%package mandriva-release Update: Wed Sep 06 12:49:38 2006 Importance: normal ID: MDKA-2006:033 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:033 %pre This is a test update %description Mandriva Linux release file. %package mandriva-release Update: Wed Sep 06 12:53:19 2006 Importance: normal ID: MDKA-2006:033 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:033 %pre This is a test update %description Mandriva Linux release file. %package mandriva-release Update: Wed Sep 06 12:56:12 2006 Importance: normal ID: MDKA-2006:033 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:033 %pre This is a test update %description Mandriva Linux release file. %package webmin Update: Wed Sep 27 19:46:18 2006 Importance: security ID: MDKSA-2006:170-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:170-1 %pre Webmin before 1.296 and Usermin before 1.226 does not properly handle a URL with a null ("%00") character, which allows remote attackers to conduct cross-site scripting (XSS), read CGI program source code, list directories, and possibly execute programs. Updated packages have been patched to correct this issue. Update: Packages are now available for Mandriva Linux 2007. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package lib64musicbrainz4 lib64musicbrainz4-devel python-musicbrainz Update: Thu Sep 28 10:14:27 2006 Importance: security ID: MDKSA-2006:157-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:157-1 %pre Multiple buffer overflows in libmusicbrainz (aka mb_client or MusicBrainz Client Library) 2.1.2 and earlier, and SVN 8406 and earlier, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a long Location header by the HTTP server, which triggers an overflow in the MBHttp::Download function in lib/http.cpp; and (2) a long URL in RDF data, as demonstrated by a URL in an rdf:resource field in an RDF XML document, which triggers overflows in many functions in lib/rdfparse.c. The updated packages have been patched to correct this issue. Update: Packages are now available for Mandriva Linux 2007. %description The MusicBrainz client library allows applications to make metadata lookup to a MusicBrainz server, generate signatures from WAV data and create CD Index Disk ids from audio CD roms. %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel openssl Update: Thu Sep 28 12:02:09 2006 Importance: security ID: MDKSA-2006:172 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:172 %pre Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered. During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937) Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940) Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738) Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. (CVE-2006-4343) Updated packages are patched to address these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). %package gstreamer-ffmpeg Update: Thu Sep 28 15:06:52 2006 Importance: security ID: MDKSA-2006:174 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:174 %pre Gstreamer-ffmpeg uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue. %description Video codec plugin for GStreamer based on the ffmpeg libraries. %package lib64xine1 lib64xine1-devel xine-aa xine-arts xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-plugins xine-sdl xine-smb Update: Thu Sep 28 15:10:04 2006 Importance: security ID: MDKSA-2006:176 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:176 %pre Xine-lib uses an embedded copy of ffmpeg and as such has been updated to address the following issue: Multiple buffer overflows in libavcodec in ffmpeg before 0.4.9_p20060530 allow remote attackers to cause a denial of service or possibly execute arbitrary code via multiple unspecified vectors in (1) dtsdec.c, (2) vorbis.c, (3) rm.c, (4)sierravmd.c, (5) smacker.c, (6) tta.c, (7) 4xm.c, (8) alac.c, (9) cook.c, (10)shorten.c, (11) smacker.c, (12) snow.c, and (13) tta.c. NOTE: it is likely that this is a different vulnerability than CVE-2005-4048 and CVE-2006-2802. Updated packages have been patched to correct this issue. %description xine is a free gpl-licensed video player for unix-like systems. %package lib64openssl0.9.8 lib64openssl0.9.8-devel lib64openssl0.9.8-static-devel libopenssl0.9.8 libopenssl0.9.8-devel libopenssl0.9.8-static-devel openssl Update: Mon Oct 02 11:39:39 2006 Importance: security ID: MDKSA-2006:172-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:172-1 %pre Dr S N Henson of the OpenSSL core team and Open Network Security recently developed an ASN1 test suite for NISCC (www.niscc.gov.uk). When the test suite was run against OpenSSL two denial of service vulnerabilities were discovered. During the parsing of certain invalid ASN1 structures an error condition is mishandled. This can result in an infinite loop which consumes system memory. (CVE-2006-2937) Certain types of public key can take disproportionate amounts of time to process. This could be used by an attacker in a denial of service attack. (CVE-2006-2940) Tavis Ormandy and Will Drewry of the Google Security Team discovered a buffer overflow in the SSL_get_shared_ciphers utility function, used by some applications such as exim and mysql. An attacker could send a list of ciphers that would overrun a buffer. (CVE-2006-3738) Tavis Ormandy and Will Drewry of the Google Security Team discovered a possible DoS in the sslv2 client code. Where a client application uses OpenSSL to make a SSLv2 connection to a malicious server that server could cause the client to crash. (CVE-2006-4343) Updated packages are patched to address these issues. Update: There was an error in the original published patches for CVE-2006-2940. New packages have corrected this issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). %package ntp ntp-client Update: Mon Oct 02 12:52:47 2006 Importance: security ID: MDKSA-2006:178 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:178 %pre Openssl recently had several vulnerabilities which were patched (CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built against a static copy of the SSL libraries. As a precaution an updated copy built against the new libraries in being made available. %description The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons which will synchronize your computer's time to Coordinated Universal Time (UTC) via the NTP protocol and NTP servers. Ntp includes ntpdate (a program for retrieving the date and time from remote machines via a network) and ntpd (a daemon which continuously adjusts system time). Install the ntp package if you need tools for keeping your system's time synchronized via the NTP protocol. %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Tue Oct 03 12:59:45 2006 Importance: security ID: MDKSA-2006:179 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 %pre Tavis Ormandy of the Google Security Team discovered a Denial of Service vulnerability in the SSH protocol version 1 CRC compensation attack detector. This could allow a remote unauthenticated attacker to trigger excessive CPU utilization by sending a specially crafted SSH message, which would then deny ssh services to other users or processes (CVE-2006-4924, CVE-2006-4925). Please note that Mandriva ships with only SSH protocol version 2 enabled by default. Next, an unsafe signal handler was found by Mark Dowd. This signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication DoS, and theoretically a pre-authentication remote code execution in the case where some authentication methods like GSSAPI are enabled (CVE-2006-5051). Updated packages have been patched to correct this issue. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftplog sftp logging support (disabled) --with[out] chroot chroot support (disabled) %package lib64php5_common5 php-cgi php-cli php-devel php-fcgi Update: Thu Oct 05 13:17:31 2006 Importance: security ID: MDKSA-2006:180 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:180 %pre An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. Updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. (ie. use with rpm --rebuild): --with[out] hardened Compile with the Hardened-PHP patch applied (disabled) you will have to rebuild all php-* extensions against the Hardened-PHP, and also live with the fact that commercial extensions will not work anymore :( %package cups cups-common cups-serial lib64cups2 lib64cups2-devel php-cups Update: Fri Oct 06 15:46:44 2006 Importance: bugfix ID: MDKA-2006:036 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:036 %pre A bug in the shipped version of CUPS would allow for the unexpected deletion of cupsd.conf and cause a crash of CUPS. This issue, as well as many other bugs, have been corrected in CUPS 1.2.4, which is being provided with this update. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package lib64python2.4 lib64python2.4-devel python python-base python-docs tkinter Update: Tue Oct 10 12:59:38 2006 Importance: security ID: MDKSA-2006:181 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:181 %pre A vulnerability in python's repr() function was discovered by Benjamin C. Wiley Sittler. It was found that the function did not properly handle UTF-32/UCS-4 strings, so an application that used repr() on certin untrusted data could possibly be exploited to execute arbitrary code with the privileges of the user running the python application. Updated packages have been patched to correct this issue. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package squid squid-cachemgr Update: Fri Oct 13 09:29:37 2006 Importance: bugfix ID: MDKA-2006:038 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:038 %pre This update fixes a problem in the squid package as shipped for Mandriva Linux 2007 which affects only the x86_64 architecture. On that platform, squid would not start, giving the following message: FATAL: Bungled Default Configuration line 44: hosts_file This has been fixed in the updated packages. It is recommended that all affected users upgrade squid. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change this value at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. %package lib64wxPythonGTK2.6 lib64wxPythonGTK2.6-devel wxPythonGTK Update: Mon Oct 16 13:32:53 2006 Importance: bugfix ID: MDKA-2006:040 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:040 %pre A problem with wxPythonGTK would prevent some python programs, such as pyshell, from starting due to incorrect path locations. The updated packages correct this issue. %description wxPython is a GUI toolkit for Python that is a wrapper around the wxWindows C++ GUI library. wxPython provides a large variety of window types and controls, all implemented with a native look and feel (and native runtime speed) on the platforms it is supported on. This package is implemented using the GTK port of wxWindows. %package clamav clamav-db clamav-milter clamd lib64clamav1 lib64clamav1-devel Update: Tue Oct 17 13:14:18 2006 Importance: security ID: MDKSA-2006:184 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:184 %pre An integer overflow in previous versions of ClamAV could allow a remote attacker to cause a Denial of Service (scanning service crash) and execute arbitrary code via a Portable Executable (PE) file (CVE-2006-4182). Another vulnerability could allow a remote attacker to cause a DoS via a crafted compressed HTML (CHM) file that causes ClamAV to read an invalid memory location (CVE-2006-5295). These issues are corrected in ClamAV 0.88.5 which is provided with this update. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package lib64php5_common5 php-cgi php-cli php-devel php-fcgi Update: Tue Oct 17 15:19:13 2006 Importance: security ID: MDKSA-2006:185 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:185 %pre PHP 4.x up to 4.4.4 and PHP 5 up to 5.1.6 allows local users to bypass certain Apache HTTP Server httpd.conf options, such as safe_mode and open_basedir, via the ini_restore function, which resets the values to their php.ini (Master Value) defaults. (CVE-2006-4625) A race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink. (CVE-2006-5178) Because the design flaw cannot be solved it is strongly recommended to disable the symlink() function if you are using the open_basedir feature. You can achieve that by adding symlink to the list of disabled functions within your php.ini: disable_functions=...,symlink The updated packages do not alter the system php.ini. Updated packages have been patched to correct the CVE-2006-4625 issue. Users must restart Apache for the changes to take effect. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. (ie. use with rpm --rebuild): --with[out] hardened Compile with the Hardened-PHP patch applied (disabled) you will have to rebuild all php-* extensions against the Hardened-PHP, and also live with the fact that commercial extensions will not work anymore :( %package kdelibs-common kdelibs-devel-doc lib64kdecore4 lib64kdecore4-devel Update: Thu Oct 19 10:04:02 2006 Importance: security ID: MDKSA-2006:186 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:186 %pre A vulnerability was discovered in the way that Qt handled pixmap images and the KDE khtml library used Qt in such a way that untrusted parameters could be passed to Qt, resulting in an integer overflow. This flaw could be exploited by a remote attacker in a malicious website that, when viewed by an individual using Konqueror, would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the user. Updated packages have been patched to correct this issue. %description Libraries for the K Desktop Environment. %package apache-mod_dav_svn lib64svn0 perl-SVN perl-SVN-devel python-svn python-svn-devel ruby-svn ruby-svn-devel subversion subversion-devel subversion-doc subversion-server subversion-tools Update: Thu Oct 19 11:38:49 2006 Importance: bugfix ID: MDKA-2006:043 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:043 %pre One of subversion's operating modes, svnserve, needs some entries in the /etc/services file. These entries are created during package installation, but under some conditions this procedure fails and /etc/services remains without them. The updated packages correct this issue. %description Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion also keeps a log of who, when, and why changes occured. As such it basically does the same thing CVS does (Concurrent Versioning System) but has major enhancements compared to CVS and fixes a lot of the annoyances that CVS users face. This package contains the client, if you're looking for the server end of things you want subversion-repos. %package xinetd xinetd-ipv6 xinetd-simple-services Update: Thu Oct 19 11:39:19 2006 Importance: bugfix ID: MDKA-2006:044 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:044 %pre The initscript for xinetd incorrectly set the locale to en_US. If the localesn-en package is not installed on the system, some xinetd services may not work properly. This was first noted with the svnserve program from subversion. This has been fixed in the updated packages, which set the locale to a generic value. Users not wishing to apply the update can work-around the problem by installing the locales-en package. %description xinetd is a powerful replacement for inetd. xinetd has access control machanisms, extensive logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, among other things. xinetd has the ability to redirect TCP streams to a remote host and port. This is useful for those of that use ip masquerading, or NAT, and want to be able to reach your internal hosts. xinetd also has the ability to bind specific services to specific interfaces. This is useful when you want to make services available for your internal network, but not the rest of the world. Or to have a different service running on the same port, but different interfaces. %package coreutils coreutils-doc Update: Mon Oct 23 10:59:52 2006 Importance: bugfix ID: MDKA-2006:045 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:045 %pre The coreutils package lacked several features due to a build deficiency. As a result, the su program was not linked against the PAM library, making it impossible for su to make use of advanced authentication features that rely on the PAM library. As well, the cp system utility did not keep extended attributes and ACLs in file copies. This has been corrected in the updated packages. %description These are the GNU core utilities. This package is the union of the old GNU fileutils, sh-utils, and textutils packages. These tools're the GNU versions of common useful and popular file & text utilities which are used for: - file management - shell scripts - modifying text file (spliting, joining, comparing, modifying, ...) Most of these programs have significant advantages over their Unix counterparts, such as greater speed, additional options, and fewer arbitrary limits. The following tools're included: basename cat chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du echo env expand expr factor false fmt fold ginstall groups head hostid hostname id join kill link ln logname ls md5sum mkdir mkfifo mknod mv nice nl nohup od paste pathchk pinky pr printenv printf ptx pwd readlink rm rmdir seq sha1sum shred sleep sort split stat stty su sum sync tac tail tee test touch tr true tsort tty uname unexpand uniq unlink uptime users vdir wc who whoami yes %package bootsplash Update: Tue Oct 24 10:37:52 2006 Importance: bugfix ID: MDKA-2006:046 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:046 %pre When multiple profiles are configured, they can be choosen in the bootloader with the PROFILE keyword, but this needs a dedicated entry or to append manually the profile at each boot. To ease the choice of the profile during the boot time, Mandriva developed a frame buffer menu in GTK to choose the profile. Unfortunately in 2007, a miscompilation removed this application from the bootsplash package, thus the only left method to choose a profile was the bootloader one. This new package of bootsplash brings back the 'fbmenu' command which display the appropriate profile selection menu during boot. %description This package contains the scripts and pictures visible when booting a Mandriva Linux kernel. They are automatically installed when an initrd is generated by mkinitrd. %package lib64designercore1 lib64editor1 lib64qassistant1 lib64qassistantclient1 lib64qt3 lib64qt3-devel lib64qt3-mysql lib64qt3-odbc lib64qt3-psql lib64qt3-sqlite lib64qt3-static-devel lib64qt3support4 lib64qt4-devel lib64qtcore4 lib64qtdesigner1 lib64qtgui4 lib64qtnetwork4 lib64qtopengl4 lib64qtsql4 lib64qtsvg4 lib64qttest4 lib64qtuitools4 lib64qtxml4 qt3-common qt3-doc qt3-example qt3-tutorial qt4-accessibility-plugin-lib64 qt4-assistant qt4-common qt4-database-plugin-mysql-lib64 qt4-database-plugin-odbc-lib64 qt4-database-plugin-pgsql-lib64 qt4-database-plugin-sqlite-lib64 qt4-designer qt4-doc qt4-examples qt4-linguist qt4-tutorial Update: Tue Oct 24 16:40:11 2006 Importance: security ID: MDKSA-2006:187 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:187 %pre An integer overflow was discovered in the way that Qt handled pixmap images. This flaw could be exploited by a remote attacker in a malicious website that, when viewed by an individual using an application that uses Qt (like Konqueror), would cause it to crash or possibly execute arbitrary code with the privileges of the user. Updated packages have been patched to correct this issue. %description Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt applications, as well as the README files for Qt. %package jay lib64mono0 lib64mono0-devel libmono-runtime mono mono-data-sqlite mono-doc Update: Fri Oct 27 11:46:30 2006 Importance: security ID: MDKSA-2006:188 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:188 %pre Sebastian Krahmer of the SUSE security team found that the System.CodeDom.Compiler classes in mono used temporary files in an insecure way that could allow a symbolic link attack to overwrite arbitrary files with the privileges of the user running a program that made use of those classes. Updated packages have been patched to correct this issue. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. %package xsupplicant xsupplicant-devel xsupplicant-doc Update: Fri Oct 27 11:48:30 2006 Importance: security ID: MDKSA-2006:189 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:189 %pre Yannick Van Osselaer discovered a stack overflow in Xsupplicant, which could potentially be exploited by a remote, authenticated user to gain root priviledges. Additional code cleanups to fix potential memory leaks are also included. Updated packages have been patched to correct this issue. %description An open source implementation of IEEE 802.1X. IEEE 802.1x is a port based authentication protocol. It can be used in *any* scenario where one can abstract out the notion of a port. It requires entitie(s) to play three roles in the authentication process: that of an supplicant, an authenticator and an authentication server. %package mutt mutt-utf8 Update: Fri Oct 27 11:49:43 2006 Importance: security ID: MDKSA-2006:190 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:190 %pre A race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesystems. (CVE-2006-5297) The mutt_adv_mktemp function in the Mutt mail client 1.5.12 and earlier does not properly verify that temporary files have been created with restricted permissions, which might allow local users to create files with weak permissions via a race condition between the mktemp and safe_fopen function calls. (CVE-2006-5298) Updated packages have been patched to correct these issues. %description Mutt is a text mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you've used mutt in the past and you prefer it, or if you're new to mail programs and you haven't decided which one you're going to use. %package screen Update: Fri Oct 27 11:50:59 2006 Importance: security ID: MDKSA-2006:191 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:191 %pre Multiple unspecified vulnerabilities in the "utf8 combining characters handling" (utf8_handle_comb function in encoding.c) in screen before 4.0.3 allows user-assisted attackers to cause a denial of service (crash or hang) via certain UTF8 sequences. Updated packages have been patched to correct this issue. %description The screen utility allows you to have multiple logins on just one terminal. Screen is useful for users who telnet into a machine or are connected via a dumb terminal, but want to use more than just one login. Install the screen package if you need a screen manager that can support multiple logins on one terminal. %package ruby ruby-devel ruby-doc ruby-tk Update: Fri Oct 27 15:03:05 2006 Importance: security ID: MDKSA-2006:192 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:192 %pre The CGI library in Ruby 1.8 allowed a remote attacker to cause a Denial of Service via an HTTP request with a multipart MIME body that contained an invalid boundary specifier, which would result in an infinite loop and CPU consumption. Updated packages have been patched to correct this issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package ImageMagick ImageMagick-doc lib64Magick10.4.0 lib64Magick10.4.0-devel perl-Image-Magick Update: Mon Oct 30 15:38:07 2006 Importance: security ID: MDKSA-2006:193 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:193 %pre Multiple buffer overflows in GraphicsMagick before 1.1.7 and ImageMagick 6.0.7 allow user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via (1) a DCM image that is not properly handled by the ReadDCMImage function in coders/dcm.c, or (2) a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. Updated packages have been patched to correct these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (LZW compression, fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package lib64ecpg5 lib64ecpg5-devel lib64pq4 lib64pq4-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Mon Oct 30 15:39:39 2006 Importance: security ID: MDKSA-2006:194 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:194 %pre A vulnerability in PostgreSQL 8.1.x allowed remote authenticated users to cause a Denial of Service (daemon crash) via certain aggregate functions in an UPDATE statement which were not handled correctly (CVE-2006-5540). Another DoS issue in PostgreSQL 7.4.x, 8.0.x, and 8.1.x allowed remote authenticated users to crash the daemon via a coercion of an unknown element to ANYARRAY (CVE-2006-5541). Finally, another vulnerability in 8.1.x could allow a remote authenticated user to cause a DoS related to duration logging of V3-protocol Execute message for COMMIT and ROLLBACK statements (CVE-2006-5542). This updated provides the latest 8.0.x and 8.1.x PostgreSQL versions and patches the version of PostgreSQL shipped with Corporate 3.0. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package lib64wireshark0 tshark wireshark wireshark-tools Update: Thu Nov 02 21:57:13 2006 Importance: security ID: MDKSA-2006:195 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:195 %pre Vulnerabilities in the HTTP, LDAP, XOT, WBXML, and MIME Multipart dissectors were discovered in versions of wireshark less than 0.99.4, as well as various other bugs. This updated provides wireshark 0.99.4 which is not vulnerable to these issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64php5_common5 php-cgi php-cli php-devel php-fcgi Update: Thu Nov 02 21:59:57 2006 Importance: security ID: MDKSA-2006:196 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:196 %pre The Hardened-PHP Project discovered buffer overflows in htmlentities/htmlspecialchars internal routines to the PHP Project. Of course the whole purpose of these functions is to be filled with user input. (The overflow can only be when UTF-8 is used) In addition, selected patches backported from php cvs that address other issues that may or may not have security implications have been applied to this release. Updated packages have been patched to correct these issues. Users must restart Apache for the changes to take effect. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. (ie. use with rpm --rebuild): --with[out] hardened Compile with the Hardened-PHP patch applied (disabled) you will have to rebuild all php-* extensions against the Hardened-PHP, and also live with the fact that commercial extensions will not work anymore :( %package kernel-2.6.17.6mdv kernel-source-2.6.17.6mdv kernel-source-stripped-2.6.17.6mdv kernel-xen0-2.6.17.6mdv kernel-xenU-2.6.17.6mdv Update: Fri Nov 03 10:00:45 2006 Importance: security ID: MDKSA-2006:197 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:197 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Bugs in the netfilter for IPv6 code, as reported by Mark Dowd, were fixed (CVE-2006-4572). The ATM subsystem of the Linux kernel could allow a remote attacker to cause a Denial of Service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (CVE-2006-4997). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes. In addition to these security fixes, other fixes have been included such as: - updated to 2.6.17.14 - fix wrong error handling in pccard_store_cis - add NX mask for PTE entry on x86_64 - fix snd-hda-intel OOPS - backported support r8169-related (r8168/r8169SC) network chipsets - explicitly initialize some members of the drm_driver structure, otherwise NULL init will have bad side effects (mach64) - support for building a nosrc.rpm package - fixed unplug/eject on pcmcia cards with r8169 chipsets - fix libata resource conflicts - fix xenU crash and re-enable domU boot logs - fix refcount error triggered by software using /proc/[pid]/auxv To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package imlib2-data lib64imlib2_1 lib64imlib2_1-devel lib64imlib2_1-filters lib64imlib2_1-loaders Update: Mon Nov 06 16:28:16 2006 Importance: security ID: MDKSA-2006:198 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:198 %pre M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. (CVE-2006-4806) The tga loader fails to bounds check input data to make sure the input data doesn't load outside the memory mapped region. (CVE-2006-4807) The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet doesn't cause a heap overflow of the pixel buffer. (CVE-2006-4808) The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking. (CVE-2006-4809) Updated packages have been patched to correct these issues. %description Imlib2 is an advanced replacement library for libraries like libXpm that provides many more features with much greater flexibility and speed than standard libraries, including font rasterization, rotation, RGBA space rendering and blending, dynamic binary filters, scripting, and more. Build Options: --with mmx Enable mmx cpu detection (10% - 30% speedup) %package lib64x11_6 lib64x11_6-devel lib64x11_6-static-devel libx11-common Update: Mon Nov 06 16:47:18 2006 Importance: security ID: MDKSA-2006:199 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:199 %pre The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. Updated packages have been patched to correct this issue. %description libx11 contains the shared libraries that most X programs need to run properly. These shared libraries are in a separate package in order to reduce the disk space needed to run X applications on a machine without an X server (i.e, over a network). %package lib64popt0 lib64popt0-devel lib64rpm4.4 lib64rpm4.4-devel perl-RPM popt-data python-rpm rpm rpm-build Update: Tue Nov 07 10:32:27 2006 Importance: security ID: MDKSA-2006:200 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:200 %pre A heap-based buffer overflow was discovered in librpm when the LANG or LC_ALL environment variable is set to ru_RU.UTF-8 (and possibly other locales), which could allow for user-assisted attackers to execute arbitrary code via crafted RPM packages. Updated packages have been patched to correct this issue. %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package pam_ldap Update: Tue Nov 07 16:37:28 2006 Importance: security ID: MDKSA-2006:201 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:201 %pre Pam_ldap does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. This might lead to an attacker being able to login into a suspended system account. Updated packages have been patched to correct this issue. %description Pam_ldap is a module for Linux-PAM that supports password changes, V2 clients, Netscapes SSL, ypldapd, Netscape Directory Server password policies, access authorization, crypted hashes, etc. Install pam_ldap if you need to authenticate PAM-enabled services to LDAP. This package can be compiled with support for configuration from DNS, by building with "--with dnsconfig" %package jabber jabber-aim jabber-conference jabber-jud jabber-msn jabber-yahoo lib64jabberd0 lib64jabberd0-devel Update: Tue Nov 07 16:43:48 2006 Importance: bugfix ID: MDKA-2006:047 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:047 %pre The OpenSSL library was not properly initialized in the jabber SSL support code, which prevented SSL support for incoming client connections on the jabber server. This update corrects this issue. %description This package provides a Jabber server. Jabber is an instant messaging System, similar to ICQ or AIM, yet far different. It is open source, absolutely free, simple, fast, extensible, modularized, cross platform, and created with the future in mind. Jabber has been designed from the ground up to serve the needs of the end user, satisfy business demands, and maintain compatibility with other messaging systems. %package lib64wv-1.2_0 lib64wv-1.2_0-devel wv Update: Tue Nov 07 16:46:35 2006 Importance: security ID: MDKSA-2006:202 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:202 %pre Multiple integer overflows in the WV library in wvWare (formerly mswordview) before 1.2.3, as used by AbiWord?, KWord, and possibly other products, allow user-assisted remote attackers to execute arbitrary code via a crafted Microsoft Word (DOC) file that produces (1) large LFO clfolvl values in the wvGetLFO_records function or (2) a large LFO nolfo value in the wvGetFLO_PLF function. Updated packages have been patched to correct these issues. %description Wv is a program that understands the Microsoft Word 6/7/8/9 binary file format and is able to convert Word documents into HTML, which can then be read with a browser. %package imlib2-data lib64imlib2_1 lib64imlib2_1-devel lib64imlib2_1-filters lib64imlib2_1-loaders Update: Tue Nov 07 17:02:35 2006 Importance: security ID: MDKSA-2006:198-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:198-1 %pre M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. (CVE-2006-4806) The tga loader fails to bounds check input data to make sure the input data doesn't load outside the memory mapped region. (CVE-2006-4807) The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet doesn't cause a heap overflow of the pixel buffer. (CVE-2006-4808) The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking. (CVE-2006-4809) Updated packages have been patched to correct these issues. Update: An error in the preivous patchset may affect JPEG image handling for certain valid images. This new update corrects this issue. %description Imlib2 is an advanced replacement library for libraries like libXpm that provides many more features with much greater flexibility and speed than standard libraries, including font rasterization, rotation, RGBA space rendering and blending, dynamic binary filters, scripting, and more. Build Options: --with mmx Enable mmx cpu detection (10% - 30% speedup) %package info info-install texinfo Update: Wed Nov 08 05:10:09 2006 Importance: security ID: MDKSA-2006:203 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:203 %pre Miloslav Trmac discovered a buffer overflow in texinfo. This issue can cause texi2dvi or texindex to crash when processing a carefully crafted file. Updated packages have been patched to correct this issue. %description Texinfo is a documentation system that can produce both online information and printed output from a single source file. Normally, you'd have to write two separate documents: one for online help or other online information and the other for a typeset manual or other printed work. Using Texinfo, you only need to write one source document. Then when the work needs revision, you only have to revise one source document. The GNU Project uses the Texinfo file format for most of its documentation. Install texinfo if you want a documentation system for producing both online and print documentation from the same source file and/or if you are going to write documentation for the GNU Project. %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Wed Nov 08 15:00:41 2006 Importance: security ID: MDKSA-2006:204 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:204 %pre A vulnerability in the privilege separation functionality in OpenSSH was discovered, caused by an incorrect checking for bad signatures in sshd's privsep monitor. As a result, the monitor and the unprivileged process can get out sync. The OpenSSH team indicated that this bug is not known to be exploitable in the abence of additional vulnerabilities. Updated packages have been patched to correct this issue, and Mandriva Linux 2007 has received the latest version of OpenSSH. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftplog sftp logging support (disabled) --with[out] chroot chroot support (disabled) %package gnuplot Update: Thu Nov 09 13:08:38 2006 Importance: bugfix ID: MDKA-2006:048 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:048 %pre An error in gnuplot was causing it to fail with a segmentation fault whenever the user attempted to produce a graphical plot via the default 'x11' term. The updated package corrects this error and allows graphical plotting via X11. Updated packages correct this issue. %description Gnuplot is a command-line driven, interactive function plotting program especially suited for scientific data representation. Gnuplot can be used to plot functions and data points in both two and three dimensions and in many different formats. Install gnuplot if you need a graphics package for scientific data representation. %package deskbar-applet devhelp devhelp-plugins epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64devhelp-1_0 lib64devhelp-1_0-devel lib64mozilla-firefox1.5.0.8 lib64mozilla-firefox1.5.0.8-devel lib64nspr4 lib64nspr4-devel lib64nspr4-static-devel lib64nss3 lib64nss3-devel lib64totem-plparser1 lib64totem-plparser1-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es mozilla-firefox-es_AR mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb mozilla-firefox-nl mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt mozilla-firefox-pt_BR mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Thu Nov 09 13:09:22 2006 Importance: security ID: MDKSA-2006:205 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:205 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.8. This update provides the latest Firefox to correct these issues. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package alacarte desktop-common-data Update: Thu Nov 09 13:19:13 2006 Importance: bugfix ID: MDKA-2006:049 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:049 %pre There were some problems with the menu system in Mandriva Linux 2007. Some menu categories were not displayed or properly translated, and editing the menus with the GNOME menu editor (alacarte) was not working. This update fixes these problems. %description This package contains useful icons, menu structure and others goodies for the Mandriva Linux desktop. %package mozilla-thunderbird mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-es mozilla-thunderbird-es_AR mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-ga mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb mozilla-thunderbird-nl mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv mozilla-thunderbird-tr mozilla-thunderbird-zh_CN nsinstall Update: Thu Nov 09 13:20:22 2006 Importance: security ID: MDKSA-2006:206 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:206 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.8. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package ical Update: Fri Nov 10 07:41:42 2006 Importance: bugfix ID: MDKA-2006:050 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:050 %pre The Ical package in Mandriva Linux 2007 fails to run due to old code that does not work with current versions of TCL. Additionally, the application did not appear in the menu and the URL was obsolete. This updated package fixes these issues. %description Ical is an X Window System based calendar program. Ical will easily create/edit/delete entries, create repeating entries, remind you about upcoming appointments, print and list item occurrences, and allow shared calendars between different users. %package webmin Update: Mon Nov 13 10:12:00 2006 Importance: bugfix ID: MDKA-2006:051 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:051 %pre Webmin is a web-based interface for system administration for Unix. For the Mandriva 2007.0 release, the webmin package received a patch to the operating system detection code to cope with the Mandriva name change. This patch unfortunately introduced a problem where many webmin modules would no longer work, like cron, MySQL and many others. This issue is fixed with this update. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package lib64opensc2 lib64opensc2-devel mozilla-plugin-opensc opensc Update: Mon Nov 13 11:40:42 2006 Importance: bugfix ID: MDKA-2006:052 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:052 %pre Opensc is a library for accessing smart card devices. This update fixes a problem which prevented Oberthur smart cards from being recognized and used. %description opensc is a library for accessing smart card devices using PC/SC Lite middleware package. It is also the core library of the OpenSC project. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the SmartCard is at the moment possible only with PKCS #15 compatible cards. %package bind bind-devel bind-utils Update: Tue Nov 14 17:05:23 2006 Importance: security ID: MDKSA-2006:207 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:207 %pre The BIND DNS server is vulnerable to the recently-discovered OpenSSL RSA signature verification problem (CVE-2006-4339). BIND uses RSA cryptography as part of its DNSSEC implementation. As a result, to resolve the security issue, these packages need to be upgraded and for both KEY and DNSKEY record types, new RSASHA1 and RSAMD5 keys need to be generated using the "-e" option of dnssec-keygen, if the current keys were generated using the default exponent of 3. You are able to determine if your keys are vulnerable by looking at the algorithm (1 or 5) and the first three characters of the Base64 encoded RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start with "AQM", "AQN", "AQO", or "AQP" are vulnerable. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the $GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) %package lib64ldap2.3_0 lib64ldap2.3_0-devel lib64ldap2.3_0-static-devel openldap openldap-clients openldap-doc openldap-servers Update: Tue Nov 14 20:06:18 2006 Importance: security ID: MDKSA-2006:208 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:208 %pre An unspecified vulnerability in OpenLDAP allows remote attackers to cause a denial of service (daemon crash) via a certain combination of SASL Bind requests that triggers an assertion failure in libldap. Packages have been patched to correct this issue. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) and stand-alone LDAP replication server (slurpd) which are in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package lib64png3 lib64png3-devel lib64png3-static-devel Update: Thu Nov 16 12:09:17 2006 Importance: security ID: MDKSA-2006:209 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:209 %pre Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered a typo in png_set_sPLT() that may cause an application using libpng to read out of bounds, resulting in a crash. (CVE-2006-5793) Packages have been patched to correct these issues. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package pxelinux syslinux syslinux-devel Update: Thu Nov 16 12:34:04 2006 Importance: security ID: MDKSA-2006:210 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:210 %pre SYSLINUX is a boot loader for the Linux operating system which operates off an MS-DOS/Windows FAT filesystem. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities: Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered a typo in png_set_sPLT() that may cause an application using libpng to read out of bounds, resulting in a crash. (CVE-2006-5793) Packages have been patched to correct these issues. %description SYSLINUX is a boot loader for the Linux operating system which operates off an MS-DOS/Windows FAT filesystem. It is intended to simplify first-time installation of Linux, and for creation of rescue- and other special-purpose boot disks. %package doxygen Update: Thu Nov 16 12:55:21 2006 Importance: security ID: MDKSA-2006:212 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:212 %pre Doxygen is a documentation system for C, C++ and IDL. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities: Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. Tavis Ormandy, of the Gentoo Linux Security Auditing Team, discovered a typo in png_set_sPLT() that may cause an application using libpng to read out of bounds, resulting in a crash. (CVE-2006-5793) In addition, an patch to address several old vulnerabilities has been applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599) Packages have been patched to correct these issues. %description Doxygen is a documentation system for C, C++ and IDL. It can generate an on-line class browser (in HTML) and/or an off-line reference manual (in LaTeX) from a set of documented source files. There is also support for generating man lpages and for converting the generated output into Postscript, hyperlinked PDF or compressed HTML. The documentation is extracted directly from the sources. Doxygen can also be configured to extract the code-structure from undocumented source files. This can be very useful to quickly find your way in large source distributions. %package chromium chromium-setup Update: Thu Nov 16 13:17:29 2006 Importance: security ID: MDKSA-2006:213 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:213 %pre Chromium is an OpenGL-based shoot them up game with fine graphics. It is built with a private copy of libpng, and as such could be susceptible to some of the same vulnerabilities: Buffer overflow in the png_decompress_chunk function in pngrutil.c in libpng before 1.2.12 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors related to "chunk error processing," possibly involving the "chunk_name". (CVE-2006-3334) It is questionable whether this issue is actually exploitable, but the patch to correct the issue has been included in versions < 1.2.12. In addition, an patch to address several old vulnerabilities has been applied to this build. (CAN-2002-1363, CAN-2004-0421, CAN-2004-0597, CAN-2004-0598, CAN-2004-0599) Packages have been patched to correct these issues. %description You are captain of the cargo ship Chromium B.S.U., responsible for delivering supplies to our troops on the front line. Your ship has a small fleet of robotic fighters which you control from the relative safety of the Chromium vessel. This is an OpenGL-based shoot them up game with fine graphics. %package gv Update: Fri Nov 17 09:23:02 2006 Importance: security ID: MDKSA-2006:214 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:214 %pre Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header. Packages have been patched to correct this issue. %description Gv provides a user interface for the ghostscript PostScript(TM) interpreter. Derived from the ghostview program, gv can display PostScript and PDF documents using the X Window System. Install the gv package if you'd like to view PostScript and PDF documents on your system. You'll also need to have the ghostscript package installed, as well as the X Window System. %package lib64xfont1 lib64xfont1-devel lib64xfont1-static-devel libxfont-debug Update: Fri Nov 17 16:41:15 2006 Importance: security ID: MDKSA-2006:164-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:164-1 %pre Local exploitation of an integer overflow vulnerability in the 'CIDAFM()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3739). Local exploitation of an integer overflow vulnerability in the 'scan_cidfont()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root (CVE-2006-3740). Updated packages are patched to address this issue. Update: Updated packages for 2007.0 have been patched (libxfont) %description X font Library %package avahi avahi-dnsconfd avahi-python avahi-sharp avahi-x11 lib64avahi-client3 lib64avahi-client3-devel lib64avahi-common3 lib64avahi-common3-devel lib64avahi-compat-howl0 lib64avahi-compat-howl0-devel lib64avahi-compat-libdns_sd1 lib64avahi-compat-libdns_sd1-devel lib64avahi-core4 lib64avahi-core4-devel lib64avahi-glib1 lib64avahi-glib1-devel lib64avahi-qt3_1 lib64avahi-qt3_1-devel lib64avahi-qt4_1 lib64avahi-qt4_1-devel Update: Mon Nov 20 11:24:23 2006 Importance: security ID: MDKSA-2006:215 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:215 %pre Steve Grubb discovered that netlink messages were not being checked for their sender identity. This could lead to local users manipulating the Avahi service. Packages have been patched to correct this issues. %description Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. %package links links-common links-debug links-graphic Update: Mon Nov 20 11:29:44 2006 Importance: security ID: MDKSA-2006:216 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:216 %pre The links web browser with smbclient installed allows remote attackers to execute arbitrary code via shell metacharacters in an smb:// URI, as demonstrated by using PUT and GET statements. Corporate 3.0 is not affected by this issue, as that version of links does not have smb:// URI support. Updated packages have disabled access to smb:// URIs. %description Links is a text based WWW browser, at first look similar to Lynx, but somehow different: - renders tables and frames - displays colors as specified in current HTML page - uses drop-down menu (like in Midnight Commander) - can download files in background - partially handle Javascript %package proftpd proftpd-anonymous proftpd-debug proftpd-mod_autohost proftpd-mod_case proftpd-mod_clamav proftpd-mod_ctrls_admin proftpd-mod_facl proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Mon Nov 20 12:11:46 2006 Importance: security ID: MDKSA-2006:217 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:217 %pre As disclosed by an exploit (vd_proftpd.pm) and a related vendor bugfix, a Denial of Service (DoS) vulnerability exists in the FTP server ProFTPD, up to and including version 1.3.0. The flaw is due to both a potential bus error and a definitive buffer overflow in the code which determines the FTP command buffer size limit. The vulnerability can be exploited only if the "CommandBufferSize" directive is explicitly used in the server configuration, which is not the case in the default configuration of ProFTPD. Packages have been patched to correct these issues. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package dbus dbus-debug dbus-x11 lib64dbus-1_3 lib64dbus-1_3-devel Update: Fri Nov 24 14:25:42 2006 Importance: bugfix ID: MDKA-2006:054 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:054 %pre On Mandriva Linux 2007.0, the path for D-Bus system bus socket was not following D-Bus specification. This could cause some implementation of the D-Bus specification to not detect the system bus correctly. This updated package ensures the location of the system bus is exported through DBUS_SYSTEM_BUS_ADDRESS, in compliance with D-Bus specification. %description D-Bus is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging facility. %package audacity Update: Tue Nov 28 05:09:03 2006 Importance: bugfix ID: MDKA-2006:054 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:054 %pre For the French locale, menu items which contained accented characters do not show up in the Audacity sound editor. This is because the French translation file was not in the correct character encoding. This issue is corrected in the updated packages. %description Audacity is a program that lets you manipulate digital audio waveforms. In addition to letting you record sounds directly from within the program, it imports many sound file formats, including WAV, AIFF, MP3 and Ogg/Vorbis. It supports all common editing operations such as Cut, Copy, and Paste, plus it will mix tracks and let you apply plug-in effects to any part of a sound. It also has a built-in amplitude envelope editor, a customizable spectrogram mode and a frequency analysis window for audio analysis applications. %package tar Update: Tue Nov 28 13:58:46 2006 Importance: security ID: MDKSA-2006:219 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:219 %pre GNU tar 1.16 and 1.15.1, and possibly other versions, allows user-assisted attackers to overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES record with a symbolic link, which is not properly handled by the extract_archive function in extract.c and extract_mangle function in mangle.c, a variant of CVE-2002-1216. The updated packages have been patched to address this issue. %description The GNU tar program saves many files together into one archive and can restore individual files (or all of the files) from the archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/ decompression, the ability to perform remote archives and the ability to perform incremental and full backups. If you want to use Tar for remote backups, you'll also need to install the rmt package. You should install the tar package, because you'll find its compression and decompression utilities essential for working with files. %package park-rpmdrake rpmdrake Update: Wed Nov 29 16:54:05 2006 Importance: bugfix ID: MDKA-2006:055 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:055 %pre Several bugs were fixed in rpmdrake: - various people saw crashes due to invalid UTF-8 strings (#26099) - edit-urpm-sources.pl didn't start if urpmi.cfg did not exist (#27336) - MandrivaUpdate got several fixes: o it was impossible to select an update where there was only one group (#26135) o all updates are preselected by default (#25271) o all security, bugfix & normal updates were not displayed in "all updates" mode (#27268) o default is now "all updates" rather than "security updates" %description rpmdrake is a simple graphical frontend to manage software packages on a Mandriva Linux system; it has 3 different modes: - software packages installation; - software packages removal; - MandrivaUpdate (software packages updates). A fourth program manages the media (add, remove, edit). %package drakx-finish-install drakxtools drakxtools-backend drakxtools-http drakxtools-newt harddrake harddrake-ui Update: Wed Nov 29 17:09:01 2006 Importance: bugfix ID: MDKA-2006:056 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:056 %pre Several bugs were fixed in drakxtools: - it was not possible to start rpmdrake from the menu (#26383) - it was not possible to set up updates media and then distro media (or the reverse) in edit-urpm-sources - drakauth: o add encrypted home and pam_mount support o hide password when calling "net join" or "net ads join" (pixel) - drakbackup: o fix archiver detection/config file replace (stew, #26705, #27180) o do not backup the backups (Adamw) - drakboot: support Xen with lilo using mbootpack - drakfirewall: really disable services (#27295) - drakvpn: o add pkcs11 token support for openvpn o ask password/PIN if needed - drakconnect/drakroam: o detect wireless interfaces with unknown driver, e.g. rt61 o do not check for ipw3945 kernel module packages o do not wrongly tell that acx100-firmware can be found in Club or commercial editions (#26475) o use iwpriv commands to configure WPA on rt2570 and rt61 chipsets o update madwifi URL which was old - finish-install: add encrypted home and pam_mount support - printerdrake: due to changes in the format of HPLIP's device description XML files, scanner functionality was not recognized any more (#26567). %description Contains many Mandriva Linux applications simplifying users and administrators life on a Mandriva Linux machine. Nearly all of them work both under XFree (graphical environment) and in console (text environment), allowing easy distant work. drakbug: interactive bug report tool drakbug_report: help find bugs in DrakX drakclock: date & time configurator drakfloppy: boot disk creator drakfont: import fonts in the system draklog: show extracted information from the system logs draknet_monitor: connection monitoring drakperm: msec GUI (permissions configurator) drakprinter: detect and configure your printer draksec: security options managment / msec frontend draksplash: bootsplash themes creation drakTermServ: terminal server configurator listsupportedprinters: list printers net_applet: applet to check network connection %package proftpd proftpd-anonymous proftpd-mod_autohost proftpd-mod_case proftpd-mod_clamav proftpd-mod_ctrls_admin proftpd-mod_facl proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Thu Nov 30 08:06:55 2006 Importance: security ID: MDKSA-2006:217-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:217-1 %pre A stack-based buffer overflow in the sreplace function in ProFTPD 1.3.0 and earlier, allows remote attackers to cause a denial of service, as demonstrated by vd_proftpd.pm, a "ProFTPD remote exploit." (CVE-2006-5815) Buffer overflow in the tls_x509_name_oneline function in the mod_tls module, as used in ProFTPD 1.3.0a and earlier, and possibly other products, allows remote attackers to execute arbitrary code via a large data length argument, a different vulnerability than CVE-2006-5815. (CVE-2006-6170) ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an error stemming from an initial vague disclosure. NOTE: ProFTPD developers dispute this issue, saying that the relevant memory location is overwritten by assignment before further use within the affected function, so this is not a vulnerability. (CVE-2006-6171) Packages have been patched to correct these issues. Update: The previous update incorrectly linked the vd_proftd.pm issue with the CommandBufferSize issue. These are two distinct issues and the previous update only addressed CommandBufferSize (CVE-2006-6171), and the mod_tls issue (CVE-2006-6170). %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package lib64gsf-1_114 lib64gsf-1_114-devel libgsf Update: Thu Nov 30 16:12:08 2006 Importance: security ID: MDKSA-2006:220 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:220 %pre "infamous41md" discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code. The updated packages have been patched to correct this problem. %description A library for reading and writing structured files (eg MS OLE and Zip). %package gnupg gnupg2 Update: Thu Nov 30 17:14:19 2006 Importance: security ID: MDKSA-2006:221 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:221 %pre Buffer overflow in the ask_outfile_name function in openfile.c for GnuPG (gpg) 1.4 and 2.0, when running interactively, might allow attackers to execute arbitrary code via messages that cause the make_printable_string function to return a longer string than expected while constructing a prompt. Updated packages have been patched to correct this issue. %description GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. %package koffice koffice-karbon koffice-kexi koffice-kformula koffice-kivio koffice-koshell koffice-kplato koffice-kpresenter koffice-krita koffice-kspread koffice-kugar koffice-kword koffice-progs lib64koffice2-karbon lib64koffice2-karbon-devel lib64koffice2-kexi lib64koffice2-kexi-devel lib64koffice2-kformula lib64koffice2-kformula-devel lib64koffice2-kivio lib64koffice2-kivio-devel lib64koffice2-koshell lib64koffice2-kplato lib64koffice2-kpresenter lib64koffice2-kpresenter-devel lib64koffice2-krita lib64koffice2-krita-devel lib64koffice2-kspread lib64koffice2-kspread-devel lib64koffice2-kugar lib64koffice2-kugar-devel lib64koffice2-kword lib64koffice2-kword-devel lib64koffice2-progs lib64koffice2-progs-devel Update: Fri Dec 01 11:15:12 2006 Importance: security ID: MDKSA-2006:222 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:222 %pre An integer overflow was discovered in KOffice's filtering code. By tricking a user into opening a specially crafted PPT file, attackers could crash KOffice or possibly execute arbitrary code with the user's privileges. The updated packages have been patched to correct this issue. %description Office applications for the K Desktop Environment. KOffice contains: * KWord: word processor * KSpread: spreadsheet * KPresenter: presentations * KChart: diagram generator * Kugar: A tool for generating business quality reports. * Kivio: A Visio-style flowcharting application. * Kexi: an integrated environment for managing data * Some filters (Excel 97, Winword 97/2000, etc.) %package clamav clamav-db clamav-milter clamd lib64clamav1 lib64clamav1-devel Update: Fri Dec 01 14:31:54 2006 Importance: bugfix ID: MDKA-2006:057 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:057 %pre There are no known security issues with clamav-0.88.5, which was included in the last update (MDKSA-2006:184). Upstream has released a new stable 0.88.6, with some bugfixes. This update is to address user reports with regards to clamav's behavior of producing output such as: WARNING: Your ClamAV installation is OUTDATED! WARNING: Current functionality level = 9, recommended = 10 DON'T PANIC! Read http://www.clamav.net/faq.html If one is not running the latest release. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package gv Update: Mon Dec 04 05:42:53 2006 Importance: security ID: MDKSA-2006:214-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:214-1 %pre Stack-based buffer overflow in the ps_gettext function in ps.c for GNU gv 3.6.2, and possibly earlier versions, allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header. Packages have been patched to correct this issue. Update: The patch used in the previous update still left the possibility of causing X to consume unusual amounts of memory if gv is used to view a carefully crafted image designed to exploit CVE-2006-5864. This update uses an improved patch to address this issue. %description Gv provides a user interface for the ghostscript PostScript(TM) interpreter. Derived from the ghostview program, gv can display PostScript and PDF documents using the X Window System. Install the gv package if you'd like to view PostScript and PDF documents on your system. You'll also need to have the ghostscript package installed, as well as the X Window System. %package lib64xine1 lib64xine1-devel xine-aa xine-arts xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-plugins xine-sdl xine-smb Update: Tue Dec 05 16:36:15 2006 Importance: security ID: MDKSA-2006:224 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:224 %pre Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Updated packages have been patched to correct this issue. %description xine is a free gpl-licensed video player for unix-like systems. %package ruby ruby-devel ruby-doc ruby-tk Update: Wed Dec 06 08:48:42 2006 Importance: security ID: MDKSA-2006:225 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:225 %pre Another vulnerability has been discovered in the CGI library (cgi.rb) that ships with Ruby which could be used by a malicious user to create a denial of service attack (DoS). Updated packages have been patched to correct this issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package kdegraphics kdegraphics-common kdegraphics-kcolorchooser kdegraphics-kcoloredit kdegraphics-kdvi kdegraphics-kfax kdegraphics-kghostview kdegraphics-kiconedit kdegraphics-kolourpaint kdegraphics-kooka kdegraphics-kpdf kdegraphics-kpovmodeler kdegraphics-kruler kdegraphics-ksnapshot kdegraphics-ksvg kdegraphics-kuickshow kdegraphics-kview kdegraphics-mrmlsearch lib64kdegraphics0-common lib64kdegraphics0-common-devel lib64kdegraphics0-kghostview lib64kdegraphics0-kghostview-devel lib64kdegraphics0-kooka lib64kdegraphics0-kooka-devel lib64kdegraphics0-kpovmodeler lib64kdegraphics0-kpovmodeler-devel lib64kdegraphics0-ksvg lib64kdegraphics0-ksvg-devel lib64kdegraphics0-kview lib64kdegraphics0-kview-devel Update: Mon Dec 11 09:00:02 2006 Importance: security ID: MDKSA-2006:227 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:227 %pre Stack overflow in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. The updated packages have been patched to correct this issue. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications: - kamera: digital camera io_slave for Konqueror. Together gPhoto this allows you to access your camera's picture with the URL kamera:/ - kcoloredit: contains two programs: a color value editor and also a color picker - kdvi: program (and embeddable KPart) to display *.DVI files from TeX - kfax: a program to display raw and tiffed fax images (g3, g3-2d, g4) - kfaxview: an embeddable KPart to display tiffed fax images - kfile-plugins: provide meta information for graphic files - kghostview: program (and embeddable KPart) to display *.PDF and *.PS - kiconedit: an icon editor - kooka: a raster image scan program, based on SANE and libkscan - kruler: a ruler in inch, centimeter and pixel to check distances on the screen - ksnapshot: make snapshots of the screen contents - kuickshow: fast and comfortable imageviewer - kview: picture viewer, provided as standalone program and embeddable KPart - kviewshell: generic framework for viewer applications %package gnupg gnupg2 Update: Mon Dec 11 15:53:43 2006 Importance: security ID: MDKSA-2006:228 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:228 %pre A "stack overwrite" vulnerability in GnuPG (gpg) allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. Updated packages have been patched to correct this issue. %description GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. %package tomboy Update: Wed Dec 13 05:18:39 2006 Importance: bugfix ID: MDKA-2006:063 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:063 %pre A bug in the build system made the tomboy package miss some dependencies like gnome-sharp2 on x86_64. The rebuilt package now installs all required packages. %description Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information you deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking system, organizing ideas is as simple as typing a name. Branching an idea off is easy as pressing the Link button. And links between your ideas won't break, even when renaming and reorganizing them. %package evince Update: Wed Dec 13 18:28:01 2006 Importance: security ID: MDKSA-2006:229 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:229 %pre Stack-based buffer overflow in ps.c for evince allows user-assisted attackers to execute arbitrary code via a PostScript (PS) file with certain headers that contain long comments, as demonstrated using the DocumentMedia header. Packages have been patched to correct this issue. %description GNOME Document viewer, supports PDF and PostScript. %package clamav clamav-db clamav-milter clamd lib64clamav1 lib64clamav1-devel Update: Wed Dec 13 18:32:18 2006 Importance: security ID: MDKSA-2006:230 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:230 %pre The latest version of ClamAV, 0.88.7, fixes some bugs, including vulnerabilities with handling base64-encoded MIME attachment files that can lead to either a) a crash (CVE-2006-5874), or b) a bypass of virus detection (CVE-2006-6406). As well, a vulnerability was discovered that allows remote attackers to cause a stack overflow and application crash by wrapping many layers of multipart/mixed content around a document (CVE-2006-6481). The latest ClamAV is being provided to address these issues. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package evolution-sharp Update: Thu Dec 14 12:59:20 2006 Importance: bugfix ID: MDKA-2006:066 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:066 %pre The evolution-sharp bindings weren't configured properly, preventing beagle from indexing Evolution mailboxes. This update fixes this issue. %description Evolution# is a .NET language binding for various Ximian Evolution (tm) libraries. %package hal hal-gnome lib64hal1 lib64hal1-devel Update: Thu Dec 14 13:01:41 2006 Importance: bugfix ID: MDKA-2006:06? URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:06? %pre A bug in partition detection for some SD/MMC card readers (those using the sdhci driver) was preventing correct detection by HAL, breaking automatic mounting/unmounting on card insertion/removal. Another bug was preventing correct mounting of LUKS-encrypted removable media. This update fixes these bugs and also provides compatibility with D-Bus 1.0. %description HAL is daemon for collection and maintaining information from several sources about the hardware on the system. It provides a live device list through D-BUS. %package gdm gdm-Xnest Update: Thu Dec 14 16:06:53 2006 Importance: security ID: MDKSA-2006:231 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:231 %pre Local exploitation of a format string vulnerability in GNOME Foundation's GNOME Display Manager host chooser window (gdmchooser) could allow an unauthenticated attacker to execute arbitrary code on the affected system. The updated packages have been patched to correct this issue. %description Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. %package proftpd proftpd-anonymous proftpd-mod_autohost proftpd-mod_case proftpd-mod_clamav proftpd-mod_ctrls_admin proftpd-mod_facl proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Mon Dec 18 16:18:28 2006 Importance: security ID: MDKSA-2006:232 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:232 %pre Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value. Packages have been patched to correct these issues. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package dbus dbus-x11 lib64dbus-1_3 lib64dbus-1_3-devel Update: Mon Dec 18 16:39:47 2006 Importance: security ID: MDKSA-2006:233 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:233 %pre A vulnerability was discovered in D-Bus that could be exploited by a local attacker to cause a Denial of Service. Updated packages have been patched to correct this issue. %description D-Bus is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging facility. %package jay lib64mono0 lib64mono0-devel libmono-runtime mono mono-data-sqlite mono-doc Update: Wed Dec 20 11:23:55 2006 Importance: security ID: MDKSA-2006:234 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:234 %pre XSP (the Mono ASP.NET server) is vulnerable to source disclosure attack which allow a malicious user to obtain the source code of the server-side application. This vulnerability grants the attacker deeper knowledge of the Web application logic. Updated packages have been patched to correct this issue. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. %package lsb lsb-core lsb-qt4 lsb-test Update: Wed Dec 20 16:49:01 2006 Importance: bugfix ID: MDKA-2006:067 URL: http://www.mandriva.com/security/advisories?name=MDKA-2006:067 %pre When the xorg-x11 package was broken up into subpackages, libGL.so.1, which is required by LSB, ended up not being a requirement of the lsb meta-package. This update corrects this issue and should allow lsblibchk to run without failures. %description The skeleton package defining packages needed for LSB compliance. Note: To successfuly run the runtime test suites, install lsb-test. %package lib64modplug0 lib64modplug0-devel Update: Tue Jan 02 07:54:43 2007 Importance: security ID: MDKSA-2007:001 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:001 %pre Multiple buffer overflows in MODPlug Tracker (OpenMPT) 1.17.02.43 and earlier and libmodplug 0.8 and earlier allow user-assisted remote attackers to execute arbitrary code via (1) long strings in ITP files used by the CSoundFile::ReadITProject function in soundlib/Load_it.cpp and (2) crafted modules used by the CSoundFile::ReadSample function in soundlib/Sndfile.cpp, as demonstrated by crafted AMF files. Updated packages are patched to address this issue. %description Olivier Lapicque, author of Modplug, which is arguably the best quality MOD-playing software available, has placed his sound rendering code in the public domain. This library and plugin is based on that code. It can play 22 different mod formats, including: MOD, S3M, XM, IT, 669, AMF (both of them), AMS, DBM, DMF, DSM, FAR, MDL, MED, MTM, OKT, PTM, STM, ULT, UMX, MT2, PSM %package evince kernel-2.6.17.8mdv kernel-source-2.6.17.8mdv kernel-source-stripped-2.6.17.8mdv kernel-xen0-2.6.17.8mdv kernel-xenU-2.6.17.8mdv Update: Tue Jan 02 10:04:42 2007 Importance: security ID: MDKSA-2007:002 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:002 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which could allow a local user to cause a Denial of Service (process crash) (CVE-2006-5173). The seqfile handling in the 2.6 kernel up to 2.6.18 allows local users to cause a DoS (hang or oops) via unspecified manipulations that trigger an infinite loop while searching for flowlabels (CVE-2006-5619). An integer overflow in the 2.6 kernel prior to 2.6.18.4 could allow a local user to execute arbitrary code via a large maxnum value in an ioctl request (CVE-2006-5751). A race condition in the ISO9660 filesystem handling could allow a local user to cause a DoS (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures (CVE-2006-5757). A vulnerability in the bluetooth support could allow for overwriting internal CMTP and CAPI data structures via malformed packets (CVE-2006-6106). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes. In addition to these security fixes, other fixes have been included such as: - added the marvell IDE driver - use a specific driver Jmicron chipsets rather than using a generic one - updated the sky2 driver to fix some network hang issues To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Thu Jan 04 11:03:05 2007 Importance: bugfix ID: MDKA-2007:001 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:001 %pre A number of minor issues were present in the samba packages shipped with Mandriva 2007.0. For users with filesystem quotas, samba would not indicate the remaining quota as the free disk space (as intended). Problems with storing accounts with upper-case usernames in the smbpasswd passdb backend (tdbsam and ldapsam were not affected). Errors in the pam.d file used in samba for pam 0.9x prevented pam authentication (SWAT, and authentication to samba when using "obey pam restrictions = yes"). Users were being denied access to shares which have a "valid users" statement including a group the user is a member of. These issues have all been fixed in the updated packages. Note that some of these fixes were only available in a new upstream version of samba, which also changes some behaviour. Please consult the release notes (http://www.samba.org/samba/history/samba-3.0.23d.html) before upgrading. Specifically, note the "RID Algorithms & Passdb" if you use samba as a file server in a domain context. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package kdeutils kdeutils-ark kdeutils-common kdeutils-kcalc kdeutils-kcharselect kdeutils-kdessh kdeutils-kdf kdeutils-kedit kdeutils-kfloppy kdeutils-kgpg kdeutils-khexedit kdeutils-kjots kdeutils-klaptop kdeutils-ksim kdeutils-ktimer kdeutils-kwalletmanager kdeutils-superkaramba lib64kdeutils1-common lib64kdeutils1-common-devel lib64kdeutils1-khexedit lib64kdeutils1-khexedit-devel lib64kdeutils1-klaptop lib64kdeutils1-klaptop-devel lib64kdeutils1-ksim lib64kdeutils1-ksim-devel Update: Thu Jan 04 11:48:27 2007 Importance: bugfix ID: MDKA-2007:002 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:002 %pre A bug in the kdeutils-ark package prevented the creation of a zip format archive using Konqueror, or from ark directly. Updated packages have been patched to correct this issue. %description Utilities for the K Desktop Environment. - ark: manager for compressed files and archives - kcalc: scientific calculator - kcharselect: select special characters from any fonts and put them into the clipboard - charselectapplet: dito, but as a Kicker applet - kcardtools: - kdessh: front end to ssh - kdf: like 'df', a graphical free disk space viewer - kedit: a simple text editor, without formatting like bold, italics etc - kfloppy: format a floppy disks with this app - khexedit: binary file editor - kjots: manages several "books" with a subject and notes - klaptopdaemon: battery and power management, including KControl plugins - kregexpeditor: graphical regular expression editor - ktimer: execute programs after some time %package avahi avahi-dnsconfd avahi-python avahi-sharp avahi-x11 lib64avahi-client3 lib64avahi-client3-devel lib64avahi-common3 lib64avahi-common3-devel lib64avahi-compat-howl0 lib64avahi-compat-howl0-devel lib64avahi-compat-libdns_sd1 lib64avahi-compat-libdns_sd1-devel lib64avahi-core4 lib64avahi-core4-devel lib64avahi-glib1 lib64avahi-glib1-devel lib64avahi-qt3_1 lib64avahi-qt3_1-devel lib64avahi-qt4_1 lib64avahi-qt4_1-devel Update: Mon Jan 08 12:02:50 2007 Importance: security ID: MDKSA-2007:003 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:003 %pre The consume_labels function in avahi-core/dns.c in Avahi before 0.6.16 allows remote attackers to cause a denial of service (infinite loop) via a crafted compressed DNS response with a label that points to itself. Updated packages are patched to address this issue. %description Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. %package lib64mesagl1 lib64mesagl1-devel lib64mesaglu1 lib64mesaglu1-devel lib64mesaglut3 lib64mesaglut3-devel lib64mesaglw1 lib64mesaglw1-devel mesa mesa-common-devel mesa-demos mesa-source Update: Tue Jan 09 07:20:10 2007 Importance: bugfix ID: MDKA-2007:004 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:004 %pre There was a problem with mesa, where OpenGL applications would crash for users having some i965G chipsets. Updated packages have been patched to correct this issue. %description Mesa is an OpenGL 1.4 compatible 3D graphics library. %package x11-server x11-server-common x11-server-devel x11-server-xdmx x11-server-xephyr x11-server-xfake x11-server-xfbdev x11-server-xnest x11-server-xorg x11-server-xprt x11-server-xsdl x11-server-xvfb Update: Tue Jan 09 11:44:41 2007 Importance: security ID: MDKSA-2007-005 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007-005 %pre Sean Larsson of iDefense Labs discovered several vulnerabilities in X.Org/XFree86: Local exploitation of a memory corruption vulnerability in the 'ProcRenderAddGlyphs()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6101) Local exploitation of a memory corruption vulnerability in the 'ProcDbeGetVisualInfo()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6102) Local exploitation of a memory corruption vulnerability in the 'ProcDbeSwapBuffers()' function in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. (CVE-2006-6103) Updated packages are patched to address these issues. %description X11 servers %package openoffice.org openoffice.org-devel openoffice.org-devel-doc openoffice.org-galleries openoffice.org-gnome openoffice.org-kde openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-mimelnk openoffice.org-mono openoffice.org-ooqstart Update: Wed Jan 10 09:59:17 2007 Importance: security ID: MDKSA-2007:006 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:006 %pre Several integer overflows were discovered in the OpenOffice.org WMF file processor. An attacker could create a carefully crafted WMF file that would cause OpenOffice.org to execute arbitrary code when opened. Updated packages are patched to address this issue. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation lib64krb53 lib64krb53-devel telnet-client-krb5 telnet-server-krb5 Update: Wed Jan 10 17:59:56 2007 Importance: security ID: MDKSA-2007:008 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:008 %pre A vulnerability in the RPC library in Kerberos 1.4.x and 1.5.x as used in the kadmind administration daemon calls an uninitialized function pointer in freed memory, which could allow a remote attacker to cause a Denial of Service and possibly execute arbitrary code via unspecified vectors. Updated packages are patched to address this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package kdenetwork kdenetwork-common kdenetwork-kdict kdenetwork-kget kdenetwork-knewsticker kdenetwork-kopete kdenetwork-kopete-latex kdenetwork-kppp kdenetwork-kppp-provider kdenetwork-krfb kdenetwork-ksirc kdenetwork-ktalk kdenetwork-kwifimanager lib64kdenetwork2-common lib64kdenetwork2-common-devel lib64kdenetwork2-kdict lib64kdenetwork2-knewsticker lib64kdenetwork2-kopete lib64kdenetwork2-kopete-devel lib64kdenetwork2-ksirc lib64kdenetwork2-kwifimanager lisa Update: Wed Jan 10 19:02:54 2007 Importance: security ID: MDKSA-2007:009 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:009 %pre KsIRC 1.3.12 allows remote attackers to cause a denial of service (crash) via a long PRIVMSG string when connecting to an Internet Relay Chat (IRC) server, which causes an assertion failure and results in a NULL pointer dereference. Updated packages are patched to address this issue. %description Networking applications for the K Desktop Environment. - kdict: graphical client for the DICT protocol. - kit: AOL instant messenger client, using the TOC protocol - knewsticker: RDF newsticker applet - kpf: public fileserver applet - ksirc: IRC client - ktalkd: talk daemon - lanbrowsing: lan browsing kio slave - krfb: Desktop Sharing server, allow others to access your desktop via VNC - krdc: a client for Desktop Sharing and other VNC servers %package nmap nmap-frontend Update: Thu Jan 11 07:35:22 2007 Importance: bugfix ID: MDKA-2007:005 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:005 %pre The version of nmap shipped with Mandriva Linux 2007 was built against the system copies of the libpcap and libdnet libraries. However, nmap actually requires changes to be made to these libraries which have not yet been made to the upstream versions, and consequently should be compiled against its own built-in copies of these libraries. This problem causes nmap not to work as the root user: it would simply freeze up. The updated package fixes this problem. It also fixes the menu entry for the package. %description Nmap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), and TCP/IP fingerprinting (remote host operating system identification). Nmap also offers flexible target and port specification, decoy scanning, determination of TCP sequence predictability characteristics, sunRPC scanning, reverse-identd scanning, and more. %package desktop-common-data Update: Thu Jan 11 10:44:56 2007 Importance: bugfix ID: MDKA-2007:006 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:006 %pre When using "Discovery" menus, there is no menu item for Writer in the Office category. Updated packages correct this issue. %description This package contains useful icons, menu structure and others goodies for the Mandriva Linux desktop. %package deskbar-applet devhelp devhelp-plugins epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64devhelp-1_0 lib64devhelp-1_0-devel lib64mozilla-firefox1.5.0.9 lib64mozilla-firefox1.5.0.9-devel lib64nspr4 lib64nspr4-devel lib64nspr4-static-devel lib64nss3 lib64nss3-devel lib64totem-plparser1 lib64totem-plparser1-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es mozilla-firefox-es_AR mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb mozilla-firefox-nl mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt mozilla-firefox-pt_BR mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Thu Jan 11 11:26:40 2007 Importance: security ID: MDKSA-2007:010 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:010 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.9. This update provides the latest Firefox to correct these issues. %description %package dkms-lirc dkms-lirc-parallel lib64lirc0 lib64lirc0-devel lirc Update: Thu Jan 11 11:49:49 2007 Importance: bugfix ID: MDKA-2007:007 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:007 %pre Dkms-lirc allows one to install LIRC drivers on non-Mandriva kernels. It contains a driver named lirc_parallel.ko which does not work on SMP-enabled kernels, preventing the driver installation on such kernels. The lirc_parallel.ko driver has been removed from the updated package and moved to a separate package named dkms-lirc-parallel. %description LIRC is a package that allows you to decode and send infra-red signals of many (but not all) commonly used remote controls. Configuration files for many remotes are locate in lirc-remotes package %package mozilla-thunderbird mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-es mozilla-thunderbird-es_AR mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-ga mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb mozilla-thunderbird-nl mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv mozilla-thunderbird-tr mozilla-thunderbird-zh_CN nsinstall Update: Thu Jan 11 15:48:45 2007 Importance: security ID: MDKSA-2007:011 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:011 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.9. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package lib64neon0.26 lib64neon0.26-devel lib64neon0.26-static-devel Update: Fri Jan 12 12:38:08 2007 Importance: security ID: MDKSA-2007:013 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:013 %pre An array index error in the URI parser in neon 0.26.0 to 0.26.2 could possibly allow remote malicious servers to cause a crash via a URI with non-ASCII characters. This vulnerability may only exist on 64bit systems. Updated packages are patched to address this issue. %description neon is an HTTP and WebDAV client library for Unix systems, with a C language API. It provides high-level interfaces to HTTP/1.1 and WebDAV methods, and a low-level interface to HTTP request/response handling, allowing new methods to be easily implemented. %package bluez-utils bluez-utils-cups Update: Fri Jan 12 14:20:26 2007 Importance: bugfix ID: MDKA-2007:008 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:008 %pre In Mandriva 2007.0, authentication with bluetooth devices was broken (#24359). This update provides an agent that will prompt for passkeys (PIN code) when needed. %description These are the official Bluetooth utilities for Linux. WARNING : it is HIGHLY recommanded to change your system Bluetooth PIN code in /etc/bluetooth/pin. The BLUETOOTH trademarks are owned by Bluetooth SIG, Inc., U.S.A. %package perl-SOAP-Lite Update: Mon Jan 15 10:35:23 2007 Importance: bugfix ID: MDKA-2007:009 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:009 %pre SOAP::Lite makes use of auto-generated methods with names that clash with methods exported by UNIVERSAL::require. As a result, using the two modules simultaneously will result in an immediate program crash. The package has been patched with an upstream fix to correct the issue. %description SOAP::Lite for Perl is a collection of Perl modules which provides a simple and lightweight interface to the Simple Object Access Protocol (SOAP) both on client and server side. To learn about SOAP, go to http://www.soaplite.com/#LINKS for more information. This version of SOAP::Lite supports a subset of the SOAP 1.1 specification and has initial support for SOAP 1.2 specification. See http://www.w3.org/TR/SOAP for details. %package lib64wvstreams3.74 lib64wvstreams3.74-devel Update: Mon Jan 15 11:57:08 2007 Importance: bugfix ID: MDKA-2007:010 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:010 %pre In Mandriva 2007.0, the wvstreams package was built with openssl 0.9.7, which was not available in the final 2007.0 release. This made the wvstreams package impossible to install on Mandriva 2007.0 (bug 26240). This update is built with openssl 0.9.8, so that it can be installed on a Mandriva 2007.0 system. %description WvStreams aims to be an efficient, secure, and easy-to-use library for doing network applications development. %package fetchmail fetchmail-daemon fetchmailconf Update: Mon Jan 15 15:10:36 2007 Importance: security ID: MDKSA-2007:016 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:016 %pre Fetchmail before 6.3.6-rc4 does not properly enforce TLS and may transmit cleartext passwords over unsecured links if certain circumstances occur, which allows remote attackers to obtain sensitive information via man-in-the-middle (MITM) attacks. The updated packages have been patched to correct this problem. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package wget Update: Mon Jan 15 15:13:18 2007 Importance: security ID: MDKSA-2007:017 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:017 %pre The ftp_syst function in ftp-basic.c in Free Software Foundation (FSF) GNU wget 1.10.2 allows remote attackers to cause a denial of service (application crash) via a malicious FTP server with a large number of blank 220 responses to the SYST command. The updated packages have been patched to correct this problem. %description GNU Wget is a file retrieval utility which can use either the HTTP or FTP protocols. Wget features include the ability to work in the background while you're logged out, recursive retrieval of directories, file name wildcard matching, remote file timestamp storage and comparison, use of Rest with FTP servers and Range with HTTP servers to retrieve files over slow or unstable connections, support for Proxy servers, and configurability. %package tripwire Update: Tue Jan 16 11:31:59 2007 Importance: bugfix ID: MDKA-2007:011 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:011 %pre The version of tripwire included with Mandriva 2007 would hang while generating keys. The problem has been corrected by avoiding using optimization at compile-time. %description Tripwire is a very valuable security tool for Linux systems, if it is installed to a clean system. Tripwire should be installed right after the OS installation, and before you have connected your system to a network (i.e., before any possibility exists that someone could alter files on your system). When Tripwire is initially set up, it creates a database that records certain file information. Then when it is run, it compares a designated set of files and directories to the information stored in the database. Added or deleted files are flagged and reported, as are any files that have changed from their previously recorded state in the database. When Tripwire is run against system files on a regular basis, any file changes will be spotted when Tripwire is run. Tripwire will report the changes, which will give system administrators a clue that they need to enact damage control measures immediately if certain files have been altered. Extra-paranoid Tripwire users will set it up to run once a week and e-mail the results to themselves. Then if the e-mails stop coming, you'll know someone has gotten to the Tripwire program... After installing this package, you should run "/etc/tripwire/twinstall.sh" to generate cryptographic keys, and "tripwire --init" to initialize the database. %package koffice koffice-karbon koffice-kexi koffice-kformula koffice-kivio koffice-koshell koffice-kplato koffice-kpresenter koffice-krita koffice-kspread koffice-kugar koffice-kword koffice-progs lib64koffice2-karbon lib64koffice2-karbon-devel lib64koffice2-kexi lib64koffice2-kexi-devel lib64koffice2-kformula lib64koffice2-kformula-devel lib64koffice2-kivio lib64koffice2-kivio-devel lib64koffice2-koshell lib64koffice2-kplato lib64koffice2-kpresenter lib64koffice2-kpresenter-devel lib64koffice2-krita lib64koffice2-krita-devel lib64koffice2-kspread lib64koffice2-kspread-devel lib64koffice2-kugar lib64koffice2-kugar-devel lib64koffice2-kword lib64koffice2-kword-devel lib64koffice2-progs lib64koffice2-progs-devel Update: Thu Jan 18 10:54:04 2007 Importance: security ID: MDKSA-2007:018 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:018 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description Office applications for the K Desktop Environment. KOffice contains: * KWord: word processor * KSpread: spreadsheet * KPresenter: presentations * KChart: diagram generator * Kugar: A tool for generating business quality reports. * Kivio: A Visio-style flowcharting application. * Kexi: an integrated environment for managing data * Some filters (Excel 97, Winword 97/2000, etc.) %package pdftohtml Update: Thu Jan 18 10:56:47 2007 Importance: security ID: MDKSA-2007:019 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:019 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description PDFTOHTML converts Portable Document Format (PDF) files to HTML format. This release converts text and links. Bold and italic face are preserved, but high level HTML structures ( like lists or tables ) are not yet generated. Images are ignored ( but you can extract them from the PDF file using pdfimages, distributed with the Xpdf package ). The current version is tested on Linux and Solaris 2.6 %package lib64poppler-qt1 lib64poppler-qt1-devel lib64poppler-qt4-1 lib64poppler-qt4-1-devel lib64poppler1 lib64poppler1-devel poppler Update: Thu Jan 18 11:00:25 2007 Importance: security ID: MDKSA-2007:020 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:020 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description Poppler is a PDF rendering library based on the xpdf-3.0 code base. %package xpdf xpdf-tools Update: Thu Jan 18 11:02:34 2007 Importance: security ID: MDKSA-2007:021 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:021 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. PDF files are sometimes called Acrobat files, after Adobe Acrobat (Adobe's PDF viewer). Xpdf is a small and efficient program which uses standard X fonts. %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-xdvi xmltex Update: Thu Jan 18 11:04:35 2007 Importance: security ID: MDKSA-2007:022 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:022 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package lib64gtop2.0_7 lib64gtop2.0_7-devel libgtop2 Update: Thu Jan 18 12:30:28 2007 Importance: security ID: MDKSA-2007:023 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:023 %pre Stack-based buffer overflow in the glibtop_get_proc_map_s function in libgtop before 2.14.6 (libgtop2) allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a process with a long filename that is mapped in its address space, which triggers the overflow in gnome-system-monitor. The updated packages have been patched to correct this problem. %description LibGTop is a library that fetches information about the running system such as CPU and memory useage, active processes and more. On Linux systems, this information is taken directly from the /proc filesystem while on other systems a server is used to read that information from other /dev/kmem, among others. %package glibc glibc-devel glibc-doc glibc-i18ndata glibc-profile glibc-static-devel glibc-utils ldconfig locales locales-aa locales-af locales-am locales-ar locales-as locales-az locales-be locales-ber locales-bg locales-bn locales-br locales-bs locales-ca locales-cs locales-cy locales-da locales-de locales-dz locales-el locales-en locales-eo locales-es locales-et locales-eu locales-fa locales-fi locales-fo locales-fr locales-fur locales-fy locales-ga locales-gd locales-gl locales-gu locales-gv locales-ha locales-he locales-hi locales-hr locales-hsb locales-hu locales-hy locales-id locales-ig locales-ik locales-is locales-it locales-iu locales-ja locales-ka locales-kk locales-kl locales-km locales-kn locales-ko locales-ku locales-kw locales-ky locales-lg locales-li locales-lo locales-lt locales-lv locales-mg locales-mi locales-mk locales-ml locales-mn locales-mr locales-ms locales-mt locales-nds locales-ne locales-nl locales-no locales-nr locales-nso locales-oc locales-pa locales-pl locales-pt locales-ro locales-ru locales-rw locales-sc locales-se locales-si locales-sk locales-sl locales-so locales-sq locales-sr locales-ss locales-st locales-sv locales-sw locales-ta locales-te locales-tg locales-th locales-tk locales-tl locales-tn locales-tr locales-ts locales-tt locales-ug locales-uk locales-ur locales-uz locales-ve locales-vi locales-wa locales-xh locales-yi locales-yo locales-zh locales-zu nscd timezone Update: Sat Jan 20 17:38:09 2007 Importance: bugfix ID: MDKA-2007:012 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:012 %pre The version of glibc shipped with Mandriva 2007 has a bug that prevents the system from passing the lsb-runtime test suite (T.ttyname_r). This update also includes sparc64 updates and Unicode 5.0 support. %description The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. The glibc package also contains national language (locale) support. %package deskbar-applet devhelp devhelp-plugins epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64devhelp-1_0 lib64devhelp-1_0-devel lib64totem-plparser1 lib64totem-plparser1-devel totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Mon Jan 22 10:46:43 2007 Importance: bugfix ID: MDKA-2007:013 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:013 %pre Due to an error in the compilation system, the firefox-dependant packages provided in MDKSA-2007:010 for Mandriva 2007/x86_64 were linked to the older version of Firefox. This update corrects the problem. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package kdegraphics kdegraphics-common kdegraphics-kcolorchooser kdegraphics-kcoloredit kdegraphics-kdvi kdegraphics-kfax kdegraphics-kghostview kdegraphics-kiconedit kdegraphics-kolourpaint kdegraphics-kooka kdegraphics-kpdf kdegraphics-kpovmodeler kdegraphics-kruler kdegraphics-ksnapshot kdegraphics-ksvg kdegraphics-kuickshow kdegraphics-kview kdegraphics-mrmlsearch lib64kdegraphics0-common lib64kdegraphics0-common-devel lib64kdegraphics0-kghostview lib64kdegraphics0-kghostview-devel lib64kdegraphics0-kooka lib64kdegraphics0-kooka-devel lib64kdegraphics0-kpovmodeler lib64kdegraphics0-kpovmodeler-devel lib64kdegraphics0-ksvg lib64kdegraphics0-ksvg-devel lib64kdegraphics0-kview lib64kdegraphics0-kview-devel Update: Mon Jan 22 14:45:17 2007 Importance: security ID: MDKSA-2007:024 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:024 %pre The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. The updated packages have been patched to correct this problem. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications: - kamera: digital camera io_slave for Konqueror. Together gPhoto this allows you to access your camera's picture with the URL kamera:/ - kcoloredit: contains two programs: a color value editor and also a color picker - kdvi: program (and embeddable KPart) to display *.DVI files from TeX - kfax: a program to display raw and tiffed fax images (g3, g3-2d, g4) - kfaxview: an embeddable KPart to display tiffed fax images - kfile-plugins: provide meta information for graphic files - kghostview: program (and embeddable KPart) to display *.PDF and *.PS - kiconedit: an icon editor - kooka: a raster image scan program, based on SANE and libkscan - kruler: a ruler in inch, centimeter and pixel to check distances on the screen - ksnapshot: make snapshots of the screen contents - kuickshow: fast and comfortable imageviewer - kview: picture viewer, provided as standalone program and embeddable KPart - kviewshell: generic framework for viewer applications %package mandriva-doc-common Update: Mon Jan 22 15:08:47 2007 Importance: bugfix ID: MDKA-2007:014 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:014 %pre Due to changes in the structure of the documentation, the Help buttons of the Software Management tools led to broken links. This update fixes the links catalog system so the inline help works again. %description This package contains some useful documentation for Mandriva Linux systems. This documentation is directly accessible through the menus. %package squid squid-cachemgr Update: Tue Jan 23 13:32:55 2007 Importance: security ID: MDKSA-2007:026 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:026 %pre A vulnerability in squid was discovered that could be remotely exploited by using a special ftp:// URL (CVE-2007-0247). Another Denial of Service vulnerability was discovered in squid 2.6 that allows remote attackers to crash the server by causing an external_acl_queue overload (CVE-2007-0248). Additionally, a bug in squid 2.6 for max_user_ip handling in ntlm_auth has been corrected. The updated packages have been patched to correct this problem. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change this value at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. %package xine-ui xine-ui-aa xine-ui-fb Update: Fri Jan 26 04:15:02 2007 Importance: security ID: MDKSA-2007:027 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:027 %pre Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. (CVE-2007-0254) XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017. (CVE-2007-0255) The updated packages have been patched to correct these issues. %description xine is a free GPL-licensed video player for UNIX-like systems. User interface for the X Window system. %package lib64soup-2.2_8 lib64soup-2.2_8-devel Update: Fri Jan 26 15:25:28 2007 Importance: security ID: MDKSA-2007:029 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:029 %pre The soup_headers_parse function in soup-headers.c for libsoup HTTP library before 2.2.99 allows remote attackers to cause a denial of service (crash) via malformed HTTP headers, probably involving missing fields or values. The updated packages have been patched to correct this issue. %description Soup is a SOAP (Simple Object Access Protocol) implementation in C. It provides an queued asynchronous callback-based mechanism for sending and servicing SOAP requests, and a WSDL (Web Service Definition Language) to C compiler which generates client stubs and server skeletons for easily calling and implementing SOAP methods. %package bind bind-devel bind-utils Update: Tue Jan 30 11:59:21 2007 Importance: security ID: MDKSA-2007:030 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:030 %pre Use-after-free vulnerability in ISC BIND 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (named daemon crash) via unspecified vectors that cause named to "dereference a freed fetch context." (CVE-2007-0493) ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that contains multiple RRsets, which triggers an assertion error. (CVE-2007-0494) The updated packages have been patched to correct these issues. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the $GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) %package kdelibs-common kdelibs-devel-doc lib64kdecore4 lib64kdecore4-devel Update: Fri Feb 02 13:11:38 2007 Importance: security ID: MDKSA-2007:031 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:031 %pre FIXME Konqueror 3.5.5 does not properly parse HTML comments in title tags, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment, a related issue to CVE-2007-0478. Updated packages have been patched to correct this issue. %description Libraries for the K Desktop Environment. %package mpg123 Update: Fri Feb 02 14:11:07 2007 Importance: security ID: MDKSA-2007:032 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:032 %pre The http_open function in httpget.c in mpg123 before 0.64 allows remote attackers to cause a denial of service (infinite loop) by closing the HTTP connection early. Packages have been patched to correct this issue. %description Mpg123 is a fast, free and portable MPEG audio player for Unix. It supports MPEG 1.0/2.0 layers 1, 2 and 3 ("mp3" files). For full CD quality playback (44 kHz, 16 bit, stereo) a fast CPU is required. Mono and/or reduced quality playback (22 kHz or 11 kHz) is possible on slow CPUs (like Intel 486). For information on the MP3 License, please visit: http://www.mpeg.org/ %package lib64wireshark0 tshark wireshark wireshark-tools Update: Fri Feb 02 17:02:36 2007 Importance: security ID: MDKSA-2007:033 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:033 %pre Vulnerabilities in the LLT, IEEE 802.11, HTTP, and TCP dissectors were discovered in versions of wireshark less than 0.99.5, as well as various other bugs. This updated provides wireshark 0.99.5 which is not vulnerable to these issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package lib64smbclient0 lib64smbclient0-devel lib64smbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Mon Feb 05 11:40:54 2007 Importance: security ID: MDKSA-2007:034 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:034 %pre A logic error in the deferred open code for smbd may allow an authenticated user to exhaust resources such as memory and CPU on the server by opening multiple CIFS sessions, each of which will normally spawn a new smbd process, and sending each connection into an infinite loop. (CVE-2007-0452) The name of a file on the server's share is used as the format string when setting an NT security descriptor through the afsacl.so VFS plugin. (CVE-2007-0454) Updated packages have been patched to address these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package gd-utils lib64gd2 lib64gd2-devel lib64gd2-static-devel Update: Tue Feb 06 16:09:04 2007 Importance: security ID: MDKSA-2007:035 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:035 %pre Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Packages have been patched to correct this issue. %description gd is a graphics library. It allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and write out the result as a PNG or JPEG file. This is particularly useful in World Wide Webapplications, where PNG and JPEG are two of the formats accepted for inlineimages by most browsers. gd is not a paint program. If you are looking for a paint program, you are looking in the wrong place. If you are not a programmer, you are looking in the wrong place. gd does not provide for every possible desirable graphics operation. It is not necessary or desirable for gd to become a kitchen-sink graphics package, but version 1.7.3 incorporates most of the commonly requested features for an 8-bit 2D package. %package lib64wmf0.2_7 lib64wmf0.2_7-devel libwmf Update: Tue Feb 06 16:10:41 2007 Importance: security ID: MDKSA-2007:036 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:036 %pre Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Libwmf uses an embedded copy of the gd source and may also be affected by this issue. Packages have been patched to correct this issue. %description libwmf is a library for unix like machines that can convert wmf files into other formats, currently it supports a gd binding to convert to gif, and an X one to draw direct to an X window or pixmap. %package lib64ecpg5 lib64ecpg5-devel lib64pq4 lib64pq4-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Tue Feb 06 16:12:51 2007 Importance: security ID: MDKSA-2007:037 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:037 %pre Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this (CVE-2007-0555). As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploted to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this (CVE-2007-0556). Updated packages have been patched to correct these issues. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package lib64php5_common5 php-cgi php-cli php-devel php-fcgi php-gd Update: Tue Feb 06 16:15:03 2007 Importance: security ID: MDKSA-2007:038 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:038 %pre PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and open_basedir restrictions via a malicious path and a null byte before a ";" in a session_save_path argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.save_path to the malicious path. (CVE-2006-6383) Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. PHP uses an embedded copy of GD and may be susceptible to the same issue. (CVE-2007-0455) Updated packages have been patched to correct these issues. Users must restart Apache for the changes to take effect. %description This is a dynamic shared object (DSO) for PHP that will add GD support, allowing you to create and manipulate images with PHP using the gd library. PHP is not limited to creating just HTML output. It can also be used to create and manipulate image files in a variety of different image formats, including gif, png, jpg, wbmp, and xpm. Even more convenient, PHP can output image streams directly to a browser. You will need to compile PHP with the GD library of image functions for this to work. GD and PHP may also require other libraries, depending on which image formats you want to work with. You can use the image functions in PHP to get the size of JPEG, GIF, PNG, SWF, TIFF and JPEG2000 images. This package provides two flavours of the gd php extension, one built against the shared system gd library (gd.so, default) and the other (gd-bundled.so) built with gd library that comes bundled with php and that has additional features. %package gtk+2.0 lib64gdk_pixbuf2.0_0 lib64gdk_pixbuf2.0_0-devel lib64gtk+-x11-2.0_0 lib64gtk+2.0_0 lib64gtk+2.0_0-devel Update: Wed Feb 07 09:27:43 2007 Importance: security ID: MDKSA-2007:039 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:039 %pre The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) allows context-dependent attackers to cause a denial of service (crash) via a malformed image file. (CVE-2007-0010) The version of libgtk+2.0 shipped with Mandriva Linux 2007 fails various portions of the lsb-test-desktop test suite, part of LSB 3.1 certification testing. The updated packages also address the following issues: The Home and Desktop entries in the GTK File Chooser are not always visible (#26644). GTK+-based applications (which includes all the Mandriva Linux configuration tools, for example) crash (instead of falling back to the default theme) when an invalid icon theme is selected. (#27013) Additional patches from GNOME CVS have been included to address the following issues from the GNOME bugzilla: * 357132 - fix RGBA colormap issue * 359537,357280,359052 - fix various printer bugs * 357566,353736,357050,363437,379503 - fix various crashes * 372527 - fix fileselector bug + potential deadlock %description The gtk+ package contains the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System. GTK+ was originally written for the GIMP (GNU Image Manipulation Program) image processing program, but is now used by several other programs as well. If you are planning on using the GIMP or another program that uses GTK+, you'll need to have the gtk+ package installed. %package kernel-2.6.17.10mdv kernel-doc-2.6.17.10mdv kernel-source-2.6.17.10mdv kernel-source-stripped-2.6.17.10mdv kernel-xen0-2.6.17.10mdv kernel-xenU-2.6.17.10mdv Update: Wed Feb 07 10:04:48 2007 Importance: security ID: MDKSA-2007:040 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:040 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4, as well as the 2.6 kernel, does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash. (CVE-2006-5749) The listxattr syscall can corrupt user space under certain circumstances. The problem seems to be related to signed/unsigned conversion during size promotion. (CVE-2006-5753) The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures. (CVE-2006-6053) The mincore function in the Linux kernel before 2.4.33.6, as well as the 2.6 kernel, does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock. (CVE-2006-4814) The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes. In addition to these security fixes, other fixes have been included such as: - Add Ralink RT2571W/RT2671 WLAN USB support (rt73 module) - Fix sys_msync() to report -ENOMEM as before when an unmapped area falls within its range, and not to overshoot (LSB regression) - Avoid disk sector_t overflow for >2TB ext3 filesystem - USB: workaround to fix HP scanners detection (#26728) - USB: unusual_devs.h for Sony floppy (#28378) - Add preliminary ICH9 support - Add TI sd card reader support - Add RT61 driver - KVM update - Fix bttv vbi offset To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package lib64ecpg5 lib64ecpg5-devel lib64pq4 lib64pq4-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Thu Feb 08 14:46:07 2007 Importance: security ID: MDKSA-2007:037-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:037-1 %pre Jeff Trout discovered that the PostgreSQL server did not sufficiently check data types of SQL function arguments in some cases. A user could then exploit this to crash the database server or read out arbitrary locations of the server's memory, which could be used to retrieve database contents that the user should not be able to see. Note that a user must be authenticated in order to exploit this (CVE-2007-0555). As well, Jeff Trout also discovered that the query planner did not verify that a table was still compatible with a previously-generated query plan, which could be exploted to read out arbitrary locations of the server's memory by using ALTER COLUMN TYPE during query execution. Again, a user must be authenticated in order to exploit this (CVE-2007-0556). Update: The previous update updated PostgreSQL to upstream versions, including 8.1.7 which contained a bug with typemod data types used with check constraints and expression indexes. This regression has been corrected in the new 8.1.8 version that is being provided. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package ImageMagick ImageMagick-doc lib64Magick10.4.0 lib64Magick10.4.0-devel perl-Image-Magick Update: Fri Feb 09 11:26:49 2007 Importance: security ID: MDKSA-2007:041 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:041 %pre Vladimir Nadvornik discovered a buffer overflow in GraphicsMagick and ImageMagick allows user-assisted attackers to cause a denial of service and possibly execute execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. This is related to an earlier fix for CVE-2006-5456 that did not fully correct the issue. Updated packages have been patched to correct this issue. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (LZW compression, fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package lib64smb4k0 lib64smb4k0-devel smb4k Update: Mon Feb 12 15:23:41 2007 Importance: security ID: MDKSA-2007:042 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:042 %pre Kees Cook performed an audit on the Smb4K program and discovered a number of vulnerabilities and security weaknesses that have been addressed and corrected in Smb4K 0.8.0 which is being provided with this update. %description An SMB network and share browser for KDE 3.1 or later. %package clamav clamav-db clamav-milter clamd lib64clamav1 lib64clamav1-devel Update: Mon Feb 19 12:42:21 2007 Importance: security ID: MDKSA-2007:043 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:043 %pre Clam AntiVirus ClamAV before 0.90 does not close open file descriptors under certain conditions, which allows remote attackers to cause a denial of service (file descriptor consumption and failed scans) via CAB archives with a cabinet header record length of zero, which causes a function to return without closing a file descriptor. (CVE-2007-0897) Directory traversal vulnerability in clamd in Clam AntiVirus ClamAV before 0.90 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the id MIME header parameter in a multi-part message. (CVE-2007-0898) The update to 0.90 addresses these issues. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package ekiga Update: Wed Feb 21 04:42:51 2007 Importance: security ID: MDKSA-2007:044 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:044 %pre A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. Updated package have been patched to correct this issue. %description Ekiga is a tool to communicate with video and audio over the internet. It uses both SIP and H323 protocol and is compatible with Microsoft Netmeeting. It used to be called GnomeMeeting %package gnucash gnucash-hbci gnucash-ofx gnucash-sql lib64gnucash0 lib64gnucash0-devel Update: Wed Feb 21 04:53:48 2007 Importance: security ID: MDKSA-2007:046 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:046 %pre Gnucash 2.0.4 and earlier allows local users to overwrite arbitrary files via a symlink attack on the (1) gnucash.trace, (2) qof.trace, and (3) qof.trace.[PID] temporary files. Updated package have been patched to correct this issue. %description GnuCash is a personal finance manager. A check-book like register GUI allows you to enter and track bank accounts, stocks, income and even currency trades. The interface is designed to be simple and easy to use, but is backed with double-entry accounting principles to ensure balanced books. %package kernel-2.6.17.11mdv kernel-doc-2.6.17.11mdv kernel-source-2.6.17.11mdv kernel-source-stripped-2.6.17.11mdv kernel-xen0-2.6.17.11mdv kernel-xenU-2.6.17.11mdv Update: Wed Feb 21 10:06:30 2007 Importance: security ID: MDKSA-2007:047 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:047 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: A double free vulnerability in the squashfs module could allow a local user to cause a Denial of Service by mounting a crafted squashfs filesystem (CVE-2006-5701). The zlib_inflate function allows local users to cause a crash via a malformed filesystem that uses zlib compression that triggers memory corruption (CVE-2006-5823). The key serial number collision avoidance code in the key_alloc_serial function in kernels 2.6.9 up to 2.6.20 allows local users to cause a crash via vectors thatr trigger a null dereference (CVE-2007-0006). The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels immediately and reboot to effect the fixes. In addition to these security fixes, other fixes have been included such as: - New drivers: nozomi, UVC - Fixed SiS SATA support for chips on 966/968 bridges - Fixed issues in squashfs by updating to 3.2 (#27008) - Added support for SiS968 bridgest to the sis190 bridge - Fixed JMicron cable detection - Added /proc/config.gz support and enabled kexec on x86_64 - Other minor fixes To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package lib64php5_common5 php-cgi php-cli php-devel php-fcgi php-imap php-odbc php-session Update: Thu Feb 22 19:38:11 2007 Importance: security ID: MDKSA-2007:048 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 %pre A number of vulnerabilities were discovered in PHP language. Many buffer overflow flaws were discovered in the PHP session extension, the str_replace() function, and the imap_mail_compose() function. An attacker able to use a PHP application using any of these functions could trigger these flaws and possibly execute arbitrary code as the apache user (CVE-2007-0906). A one-byte memory read will always occur prior to the beginning of a buffer, which could be triggered, for example, by any use of the header() function in a script (CVE-2007-0907). The wddx extension, if used to import WDDX data from an untrusted source, may allow a random portion of heap memory to be exposed due to certain WDDX input packets (CVE-2007-0908). The odbc_result_all() function, if used to display data from a database, and if the contents of the database are under the control of an attacker, could lead to the execution of arbitrary code due to a format string vulnerability (CVE-2007-0909). Several flaws in the PHP could allow attackers to clobber certain super-global variables via unspecified vectors (CVE-2007-0910). The zend_hash_init() function can be forced into an infinite loop if unserializing untrusted data on a 64-bit platform, resulting in the consumption of CPU resources until the script timeout alarm aborts the execution of the script (CVE-2007-0988). Updated package have been patched to correct this issue. %description This is a dynamic shared object (DSO) for PHP that will add session support. Session support in PHP consists of a way to preserve certain data across subsequent accesses. This enables you to build more customized applications and increase the appeal of your web site. A visitor accessing your web site is assigned a unique id, the so-called session id. This is either stored in a cookie on the user side or is propagated in the URL. This package provides two versions of the session extension: o session.so - File based sessions (default) o session-mm.so - Uses shared memory allocation (mm), developed by Ralf S. Engelschall, for session storage. (optional) %package perl-Mail-SpamAssassin spamassassin spamassassin-spamc spamassassin-spamd spamassassin-tools Update: Fri Feb 23 12:59:26 2007 Importance: security ID: MDKSA-2007:049 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:049 %pre A bug in the way that SpamAssassin processes HTML emails containing URIs was discovered in versions 3.1.x. A carefully crafted mail message could make SpamAssassin consume significant amounts of CPU resources that could delay or prevent the delivery of mail if a number of these messages were sent at once. SpamAssassin has been upgraded to version 3.1.8 to correct this problem, and other upstream bugs. In addition, an invalid path setting in local.cf for the auto_whitelist_path has been fixed for Mandriva 2007.0. %description SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. SpamAssassin also includes support for reporting spam messages automatically, and/or manually, to collaborative filtering databases such as Vipul's Razor, DCC or pyzor. Install perl-Razor-Agent package to get Vipul's Razor support. Install dcc package to get Distributed Checksum Clearinghouse (DCC) support. Install pyzor package to get Pyzor support. Install perl-Mail-SPF-Query package to get SPF support. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). %package gnome-terminal Update: Mon Feb 26 10:28:49 2007 Importance: bugfix ID: MDKA-2007:016 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:016 %pre A bug was causing incorrect window resizing when switching between multiple tabs in GNOME-Terminal. This bug, as well as memory leaks, has been fixed with this update. %description GNOME Terminal %package deskbar-applet devhelp devhelp-plugins epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell lib64devhelp-1_0 lib64devhelp-1_0-devel lib64mozilla-firefox1.5.0.10 lib64mozilla-firefox1.5.0.10-devel lib64nspr4 lib64nspr4-devel lib64nspr4-static-devel lib64nss3 lib64nss3-devel lib64totem-plparser1 lib64totem-plparser1-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es mozilla-firefox-es_AR mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb mozilla-firefox-nl mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt mozilla-firefox-pt_BR mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Wed Feb 28 12:14:06 2007 Importance: security ID: MDKSA-2007:050 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:050 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10. This update provides the latest Firefox to correct these issues. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package snort snort-bloat snort-inline+flexresp snort-inline snort-mysql+flexresp snort-mysql snort-plain+flexresp snort-postgresql+flexresp snort-postgresql snort-prelude+flexresp snort-prelude Update: Wed Feb 28 15:32:44 2007 Importance: security ID: MDKSA-2007:051 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:051 %pre Algorithmic complexity vulnerability in Snort before 2.6.1, during predicate evaluation in rule matching for certain rules, allows remote attackers to cause a denial of service (CPU consumption and detection outage) via crafted network traffic, aka a backtracking attack. Updated packages have been patched to address this issue. %description Snort is a libpcap-based packet sniffer/logger which can be used as a lightweight network intrusion detection system. It features rules based logging and can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more. Snort has a real-time alerting capabilty, with alerts being sent to syslog, a separate "alert" file, or as a WinPopup message via Samba's smbclient This rpm is different from previous rpms and while it will not clobber your current snortd file, you will need to modify it. There are 9 different packages available All of them require the base snort rpm. Additionally, you will need to chose a binary to install. /usr/sbin/snort should end up being a symlink to a binary in one of the following configurations. We use update-alternatives for this. Here are the different packages along with their priorities. plain(10) plain+flexresp(11) mysql(12) mysql+flexresp(13) postgresql(14) postgresql+flexresp(15) bloat(16) inline(17) inline+flexresp(18) prelude(21) prelude+flexresp(22) Please see the documentation in /usr/share/doc/snort-2.6.0 %package lib64mozilla-firefox1.5.0.10 lib64mozilla-firefox1.5.0.10-devel lib64nspr4 lib64nspr4-devel lib64nspr4-static-devel lib64nss3 lib64nss3-devel mozilla-firefox Update: Fri Mar 02 12:39:40 2007 Importance: security ID: MDKSA-2007:050-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:050-1 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 1.5.0.10. This update provides the latest Firefox to correct these issues. Update: A regression was found in the latest Firefox packages provided where changes to library paths caused applications that depended on the NSS libraries (such as Thunderbird and Evolution) to fail to start or fail to load certain SSL-related security components. These new packages correct that problem and we apologize for any inconvenience the previous update may have caused. %description The Mozilla Firefox project aims to build the most useful web browser for all platforms. Mozilla Firefox features: - Popup blocking built-in - Tabbed browsing, to view more than one web page in a single window - A comprehensive set of privacy options - Search tools built right into the toolbar - Live bookmarks, using RSS - "Hassle-free" downloading, with fewer prompts %package mozilla-thunderbird mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-es mozilla-thunderbird-es_AR mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-ga mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb mozilla-thunderbird-nl mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv mozilla-thunderbird-tr mozilla-thunderbird-zh_CN nsinstall Update: Tue Mar 06 15:52:59 2007 Importance: security ID: MDKSA-2007:052 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:052 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 1.5.0.10. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package losetup mount util-linux Update: Tue Mar 06 16:35:47 2007 Importance: security ID: MDKSA-2007:053 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:053 %pre Umount allows local users to trigger a NULL dereference and application crash by invoking the program with a pathname for a USB pen drive that was mounted and then physically removed, which might allow the users to obtain sensitive information, including core file contents. Updated packages have been patched to address this issue. %description The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. %package lib64xine1 lib64xine1-devel xine-aa xine-arts xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-plugins xine-sdl xine-smb Update: Thu Mar 08 05:00:04 2007 Importance: security ID: MDKSA-2007:057 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:057 %pre The DMO_VideoDecoder_Open function in dmo/DMO_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue. %description xine is a free gpl-licensed video player for unix-like systems. %package tcpdump Update: Thu Mar 08 05:12:07 2007 Importance: security ID: MDKSA-2007:056 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:056 %pre Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based. Updated packages have been patched to address this issue. %description Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. %package mencoder mplayer mplayer-gui Update: Thu Mar 08 05:27:31 2007 Importance: security ID: MDKSA-2007:055 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:055 %pre The DMO_VideoDecoder_Open function in loader/dmo/DMO_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/Codecs %package kdelibs-common kdelibs-devel-doc lib64kdecore4 lib64kdecore4-devel Update: Thu Mar 08 05:38:29 2007 Importance: security ID: MDKSA-2007:054 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:054 %pre ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. Updated packages have been patched to address this issue. %description Libraries for the K Desktop Environment. %package ekiga Update: Thu Mar 08 18:34:14 2007 Importance: security ID: MDKSA-2007:058 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:058 %pre A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete. Updated package have been patched to correct this issue. %description Ekiga is a tool to communicate with video and audio over the internet. It uses both SIP and H323 protocol and is compatible with Microsoft Netmeeting. It used to be called GnomeMeeting %package gnupg lib64gpgme11 lib64gpgme11-devel Update: Thu Mar 08 18:44:09 2007 Importance: security ID: MDKSA-2007:059 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:059 %pre GnuPG prior to 1.4.7 and GPGME prior to 1.1.4, when run from the command line, did not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components. This could allow a remote attacker to forge the contents of an email message without detection. GnuPG 1.4.7 is being provided with this update and GPGME has been patched on Mandriva 2007.0 to provide better visual notification on these types of forgeries. %description GnuPG Made Easy (GPGME) is a library designed to make access to GnuPG easier for applications. %package timezone Update: Fri Mar 09 14:15:17 2007 Importance: normal ID: MDKA-2007:018-1 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:018-1 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 for certain time zones. These updated packages contain the new information. Update: This update addresses timezone files such as Canada/Mountain that had not been previously updated to the DST information. While files such as MST7MDT were updated, the counterpart files such as Canada/Mountain or America/Edmonton, etc. were not. This update addresses that and also ensures that the new timezone information is copied over /etc/localtime so no further configuration is required. %description This package contains data files with rules for various timezones around the world. %package mencoder mplayer mplayer-gui Update: Tue Mar 13 09:26:05 2007 Importance: security ID: MDKSA-2007:061 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:061 %pre The DS_VideoDecoder_Open function in loader/dshow/DS_VideoDecoder.c in MPlayer 1.0rc1 and earlier does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/Codecs %package lib64xine1 lib64xine1-devel xine-aa xine-arts xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-plugins xine-sdl xine-smb Update: Tue Mar 13 09:31:49 2007 Importance: security ID: MDKSA-2007:062 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:062 %pre The DS_VideoDecoder_Open function in DirectShow/DS_VideoDecoder.c in xine-lib does not set the biSize before use in a memcpy, which allows user-assisted remote attackers to cause a buffer overflow and possibly execute arbitrary code. Updated packages have been patched to address this issue. %description xine is a free gpl-licensed video player for unix-like systems. %package lib64wpd-0.8_8 lib64wpd-0.8_8-devel libwpd-tools Update: Fri Mar 16 11:16:45 2007 Importance: security ID: MDKSA-2007:063 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:063 %pre iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim. Updated packages have been patched to address this issue. %description Libwpd is a library for reading/writing WordPerfect files. It is designed to be used by another program (e.g.: a word processor) as an in-process component. It supports fileimport of all versions of WordPerfect. %package openoffice.org openoffice.org-devel openoffice.org-devel-doc openoffice.org-galleries openoffice.org-gnome openoffice.org-kde openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-mimelnk openoffice.org-mono openoffice.org-ooqstart Update: Fri Mar 16 11:21:49 2007 Importance: security ID: MDKSA-2007:064 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:064 %pre iDefense reported several overflow bugs in libwpd. An attacker could create a carefully crafted Word Perfect file that could cause an application linked with libwpd, such as OpenOffice, to crash or possibly execute arbitrary code if the file was opened by a victim. OpenOffice.org-2.X contains an embedded copy of libpwd, and as such is susceptible to the same issues. Updated packages have been rebuilt using the system libwpd to address this issue. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package lib64nas2 lib64nas2-devel lib64nas2-static-devel nas Update: Tue Mar 20 15:08:49 2007 Importance: security ID: MDKSA-2007:065 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:065 %pre Luigi Auriemma discovered a number of problems with the nas (Network Audio System) daemon that could be used to crash nasd. Updated packages have been patched to address this issue. %description This package contains a network-transparent, client/server audio system, with a library Key features of the Network Audio System include: - Device-independent audio over the network - Lots of audio file and data formats - Can store sounds in server for rapid replay - Extensive mixing, separating, and manipulation of audio data - Simultaneous use of audio devices by multiple applications - Use by a growing number of ISVs - Small size - Free! No obnoxious licensing terms %package dkms-libafs lib64openafs1 lib64openafs1-devel openafs openafs-client openafs-doc openafs-server Update: Tue Mar 20 15:12:28 2007 Importance: security ID: MDKSA-2007:066 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:066 %pre By default, OpenAFS prior to 1.44 and 1.5.17 supports setuid programs within the local cell, which could allow attackers to obtain privileges. Updated packages have been patched to address this issue. %description AFS is a distributed filesystem allowing cross-platform sharing of files among multiple computers. Facilities are provided for access control, authentication, backup and administrative management. This package provides common files shared across all the various OpenAFS packages but are not necessarily tied to a client or server. %package methane Update: Thu Mar 22 11:17:12 2007 Importance: bugfix ID: MDKA-2007:021 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:021 %pre The methane package was not installable due to a conflicts with itself that should have been a conflicts with methane_new. The updated packages correct the conflicts so methane is now installable. %description A bubble bobble like arcade game. IMPORTANT NOTE: this is a conversion of the Commodore Amiga game. The author had been given permission by the company (Apache Software Ltd) to release this game as GPL. However - THE ORIGINAL AMIGA VERSION OF SUPER METHANE BROTHERS IS STILL A COMMERCIAL GAME IT'S LICENCE HAS NOT CHANGED. %package file lib64magic1 lib64magic1-devel lib64magic1-static-devel python-magic Update: Thu Mar 22 11:29:36 2007 Importance: security ID: MDKSA-2007:067 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:067 %pre Jean-Sebastien Guay-Leroux discovered an integer underflow in the file_printf() function in file prior to 4.20 that allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow. Updated packages have been patched to address this issue. %description The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. You should install the file package, since the file command is such a useful utility. %package squid squid-cachemgr Update: Thu Mar 22 12:10:46 2007 Importance: security ID: MDKSA-2007:068 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:068 %pre Due to an internal error Squid-2.6 is vulnerable to a denial of service attack when processing the TRACE request method. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service. Updated packages have been patched to address this issue. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change this value at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. %package inkscape Update: Thu Mar 22 15:43:27 2007 Importance: security ID: MDKSA-2007:069 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:069 %pre Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. Updated packages have been patched to address this issue. %description Inkscape is a SVG based generic vector-drawing program. Inkscape uses W3C SVG as its native file format. It is therefore a very useful tool for web designers and as an interchange format for desktop publishing. %package evolution evolution-devel evolution-mono evolution-pilot Update: Tue Mar 27 06:09:53 2007 Importance: security ID: MDKSA-2007:070 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:070 %pre A format string error in the "write_html()" function in calendar/gui/ e-cal-component-memo-preview.c when displaying a memo's categories can potentially be exploited to execute arbitrary code via a specially crafted shared memo containing format specifiers. Updated packages have been patched to address this issue. %description Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. %package kdelibs-common kdelibs-devel-doc lib64kdecore4 lib64kdecore4-devel Update: Thu Mar 29 12:02:52 2007 Importance: security ID: MDKSA-2007:072 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:072 %pre The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command. Updated packages have been patched to address this issue. %description Libraries for the K Desktop Environment. %package openoffice.org openoffice.org-devel openoffice.org-devel-doc openoffice.org-galleries openoffice.org-gnome openoffice.org-kde openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-mimelnk openoffice.org-mono openoffice.org-ooqstart Update: Thu Mar 29 13:17:20 2007 Importance: security ID: MDKSA-2007:073 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:073 %pre Stack-based buffer overflow in the StarCalc parser in OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary code via a crafted document. (CVE-2007-0238) OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document. (CVE-2007-0239) Updated packages have been patched to correct these issues. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package lib64designercore1 lib64editor1 lib64qassistantclient1 lib64qt3 lib64qt3-devel lib64qt3-mysql lib64qt3-odbc lib64qt3-psql lib64qt3-sqlite lib64qt3-static-devel qt3-common qt3-doc qt3-example qt3-tutorial Update: Tue Apr 03 16:34:09 2007 Importance: security ID: MDKSA-2007:074 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:074 %pre Andreas Nolden discover a bug in qt3, where the UTF8 decoder does not reject overlong sequences, which can cause "/../" injection or (in the case of konqueror) a "