAVS) file, a different vulnerability than CVE-2011-3362 (CVE-2011-3974). Double free vulnerability in the Theora decoder in FFmpeg allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream (CVE-2011-3892). FFmpeg does not properly implement the MKV and Vorbis media handlers, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors (CVE-2011-3893). Heap-based buffer overflow in the Vorbis decoder in FFmpeg allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted stream (CVE-2011-3895). An error within the QDM2 decoder (libavcodec/qdm2.c) can be exploited to cause a buffer overflow (CVE-2011-4351). An integer overflow error within the "vp3_dequant()" function (libavcodec/vp3.c) can be exploited to cause a buffer overflow (CVE-2011-4352). Errors within the "av_image_fill_pointers()", the "vp5_parse_coeff()", and the "vp6_parse_coeff()" functions can be exploited to trigger out-of-bounds reads (CVE-2011-4353). It was discovered that Libav incorrectly handled certain malformed VMD files. If a user were tricked into opening a crafted VMD file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program (CVE-2011-4364). It was discovered that Libav incorrectly handled certain malformed SVQ1 streams. If a user were tricked into opening a crafted SVQ1 stream file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program (CVE-2011-4579). The updated packages have been upgraded to the 0.6.5 version where these issues has been corrected. %description ffmpeg is a hyper fast realtime audio/video encoder, a streaming server and a generic audio and video file converter. It can grab from a standard Video4Linux video source and convert it into several file formats based on DCT/motion compensation encoding. Sound is compressed in MPEG audio layer 2 or using an AC3 compatible stream. %package lib64dc1394_22 lib64dc1394-devel Update: Tue May 15 14:36:21 2012 Importance: bugfix ID: MDVA-2012:042 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:042 %pre It was discovered a linker namespace conflict caused Digikam to crash. This advisory resolves this problem. %description libdc1394 is a library that is intended to provide a high level programming interface for application developers who wish to control IEEE 1394 based cameras that conform to the 1394-based Digital Camera Specification (found at http://www.1394ta.org/). %package imagemagick imagemagick-desktop imagemagick-doc lib64magick3 lib64magick-devel perl-Image-Magick Update: Thu May 17 12:10:25 2012 Importance: security ID: MDVSA-2012:077 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:077 %pre Multiple vulnerabilities has been found and corrected in imagemagick: Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_INSTALLED_SUPPORT is defined, allows local users to gain privileges via a Trojan horse configuration file in the current working directory (CVE-2010-4167). A flaw was found in the way ImageMagick processed images with malformed Exchangeable image file format (Exif) metadata. An attacker could create a specially-crafted image file that, when opened by a victim, would cause ImageMagick to crash or, potentially, execute arbitrary code (CVE-2012-0247). A denial of service flaw was found in the way ImageMagick processed images with malformed Exif metadata. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to enter an infinite loop (CVE-2012-0248). The original fix for CVE-2012-0247 failed to check for the possibility of an integer overflow when computing the sum of number_bytes and offset. This resulted in a wrap around into a value smaller than length, making original CVE-2012-0247 introduced length check still to be possible to bypass, leading to memory corruption (CVE-2012-1185). An integer overflow flaw was found in the way ImageMagick processed certain Exif tags with a large components count. An attacker could create a specially-crafted image file that, when opened by a victim, could cause ImageMagick to access invalid memory and crash (CVE-2012-0259). A denial of service flaw was found in the way ImageMagick decoded certain JPEG images. A remote attacker could provide a JPEG image with specially-crafted sequences of RST0 up to RST7 restart markers (used to indicate the input stream to be corrupted), which once processed by ImageMagick, would cause it to consume excessive amounts of memory and CPU time (CVE-2012-0260). An out-of-bounds buffer read flaw was found in the way ImageMagick processed certain TIFF image files. A remote attacker could provide a TIFF image with a specially-crafted Exif IFD value (the set of tags for recording Exif-specific attribute information), which once opened by ImageMagick, would cause it to crash (CVE-2012-1798). The updated packages have been patched to correct these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. ImageMagick can make use of the following delegate programs, available as packages in Mandriva Linux: curl enscript ffmpeg ghostscript ghostscript-X gimp gnuplot graphviz html2ps mplayer ncompress netpbm sane-backends tetex-dvips transfig ufraw xdg-utils zip autotrace povray %package sudo Update: Mon May 21 14:49:57 2012 Importance: security ID: MDVSA-2012:079 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:079 %pre A vulnerability has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks may be able to run commands on hosts that belong to other networks not explicitly listed in sudoers (CVE-2012-2337 The updated packages have been patched to correct this issue. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package timezone timezone-java Update: Thu May 24 09:09:37 2012 Importance: bugfix ID: MDVA-2012:044 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:044 %pre Timezone is a package that contains data files with rules for various timezones around the world. This update addresses the following changes: - Fiji adopts DST for 2011 (effective Oct 23rd, 2011) - West Bank changes date for DST end in 2011 to Sep 30th - Fix DST for: Pridnestrovian Moldavian Republic, Ukraine, Bahia and Brazil. - Haiti observes DST from 2012 on - Gaza Strip and Hebron observe DST in 2012 - Change start of DST in Syria to last Friday in March - Morocco moved DST entry to last Sunday of April - Changes to zones for Antarctica stations - Armenia abolished DST in 2012 and forward - Cuba enters DST on 31st March - Falkland Islands will stay on permanent Summer Time - New zone for Creston Valley, Canada, which differs from Dawson Creek in past stamps. Changes to historical stamps in Canada. - Last year, Tokelau skipped over the date line together with Samoa - The Chilean Government has decided to postpone the entrance into winter time (to leave DST) from March 11 2012 to April 28th 2012 - Cuba postponed DST by two weeks to Nov 13 - Fiji will enter DST on Jan 21 %description This package contains data files with rules for various timezones around the world. %package lib64mysql16 lib64mysql-devel lib64mysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-common-core mysql-core mysql-plugin_pbxt mysql-plugin_pinba mysql-plugin_revision mysql-plugin_sphinx Update: Fri May 25 10:36:32 2012 Importance: bugfix ID: MDVA-2012:045 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:045 %pre This is a maintenance and bugfix release that upgrades mysql to the latest version which resolves various upstream bugs. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The mysql server is compiled with the following storage engines: - InnoDB Storage Engine - Archive Storage Engine - CSV Storage Engine - Federated Storage Engine - User Defined Functions (UDFs). - Blackhole Storage Engine - Partition Storage Engine Third party storage engines packaged separately: - Sphinx storage engine 0.9.9 (urpmi mysql-plugin_sphinx) - PBXT Storage Engine 1.0.11 (urpmi mysql-plugin_pbxt) - Revision Storage Engine 0.1 (urpmi mysql-plugin_revision) - Pinba Storage Engine 0.0.5 (urpmi mysql-plugin_pinba) Please see the documentation and the manual for more information. %package lib64blkid1 lib64blkid-devel lib64uuid1 lib64uuid-devel util-linux-ng uuidd Update: Tue May 29 11:50:01 2012 Importance: security ID: MDVSA-2012:083 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:083 %pre Multiple vulnerabilities has been discovered and corrected in util-linux: mount in util-linux 2.19 and earlier attempts to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1675). mount in util-linux 2.19 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors (CVE-2011-1677). The updated packages have been patched to correct this issue. %description The util-linux-ng package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux-ng contains the fdisk configuration tool and the login program. %package ipxutils lib64ncpfs2.3 lib64ncpfs-devel ncpfs Update: Tue May 29 13:00:35 2012 Importance: security ID: MDVSA-2012:084 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:084 %pre Multiple vulnerabilities has been discovered and corrected in ncpfs: ncpfs 2.2.6 and earlier attempts to use (1) ncpmount to append to the /etc/mtab file and (2) ncpumount to append to the /etc/mtab.tmp file without first checking whether resource limits would interfere, which allows local users to trigger corruption of the /etc/mtab file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089 (CVE-2011-1679). ncpmount in ncpfs 2.2.6 and earlier does not remove the /etc/mtab~ lock file after a failed attempt to add a mount entry, which has unspecified impact and local attack vectors (CVE-2011-1680). The updated packages have been patched to correct this issue. %description Ncpfs is a filesystem which understands the Novell NetWare(TM) NCP protocol. Functionally, NCP is used for NetWare the way NFS is used in the TCP/IP world. For a Linux system to mount a NetWare filesystem, it needs a special mount program. The ncpfs package contains such a mount program plus other tools for configuring and using the ncpfs filesystem. Install the ncpfs package if you need to use the ncpfs filesystem to use Novell NetWare files or services. %package debugmode initscripts kbd Update: Tue May 29 13:52:11 2012 Importance: bugfix ID: MDVA-2012:046 URL: http://www.mandriva.com/security/advisories?name=MDVA-2012:046 %pre Xorg and chvt 1 call (in /etc/rc.d/rc) can be deadlocking one another if shutdown is requested using ACPI (or any other mean), which will cause X to stop while, at the same time, /etc/rc.d/rc0/6 is running, causing chvt 1 to be called. When this happen, chvt call is blocked and shutdown / reboot doesn't happen. You need to press Ctrl-F1 to change VT and unlock everything. To fix that, a patch in chvt is needed to replace ioctl which is blocking kernel side to a userspace temporary lock. This update corrects the problem. %description This package contains utilities to load console fonts and keyboard maps. It also includes a number of different fonts and keyboard maps. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-eclipse tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Wed May 30 11:57:47 2012 Importance: security ID: MDVSA-2012:085 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:085 %pre A vulnerability has been discovered and corrected in tomcat5: Apache Tomcat 5.5.x before 5.5.35, 6.x before 6.0.34, and 7.x before 7.0.23 uses an inefficient approach for handling parameters, which allows remote attackers to cause a denial of service (CPU consumption) via a request that contains many parameters and parameter values, a different vulnerability than CVE-2011-4858 (CVE-2012-0022). The updated packages have been patched to correct this issue. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package acpid Update: Thu May 31 10:08:41 2012 Importance: security ID: MDVSA-2012:086 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:086 %pre A vulnerability has been discovered and corrected in acpid: acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls (CVE-2011-1159). The updated packages have been patched to correct this issue. %description The ACPI specification defines power and system management functions for each computer, in a generic manner. The ACPI daemon coordinates the management of power and system functions when ACPI kernel support is enabled (kernel 2.3.x or later). %package lib64upsclient1 nut nut-cgi nut-devel nut-drivers-hal nut-server Update: Tue Jun 05 08:29:43 2012 Importance: security ID: MDVSA-2012:087 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:087 %pre A vulnerability has been discovered and corrected in nut: NUT server (upsd), from versions 2.4.0 to 2.6.3, are exposed to crashes when receiving random data from the network (CVE-2012-2944). The updated packages have been patched to correct this issue. %description These programs are part of a developing project to monitor the assortment of UPSes that are found out there in the field. Many models have serial ports of some kind that allow some form of state checking. This capability has been harnessed where possible to allow for safe shutdowns, live status tracking on web pages, and more. This package includes the client utilities that are required to monitor a UPS that the client host is powered from - either connected directly via a serial port (in which case the nut-server package needs to be installed on this machine) or across the network (where another host on the network monitors the UPS via serial cable and runs the main nut package to allow clients to see the information). %package lib64upsclient1 nut nut-cgi nut-devel nut-drivers-hal nut-server Update: Tue Jun 05 08:31:20 2012 Importance: security ID: MDVSA-2012:087 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:087 %pre A vulnerability has been discovered and corrected in nut: Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters (CVE-2012-2944). The updated packages have been patched to correct this issue. %description These programs are part of a developing project to monitor the assortment of UPSes that are found out there in the field. Many models have serial ports of some kind that allow some form of state checking. This capability has been harnessed where possible to allow for safe shutdowns, live status tracking on web pages, and more. This package includes the client utilities that are required to monitor a UPS that the client host is powered from - either connected directly via a serial port (in which case the nut-server package needs to be installed on this machine) or across the network (where another host on the network monitors the UPS via serial cable and runs the main nut package to allow clients to see the information). %package bind bind-devel bind-doc bind-utils Update: Sun Jun 10 10:20:33 2012 Importance: security ID: MDVSA-2012:089 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:089 %pre A vulnerability was discovered and corrected in bind: ISC BIND 9.x before 9.7.6-P1, 9.8.x before 9.8.3-P1, 9.9.x before 9.9.1-P1, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P1 does not properly handle resource records with a zero-length RDATA section, which allows remote DNS servers to cause a denial of service (daemon crash or data corruption) or obtain sensitive information from process memory via a crafted record (CVE-2012-1667). The updated packages have been upgraded to bind 9.7.6-P1 and 9.8.3-P1 which is not vulnerable to this issue. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package lib64ecpg8.4_6 lib64pq8.4_5 postgresql8.4 postgresql8.4-contrib postgresql8.4-devel postgresql8.4-docs postgresql8.4-pl postgresql8.4-plperl postgresql8.4-plpgsql postgresql8.4-plpython postgresql8.4-pltcl postgresql8.4-server Update: Fri Jun 15 13:03:13 2012 Importance: security ID: MDVSA-2012:092 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:092 %pre Multiple vulnerabilities has been discovered and corrected in postgresql: Fix incorrect password transformation in contrib/pgcrypto's DES crypt() function (Solar Designer). If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated (CVE-2012-2143). Ignore SECURITY DEFINER and SET attributes for a procedural language's call handler (Tom Lane). Applying such attributes to a call handler could crash the server (CVE-2012-2655). This advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package apache-mod_php lib64php5_common5 php-bcmath php-bz2 php-calendar php-cgi php-cli php-ctype php-curl php-dba php-devel php-doc php-dom php-enchant php-exif php-fileinfo php-filter php-fpm php-ftp php-gd php-gettext php-gmp php-hash php-iconv php-imap php-ini php-intl php-json php-ldap php-mbstring php-mcrypt php-mssql php-mysql php-mysqli php-mysqlnd php-odbc php-openssl php-pcntl php-pdo php-pdo_dblib php-pdo_mysql php-pdo_odbc php-pdo_pgsql php-pdo_sqlite php-pgsql php-phar php-posix php-pspell php-readline php-recode php-session php-shmop php-snmp php-soap php-sockets php-sqlite3 php-sqlite php-sybase_ct php-sysvmsg php-sysvsem php-sysvshm php-tidy php-tokenizer php-wddx php-xml php-xmlreader php-xmlrpc php-xmlwriter php-xsl php-zip php-zlib Update: Fri Jun 15 13:59:13 2012 Importance: security ID: MDVSA-2012:093 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:093 %pre Multiple vulnerabilities has been identified and fixed in php: There is a programming error in the DES implementation used in crypt() in ext/standard/crypt_freesec.c when handling input which contains characters that can not be represented with 7-bit ASCII. When the input contains characters with only the most significant bit set (0x80), that character and all characters after it will be ignored (CVE-2012-2143). An integer overflow, leading to heap-based buffer overflow was found in the way Phar extension of the PHP scripting language processed certain fields by manipulating TAR files. A remote attacker could provide a specially-crafted TAR archive file, which once processed in an PHP application using the Phar extension could lead to denial of service (application crash), or, potentially arbitary code execution with the privileges of the user running the application (CVE-2012-2386). The updated php packages have been upgraded to the 5.3.14 version which is not vulnerable to these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. This version of php has the suhosin patch 0.9.10 applied. Please report bugs here: http://qa.mandriva.com/ so that the official maintainer of this Mandriva package can help you. More information regarding the suhosin patch 0.9.10 here: http://www.suhosin.org/ %package java-1.6.0-openjdk java-1.6.0-openjdk-demo java-1.6.0-openjdk-devel java-1.6.0-openjdk-javadoc java-1.6.0-openjdk-src Update: Mon Jun 18 12:04:13 2012 Importance: security ID: MDVSA-2012:095 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:095 %pre Multiple security issues were identified and fixed in OpenJDK (icedtea6): * S7079902, CVE-2012-1711: Refine CORBA data models * S7143617, CVE-2012-1713: Improve fontmanager layout lookup operations * S7143614, CVE-2012-1716: SynthLookAndFeel stability improvement * S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. * S7143872, CVE-2012-1718: Improve certificate extension processing * S7143851, CVE-2012-1719: Improve IIOP stub and tie generation in RMIC * S7152811, CVE-2012-1723: Issues in client compiler * S7157609, CVE-2012-1724: Issues with loop * S7160757, CVE-2012-1725: Problem with hotspot/runtime_classfile * S7110720: Issue with vm config file loadingIssue with vm config file loading * S7145239: Finetune package definition restriction * S7160677: missing else in fix for 7152811 The updated packages provides icedtea6-1.11.3 which is not vulnerable to these issues. %description The OpenJDK runtime environment. %package lib64python2.6 lib64python2.6-devel python python-docs tkinter tkinter-apps Update: Wed Jun 20 15:04:44 2012 Importance: security ID: MDVSA-2012:096 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:096 %pre Multiple vulnerabilities has been discovered and corrected in python: The _ssl module would always disable the CBC IV attack countermeasure (CVE-2011-3389). A flaw was found in the way the Python SimpleHTTPServer module generated directory listings. An attacker able to upload a file with a specially-crafted name to a server could possibly perform a cross-site scripting (XSS) attack against victims visiting a listing page generated by SimpleHTTPServer, for a directory containing the crafted file (if the victims were using certain web browsers) (CVE-2011-4940). A race condition was found in the way the Python distutils module set file permissions during the creation of the .pypirc file. If a local user had access to the home directory of another user who is running distutils, they could use this flaw to gain access to that user's .pypirc file, which can contain usernames and passwords for code repositories (CVE-2011-4944). A flaw was found in the way the Python SimpleXMLRPCServer module handled clients disconnecting prematurely. A remote attacker could use this flaw to cause excessive CPU consumption on a server using SimpleXMLRPCServer (CVE-2012-0845). Hash table collisions CPU usage DoS for the embedded copy of expat (CVE-2012-0876). A denial of service flaw was found in the implementation of associative arrays (dictionaries) in Python. An attacker able to supply a large number of inputs to a Python application (such as HTTP POST request parameters sent to a web application) that are used as keys when inserting data into an array could trigger multiple hash function collisions, making array operations take an excessive amount of CPU time. To mitigate this issue, randomization has been added to the hash function to reduce the chance of an attacker successfully causing intentional collisions (CVE-2012-1150). The updated packages have been patched to correct these issues. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Thu Jun 21 09:35:33 2012 Importance: security ID: MDVSA-2012:098 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:098 %pre A vulnerability has been discovered and corrected in libxml2: An Off-by-one error in libxml2 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors (CVE-2011-3102). The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64xml2_2 lib64xml2-devel libxml2-python libxml2-utils Update: Thu Jun 21 09:43:16 2012 Importance: security ID: MDVSA-2012:098 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:098 %pre A vulnerability has been discovered and corrected in libxml2: An Off-by-one error in libxml2 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors (CVE-2011-3102). The updated packages have been patched to correct this issue. %description This library allows you to manipulate XML files. It includes support for reading, modifying and writing XML and HTML files. There is DTDs support: this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM-like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to a URI library. %package lib64net-snmp20 lib64net-snmp-devel lib64net-snmp-static-devel net-snmp net-snmp-mibs net-snmp-tkmib net-snmp-trapd net-snmp-utils perl-NetSNMP Update: Thu Jun 21 13:33:33 2012 Importance: security ID: MDVSA-2012:099 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:099 %pre A vulnerability has been discovered and corrected in net-snmp: An array index error, leading to out-of heap-based buffer read flaw was found in the way net-snmp agent performed entries lookup in the extension table. When certain MIB subtree was handled by the extend directive, a remote attacker having read privilege to the subtree could use this flaw to cause a denial of service (snmpd crash) via SNMP GET request involving a non-existent extension table entry (CVE-2012-2141). The updated packages have been patched to correct this issue. %description SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. %package firefox firefox-af firefox-ar firefox-be firefox-bg firefox-bn firefox-ca firefox-cs firefox-cy firefox-da firefox-de firefox-devel firefox-el firefox-en_GB firefox-eo firefox-es_AR firefox-es_ES firefox-et firefox-eu firefox-fi firefox-fr firefox-fy firefox-ga_IE firefox-gl firefox-gu_IN firefox-he firefox-hi firefox-hu firefox-id firefox-is firefox-it firefox-ja firefox-ka firefox-kn firefox-ko firefox-ku firefox-lt firefox-lv firefox-mk firefox-mr firefox-nb_NO firefox-nl firefox-nn_NO firefox-oc firefox-pa_IN firefox-pl firefox-pt_BR firefox-pt_PT firefox-ro firefox-ru firefox-si firefox-sk firefox-sl firefox-sq firefox-sr firefox-sv_SE firefox-te firefox-th firefox-tr firefox-uk firefox-zh_CN firefox-zh_TW icedtea-web icedtea-web-javadoc lib64nspr4 lib64nspr-devel lib64nss3 lib64nss-devel lib64nss-static-devel lib64xulrunner10.0.5 lib64xulrunner-devel mozilla-thunderbird mozilla-thunderbird-ar mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-bn_BD mozilla-thunderbird-br mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ar mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-vi mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-fy mozilla-thunderbird-ga mozilla-thunderbird-gd mozilla-thunderbird-gl mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-id mozilla-thunderbird-is mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lightning mozilla-thunderbird-lt mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ro mozilla-thunderbird-ru mozilla-thunderbird-si mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sq mozilla-thunderbird-sv_SE mozilla-thunderbird-ta_LK mozilla-thunderbird-tr mozilla-thunderbird-uk mozilla-thunderbird-vi mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall nss xulrunner Update: Sat Jun 23 10:26:57 2012 Importance: security ID: MDVSA-2012:088-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:088-1 %pre Security issues were identified and fixed in mozilla firefox and thunderbird: Heap-based buffer overflow in the utf16_to_isolatin1 function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code via vectors that trigger a character-set conversion failure (CVE-2012-1947) Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column (CVE-2012-1940). Heap-based buffer overflow in the nsHTMLReflowState::CalculateHypotheticalBox function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code by resizing a window displaying absolutely positioned and relatively positioned elements in nested columns (CVE-2012-1941). Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node (CVE-2012-1946). Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow local users to obtain sensitive information via an HTML document that loads a shortcut (aka .lnk) file for display within an IFRAME element, as demonstrated by a network share implemented by (1) Microsoft Windows or (2) Samba (CVE-2012-1945). The Content Security Policy (CSP) implementation in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 does not block inline event handlers, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted HTML document (CVE-2012-1944). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 13.0, Thunderbird before 13.0, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) methodjit/ImmutableSync.cpp, (2) the JSObject::makeDenseArraySlow function in js/src/jsarray.cpp, and unknown other components (CVE-2012-1938). jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via crafted JavaScript code (CVE-2012-1939). Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors (CVE-2012-1937). Ken Russell of Google reported a bug in NVIDIA graphics drivers that they needed to work around in the Chromium WebGL implementation. Mozilla has done the same in Firefox 13 and ESR 10.0.5 (CVE-2011-3101). The ASN.1 decoder in the QuickDER decoder in Mozilla Network Security Services (NSS) before 3.13.4, as used in Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10, allows remote attackers to cause a denial of service (application crash) via a zero-length item, as demonstrated by (1) a zero-length basic constraint or (2) a zero-length field in an OCSP response (CVE-2012-0441). NOTE: This flaw was addressed earlier with the MDVA-2012:036 advisory. The mozilla firefox and thunderbird packages has been upgraded to the latest respective versions which is unaffected by these security flaws. Additionally the NSPR and the NSS packages has been upgraded to the latest versions which resolves various upstream bugs. Update: Packages for 2010.2 is being provided as well, despite the Mandriva products lifetime policy. http://www.mandriva.com/en/support/lifecycle/ %description XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM applications that are as rich as Firefox and Thunderbird. It will provide mechanisms for installing, upgrading, and uninstalling these applications. XULRunner will also provide libxul, a solution which allows the embedding of Mozilla technologies in other projects and products. %package rsyslog rsyslog-dbi rsyslog-docs rsyslog-gssapi rsyslog-mysql rsyslog-pgsql rsyslog-relp rsyslog-snmp Update: Mon Jun 25 12:11:23 2012 Importance: security ID: MDVSA-2012:100 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:100 %pre A vulnerability has been discovered and corrected in rsyslog: An integer signedness error, leading to heap based buffer overflow was found in the way the imfile module of rsyslog, an enhanced system logging and kernel message trapping daemon, processed text files larger than 64 KB. When the imfile rsyslog module was enabled, a local attacker could use this flaw to cause denial of service (rsyslogd daemon hang) via specially-crafted message, to be logged (CVE-2011-4623). The updated packages have been patched to correct this issue. %description Rsyslog is an enhanced multi-threaded syslogd supporting, among others, MySQL, PostgreSQL, syslog/tcp, RFC 3195, permitted sender lists, filtering on any message part, and fine grain output format control. It is quite compatible to stock sysklogd and can be used as a drop-in replacement. Its advanced features make it suitable for enterprise-class, encryption protected syslog relay chains while at the same time being very easy to setup for the novice user. o lmnet.so - Implementation of network related stuff. o lmregexp.so - Implementation of regexp related stuff. o lmtcpclt.so - This is the implementation of TCP-based syslog clients. o lmtcpsrv.so - Common code for plain TCP based servers. o imtcp.so - This is the implementation of the TCP input module. o imudp.so - This is the implementation of the UDP input module. o imuxsock.so - This is the implementation of the Unix sockets input module. o imklog.so - The kernel log input module for Linux. o immark.so - This is the implementation of the build-in mark message input module. o imfile.so - This is the input module for reading text file data. %package lib64tiff3 lib64tiff-devel lib64tiff-static-devel libtiff-progs Update: Wed Jul 04 11:55:30 2012 Importance: security ID: MDVSA-2012:101 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:101 %pre Multiple vulnerabilities has been discovered and corrected in libtiff: libtiff did not properly convert between signed and unsigned integer values, leading to a buffer overflow. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code (CVE-2012-2088). Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the tiff2pdf tool. An attacker could use these flaws to create a specially-crafted TIFF file that would cause tiff2pdf to crash or, possibly, execute arbitrary code (CVE-2012-2113). The updated packages have been patched to correct these issues. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package krb5 krb5-pkinit-openssl krb5-server krb5-server-ldap krb5-workstation lib64krb53 lib64krb53-devel Update: Fri Jul 06 12:42:03 2012 Importance: security ID: MDVSA-2012:102 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2012:102 %pre A vulnerability has been discovered and corrected in krb5: Fix a kadmind denial of service issue (null pointer dereference), which could only be triggered by an administrator with the create privilege (CVE-2012-1013). The updated packages have been patched to correct this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords.