%package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Tue Apr 10 10:26:02 2007 Importance: security ID: MDKSA-2007:077-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:077-1 %pre A vulnerability was found in the username handling of the MIT krb5 telnet daemon. A remote attacker that could access the telnet port of a target machine could login as root without requiring a password (CVE-2007-0956). Buffer overflows in the kadmin server daemon were discovered that could be exploited by a remote attacker able to access the KDC. Successful exploitation could allow for the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-0957). Finally, a double-free flaw was discovered in the GSSAPI library used by the kadmin server daemon, which could lead to a denial of service condition or the execution of arbitrary code with the privileges of the KDC or kadmin server processes (CVE-2007-1216). Updated packages have been patched to address this issue. Update: Packages for Mandriva Linux 2007.1 are now available. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package libfreetype6 libfreetype6-devel libfreetype6-static-devel Update: Tue Apr 10 12:51:26 2007 Importance: security ID: MDKSA-2007:081-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:081-1 %pre iDefense integer overflows in the way freetype handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code. Updated packages have been patched to correct this issue. Update: Packages for Mandriva Linux 2007.1 are now available. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package tightvnc tightvnc-doc tightvnc-server Update: Tue Apr 10 13:59:37 2007 Importance: security ID: MDKSA-2007:080-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:080-1 %pre Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability exists in the ProcXCMiscGetXIDList() function in the XC-MISC extension. This request is used to determine what resource IDs are available for use. This function contains two vulnerabilities, both result in memory corruption of either the stack or heap. The ALLOCATE_LOCAL() macro used by this function allocates memory on the stack using alloca() on systems where alloca() is present, or using the heap otherwise. The handler function takes a user provided value, multiplies it, and then passes it to the above macro. This results in both an integer overflow vulnerability, and an alloca() stack pointer shifting vulnerability. Both can be exploited to execute arbitrary code. (CVE-2007-1003) iDefense reported two integer overflows in the way X.org handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-1351, CVE-2007-1352) TightVNC uses some of the same code base as Xorg, and has the same vulnerable code. Updated packages are patched to address these issues. Update: Packages for Mandriva Linux 2007.1 are now available. %description VNC allows you to access to a remote graphical display through the network. The enhanced version of VNC, called TightVNC (grown from the VNC Tight Encoder project), is optimized to work over slow network connections such as low-speed modem links. While original VNC may be very slow when your connection is not fast enough, with TightVNC you can work remotely almost in real time in most environments. Besides bandwidth optimizations, TightVNC also includes many other improvements, optimizations and bugfixes over VNC. Note that TightVNC is free, cross-platform and compatible with the standard VNC. %package libqassistant1 libqt3support4 libqt4-devel libqtcore4 libqtdbus4 libqtdesigner1 libqtgui4 libqtnetwork4 libqtopengl4 libqtsql4 libqtsvg4 libqttest4 libqtuitools4 libqtxml4 qt4-accessibility-plugin-lib qt4-assistant qt4-codecs-plugin-lib qt4-common qt4-database-plugin-mysql-lib qt4-database-plugin-odbc-lib qt4-database-plugin-pgsql-lib qt4-database-plugin-sqlite-lib qt4-designer qt4-doc qt4-examples qt4-linguist qt4-qvfb qt4-tutorial Update: Tue Apr 10 17:54:02 2007 Importance: security ID: MDKSA-2007:075-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:075-1 %pre Update: Packages for Mandriva Linux 2007.1 are now available. %description Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt applications, as well as the README files for Qt. %package libx11-common libx11_6 libx11_6-devel libx11_6-static-devel libxfont1 libxfont1-devel libxfont1-static-devel x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xgl x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Wed Apr 11 10:02:46 2007 Importance: security ID: MDKSA-2007:079-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:079-1 %pre Local exploitation of a memory corruption vulnerability in the X.Org and XFree86 X server could allow an attacker to execute arbitrary code with privileges of the X server, typically root. The vulnerability exists in the ProcXCMiscGetXIDList() function in the XC-MISC extension. This request is used to determine what resource IDs are available for use. This function contains two vulnerabilities, both result in memory corruption of either the stack or heap. The ALLOCATE_LOCAL() macro used by this function allocates memory on the stack using alloca() on systems where alloca() is present, or using the heap otherwise. The handler function takes a user provided value, multiplies it, and then passes it to the above macro. This results in both an integer overflow vulnerability, and an alloca() stack pointer shifting vulnerability. Both can be exploited to execute arbitrary code. (CVE-2007-1003) iDefense reported two integer overflows in the way X.org handled various font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.org server. (CVE-2007-1351, CVE-2007-1352) Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in x.org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or information leak via crafted images with large or negative values that trigger a buffer overflow. (CVE-2007-1667) Updated packages are patched to address these issues. Update: Packages for Mandriva Linux 2007.1 are now available. %description X11 servers %package madwifi-source wpa_gui wpa_supplicant Update: Wed Apr 11 11:02:05 2007 Importance: security ID: MDKSA-2007:082 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:082 %pre The ath_rate_sample function in the ath_rate/sample/sample.c sample code in MadWifi before 0.9.3 allows remote attackers to cause a denial of service (failed KASSERT and system crash) by moving a connected system to a location with low signal strength, and possibly other vectors related to a race condition between interface enabling and packet transmission. (CVE-2005-4835) MadWifi, when Ad-Hoc mode is used, allows remote attackers to cause a denial of service (system crash) via unspecified vectors that lead to a kernel panic in the ieee80211_input function, related to packets coming from a malicious WinXP system. (CVE-2006-7177) MadWifi before 0.9.3 does not properly handle reception of an AUTH frame by an IBSS node, which allows remote attackers to cause a denial of service (system crash) via a certain AUTH frame. (CVE-2006-7178) ieee80211_input.c in MadWifi before 0.9.3 does not properly process Channel Switch Announcement Information Elements (CSA IEs), which allows remote attackers to cause a denial of service (loss of communication) via a Channel Switch Count less than or equal to one, triggering a channel change. (CVE-2006-7179) ieee80211_output.c in MadWifi before 0.9.3 sends unencrypted packets before WPA authentication succeeds, which allows remote attackers to obtain sensitive information (related to network structure), and possibly cause a denial of service (disrupted authentication) and conduct spoofing attacks. (CVE-2006-7180) Updated packages have been updated to 0.9.3 to correct this issue. Wpa_supplicant is built using madwifi-source and has been rebuilt using 0.9.3 source. %description wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and an example text-based frontend, wpa_cli, is included with wpa_supplicant. Supported WPA/IEEE 802.11i features: * WPA-PSK ("WPA-Personal") * WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise") * key management for CCMP, TKIP, WEP104, WEP40 * WPA and full IEEE 802.11i/RSN/WPA2 * RSN: PMKSA caching, pre-authentication See the project web site or the eap_testing.txt file for a complete list of supported EAP methods (IEEE 802.1X Supplicant), supported drivers and interoperability testing. %package apache-mod_perl apache-mod_perl-devel Update: Wed Apr 11 11:14:15 2007 Importance: security ID: MDKSA-2007:083 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:083 %pre PerlRun.pm in Apache mod_perl 1.30 and earlier, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI. Updated packages have been patched to correct this issue. %description apache-mod_perl incorporates a Perl interpreter into the apache web server, so that the Apache web server can directly execute Perl code. Mod_perl links the Perl runtime library into the apache web server and provides an object-oriented Perl interface for apache's C language API. The end result is a quicker CGI script turnaround process, since no external Perl interpreter has to be started. Install apache-mod_perl if you're installing the apache web server and you'd like for it to directly incorporate a Perl interpreter. You can build apache-mod_perl with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] debug Compile with debugging code (forces --with test) --with[out] test Initiate a Apache-Test run %package ipsec-tools libipsec0 libipsec0-devel Update: Mon Apr 16 13:05:55 2007 Importance: security ID: MDKSA-2007:084 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:084 %pre The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service (tunnel crash) via crafted DELTE and NOTIFY messages. Updated packages have been patched to correct this issue. %description This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.6 and above kernels. This package builds: - libipsec, a PFKeyV2 library - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon %package freeradius libfreeradius1 libfreeradius1-devel libfreeradius1-krb5 libfreeradius1-ldap libfreeradius1-mysql libfreeradius1-postgresql libfreeradius1-unixODBC Update: Mon Apr 16 13:12:20 2007 Importance: security ID: MDKSA-2007:085 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:085 %pre Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication request to be rejected but does not reclaim VALUE_PAIR data structures. Updated packages have been patched to correct this issue. %description The FreeRADIUS Server Project is a high-performance and highly configurable GPL'd RADIUS server. It is somewhat similar to the Livingston 2.0 RADIUS server, but has many more features, and is much more configurable. %package libphp5_common5 php-cgi php-cli php-devel php-fcgi php-filter php-gd php-mbstring php-openssl php-zlib Update: Wed Apr 18 21:04:07 2007 Importance: security ID: MDKSA-2007:090 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:090 %pre A heap-based buffer overflow vulnerability was found in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution (CVE-2007-1001). A DoS flaw was found in how PHP processed a deeply nested array. A remote attacker could cause the PHP intrerpreter to creash by submitting an input variable with a deeply nested array (CVE-2007-1285). The internal filter module in PHP in certain instances did not properly strip HTML tags, which allowed a remote attacker conduct cross-site scripting (XSS) attacks (CVE-2007-1454). A vulnerability in the way the mbstring extension set global variables was discovered where a script using the mb_parse_str() function to set global variables could be forced to to enable the register_globals configuration option, possibly resulting in global variable injection (CVE-2007-1583). A vulnerability in how PHP's mail() function processed header data was discovered. If a script sent mail using a subject header containing a string from an untrusted source, a remote attacker could send bulk email to unintended recipients (CVE-2007-1718). Updated packages have been patched to correct these issues. Also note that the default use of Suhosin helped to protect against some of these issues prior to patching. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package libsqlite0 libsqlite0-devel libsqlite0-static-devel sqlite-tools Update: Wed Apr 18 21:16:04 2007 Importance: security ID: MDKSA-2007:091 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:091 %pre A buffer overflow in sqlite could allow context-dependent attackers to execute arbitrary code via an empty value of the 'in' parameter. Updated packages have been patched to correct this issue. %description SQLite is a C library that implements an embeddable SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. The distribution comes with a standalone command-line access program (sqlite) that can be used to administer an SQLite database and which serves as an example of how to use the SQLite library. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Sat Apr 21 16:11:18 2007 Importance: bugfix ID: MDKA-2007:026 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:026 %pre The krb5 packages provided with Mandriva Linux 2007.1 had a compilation problem where the kerberos utilities were looking for modules in the wrong location. This update corrects the problem. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package libopenssl0.9.8 libopenssl0.9.8-devel libopenssl0.9.8-static-devel openssl Update: Tue Apr 24 15:03:09 2007 Importance: bugfix ID: MDKA-2007:028 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:028 %pre This update fixes a problem with OpenSSL and the 3des cipher. Among other problems, ssh would stop working when using this cipher with protocol 1. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). %package libecpg5 libecpg5-devel libpq5 libpq5-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Wed Apr 25 15:54:01 2007 Importance: security ID: MDKSA-2007:094 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:094 %pre A weakness in previous versions of PostgreSQL was found in the security definer functions in which an authenticated but otherwise unprivileged SQL user could use temporary objects to execute arbitrary code with the privileges of the security-definer function. IMPORTANT NOTICE FOR CORPORATE SERVER/DESKTOP 3.0 USERS: In addition, packages for Corporate Server/Desktop 3.0 have been updated to the latest PostgreSQL 7.4.17 which requires some attention when upgrading. To take advantage of the new version, and to ensure data coherency, we strongly recommend dumping the old databases, re-initializing the database, and then reloading the dumped data. This can be accomplished as root using: # service postgresql start # su - postgres $ pg_dumpall >/tmp/database.dump $ exit # service postgresql stop # mv /var/lib/pgsql /var/lib/pgsql.bk # urpmi.update -a && urpmi --auto-select # service postgresql start # service postgresql restart # su - postgres $ /usr/bin/psql -d template1 -f /tmp/database.dump $ exit Only Corporate Server/Desktop 3.0 requires the dump/reload steps; the other Mandriva Linux platforms do not require this step. Notice that the double-restart of the postgresql service is in fact required. Updated packages have been patched to correct this issue. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package squidGuard Update: Mon Apr 30 13:06:50 2007 Importance: bugfix ID: MDKA-2007:029-1 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:029-1 %pre A problem with the upgrade scripts in the squidGuard package would remove the contents of /usr/share/squidGuard-1.2.0 upon upgrade instead of retaining them. This update corrects those scripts so that directory is no longer removed. Update: Packages for other Mandriva Linux versions are now available. %description SquidGuard is a combined filter, redirector and access controller plugin for Squid. It is free, very flexible, extremely fast, easily installed, portable. SquidGuard can be used to - limit the web access for some users to a list of accepted/well known web servers and/or URLs only. - block access to some listed or blacklisted web servers and/or URLs for some users. - block access to URLs matching a list of regular expressions or words for some users. - enforce the use of domainnames/prohibit the use of IP address in URLs. - redirect blocked URLs to an "intelligent" CGI based info page. - redirect unregistered user to a registration form. - redirect popular downloads like Netscape, MSIE etc. to local copies. - redirect banners to an empty GIF. - have different access rules based on time of day, day of the week, date etc. - have different rules for different user groups. Neither squidGuard nor Squid can be used to - filter/censor/edit text inside documents - filter/censor/edit embeded scripting languages like JavaScript or VBscript inside HTML %package ktorrent libktorrent2.1.2 Update: Tue May 01 15:55:05 2007 Importance: security ID: MDKSA-2007:095 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:095 %pre A directory traversal vulnerability was found in KTorrent prior to 2.1.2, due to an incomplete fix for a prior directory traversal vulnerability that was corrected in version 2.1.2. Previously, KTorrent would only check for the string .., which could permit strings such as ../. Updated packages have been patched to correct this issue. %description KTorrent is a BitTorrent program for KDE. It's main features are: o Downloads torrent files o Upload speed capping, seeing that most people can't upload infinite amounts of data. o Internet searching using The Bittorrent website's search engine o UDP Trackers %package initscripts Update: Wed May 02 09:57:06 2007 Importance: bugfix ID: MDKA-2007:031 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:031 %pre The initscripts package would make the network initialization wait uselessly when there was no link on an interface. It would also display warnings in the IPv6 scripts. This package corrects both problems. %description The initscripts package contains the basic system scripts used to boot your Mandriva Linux system, change run levels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. %package xscreensaver xscreensaver-base xscreensaver-common xscreensaver-extrusion xscreensaver-gl Update: Wed May 02 15:45:51 2007 Importance: security ID: MDKSA-2007:097 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:097 %pre A problem with the way xscreensaver verifies user passwords was discovered by Alex Yamauchi. When a system is using remote authentication (i.e. LDAP) for logins, a local attacker able to cause a network outage on the system could cause xscreensaver to crash, which would unlock the screen. Updated packages have been patched to correct this issue. %description The xscreensaver package contains a variety of screensavers for your mind-numbing, ambition-eroding, time-wasting, hypnotized viewing pleasure. Install the xscreensaver package if you need screensavers for use with the X Window System. %package clamav clamav-db clamav-milter clamd clamdmon libclamav2 libclamav2-devel Update: Tue May 08 14:30:39 2007 Importance: security ID: MDKSA-2007:098 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:098 %pre iDefense discovered a stack-based overflow in ClamAV when processing negative values in .cab files. As well, multiple file descriptor leaks were also reported and fixed in chmunpack.c, pdf.c, and dblock.c. This update provides ClamAV 0.90.2 which corrects these problems and provides new functionality. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package libpython2.5 libpython2.5-devel python python-base python-docs tkinter Update: Tue May 08 14:37:21 2007 Importance: security ID: MDKSA-2007:099 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:099 %pre An off-by-one error was discovered in the PyLocale_strxfrm function in Python 2.4 and 2.5 that could allow context-dependent attackers the ability to read portions of memory via special manipulations that trigger a buffer over-read due to missing null termination. The updated packages have been patched to correct this issue. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package bind bind-devel bind-utils Update: Wed May 09 09:46:45 2007 Importance: security ID: MDKSA-2007:100 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:100 %pre A vulnerability in ISC BIND 9.4.0, when recursion is enabled, could allow a remote attacker to cause a denial of service (daemon exit) via a certain sequence of queries. BIND 9.4.1, which corrects this issue, is provided with this update. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package xinitrc Update: Wed May 09 09:54:55 2007 Importance: bugfix ID: MDKA-2007:032 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:032 %pre The xinitrc package did not have an appropriate Xresource change in order to show X applications in color. This update corrects the problem. %description The xinitrc package contains the xinitrc file, a script which is used to configure your X Window System session or to start a window manager. %package libxmlrpc0 libxmlrpc0-devel Update: Wed May 09 13:18:40 2007 Importance: bugfix ID: MDKA-2007:033 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:033 %pre The xmlrpc-epi package was using an old internal copy of the expat XML parser, which caused random crashes in second-life. The updated packages provided fix this by relying on the expat system library. %description xmlrpc-epi is an implementation of the xmlrpc protocol in C. It provides an easy to use API for developers to serialize RPC requests to and from XML. It does *not* include a transport layer, such as HTTP. The API is primarily based upon proprietary code written for internal usage at Epinions.com, and was later modified to incorporate concepts from the xmlrpc protocol. %package ktorrent libktorrent2.1.2 Update: Wed May 09 13:22:00 2007 Importance: bugfix ID: MDKA-2007:034 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:034 %pre Previous packages of KTorrent would corrupt files larger than 4GB during download on 32bit systems. This update corrects the problem. %description KTorrent is a BitTorrent program for KDE. It's main features are: o Downloads torrent files o Upload speed capping, seeing that most people can't upload infinite amounts of data. o Internet searching using The Bittorrent website's search engine o UDP Trackers %package vim-X11 vim-common vim-enhanced vim-minimal Update: Wed May 09 15:22:13 2007 Importance: security ID: MDKSA-2007:101 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:101 %pre A vulnerability in vim 7.0's modeline processing capabilities was discovered where a user with modelines enabled could open a text file containing a carefully crafted modeline, executing arbitrary commands as the user running vim. Updated packages have been patched to prevent this issue. %description VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. The vim-common package contains files which every VIM binary will need in order to run. %package kernel-2.6.17.14mdv kernel-doc-2.6.17.14mdv kernel-doc-latest kernel-enterprise-2.6.17.14mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.14mdv kernel-legacy-latest kernel-source-2.6.17.14mdv kernel-source-latest kernel-source-stripped-2.6.17.14mdv kernel-source-stripped-latest kernel-xen0-2.6.17.14mdv kernel-xen0-latest kernel-xenU-2.6.17.14mdv kernel-xenU-latest Update: Thu May 10 13:21:30 2007 Importance: bugfix ID: MDKA-2007:036 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:036 %pre This kernel fixes a bug in the USB sub-system that may cause system hangs while connecting or disconnecting USB devices. %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package libphp5_common5 php-cgi php-cli php-devel php-fcgi php-ftp php-openssl php-soap php-xmlrpc php-zlib Update: Thu May 10 16:21:28 2007 Importance: security ID: MDKSA-2007:102 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:102 %pre A heap buffer overflow flaw was found in the xmlrpc extension for PHP. A script that implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the apache user. This flaw does not, however, affect PHP applications using the pure-PHP XML_RPC class provided via PEAR (CVE-2007-1864). A flaw was found in the ftp extension for PHP. A script using this extension to provide access to a private FTP server and which passed untrusted script input directly to any function provided by this extension could allow a remote attacker to send arbitrary FTP commands to the server (CVE-2007-2509). A buffer overflow flaw was found in the soap extension for PHP in the handling of an HTTP redirect response when using the SOAP client provided by the extension with an untrusted SOAP server (CVE-2007-2510). A buffer overflow in the user_filter_factory_create() function has unknown impact and local attack vectors (CVE-2007-2511). Updated packages have been patched to prevent this issue. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package initscripts Update: Thu May 10 17:17:33 2007 Importance: bugfix ID: MDKA-2007:037 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:037 %pre The text message printed over the bootsplash image was always displayed in English during shutdown or reboot, never being translated using the system's locale settings. This update package resolves the problem. %description The initscripts package contains the basic system scripts used to boot your Mandriva Linux system, change run levels, and shut the system down cleanly. Initscripts also contains the scripts that activate and deactivate most network interfaces. %package mandriva-theme mandriva-theme-Discovery mandriva-theme-Discovery-screensaver mandriva-theme-Flash mandriva-theme-Flash-screensaver mandriva-theme-One mandriva-theme-One-screensaver mandriva-theme-Powerpack+ mandriva-theme-Powerpack+-screensaver mandriva-theme-Powerpack mandriva-theme-Powerpack-screensaver mandriva-theme-common mandriva-theme-screensaver Update: Thu May 10 18:07:22 2007 Importance: bugfix ID: MDKA-2007:038 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:038 %pre Some background images were not consistent with the final 2007 Spring theme. This update package fixes the Mandriva-1440x900 and Mandriva-Powerpack+-1280x800 background images. %description This package contains the Mandriva default bootsplash theme with its images and configuration for different resolution as well as the the desktop background image. %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Mon May 14 16:27:29 2007 Importance: security ID: MDKSA-2007:104 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104 %pre A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server (CVE-2007-2446). A remote authenticated user could trigger a flaw where unescaped user input parameters were being passed as arguments to /bin/sh (CVE-2007-2447). Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from name using the Samba local list of user and group accounts, a logic error in smbd's internal security stack could result in a transition to the root user id rather than the non-root user (CVE-2007-2444). Updated packages have been patched to prevent these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package gnome-panel libpanel-applet-2_0 libpanel-applet-2_0-devel Update: Mon May 14 20:43:14 2007 Importance: bugfix ID: MDKA-2007:039 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:039 %pre A race condition in rare cases could cause crashes in the GNOME panel when closing a Run Application dialog. These update packages fix the problem and includes other stability fixes and additional translations. %description GNOME (GNU Network Object Model Environment) is a user-friendly set of applications and desktop tools to be used in conjunction with a window manager for the X Window System. GNOME is similar in purpose and scope to CDE and KDE, but GNOME is based completely on free software. The GNOME panel packages provides the gnome panel, menus and some basic applets for the panel. %package gnome-utils libgdict1.0_5 libgdict1.0_5-devel Update: Wed May 16 10:46:12 2007 Importance: bugfix ID: MDKA-2007:040 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:040 %pre The gnome-system-log viewer could crash when parsing certain log files. The provided updated packages correct this problem. %description GNOME is the GNU Network Object Model Environment. This powerful environment is both easy to use and easy to configure. GNOME Utilities is a collection of small applications all there to make your day just that little bit brighter - System Log Viewer, Search Tool, Dictionary, Floppy Format. %package gnome-utils libgdict1.0_5 libgdict1.0_5-devel Update: Wed May 16 10:48:04 2007 Importance: bugfix ID: MDKA-2007:040 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:040 %pre The gnome-system-log viewer could crash when parsing certain log files. The provided updated packages correct this problem. %description GNOME is the GNU Network Object Model Environment. This powerful environment is both easy to use and easy to configure. GNOME Utilities is a collection of small applications all there to make your day just that little bit brighter - System Log Viewer, Search Tool, Dictionary, Floppy Format. %package fetchmail fetchmail-daemon fetchmailconf Update: Thu May 17 12:25:57 2007 Importance: security ID: MDKSA-2007:105 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:105 %pre The APOP functionality in fetchmail's POP3 client implementation was validating the APOP challenge too lightly, accepting random garbage as a POP3 server's APOP challenge, rather than insisting it conform to RFC-822 specifications. As a result of this flaw, it made man-in-the-middle attacks easier than necessary to retrieve the first few characters of the APOP secret, allowing them to potentially brute force the remaining characters easier than should be possible. Updated packages have been patched to prevent these issues, however it should be noted that the APOP MD5-based authentication scheme should no longer be considered secure. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package console-tools libconsole0 libconsole0-devel libconsole0-static-devel Update: Fri May 18 13:34:48 2007 Importance: bugfix ID: MDKA-2007:041 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:041 %pre A limitation on the setkeycodes utility in the console-tools package was found, where it wasn't possible to set a keycode greater than 128, making it impossible to use extra keys like multimedia keys on Logitech keyboards or extra keys on many laptops. The updated packages raise the limit of keycodes allowed, up to 240. %description This package contains utilities to load console fonts and keyboard maps. It also includes a number of different fonts and keyboard maps. %package evolution-data-server libcamel-provider10 libcamel10 libebook9 libecal7 libedata-book2 libedata-cal6 libedataserver9 libedataserver9-devel libedataserverui8 libegroupwise13 libexchange-storage3 Update: Sat May 19 19:35:54 2007 Importance: security ID: MDKSA-2007:107 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:107 %pre A weakness in the way Evolution processed certain APOP authentication requests was discovered. A remote attacker could potentially obtain certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. The updated packages have been patched to prevent this issue. %description Evolution Data Server provides a central location for your addressbook and calendar in the gnome desktop. %package desktop-common-data Update: Tue May 22 08:45:38 2007 Importance: bugfix ID: MDKA-2007:042 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:042 %pre The default directories were not created with the correct translated name for Chinese locales. As well, an error message was displayed on the terminal when calling the www-browser script. Both issues have been fixed with this updated package. %description This package contains useful icons, menu structure and others goodies for the Mandriva Linux desktop. %package drakstats Update: Tue May 22 09:26:39 2007 Importance: bugfix ID: MDKA-2007:043 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:043 %pre The drakstats program used to crash when sending statistics and when reporting error messages. This update package fixes these crash issues. %description Drakstats is a GUI frontend to rpmstats which retrieves statistics about installed rpm packages and give users the CHOICE to send it to a remote server for global package usage statistics. The final goal is to help us shape the future package choice of the upcoming releases of the distro. Drakstats is also a handy tool to optimize install based packages by helping the user remove unused software. %package rfbdrake Update: Tue May 22 09:27:53 2007 Importance: bugfix ID: MDKA-2007:044 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:044 %pre rfbdrake used to crash when displaying error messages. This update package fixes the issue. %description rfbdrake is a tool to setup a client/server remote framebuffer for virtual network computing. It use vncviewer backend at the client side and x0rfbserver for the server side. %package gimp gimp-python libgimp2.0-devel libgimp2.0_0 Update: Tue May 22 15:47:11 2007 Importance: security ID: MDKSA-2007:108 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:108 %pre Marsu discovered a stack overflow issue in the GIMP's RAS file loader. An attacker could create a carefully crafted file that would cause the GIMP to crash or potentially execute arbitrary code as the user opening the file. The updated packages have been patched to prevent this issue. %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with mmx Enable MMX code support (default disabled) --with sse Enable SSE code support (default disabled) --with lzw Enable LZW compression in GIF (default disabled) %package mozilla-thunderbird mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-es mozilla-thunderbird-es_AR mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv mozilla-thunderbird-tr mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Tue May 22 16:28:42 2007 Importance: normal ID: MDKA-2007:045 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:045 %pre Mandriva Linux 2007.1 shipped with a beta version of Mozilla Thunderbird, so this update provides the final Mozilla Thunderbird 2.0.0.0 release, with updated translations and Enigmail support. This update also adds support for Belarusian (be), Bulgarian (bg), Danish (da), British English (en-GB), Irish (ga-IE), Lithuanian (lt), Macedonian (mk), Norwegian Nynorsk (nn-NO), Portuguese Portugal (pt-PT), and Traditional Chinese (zh-TW). Finally, the language support for cs, nl, pt, sk, sl, and es_AR are currently disabled for Enigmail due to lack of upstream updates. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package arts libarts1 libarts1-devel Update: Wed May 23 10:13:35 2007 Importance: bugfix ID: MDKA-2007:046 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:046 %pre The esd output support was not built in the Mandriva Linux 2007.1 arts package, while it was enabled in previous Mandriva Linux releases. This update package re-enables esd output support in arts. %description aRts is a short form for "analog realtime synthesizer". The idea of the whole thing is to create/process sound using small modules which do certain tasks. These may be create a waveform (oscillators), play samples, filter data, add signals, perform effects like delay/flanger/chorus, or output the data to the soundcard. %package x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Wed May 23 11:19:44 2007 Importance: bugfix ID: MDKA-2007:048 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:048 %pre The x11 server would crash when setting a pixmap for the root window and later trying to restore the defaults. This update has been patched to correct the problem. %description X11 servers %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-usrlocal tetex-xdvi xmltex Update: Wed May 23 17:07:24 2007 Importance: security ID: MDKSA-2007:109 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:109 %pre Buffer overflow in the gdImageStringFTEx function in gdft.c in the GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded font. Tetex 3.x uses an embedded copy of the gd source and may also be affected by this issue (CVE-2007-0455). A buffer overflow in the open_sty function for makeindex in Tetex could allow user-assisted remote attackers to overwrite files and possibly execute arbitrary code via a long filename (CVE-2007-0650). The updated packages have been patched to prevent these issues. %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Wed May 23 19:39:54 2007 Importance: security ID: MDKSA-2007:104-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104-1 %pre A number of bugs were discovered in the NDR parsing support in Samba that is used to decode MS-RPC requests. A remote attacker could send a carefully crafted request that would cause a heap overflow, possibly leading to the ability to execute arbitrary code on the server (CVE-2007-2446). A remote authenticated user could trigger a flaw where unescaped user input parameters were being passed as arguments to /bin/sh (CVE-2007-2447). Finally, on Samba 3.0.23d and higher, when Samba translated SID to/from name using the Samba local list of user and group accounts, a logic error in smbd's internal security stack could result in a transition to the root user id rather than the non-root user (CVE-2007-2444). Update: The fix for CVE-2007-2444 broke the behaviour of force group when the forced group is a local Unix group for domain member servers. This update corrects that regression. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package shared-mime-info Update: Thu May 24 13:32:10 2007 Importance: bugfix ID: MDKA-2007:050 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:050 %pre A misconfiguration in the default application priorities was causing file-roller (an archive manager) to be used by default for ISO image files, instead of nautilus-cd-burner, for the GNOME desktop environment. This bug has been fixed with an updated shared-mime-info package, which also contains additional file types. %description This is the freedesktop.org shared MIME info database. Many programs and desktops use the MIME system to represent the types of files. Frequently, it is necessary to work out the correct MIME type for a file. This is generally done by examining the file's name or contents, and looking up the correct MIME type in a database. For interoperability, it is useful for different programs to use the same database so that different programs agree on the type of a file, and new rules for determining the type apply to all programs. This specification attempts to unify the type-guessing systems currently in use by GNOME, KDE and ROX. Only the name-to-type and contents-to-type mappings are covered by this spec; other MIME type information, such as the default handler for a particular type, or the icon to use to display it in a file manager, are not covered since these are a matter of style. In addition, freedesktop.org provides a shared database in this format to avoid inconsistencies between desktops. This database has been created by converting the existing KDE and GNOME databases to the new format and merging them together. %package gnome-media libcddb-slave2_0 libcddb-slave2_0-devel Update: Thu May 24 13:33:04 2007 Importance: bugfix ID: MDKA-2007:051 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:051 %pre A window modality bug was preventing audio profile editing from Sound-juicer or Rhythmbox applications. This bug is fixed with the updated gnome-media package. %description GNOME (GNU Network Object Model Environment) is a user-friendly set of applications and desktop tools to be used in conjunction with a window manager for the X Window System. GNOME is similar in purpose and scope to CDE and KDE, but GNOME (as KDE) is based completely on Open Source software. GNOME's powerful environment is pleasing on the eye, easy to configure and use. This package will install such media features as the GNOME CD player. %package x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Thu May 24 18:47:24 2007 Importance: bugfix ID: MDKA-2007:048-1 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:048-1 %pre The x11 server would crash when setting a pixmap for the root window and later trying to restore the defaults. This update has been patched to correct the problem. Update: An error in packaging caused an incorrect conflict with the updated x11-server packages and the compiz package. New packages are available that resolve this conflict, and we apologize for any inconvenience this may have caused. %description X11 servers %package libtotem-plparser1 libtotem-plparser1-devel libxine1 libxine1-devel totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer xine-aa xine-arts xine-caca xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-jack xine-plugins xine-pulse xine-sdl xine-smb Update: Mon Jun 04 10:47:57 2007 Importance: bugfix ID: MDKA-2007:053 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:053 %pre Bugs in xine-lib and totem were preventing the totem browser plugin from playing some multimedia files from within a web browser. This issue is fixed, as well as some media file support in the browser plugin and other issues in the standard media player. %description xine is a free gpl-licensed video player for unix-like systems. %package php-pear Update: Mon Jun 04 12:46:05 2007 Importance: security ID: MDKSA-2007:110 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:110 %pre A security hole was discovered in all versions of the PEAR Installer (http://pear.php.net/PEAR). The security hole is the most serious hole found to date in the PEAR Installer, and would allow a malicious package to install files anywhere in the filesystem. The vulnerability only affects users who are installing an intentionally created package with a malicious intent. Because the package is easily traced to its source, this is most likely to happen if a hacker were to compromise a PEAR channel server and alter a package to install a backdoor. In other words, it must be combined with other exploits to be a problem. Updated packages have been patched to prevent this issue. %description PEAR is short for "PHP Extension and Application Repository" and is pronounced just like the fruit. The purpose of PEAR is to provide: * A structured library of open-sourced code for PHP users * A system for code distribution and package maintenance * A standard style for code written in PHP, specified here * The PHP Foundation Classes (PFC), see more below * The PHP Extension Code Library (PECL), see more below * A web site, mailing lists and download mirrors to support the PHP/PEAR community %package losetup mount util-linux Update: Mon Jun 04 12:54:55 2007 Importance: security ID: MDKSA-2007:111 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:111 %pre login in util-linux-2.12a (and later versions) skips pam_acct_mgmt and chauth_tok when authentication is skipped, such as when a Kerberos krlogin session has been established, which might allow users to bypass intended access policies that would be enforced by pam_acct_mgmt and chauth_tok. Updated packages have been patched to address this issue. %description The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. %package libdha1.0 mencoder mplayer mplayer-doc mplayer-gui Update: Mon Jun 04 13:06:20 2007 Importance: security ID: MDKSA-2007:112 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:112 %pre Buffer overflow in the asmrp_eval function for the Real Media input plugin allows remote attackers to cause a denial of service and possibly execute arbitrary code via a rulebook with a large number of rulematches. Updated packages have been patched to correct this issue. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/codecs %package mutt mutt-utf8 Update: Mon Jun 04 13:48:20 2007 Importance: security ID: MDKSA-2007:113 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:113 %pre A flaw in the way mutt processed certain APOP authentication requests was discovered. By sending certain responses when mutt attempted to authenticate again an APOP server, a remote attacker could possibly obtain certain portions of the user's authentication credentials (CVE-2007-1558). A flaw in how mutt handled certain characters in gecos fields could lead to a buffer overflow. A local user able to give themselves a carefully crafted Real Name could potentially execute arbitrary code if a victim used mutt to expand the attacker's alias (CVE-2007-2683). Updated packages have been patched to address these issues. %description Mutt is a text mode mail user agent. Mutt supports color, threading, arbitrary key remapping, and a lot of customization. You should install mutt if you've used mutt in the past and you prefer it, or if you're new to mail programs and you haven't decided which one you're going to use. %package clamav clamav-db clamav-milter clamd clamdmon libclamav2 libclamav2-devel Update: Mon Jun 04 16:01:57 2007 Importance: security ID: MDKSA-2007:115 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:115 %pre A vulnerability in the OLE2 parser in ClamAV was found that could allow a remote attacker to cause a denial of service via resource consumption with a carefully crafted OLE2 file. Other vulnerabilities and bugs have also been corrected in 0.90.3 which is being provided with this update. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package file libmagic1 libmagic1-devel libmagic1-static-devel python-magic Update: Tue Jun 05 14:07:05 2007 Importance: security ID: MDKSA-2007:114 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:114 %pre The update to correct CVE-2007-1536 (MDKSA-2007:067), a buffer overflow in the file_printf() function, introduced a new integer overflow as reported by Colin Percival. This flaw, if an atacker could trick a user into running file on a specially crafted file, could possibly lead to the execution of arbitrary code with the privileges of the user running file (CVE-2007-2799). As well, in file 4.20, flawed regular expressions to identify OS/2 REXX files could lead to a denial of service via CPU consumption (CVE-2007-2026). The updated packages have been patched to correct these issues. %description The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file types, including ELF binaries, system libraries, RPM packages, and different graphics formats. You should install the file package, since the file command is such a useful utility. %package libpng3 libpng3-devel libpng3-static-devel Update: Tue Jun 05 14:07:52 2007 Importance: security ID: MDKSA-2007:116 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:116 %pre A flaw how libpng handled malformed images was discovered. An attacker able to create a carefully crafted PNG image could cause an application linked with libpng to crash when the file was manipulated. The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package lha Update: Tue Jun 05 20:18:35 2007 Importance: security ID: MDKSA-2007:117 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:117 %pre lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. Updated packages have been patched to prevent this issue. %description LhA is an archiving and compression utility for LHarc format archive. LhA is mostly used in the Amiga and in the DOS world, but can be used under Linux to extract files from .lha and .lzh archives. Install the LhA package if you need to extract files from .lha or .lzh Amiga or DOS archives, or if you have to build LhA archives to be read on the Amiga or DOS. %package libexif12 libexif12-devel Update: Fri Jun 08 12:16:42 2007 Importance: security ID: MDKSA-2007:118 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:118 %pre Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data. Updated packages have been patched to prevent this issue. %description Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. %package libfreetype6 libfreetype6-devel libfreetype6-static-devel Update: Wed Jun 13 16:18:12 2007 Importance: security ID: MDKSA-2007:121 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:121 %pre An integer overflow vulnerability was discovered in the way the FreeType font engine processed TTF files. If a user were to load a special font file with a program linked against freetype, it could cause the application to crash or possibly execute arbitrary code as the user running the program. The updated packages have been patched to prevent this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package gd-utils libgd2 libgd2-devel libgd2-static-devel Update: Wed Jun 13 16:41:03 2007 Importance: security ID: MDKSA-2007:122 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:122 %pre A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. The updated packages have been patched to prevent this issue. %description gd is a graphics library. It allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and write out the result as a PNG or JPEG file. This is particularly useful in World Wide Webapplications, where PNG and JPEG are two of the formats accepted for inlineimages by most browsers. gd is not a paint program. If you are looking for a paint program, you are looking in the wrong place. If you are not a programmer, you are looking in the wrong place. gd does not provide for every possible desirable graphics operation. It is not necessary or desirable for gd to become a kitchen-sink graphics package, but version 1.7.3 incorporates most of the commonly requested features for an 8-bit 2D package. %package libwmf libwmf0.2_7 libwmf0.2_7-devel Update: Wed Jun 13 16:49:53 2007 Importance: security ID: MDKSA-2007:123 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:123 %pre A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Libwmf uses an embedded copy of the gd source and may also be affected by this issue. The updated packages have been patched to prevent this issue. %description libwmf is a library for unix like machines that can convert wmf files into other formats, currently it supports a gd binding to convert to gif, and an X one to draw direct to an X window or pixmap. %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-usrlocal tetex-xdvi xmltex Update: Wed Jun 13 17:29:01 2007 Importance: security ID: MDKSA-2007:124 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:124 %pre A flaw in libgd2 was found by Xavier Roche where it would not correctly validate PNG callback results. If an application linked against libgd2 was tricked into processing a specially-crafted PNG file, it could cause a denial of service scenario via CPU resource consumption. Tetex uses an embedded copy of the gd source and may also be affected by this issue. The updated packages have been patched to prevent this issue. %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package dkms dkms-minimal Update: Thu Jun 14 10:26:12 2007 Importance: bugfix ID: MDKA-2007:054 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:054 %pre The dkms packages that shipped with Mandriva Linux 2007.0 and 2007.1 did not work with kernel versions of 2.6.21 and higer due to the use of an obsolete Makefile target. The updated packages fix this limitation. %description This package contains the framework for the Dynamic Kernel Module Support (DKMS) method for installing module RPMS as originally developed by the Dell Computer Corporation. This package is intended for building binary kernel modules with dkms source packages installed %package pidentd Update: Thu Jun 14 11:10:17 2007 Importance: bugfix ID: MDKA-2007:056 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:056 %pre The pidentd package had incorrect requirements that prevented it from being installed. This update corrects the problem. %description The pidentd package contains identd, which implements the RFC1413 identification server. Identd looks up specific TCP/IP connections and returns either the user name or other information about the process that owns the connection. %package gnome-games Update: Thu Jun 14 11:10:47 2007 Importance: bugfix ID: MDKA-2007:055 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:055 %pre A packaging error was disabling the high score support in various games shipped in the gnome-games package. This issue is fixed, as well as several other bugs and translation additions. %description The gnome-games package includes games for the GNOME GUI desktop environment. They include: AisleRiot A compilation of seventy different solitaire card games. Ataxx Disk-flipping game where players try and control most disks. Blackjack The famous casino card game without any need to pay. Four-in-a-row Players tries to make a line of four disks. (Connect Four) Gnometris Tetris clone. Iagno GNOME version of the popular Othello (R) chess. Klotski A series of sliding block puzzles. Lines Move balls around the grid to form lines of the same colour to make them disappear, while more balls keep dropping in. Mahjongg Remove tiles in matching pairs from a pile to dismantle it. Mines The popular logic puzzle minesweeper. Nibbles Pilot a worm around a maze trying to collect diamonds. Robots Classic BSD robots game, avoiding robots approaching you. Same GNOME In a grid of stones of different colors, try remove stones where two or more of the same colour touch each other. Tali Poker-like dice game without money, similar to Yahtzee. Tetravex A puzzle where you match tiles edges together. GLChess Chess with a 3D board. %package xinitrc Update: Thu Jun 14 11:19:57 2007 Importance: bugfix ID: MDKA-2007:057 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:057 %pre The xdm scripts from the xinitrc package were not calling the sessreg utility, which is responsible for recording user logins on wtmp, correctly. This would prevent logins being registered when in graphical mode. This update corrects the problem. %description The xinitrc package contains the xinitrc file, a script which is used to configure your X Window System session or to start a window manager. [ 1 -eq 1 ] || exit 0 [ 1 -eq 1 ] || exit 0 [ 1 -eq 1 ] || exit 0 %package perl-Mail-SpamAssassin spamassassin spamassassin-spamc spamassassin-spamd spamassassin-tools Update: Thu Jun 14 11:21:02 2007 Importance: security ID: MDKSA-2007:125 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:125 %pre SpamAssassin 3.1.x, when running as root with unusual configuration options using vpopmail or virtual users, could allow local users to cause a denial of service (via corrupting arbitrary files) using a symlink attack on a file used by spamd. SpamAssassin 3.1.9, which corrects this flaw, is provided with this update. %description SpamAssassin provides you with a way to reduce if not completely eliminate Unsolicited Commercial Email (SPAM) from your incoming email. It can be invoked by a MDA such as sendmail or postfix, or can be called from a procmail script, .forward file, etc. It uses a genetic-algorithm evolved scoring system to identify messages which look spammy, then adds headers to the message so they can be filtered by the user's mail reading software. This distribution includes the spamd/spamc components which create a server that considerably speeds processing of mail. SpamAssassin also includes support for reporting spam messages automatically, and/or manually, to collaborative filtering databases such as Vipul's Razor, DCC or pyzor. Install perl-Razor-Agent package to get Vipul's Razor support. Install dcc package to get Distributed Checksum Clearinghouse (DCC) support. Install pyzor package to get Pyzor support. Install perl-Mail-SPF-Query package to get SPF support. To enable spamassassin, if you are receiving mail locally, simply add this line to your ~/.procmailrc: INCLUDERC=/etc/mail/spamassassin/spamassassin-default.rc To filter spam for all users, add that line to /etc/procmailrc (creating if necessary). %package digikam digikam-doc libdigikam0 libdigikam0-devel Update: Thu Jun 14 12:07:29 2007 Importance: bugfix ID: MDKA-2007:058 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:058 %pre The digikam package was released without the documentation package. As well, French localization for the Pictures directory was missing. This update corrects those problems. %description Digikam is a fine KDE interface for gphoto2. Designed to be a standalone application to preview and download images from a digital camera on a linux machine. %package ia_ora-gnome libia_ora-gnome Update: Thu Jun 14 12:38:29 2007 Importance: bugfix ID: MDKA-2007:059 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:059 %pre A bug in the ia_ora GTK engine would cause misrendering of some progress bars. This update package corrects the issue. %description Mandriva Ia Ora GNOME theme %package gnome-vfs2 libgnome-vfs2_0 libgnome-vfs2_0-devel Update: Thu Jun 14 12:54:54 2007 Importance: bugfix ID: MDKA-2007:060 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:060 %pre Unionfs filesystems were not being recognized as supporting trash for GNOME applications. This was preventing the Flash-based product to have a fully functional trash under the GNOME desktop environment. This update fixes the bug and improves performance for XFS filesystem users as well. %description The GNOME Virtual File System provides an abstraction to common file system operations like reading, writing and copying files, listing directories and so on. It is similar in spirit to the Midnight Commander's VFS (as it uses a similar URI scheme) but it is designed from the ground up to be extensible and to be usable from any application. %package evolution evolution-data-server evolution-devel evolution-exchange evolution-mono evolution-pilot gtkhtml-3.14 libcamel-provider10 libcamel10 libebook9 libecal7 libedata-book2 libedata-cal6 libedataserver9 libedataserver9-devel libedataserverui8 libegroupwise13 libexchange-storage3 libgtkhtml-3.14_19 libgtkhtml-3.14_19-devel Update: Thu Jun 14 14:15:36 2007 Importance: bugfix ID: MDKA-2007:061 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:061 %pre Unionfs filesystems were not being recognized as supporting trash for GNOME applications. This was preventing the Flash-based product to have a fully functional trash under the GNOME desktop environment. This update fixes the bug and improves performance for XFS filesystem users as well. %description GtkHTML is a HTML rendering/editing library. GtkHTML is not designed to be the ultimate HTML browser/editor: instead, it is designed to be easily embedded into applications that require lightweight HTML functionality. GtkHTML was originally based on KDE's KHTMLW widget, but is now developed independently of it. The most important difference between KHTMLW and GtkHTML, besides being GTK-based, is that GtkHTML is also an editor. Thanks to the Bonobo editor component that comes with the library, it's extremely simple to add HTML editing to an existing application. %package deskbar-applet devhelp devhelp-plugins eclipse-ecj eclipse-jdt eclipse-jdt-sdk eclipse-pde eclipse-pde-runtime eclipse-pde-sdk eclipse-platform eclipse-platform-sdk eclipse-rcp eclipse-rcp-sdk eclipse-sdk epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox2.0.0.4 libmozilla-firefox2.0.0.4-devel libswt3-gtk2 libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Fri Jun 15 12:52:43 2007 Importance: security ID: MDKSA-2007:126 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:126 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4. This update provides the latest Firefox to correct these issues. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk_UA mozilla-firefox-zh_CN mozilla-firefox-zh_TW Update: Sat Jun 16 14:07:59 2007 Importance: security ID: MDKSA-2007:126 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:126 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.4. This update provides the latest Firefox to correct these issues. Update: The l10n language packages have now been updated and are available. %description Localizations for Firefox %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-mod_userdir apache-modules apache-mpm-event apache-mpm-itk apache-mpm-prefork apache-mpm-worker apache-source Update: Tue Jun 19 14:49:57 2007 Importance: security ID: MDKSA-2007:127 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:127 %pre The recall_headers function in mod_mem_cache in Apache 2.2.4 does not properly copy all levels of header data, which can cause Apache to return HTTP headers containing previously-used data, which could be used to obtain potentially sensitive information by unauthorized users. Updated packages have been patched to prevent this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) %package libexif12 libexif12-devel Update: Tue Jun 19 15:16:20 2007 Importance: security ID: MDKSA-2007:128 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:128 %pre Another integer overflow was found in the way libexif parses EXIF image tags. An individual who opened a carefully-crafted EXIF image file could cause the application linked against libexif to crash or possibly execute arbitrary code. Updated packages have been patched to prevent this issue. %description Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. %package jasper libjasper1.701_1 libjasper1.701_1-devel libjasper1.701_1-static-devel Update: Tue Jun 19 16:39:51 2007 Importance: security ID: MDKSA-2007:129 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:129 %pre A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files. Updated packages have been patched to prevent this issue. %description JasPer is a software-based implementation of the codec specified in the emerging JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1). This package contains tools for working with JPEG-2000 images. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_clamav proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Wed Jun 20 16:39:53 2007 Importance: security ID: MDKSA-2007:130 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:130 %pre The Auth API in ProFTPD, when multiple simultaneous authentication modules are configured, did not require that the module that checks authentication is the same module that retrieves authentication data, which could possibly be used to allow remote attackers to bypass authentication. The updated packages have been patched to prevent this issue. As well, this update provides proper PAM configuration files for ProFTPD on Corporate Server 4 that had prevented any mod_auth_pam-based connections from succeeding authentication. As well, ProFTPD 1.3.0 is being provided for Corporate 3 and Corporate Server 4. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package park-rpmdrake rpmdrake Update: Wed Jun 20 16:52:39 2007 Importance: bugfix ID: MDKA-2007:062 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:062 %pre The rpmdrake package, which provides the graphical software installation and update tools rpmdrake, drakrpm-edit-media and MandrivaUpdate), included with Mandriva Linux 2007 Spring contains several bugs. These include: When installing software with rpmdrake, if packages are selected for installation which require other packages to be installed as well, a message will be displayed that says To satisfy dependencies, the following packages also need to be installed:, but no list of dependencies will actually be shown. When installing software with rpmdrake, searching for a package always searches through the full set of available packages even when a search filter - such as All updates or Mandriva choices - is selected. When installing software with rpmdrake, when you switch between two subsections with the same name - for instance, System/Settings/Other and Development/Other - the list of packages is not updated; in the example, the packages from the System/Settings/Other group will continue to be displayed, instead of the packages from Development/Other. Running rpmdrake with the --merge-all-rpmnew parameter, which uses rpmdrake to help you merge changes in updated configuration files, does not work. When updating your system with MandrivaUpdate, when a package name cannot be correctly parsed, the name of the previous package in the list will be displayed again instead. When installing software with rpmdrake, the application will crash if a package with a malformed summary in the Unicode text encoding system was selected. Some other, more minor bugs were also fixed in this update. %description rpmdrake is a simple graphical frontend to manage software packages on a Mandriva Linux system; it has 3 different modes: - software packages installation; - software packages removal; - MandrivaUpdate (software packages updates). A fourth program manages the media (add, remove, edit). %package mozilla-thunderbird mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-es mozilla-thunderbird-es_AR mozilla-thunderbird-et mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv mozilla-thunderbird-tr mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Wed Jun 20 16:54:58 2007 Importance: security ID: MDKSA-2007:131 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:131 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.4. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package mdkonline Update: Wed Jun 20 17:56:38 2007 Importance: bugfix ID: MDKA-2007:063 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:063 %pre The Mdkonline applet, mdkapplet, wrongly logged passwords for authenticated media via syslog. This update fixes the issue. %description The Mandriva Online tool is designed for registered users who want to upload their configuration (packages, hardware infos). This allows them to be kept informed about security updates, hardware support/enhancements and other high value services. The package include : * Wizard for users registration and configuration uploads, * Update daemon which allows you to install security updates automatically, * A KDE/Gnome/IceWM compliant applet for security updates notification and installation. %package madwifi-source wpa_gui wpa_supplicant Update: Thu Jun 21 10:02:08 2007 Importance: security ID: MDKSA-2007:132 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:132 %pre The 802.11 network stack in MadWifi prior to 0.9.3.1 would alloa remote attackers to cause a denial of service (system hang) via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference (CVE-2007-2829). The ath_beacon_config function in MadWifi prior to 0.9.3.1 would allow a remote attacker to cause a denial of service (system crash) via crafted beacon interval information when scanning for access points, which triggered a divide-by-zero error (CVE-2007-2830). An array index error in MadWifi prior to 0.9.3.1 would allow a local user to cause a denial of service (system crash) and possibly obtain kerenl memory contents, as well as possibly allowing for the execution of arbitrary code via a large negative array index value (CVE-2007-2831). Updated packages have been updated to 0.9.3.1 to correct these issues. Wpa_supplicant is built using madwifi-source and has been rebuilt using 0.9.3.1 source. %description wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and an example text-based frontend, wpa_cli, is included with wpa_supplicant. Supported WPA/IEEE 802.11i features: * WPA-PSK ("WPA-Personal") * WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise") * key management for CCMP, TKIP, WEP104, WEP40 * WPA and full IEEE 802.11i/RSN/WPA2 * RSN: PMKSA caching, pre-authentication See the project web site or the eap_testing.txt file for a complete list of supported EAP methods (IEEE 802.1X Supplicant), supported drivers and interoperability testing. %package k3b k3b-dvd libk3b2 libk3b2-devel Update: Thu Jun 21 12:01:08 2007 Importance: bugfix ID: MDKA-2007:064 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:064 %pre The k3b packages shipped with Mandriva Linux 2007.1 were unable to locate the sox binary despite it being installed and available. This update fixes this issue. %description K3b is CD-writing software which intends to be feature-rich and provide an easily usable interface. Features include burning audio CDs from .WAV and .MP3 audio files, configuring external programs and configuring devices. %package emacs emacs-X11 emacs-doc emacs-el emacs-leim emacs-nox Update: Thu Jun 21 13:15:51 2007 Importance: security ID: MDKSA-2007:133 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:133 %pre A vulnerability in emacs was discovered where it would crash when processing certain types of images. Updated packages have been patched to prevent this issue. %description Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news and more without leaving the editor. This package includes the libraries you need to run the Emacs editor, so you need to install this package if you intend to use Emacs. You also need to install the actual Emacs program package (emacs-nox or emacs-X11). Install emacs-nox if you are not going to use the X Window System; install emacs-X11 if you will be using X. %package xfsdump Update: Thu Jun 21 14:55:45 2007 Importance: security ID: MDKSA-2007:134 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:134 %pre xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. Updated packages have been patched to prevent this issue. %description The xfsdump package contains xfsdump, xfsrestore and a number of other utilities for administering XFS filesystems. xfsdump examines files in a filesystem, determines which need to be backed up, and copies those files to a specified disk, tape or other storage medium. It uses XFS-specific directives for optimizing the dump of an XFS filesystem, and also knows how to backup XFS extended attributes. Backups created with xfsdump are "endian safe" and can thus be transfered between Linux machines of different architectures and also between IRIX machines. xfsrestore performs the inverse function of xfsdump; it can restore a full backup of a filesystem. Subsequent incremental backups can then be layered on top of the full backup. Single files and directory subtrees may be restored from full or partial backups. %package webmin Update: Fri Jun 22 14:35:08 2007 Importance: security ID: MDKSA-2007:135 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:135 %pre Multiple cross-site scripting (XSS) vulnerabilities were discovered in pam_login.cgi in webmin prior to version 1.350, which could allow a remote attacker to inject arbitrary web script or HTML. Updated packages have been patched to prevent this issue. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package mgetty mgetty-contrib mgetty-sendfax mgetty-viewfax mgetty-voice Update: Mon Jun 25 12:53:57 2007 Importance: bugfix ID: MDKA-2007:065 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:065 %pre The /usr/bin/faxspool script in the mgetty-sendfax package, which can be used to convert files of various types into a format suitable for faxing, attempted to use the 'giftoppm' program to convert .gif files. This is a very old program which does not exist in Mandriva Linux. This update corrects the script to call the 'giftopnm' program instead; this is a more recent program of the same type that exists in Mandriva Linux. This will allow the script to convert .gif images correctly. %description The mgetty package contains a "smart" getty which allows logins over a serial line (i.e., through a modem). If you're using a Class 2 or 2.0 modem, mgetty can receive faxes. If you also need to send faxes, you'll need to install the sendfax program. If you'll be dialing in to your system using a modem, you should install the mgetty package. If you'd like to send faxes using mgetty and your modem, you'll need to install the mgetty-sendfax program. If you need a viewer for faxes, you'll also need to install the mgetty-viewfax package. %package rsh rsh-server Update: Mon Jun 25 15:04:42 2007 Importance: bugfix ID: MDKA-2007:067 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:067 %pre The rsh-server package contained incorrect PAM (authentication) configuration files that prevented clients from being able to access the server. The updated package contains corrected versions of these configuration files and allows correct access to the server. %description The rsh package contains a set of programs which allow users to run commmands on remote machines, login to other machines and copy files between machines (rsh, rlogin and rcp). All three of these commands use rhosts style authentication. This package contains the clients needed for all of these services. The rsh package should be installed to enable remote access to other machines. %package e2fsprogs libext2fs2 libext2fs2-devel Update: Mon Jun 25 15:28:06 2007 Importance: bugfix ID: MDKA-2007:068 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:068 %pre The libblkid library contained in the libext2fs2 package contains a serious memory leak which can cause machines being used as NFS servers to rapidly consume system memory. This update fixes the memory leak. %description The e2fsprogs package contains a number of utilities for creating, checking, modifying and correcting any inconsistencies in second extended (ext2) filesystems. E2fsprogs contains e2fsck (used to repair filesystem inconsistencies after an unclean shutdown), mke2fs (used to initialize a partition to contain an empty ext2 filesystem), debugfs (used to examine the internal structure of a filesystem, to manually repair a corrupted filesystem or to create test cases for e2fsck), tune2fs (used to modify filesystem parameters) and most of the other core ext2fs filesystem utilities. You should install the e2fsprogs package if you need to manage the performance of an ext2 filesystem. %package evolution-data-server libcamel-provider10 libcamel10 libebook9 libecal7 libedata-book2 libedata-cal6 libedataserver9 libedataserver9-devel libedataserverui8 libegroupwise13 libexchange-storage3 Update: Tue Jun 26 13:23:59 2007 Importance: security ID: MDKSA-2007:136 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:136 %pre A flaw in Evolution/evolution-data-server was found in how Evolution would process certain IMAP server messages. If a user were tricked into connecting to a malicious IMAP server, it was possible that arbitrary code could be executed with the privileges of the user using Evolution. Updated packages have been patched to prevent this issue. %description Evolution Data Server provides a central location for your addressbook and calendar in the gnome desktop. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Tue Jun 26 18:28:57 2007 Importance: security ID: MDKSA-2007:137 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:137 %pre David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code (CVE-2007-2442). David Coffey also discovered an overflow flaw in the same RPC library. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code (CVE-2007-2443). Finally, a stack buffer overflow vulnerability was found in kadmind that allowed an unauthenticated user able to access kadmind the ability to trigger the vulnerability and possibly execute arbitrary code (CVE-2007-2798). Updated packages have been patched to prevent this issue. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package hal-info Update: Wed Jun 27 09:21:52 2007 Importance: bugfix ID: MDKA-2007:070 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:070 %pre This update packages fix suspend to disk on the Elonex M5A laptop. %description hal-info contains device information for HAL. %package libusb0.1_4 libusb0.1_4-devel libusb0.1_4-static-devel Update: Wed Jun 27 11:53:53 2007 Importance: bugfix ID: MDKA-2007:071 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:071 %pre The libusb0.1_4-devel package was built with incorrect Provides, which prevented several other packages, such as libmtp5-devel from installing due to packaging errors. The updated package fixes this problem and includes the necessary Provides to ensure that these packages can be installed without problems. %description Libusb is a library which allows userspace access to USB devices %package libnss3 libnss3-devel libnss3-static-devel nss Update: Thu Jun 28 11:30:35 2007 Importance: bugfix ID: MDKA-2007:072 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:072 %pre These updated packages add the CaCert root certificate to the authorities list. %description Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. For detailed information on standards supported, see http://www.mozilla.org/projects/security/pki/nss/overview.html. %package gtk+2.0 libgdk_pixbuf2.0_0 libgdk_pixbuf2.0_0-devel libgtk+-x11-2.0_0 libgtk+2.0_0 libgtk+2.0_0-devel Update: Thu Jun 28 13:18:14 2007 Importance: bugfix ID: MDKA-2007:073 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:073 %pre With some window managers (such as IceWM or matchbox), or when using no window manager, the GTK file chooser was resizing infinitely. This bug notably occurred in the save dialog of Mozilla Firefox. This update package fixes the issue. %description The gtk+ package contains the GIMP ToolKit (GTK+), a library for creating graphical user interfaces for the X Window System. GTK+ was originally written for the GIMP (GNU Image Manipulation Program) image processing program, but is now used by several other programs as well. If you are planning on using the GIMP or another program that uses GTK+, you'll need to have the gtk+ package installed. %package libopenal0 libopenal0-devel Update: Mon Jul 02 12:55:52 2007 Importance: bugfix ID: MDKA-2007:075 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:075 %pre The openal devel package used invalid requirements in its pkgconfig file, making some basic pkgconfig commands fail (such as pkg-config --exists openal). This update package fixes the issue. %description OpenAL is a free 3D-audio library, with a programming interface similar to that of OpenGL. %package rdesktop Update: Tue Jul 03 10:10:29 2007 Importance: bugfix ID: MDKA-2007:076 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:076 %pre A problem in rdesktop version 1.5.0 was discovered by upstream developers, which would crash it when used on a 16 bits display with a windows 2003 server system. The updated packages have been patched to correct this. %description rdesktop is an open source client for Windows NT Terminal Server and Windows 2000 Terminal Services, capable of natively speaking Remote Desktop Protocol (RDP) in order to present the user's NT desktop. Unlike Citrix ICA, no server extensions are required. rdesktop currently runs on most UNIX based platforms with the X Window System, and other ports should be fairly straightforward. rdesktop is used through rfbdrake. %package kdebase kdebase-common kdebase-kate kdebase-kdeprintfax kdebase-kdm kdebase-kmenuedit kdebase-konsole kdebase-nsplugins kdebase-progs kdebase-session-plugins libkdebase4 libkdebase4-devel libkdebase4-kate libkdebase4-kate-devel libkdebase4-kmenuedit libkdebase4-konsole Update: Tue Jul 03 11:31:29 2007 Importance: security ID: MDKSA-2007:138 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:138 %pre An issue with the interaction between the Flash Player and the Konqueror web browser was discovered, which could lead to key presses leaking to the Flash Player instead of to the browser. This only affects users who have actually installed the Adobe Flash Player plugin. Updated packages have been patched to prevent this issue. %description Core applications for the K Desktop Environment. Here is an overview of the directories: - drkonqi: if ever an app crashes (heaven forbid!) then Dr.Konqi will be so kind and make a stack trace. This is a great help for the developers to fix the bug. - kappfinder: searches your hard disk for non-KDE applications, e.g. Acrobat Reader (tm) and installs those apps under the K start button - kate: a fast and advanced text editor with nice plugins - kcheckpass: small program to enter and check passwords, only to be used by other programs - kcontrol: the KDE Control Center allows you to tweak the KDE settings - kdcop: GUI app to browse for DCOP interfaces, can also execute them - kdebugdialog: allows you to specify which debug messages you want to see - kdeprint: the KDE printing system - kdesktop: you guessed it: the desktop above the panel - kdesu: a graphical front end to "su" - kdm: replacement for XDM, for those people that like graphical logins - kfind: find files - khelpcenter: the app to read all great documentation about KDE - khotkeys: intercepts keys and can call applications - kicker: the panel at the botton with the K start button and the taskbar etc - kioslave: infrastructure that helps make every application internet enabled e.g. to directly save a file to ftp://place.org/dir/file.txt - klipper: enhances and extenses the X clipboard - kmenuedit: edit for the menu below the K start button - konqueror: the file manager and web browser you get easily used to - kpager: applet to show the contents of the virtual desktops - kpersonalizer: the customization wizard you get when you first start KDE - kreadconfig: a tool for shell scripts to get info from KDE's config files - kscreensaver: the KDE screensaver environment and lot's of savers - ksmserver: the KDE session manager (saves program status on login, restarts those program at the next login) - ksplash: the screen displayed while KDE starts - kstart: to launch applications with special window properties such as iconified etc - ksysguard: task manager and system monitor, even for remote systems - ksystraycmd: allows to run any application in the system tray - ktip: gives you tips how to use KDE - kwin: the KDE window manager - kxkb: a keyboard map tool - legacyimport: odd name for a cute program to load GTK themes - libkonq: some libraries needed by Konqueror - nsplugins: together with OSF/Motif or Lesstif allows you to use Netscape (tm) plugins in Konqueror %package MySQL MySQL-Max MySQL-bench MySQL-client MySQL-common MySQL-ndb-extra MySQL-ndb-management MySQL-ndb-storage MySQL-ndb-tools libmysql15 libmysql15-devel libmysql15-static-devel Update: Wed Jul 04 13:50:59 2007 Importance: security ID: MDKSA-2007:139 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:139 %pre MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. This issue does not affect MySQL 5.0.37 in Mandriva Linux 2007.1. (CVE-2007-1420) The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service (crash) via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference. (CVE-2007-2583) MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables. (CVE-2007-2691) Updated packages have been patched to prevent the above issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package console-tools libconsole0 libconsole0-devel libconsole0-static-devel Update: Wed Jul 04 15:27:21 2007 Importance: bugfix ID: MDKA-2007:077 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:077 %pre vt-is-UTF8 utility included in console-tools package, and used by Mandriva initscripts, can hang, causing random problems like preventing a local/remote system reboot, unless user take interactive action (#27948). Also, when executed on a terminal different from a linux vt, it can cause errors and make it unresponsive. Updated packages fixes both problems, and also removes setkeycodes limit, better fix for a previous issue alread addressed (#21741). %description This package contains utilities to load console fonts and keyboard maps. It also includes a number of different fonts and keyboard maps. %package park-rpmdrake rpmdrake Update: Wed Jul 04 16:15:00 2007 Importance: bugfix ID: MDKA-2007:078 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:078 %pre The rpmdrake package erronously warned it could not install some packages from a DVD, due to read errors, while it did install them (bug #30463). This update fix this issue. Also, this update will make the install/update progress dialog to be closed before displaying errors or .rpmnew files. %description rpmdrake is a simple graphical frontend to manage software packages on a Mandriva Linux system; it has 3 different modes: - software packages installation; - software packages removal; - MandrivaUpdate (software packages updates). A fourth program manages the media (add, remove, edit). %package park-rpmdrake rpmdrake Update: Wed Jul 04 16:15:26 2007 Importance: bugfix ID: MDKA-2007:078 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:078 %pre The rpmdrake package erronously warned it could not install some packages from a DVD, due to read errors, while it did install them (bug #30463). This update fix this issue. Also, this update will make the install/update progress dialog to be closed before displaying errors or .rpmnew files. %description rpmdrake is a simple graphical frontend to manage software packages on a Mandriva Linux system; it has 3 different modes: - software packages installation; - software packages removal; - MandrivaUpdate (software packages updates). A fourth program manages the media (add, remove, edit). %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-mod_userdir apache-modules apache-mpm-event apache-mpm-itk apache-mpm-prefork apache-mpm-worker apache-source Update: Wed Jul 04 18:39:50 2007 Importance: security ID: MDKSA-2007:140 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:140 %pre A vulnerability was discovered in the the Apache mod_status module that could lead to a cross-site scripting attack on sites where the server-status page was publically accessible and ExtendedStatus was enabled (CVE-2006-5752). A vulnerability was found in the Apache mod_cache module that could cause the httpd server child process to crash if it was sent a carefully crafted request. This could lead to a denial of service if using a threaded MPM (CVE-2007-1863). The Apache server also did not verify that a process was an Apache child process before sending it signals. A local attacker with the ability to run scripts on the server could manipulate the scoreboard and cause arbitrary processes to be terminated (CVE-2007-3304). Updated packages have been patched to prevent the above issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) %package libdha1.0 mencoder mplayer mplayer-doc mplayer-gui Update: Tue Jul 10 00:53:58 2007 Importance: security ID: MDKSA-2007:143 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:143 %pre Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category. Updated packages have been patched to prevent this issue. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/codecs %package openoffice.org openoffice.org-devel openoffice.org-devel-doc openoffice.org-galleries openoffice.org-gnome openoffice.org-kde openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-mono openoffice.org-ooqstart Update: Tue Jul 10 09:59:40 2007 Importance: security ID: MDKSA-2007:144 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:144 %pre A heap overflow flaw was found in the RTF import filter of OpenOffice.org. If a victim were to open a specially-crafted RTF file, OpenOffice.org could crash or possibly execute arbitrary code. Updated packages have been patched to prevent the above issues. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package libwireshark0 tshark wireshark wireshark-tools Update: Tue Jul 10 17:00:22 2007 Importance: security ID: MDKSA-2007:145 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:145 %pre A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or exhaustion of system memory. This updated provides wireshark 0.99.6 which is not vulnerable to these issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package perl-Net-DNS Update: Thu Jul 12 15:43:25 2007 Importance: security ID: MDKSA-2007:146 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:146 %pre A flaw was discovered in the perl Net::DNS module in the way it generated the ID field in a DNS query. Because it is so predictable, a remote attacker could exploit this to return invalid DNS data (CVE-2007-3377). A denial of service vulnerability was found in how Net::DNS parsed certain DNS requests. A malformed response to a DNS request could cause the application using Net::DNS to crash or stop responding (CVE-2007-3409). The updated packages have been patched to prevent these issues. %description Net::DNS is a collection of Perl modules that act as a Domain Name System (DNS) resolver. It allows the programmer to perform DNS queries that are beyond the capabilities of gethostbyname and gethostbyaddr. The programmer should be somewhat familiar with the format of a DNS packet and its various sections. See RFC 1035 or DNS and BIND (Albitz & Liu) for details. %package ImageMagick ImageMagick-desktop ImageMagick-doc libMagick10.7.0 libMagick10.7.0-devel perl-Image-Magick Update: Thu Jul 19 14:45:27 2007 Importance: security ID: MDKSA-2007:147 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:147 %pre A number of vulnerabilities were discovered in how ImageMagick handles DCM and XWD image files. If a user were tricked into processing a specially crafted image file with an application that uses ImageMagick, an attacker could cause a heap-based buffer overflow and possibly execute arbitrary code with the user's privileges. The updated packages have been patched to prevent these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package ImageMagick ImageMagick-desktop ImageMagick-doc libMagick10.7.0 libMagick10.7.0-devel perl-Image-Magick Update: Fri Jul 20 15:36:25 2007 Importance: security ID: MDKSA-2007:147 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:147 %pre A number of vulnerabilities were discovered in how ImageMagick handles DCM and XWD image files. If a user were tricked into processing a specially crafted image file with an application that uses ImageMagick, an attacker could cause a heap-based buffer overflow and possibly execute arbitrary code with the user's privileges. The updated packages have been patched to prevent these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package tcpdump Update: Wed Jul 25 09:33:03 2007 Importance: security ID: MDKSA-2007:148 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:148 %pre An integer overflow in tcpdump could allow a remote attacker to execute arbitrary code via crafted TLVs in a BGP packet. Updated packages have been patched to prevent this issue. %description Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. %package bind bind-devel bind-utils Update: Wed Jul 25 12:11:46 2007 Importance: security ID: MDKSA-2007:149 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:149 %pre The DNS query id generation code in BIND9 is vulnerable to cryptographic analysis which provides a 1-in-8 change of guessing the next query ID for 50% of the query IDs, which could be used by a remote attacker to perform cache poisoning by an attacker (CVE-2007-2926). As well, in BIND9 9.4.x, the default ACLs were note being correctly set, which could allow anyone to make recursive queries and/or query the cache contents (CVE-2007-2925). This update provides packages which are patched to prevent these issues. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package clamav clamav-db clamav-milter clamd clamdmon libclamav2 libclamav2-devel Update: Wed Jul 25 14:26:46 2007 Importance: security ID: MDKSA-2007:150 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:150 %pre A vulnerability in the RAR VM in ClamAV allowed user-assisted remote attackers to cause a crash via a crafted RAR archive which resulted in a NULL pointer dereference. Other bugs have also been corrected in 0.91.1 which is being provided with this update. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package libdesignercore1 libeditor1 libqassistantclient1 libqt3 libqt3-devel libqt3-mysql libqt3-odbc libqt3-psql libqt3-sqlite libqt3-static-devel qt3-common qt3-doc qt3-example qt3-tutorial Update: Wed Aug 01 12:49:58 2007 Importance: security ID: MDKSA-2007:151 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:151 %pre A number of format string flaws have been discovered in how Qt handled error messages by Dirk Mueller and Tracey Parry of Portcullis Computer Security. If an application linked against Qt created an error message from user-supplied data in a certain way, it could possibly lead to the execution of arbitrary code or a denial of service. This update provides packages which are patched to prevent these issues. %description Qt is a complete and well-designed multi-platform object-oriented framework for developing graphical user interface (GUI) applications using C++. Qt has seamless integration with OpenGL/Mesa 3D libraries. Qt is free for development of free software on the X Window System. It includes the complete source code for the X version and makefiles for Linux, Solaris, SunOS, FreeBSD, OSF/1, Irix, BSD/OS, NetBSD, SCO, HP-UX and AIX. This edition of Qt may be modified and distributed under the terms found in the LICENSE.QPL file. Qt also supports Windows 95 and NT, with native look and feel. Code developed for the X version of Qt can be recompiled and run using the Windows 95/NT version of Qt, and vice versa. Qt is currently used in hundreds of software development projects world wide, including the K Desktop Environment (see http://www.kde.org). For more examples, see http://www.trolltech.com/qtprogs.html. Qt has excellent documentation: around 750 pages of postscript and fully cross-referenced online html documentation. It is available on the web: http://doc.trolltech.com/ Qt is easy to learn, with consistent naming across all the classes and a 14-chapter on-line tutorial with links into the rest of the documentation. A number of 3rd-party books are also available. Qt dramatically cuts down on development time and complexity in writing user interface software for the X Window System. It allows the programmer to focus directly on the programming task, and not mess around with low-level Motif/X11 code. Qt is fully object-oriented. All widgets and dialogs are C++ objects, and, using inheritance, creation of new widgets is easy and natural. Qt's revolutionary signal/slot mechanism provides true component programming. Reusable components can work together without any knowledge of each other, and in a type-safe way. Qt has a very fast paint engine, in some cases ten times faster than other toolkits. The X version is based directly on Xlib and uses neither Motif nor X Intrinsics. Qt is available under two different licenses: - The Qt Professional Edition License, for developing fully commercial software: see http://www.trolltech.com/pricing.html - The Q Public License (QPL), for developing free software (X Window System only). %package deskbar-applet devhelp devhelp-plugins epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox2.0.0.6 libmozilla-firefox2.0.0.6-devel libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gnome-support mozilla-firefox-gu_IN mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk_UA mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Wed Aug 01 16:41:47 2007 Importance: security ID: MDKSA-2007:152 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:152 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.6 for older products. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package gd-utils libgd2 libgd2-devel libgd2-static-devel Update: Fri Aug 03 16:03:25 2007 Importance: security ID: MDKSA-2007:153 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:153 %pre GD versions prior to 2.0.35 have a number of bugs which potentially lead to denial of service and possibly other issues. Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified remote attack vectors and impact. (CVE-2007-3472) The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. (CVE-2007-3473) Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 allow user-assisted remote attackers to have unspecified attack vectors and impact. (CVE-2007-3474) The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. (CVE-2007-3475) Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. (CVE-2007-3476) The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allows attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. (CVE-2007-3477) Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. (CVE-2007-3478) The security issues related to GIF image handling (CVE-2007-3473, CVE-2007-3474, CVE-2007-3475, CVE-2007-3476) do not affect Corporate 3.0, as the version of GD included in these versions does not include GIF support. Updated packages have been patched to prevent these issues. %description gd is a graphics library. It allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and write out the result as a PNG or JPEG file. This is particularly useful in World Wide Webapplications, where PNG and JPEG are two of the formats accepted for inlineimages by most browsers. gd is not a paint program. If you are looking for a paint program, you are looking in the wrong place. If you are not a programmer, you are looking in the wrong place. gd does not provide for every possible desirable graphics operation. It is not necessary or desirable for gd to become a kitchen-sink graphics package, but version 1.7.3 incorporates most of the commonly requested features for an 8-bit 2D package. %package xine-ui xine-ui-aa xine-ui-fb Update: Thu Aug 09 14:33:54 2007 Importance: security ID: MDKSA-2007:154 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:154 %pre Format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. (CVE-2007-0254) XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017. (CVE-2007-0255) Updated packages have been patched to prevent these issues. %description xine is a free GPL-licensed video player for UNIX-like systems. User interface for the X Window system. %package tcpdump Update: Thu Aug 09 15:41:41 2007 Importance: security ID: MDKSA-2007:155 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:155 %pre Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. Updated packages have been patched to prevent this issue. %description Tcpdump is a command-line tool for monitoring network traffic. Tcpdump can capture and display the packet headers on a particular network interface or on all interfaces. Tcpdump can display all of the packet headers, or just the ones that match particular criteria. Install tcpdump if you need a program to monitor network traffic. %package imlib2-data libimlib2_1 libimlib2_1-devel libimlib2_1-filters libimlib2_1-loaders Update: Fri Aug 10 13:46:39 2007 Importance: security ID: MDKSA-2007:156 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:156 %pre M Joonas Pihlaja discovered several vulnerabilities in the Imlib2 graphics library. The load() function of several of the Imlib2 image loaders does not check the width and height of an image before allocating memory. As a result, a carefully crafted image file can trigger a segfault when an application using Imlib2 attempts to view the image. (CVE-2006-4806) The tga loader fails to bounds check input data to make sure the input data doesn load outside the memory mapped region. (CVE-2006-4807) The RLE decoding loops of the load() function in the tga loader does not check that the count byte of an RLE packet doesn cause a heap overflow of the pixel buffer. (CVE-2006-4808) The load() function of the pnm loader writes arbitrary length user data into a fixed size stack allocated buffer buf[] without bounds checking. (CVE-2006-4809) Updated packages have been patched to prevent these issues. %description Imlib2 is an advanced replacement library for libraries like libXpm that provides many more features with much greater flexibility and speed than standard libraries, including font rasterization, rotation, RGBA space rendering and blending, dynamic binary filters, scripting, and more. Build Options: --with mmx Enable mmx cpu detection (10% - 30% speedup) %package kdelibs-common kdelibs-devel-doc libkdecore4 libkdecore4-devel Update: Fri Aug 10 15:58:21 2007 Importance: security ID: MDKSA-2007:157 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:157 %pre The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. Also affects kdelibs 3.5.6, as per KDE official advisory. Updated packages have been patched to prevent this. %description Libraries for the K Desktop Environment. %package update-alternatives Update: Mon Aug 13 10:32:38 2007 Importance: bugfix ID: MDKA-2007:084 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:084 %pre A new version of update-alternatives is being made available that corrects a number of bugs in the tool and how symlink handling was performed. The new version also has new command-line options and updated documentation. %description Utility for managing concurent software. Original version comes from Debian but has been patched by Mandriva for use with rpm systems. %package timezone Update: Mon Aug 13 14:56:42 2007 Importance: normal ID: MDKA-2007:085 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:085 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package xpdf xpdf-tools Update: Mon Aug 13 15:29:02 2007 Importance: security ID: MDKSA-2007:158 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:158 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause xpdf to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. PDF files are sometimes called Acrobat files, after Adobe Acrobat (Adobe's PDF viewer). Xpdf is a small and efficient program which uses standard X fonts. %package pdftohtml Update: Mon Aug 13 15:47:23 2007 Importance: security ID: MDKSA-2007:160 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:160 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause pdftohtml to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description PDFTOHTML converts Portable Document Format (PDF) files to HTML format. This release converts text and links. Bold and italic face are preserved, but high level HTML structures ( like lists or tables ) are not yet generated. Images are ignored ( but you can extract them from the PDF file using pdfimages, distributed with the Xpdf package ). The current version is tested on Linux and Solaris 2.6 %package libpoppler-qt1 libpoppler-qt1-devel libpoppler-qt4-1 libpoppler-qt4-1-devel libpoppler1 libpoppler1-devel poppler Update: Mon Aug 13 17:59:23 2007 Importance: security ID: MDKSA-2007:161 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:161 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause poppler to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description Poppler is a PDF rendering library based on the xpdf-3.0 code base. %package kdegraphics kdegraphics-common kdegraphics-kcolorchooser kdegraphics-kcoloredit kdegraphics-kdvi kdegraphics-kfax kdegraphics-kghostview kdegraphics-kiconedit kdegraphics-kolourpaint kdegraphics-kooka kdegraphics-kpdf kdegraphics-kpovmodeler kdegraphics-kruler kdegraphics-ksnapshot kdegraphics-ksvg kdegraphics-kuickshow kdegraphics-kview kdegraphics-mrmlsearch libkdegraphics0-common libkdegraphics0-common-devel libkdegraphics0-kghostview libkdegraphics0-kghostview-devel libkdegraphics0-kooka libkdegraphics0-kooka-devel libkdegraphics0-kpovmodeler libkdegraphics0-kpovmodeler-devel libkdegraphics0-ksvg libkdegraphics0-ksvg-devel libkdegraphics0-kview libkdegraphics0-kview-devel Update: Tue Aug 14 11:15:59 2007 Importance: security ID: MDKSA-2007:162 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:162 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause kpdf to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications: - kamera: digital camera io_slave for Konqueror. Together gPhoto this allows you to access your camera's picture with the URL kamera:/ - kcoloredit: contains two programs: a color value editor and also a color picker - kdvi: program (and embeddable KPart) to display *.DVI files from TeX - kfax: a program to display raw and tiffed fax images (g3, g3-2d, g4) - kfaxview: an embeddable KPart to display tiffed fax images - kfile-plugins: provide meta information for graphic files - kghostview: program (and embeddable KPart) to display *.PDF and *.PS - kiconedit: an icon editor - kooka: a raster image scan program, based on SANE and libkscan - kruler: a ruler in inch, centimeter and pixel to check distances on the screen - ksnapshot: make snapshots of the screen contents - kuickshow: fast and comfortable imageviewer - kview: picture viewer, provided as standalone program and embeddable KPart - kviewshell: generic framework for viewer applications %package koffice koffice-karbon koffice-kexi koffice-kformula koffice-kivio koffice-koshell koffice-kplato koffice-kpresenter koffice-krita koffice-kspread koffice-kugar koffice-kword koffice-progs libkoffice2-karbon libkoffice2-karbon-devel libkoffice2-kexi libkoffice2-kexi-devel libkoffice2-kformula libkoffice2-kformula-devel libkoffice2-kivio libkoffice2-kivio-devel libkoffice2-koshell libkoffice2-kplato libkoffice2-kpresenter libkoffice2-kpresenter-devel libkoffice2-krita libkoffice2-krita-devel libkoffice2-kspread libkoffice2-kspread-devel libkoffice2-kugar libkoffice2-kugar-devel libkoffice2-kword libkoffice2-kword-devel libkoffice2-progs libkoffice2-progs-devel Update: Tue Aug 14 12:01:22 2007 Importance: security ID: MDKSA-2007:163 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:163 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause koffice to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description Office applications for the K Desktop Environment. KOffice contains: * KWord: word processor * KSpread: spreadsheet * KPresenter: presentations * KChart: diagram generator * Kugar: A tool for generating business quality reports. * Kivio: A Visio(r)-style flowcharting application. * Kexi: an integrated environment for managing data * Some filters (Excel 97, Winword 97/2000, etc.) * karbon: the scalable vector drawing application for KDE. * kformula: a formula editor for KOffice. * krita: painting and image editing application. * koshell * kplato: a project management. %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-usrlocal tetex-xdvi xmltex Update: Tue Aug 14 13:21:15 2007 Importance: security ID: MDKSA-2007:164 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:164 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause tetex to crash and possibly execute arbitrary code open a user opening the file. In addition, tetex contains an embedded copy of the GD library which suffers from a number of bugs which potentially lead to denial of service and possibly other issues. Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified remote attack vectors and impact. (CVE-2007-3472) The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure. (CVE-2007-3473) Multiple unspecified vulnerabilities in the GIF reader in the GD Graphics Library (libgd) before 2.0.35 allow user-assisted remote attackers to have unspecified attack vectors and impact. (CVE-2007-3474) The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map. (CVE-2007-3475) Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a segmentation fault. (CVE-2007-3476) The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allows attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle degree value. (CVE-2007-3477) Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving truetype font (TTF) support. (CVE-2007-3478) Updated packages have been patched to prevent these issues. %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Wed Aug 15 10:48:21 2007 Importance: security ID: MDKSA-2007:165 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:165 %pre Maurycy Prodeus found an integer overflow vulnerability in the way various PDF viewers processed PDF files. An attacker could create a malicious PDF file that could cause cups to crash and possibly execute arbitrary code open a user opening the file. This update provides packages which are patched to prevent these issues. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package libmozilla-firefox2.0.0.6 libmozilla-firefox2.0.0.6-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-et_EE mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk_UA mozilla-firefox-zh_CN mozilla-firefox-zh_TW Update: Thu Aug 16 22:46:57 2007 Importance: bugfix ID: MDKA-2007:086 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:086 %pre The previous Mozilla Firefox updates did not properly handle the default and GNOME themes which prevented buttons from being displayed. As well, there were some problems with language support. These updated packages are being provided to correct the issues. %description Localizations for Firefox %package gwenview libgwenview1 libgwenview1-devel Update: Sat Aug 18 10:44:42 2007 Importance: bugfix ID: MDKA-2007:087 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:087 %pre Gwenview allows a user to rename images, but as soon as the user does, the selected image file is no longer visible. These updated packages are being provided to correct the issues. %description Gwenview is a fast and easy to use image viewer/browser for KDE. All common image formats are supported, such as PNG(including transparency), JPEG(including EXIF tags and lossless transformations), GIF, XCF (Gimp image format), BMP, XPM and others. Standard features include slideshow, fullscreen view, image thumbnails, drag'n'drop, image zoom, full network transparency using the KIO framework, including basic file operations and browsing in compressed archives, non-blocking GUI with adjustable views. Gwenview also provides image and directory KParts components for use e.g. in Konqueror. Additional features, such as image renaming, comparing, converting, and batch processing, HTML gallery and others are provided by the KIPI image framework. %package rsync Update: Sat Aug 18 15:29:14 2007 Importance: security ID: MDKSA-2007:166 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:166 %pre Sebastian Krahmer of the SUSE Security Team discovered an off-by-one buffer overflow within rsync. It is not clear if this problem is exploitable, however updates are available to correct the issue. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has this patches apply from rsync tree: - acl: allow to mirror acl - backup-dir-dels: availlibility to store backup file in another directory Rebuild the source rpm with `--without patches' if you don't want this patches %package libvorbis0 libvorbis0-devel libvorbisenc2 libvorbisfile3 Update: Sat Aug 18 15:37:25 2007 Importance: security ID: MDKSA-2007:167 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:167 %pre David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could possibly cause a denial of service or execute arbitrary code with the user's privileges. %description Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. Find some free Ogg Vorbis music here: http://www.vorbis.com/music.html %package libvorbis0 libvorbis0-devel libvorbisenc2 libvorbisfile3 Update: Mon Aug 20 10:24:57 2007 Importance: security ID: MDKSA-2007:167-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:167-1 %pre David Thiel discovered that libvorbis did not correctly verify the size of certain headers, and did not correctly clean up a broken stream. If a user were tricked into processing a specially crafted Vorbis stream, a remote attacker could possibly cause a denial of service or execute arbitrary code with the user's privileges. Update: Due to a packaging problem, the libvorbis development package was not able to be upgraded on Mandriva Linux 2007.1 This has been corrected with this new update. %description Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. Find some free Ogg Vorbis music here: http://www.vorbis.com/music.html %package hal hal-gnome hal-info libhal1 libhal1-devel Update: Tue Aug 21 10:03:13 2007 Importance: bugfix ID: MDKA-2007:088 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:088 %pre HAL daemon could use 100% cpu when some non storage SCSI peripheral when connected to a system. Update packages fix this issue by upgrading to new version 0.5.9.1, as well as other stability fixes and improved suspend/hibernation for some laptops. %description HAL is daemon for collection and maintaining information from several sources about the hardware on the system. It provides a live device list through D-BUS. %package vim-X11 vim-common vim-enhanced vim-minimal Update: Tue Aug 21 14:58:18 2007 Importance: security ID: MDKSA-2007:168 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:168 %pre A format string vulnerability in the helptags support in vim allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file. Updated packages have been patched to prevent this issue. %description VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. The vim-common package contains files which every VIM binary will need in order to run. %package gdm gdm-Xnest Update: Tue Aug 21 19:54:59 2007 Importance: security ID: MDKSA-2007:169 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:169 %pre A vulnerability was discovered in how gdm listens on its unix domain socket. A local user could crash a running X session by writing malicious data to gdm's unix domain socket. Updated packages have been patched to prevent this issue. %description Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. %package gimp gimp-python libgimp2.0-devel libgimp2.0_0 Update: Thu Aug 23 09:59:14 2007 Importance: security ID: MDKSA-2007:170 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:170 %pre Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files. (CVE-2006-4519) Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value. (CVE-2007-2949) Victor Stinner has discovered several flaws in file plug-ins using his fuzzyfier tool fusil. Several modified image files cause the plug-ins to crash or consume excessive amounts of memory due to insufficient input validation. Affected plug-ins: bmp, pcx, psd, psp (*.tub). (CVE-2007-3741) Updated packages have been patched to prevent these issues. %description The GIMP is an image manipulation program suitable for photo retouching, image composition and image authoring. Many people find it extremely useful in creating logos and other graphics for web pages. The GIMP has many of the tools and filters you would expect to find in similar commercial offerings, and some interesting extras as well. The GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversions, all with multi-level undo. This version of The GIMP includes a scripting facility, but many of the included scripts rely on fonts that we cannot distribute. The GIMP ftp site has a package of fonts that you can install by yourself, which includes all the fonts needed to run the included scripts. Some of the fonts have unusual licensing requirements; all the licenses are documented in the package. Get them in ftp://ftp.gimp.org/pub/gimp/fonts/ if you are so inclined. Alternatively, choose fonts which exist on your system before running the scripts. Build Options: --without python Disable pygimp (default enabled) --with mmx Enable MMX code support (default disabled) --with sse Enable SSE code support (default disabled) --with lzw Enable LZW compression in GIF (default disabled) %package cryptsetup-luks hal-info libcryptsetup0 libcryptsetup0-devel Update: Thu Aug 23 11:28:00 2007 Importance: bugfix ID: MDKA-2007:088-1 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:088-1 %pre HAL daemon could use 100% cpu when some non storage SCSI peripheral when connected to a system. Update packages fix this issue by upgrading to new version 0.5.9.1, as well as other stability fixes and improved suspend/hibernation for some laptops. Update: An error was introduced in the previous hal-info bugfix update that prevented suspend for IBM-based laptops. This package fixes the error and adds additional laptops to the suspend/hibernation compatibility list. As well, the cryptsetup-luks packages are being made available as they weren't available on all CD/DVD install media. %description LUKS is the upcoming standard for Linux hard disk encryption. By providing a standard on-disk-format, it does not only facilitate compatibility among distributions, but also provide secure management of multiple user passwords. In contrast to existing solution, LUKS stores all setup necessary setup information in the partition header, enabling the user to transport or migrate his data seamlessly. LUKS for dm-crypt is implemented in cryptsetup. cryptsetup-luks is intended as a complete replacement for the original cryptsetup. It provides all the functionally of the original version plus all LUKS features, that are accessible by luks* action. %package kernel-2.6.17.15mdv kernel-doc-2.6.17.15mdv kernel-doc-latest kernel-enterprise-2.6.17.15mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.15mdv kernel-legacy-latest kernel-source-2.6.17.15mdv kernel-source-latest kernel-source-stripped-2.6.17.15mdv kernel-source-stripped-latest kernel-xen0-2.6.17.15mdv kernel-xen0-latest kernel-xenU-2.6.17.15mdv kernel-xenU-latest Update: Tue Aug 28 09:20:14 2007 Importance: security ID: MDKSA-2007:171 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:171 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The Linux kernel did not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allowed local users to cause a denial of service (process crash) (CVE-2006-5755). The compat_sys_mount function in fs/compat.c allowed local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode (CVE-2006-7203). The nfnetlink_log function in netfilter allowed an attacker to cause a denial of service (crash) via unspecified vectors which would trigger a NULL pointer dereference (CVE-2007-1496). The nf_conntrack function in netfilter did not set nfctinfo during reassembly of fragmented packets, which left the default value as IP_CT_ESTABLISHED and could allow remote attackers to bypass certain rulesets using IPv6 fragments (CVE-2007-1497). The netlink functionality did not properly handle NETLINK_FIB_LOOKUP replies, which allowed a remote attacker to cause a denial of service (resource consumption) via unspecified vectors, probably related to infinite recursion (CVE-2007-1861). A typo in the Linux kernel caused RTA_MAX to be used as an array size instead of RTN_MAX, which lead to an out of bounds access by certain functions (CVE-2007-2172). The IPv6 protocol allowed remote attackers to cause a denial of service via crafted IPv6 type 0 route headers that create network amplification between two routers (CVE-2007-2242). The random number feature did not properly seed pools when there was no entropy, or used an incorrect cast when extracting entropy, which could cause the random number generator to provide the same values after reboots on systems without an entropy source (CVE-2007-2453). A memory leak in the PPPoE socket implementation allowed local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized (CVE-2007-2525). An integer underflow in the cpuset_tasks_read function, when the cpuset filesystem is mounted, allowed local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file (CVE-2007-2875). The sctp_new function in netfilter allowed remote attackers to cause a denial of service by causing certain invalid states that triggered a NULL pointer dereference (CVE-2007-2876). In addition to these security fixes, other fixes have been included such as: - Fix crash on netfilter when nfnetlink_log is used on certain hooks on packets forwarded to or from a bridge - Fixed busy sleep on IPVS which caused high load averages - Fixed possible race condition on ext[34]_link - Fixed missing braces in condition block that led to wrong behaviour in NFS - Fixed XFS lock deallocation that resulted in oops when unmounting To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package clamav clamav-db clamav-milter clamd clamdmon libclamav-devel libclamav2 Update: Fri Aug 31 16:30:24 2007 Importance: security ID: MDKSA-2007:172 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:172 %pre A vulnerability in ClamAV was discovered that could allow remote attackers to cause a denial of service via a crafted RTF file or a crafted HTML document with a data: URI, both of which trigger a NULL dereference (CVE-2007-4510). A vulnerability in clamav-milter, when run in black hole mode, could allow remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call (CVE-2007-4560). Other bugs have also been corrected in 0.91.2 which is being provided with this update. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package tar Update: Tue Sep 04 17:09:22 2007 Importance: security ID: MDKSA-2007:173 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:173 %pre Dmitry V. Levin discovered a path traversal flaw in how GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary fiels that the user running tar has write access to. Updated packages have been patched to prevent these issues. %description The GNU tar program saves many files together into one archive and can restore individual files (or all of the files) from the archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/ decompression, the ability to perform remote archives and the ability to perform incremental and full backups. If you want to use Tar for remote backups, you'll also need to install the rmt package. You should install the tar package, because you'll find its compression and decompression utilities essential for working with files. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Thu Sep 06 11:00:30 2007 Importance: security ID: MDKSA-2007:174 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:174 %pre A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash (CVE-2007-3999). This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash (CVE-2007-4000). This issue is only applicable to Kerberos 1.5 and higher. Updated packages have been patched to prevent these issues. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package eggdrop Update: Thu Sep 06 11:20:10 2007 Importance: security ID: MDKSA-2007:175 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:175 %pre A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop 1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC servers to execute arbitrary code via a long private message. Updated packages fix this issue. %description Eggdrop is an IRC bot, written in C. If you don't know what IRC is, this is probably not whatever you're looking for! Eggdrop, being a bot, sits on a channel and takes protective measures: to keep the channel from being taken over (in the few ways that anything CAN), to recognize banished users or sites and reject them, to recognize privileged users and let them gain ops, etc. %package kdebase kdebase-common kdebase-kate kdebase-kdeprintfax kdebase-kdm kdebase-kmenuedit kdebase-konsole kdebase-nsplugins kdebase-progs kdebase-session-plugins kdelibs-common kdelibs-devel-doc libkdebase4 libkdebase4-devel libkdebase4-kate libkdebase4-kate-devel libkdebase4-kmenuedit libkdebase4-konsole libkdecore4 libkdecore4-devel Update: Thu Sep 06 12:41:18 2007 Importance: security ID: MDKSA-2007:176 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:176 %pre konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820) KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224) Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225) Updated packages fix these issues. %description Libraries for the K Desktop Environment. %package MySQL MySQL-Max MySQL-bench MySQL-client MySQL-common MySQL-ndb-extra MySQL-ndb-management MySQL-ndb-storage MySQL-ndb-tools libmysql15 libmysql15-devel libmysql15-static-devel Update: Thu Sep 06 15:36:56 2007 Importance: security ID: MDKSA-2007:177 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:177 %pre A vulnerability was found in MySQL's authentication protocol, making it possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash (CVE-2007-3780). Another flaw was discovered in MySQL that allowed remote authenticated users to gain update privileges for a table in another database via a view that refers to the external table (CVE-2007-3782). Updated packages have been patched to prevent these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package proftpd proftpd-devel proftpd-mod_autohost proftpd-mod_ban proftpd-mod_case proftpd-mod_clamav proftpd-mod_ctrls_admin proftpd-mod_gss proftpd-mod_ifsession proftpd-mod_ldap proftpd-mod_load proftpd-mod_quotatab proftpd-mod_quotatab_file proftpd-mod_quotatab_ldap proftpd-mod_quotatab_radius proftpd-mod_quotatab_sql proftpd-mod_radius proftpd-mod_ratio proftpd-mod_rewrite proftpd-mod_shaper proftpd-mod_site_misc proftpd-mod_sql proftpd-mod_sql_mysql proftpd-mod_sql_postgres proftpd-mod_time proftpd-mod_tls proftpd-mod_wrap proftpd-mod_wrap_file proftpd-mod_wrap_sql Update: Thu Sep 06 18:21:47 2007 Importance: bugfix ID: MDKA-2007:089 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:089 %pre A bug in ProFTPD, when run on an IPv6-capable host, causes ProFTPD to generate an excessive number of error messages to syslog. As well, LDAP TLS support was incorrectly setup during compilation and as a result LDAP TLS support was disabled. The updated packages correct these issues. %description ProFTPd is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This version supports both standalone and xinetd operation. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Fri Sep 07 11:04:49 2007 Importance: security ID: MDKSA-2007:174-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:174-1 %pre A stack buffer overflow vulnerability was discovered in the RPC library used by Kerberos' kadmind program by Tenable Network Security. A remote unauthenticated user who could access kadmind would be able to trigger the flaw and cause it to crash (CVE-2007-3999). This issue is only applicable to Kerberos 1.4 and higher. Garrett Wollman found an uninitialized pointer vulnerability in kadmind which a remote unauthenticated attacker able to access kadmind could exploit to cause kadmind to crash (CVE-2007-4000). This issue is only applicable to Kerberos 1.5 and higher. Update: The MIT Kerberos Team found a problem with the originally published patch for CVE-2007-3999. A remote unauthenticated attacker able to access kadmind could trigger this flaw and cause kadmind to crash. Updated packages have been patched to prevent these issues. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package bind bind-devel bind-utils Update: Mon Sep 10 11:41:41 2007 Importance: bugfix ID: MDKA-2007:090 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:090 %pre A number of bugs in the BIND9 packages are fixed in this update: Threading was disabled in the ISC BIND package shipped with Mandriva Linux 2007 and Corporate Server 4, because the host command did not work properly with threading enabled. This update only builds the host command without threading, while the rest of the bind server is once again SMP-aware. The bogon ACL was too restrictive and accidentally contained IP address ranges for some root server networks. The named daemon is chrooted by default, but logrotate files were being supplied that served no purpose as named performs it's own log rotating. The spurious logrotate files have been removed. The updated packages correct these issues. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xgl x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Tue Sep 11 16:28:58 2007 Importance: security ID: MDKSA-2007:178 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:178 %pre Aaron Plattner discovered a buffer overflow in the Composite extension of the X.org X server, which if exploited could lead to local privilege escalation. Updated packages have been patched to prevent these issues. %description X11 servers %package fetchmail fetchmail-daemon fetchmailconf Update: Tue Sep 11 16:30:28 2007 Importance: security ID: MDKSA-2007:179 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:179 %pre A vulnerability in fetchmail was found where it could crash when attempting to deliver an internal warning or error message through an untrusted or compromised SMTP server, leading to a denial of service. Updated packages have been patched to prevent these issues. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package id3lib libid3_3.8_3 libid3_3.8_3-devel libid3_3.8_3-static-devel Update: Wed Sep 12 14:29:02 2007 Importance: security ID: MDKSA-2007:180 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:180 %pre A programming error was found in id3lib by Nikolaus Schulz that could lead to a denial of service through symlink attacks. Updated packages have been patched to prevent these issues. %description This package provides a software library for manipulating ID3v1 and ID3v2 tags. It provides a convenient interface for software developers to include standards-compliant ID3v1/2 tagging capabilities in their applications. Features include identification of valid tags, automatic size conversions, (re)synchronisation of tag frames, seamless tag (de)compression, and optional padding facilities. Included are some simple command line example applications. %package librpcsecgss3 librpcsecgss3-devel Update: Wed Sep 12 14:40:39 2007 Importance: security ID: MDKSA-2007:181 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:181 %pre A stack buffer overflow vulnerability was discovered in the RPCSEC_GSS RPC library by Tenable Network Security that could potentially allow for the execution of arbitrary code. Updated packages have been patched to prevent these issues. %description Allows secure rpc communication using the rpcsec_gss protocol librpcsecgss allows secure rpc communication using the rpcsec_gss protocol. %package libdesignercore1 libeditor1 libqassistant1 libqassistantclient1 libqt3 libqt3-devel libqt3-mysql libqt3-odbc libqt3-psql libqt3-sqlite libqt3-static-devel libqt3support4 libqt4-devel libqtcore4 libqtdbus4 libqtdesigner1 libqtgui4 libqtnetwork4 libqtopengl4 libqtsql4 libqtsvg4 libqttest4 libqtuitools4 libqtxml4 qt3-common qt3-doc qt3-example qt3-tutorial qt4-accessibility-plugin-lib qt4-assistant qt4-codecs-plugin-lib qt4-common qt4-database-plugin-mysql-lib qt4-database-plugin-odbc-lib qt4-database-plugin-pgsql-lib qt4-database-plugin-sqlite-lib qt4-designer qt4-doc qt4-examples qt4-linguist qt4-qvfb qt4-tutorial Update: Thu Sep 13 21:15:14 2007 Importance: security ID: MDKSA-2007:183 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 %pre A buffer overflow was found in how Qt expanded malformed Unicode strings. If an application linked against Qt parsed a malicious Unicode string, it could lead to a denial of service or potentially allow for the execution of arbitrary code. Updated packages have been patched to prevent this issue. Although the problem is not exploitable in Qt4, patched packages have been issued regardless. %description Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run Qt applications, as well as the README files for Qt. %package avahi avahi-dnsconfd avahi-python avahi-sharp avahi-sharp-doc avahi-x11 libavahi-client3 libavahi-client3-devel libavahi-common3 libavahi-common3-devel libavahi-compat-howl0 libavahi-compat-howl0-devel libavahi-compat-libdns_sd1 libavahi-compat-libdns_sd1-devel libavahi-core5 libavahi-core5-devel libavahi-glib1 libavahi-glib1-devel libavahi-qt3_1 libavahi-qt3_1-devel libavahi-qt4_1 libavahi-qt4_1-devel Update: Mon Sep 17 13:29:31 2007 Importance: security ID: MDKSA-2007:185 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:185 %pre The Avahi daemon in 0.6.20 and previous allows attackers to cause a denial of service via empty TXT data over D-Bus, which triggers an assert error. Updated packages have been patched to prevent this issue. %description Avahi is a system which facilitates service discovery on a local network -- this means that you can plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. This kind of technology is already found in MacOS X (branded 'Rendezvous', 'Bonjour' and sometimes 'ZeroConf') and is very convenient. %package openoffice.org openoffice.org-devel openoffice.org-devel-doc openoffice.org-galleries openoffice.org-gnome openoffice.org-kde openoffice.org-l10n-af openoffice.org-l10n-ar openoffice.org-l10n-bg openoffice.org-l10n-br openoffice.org-l10n-bs openoffice.org-l10n-ca openoffice.org-l10n-cs openoffice.org-l10n-cy openoffice.org-l10n-da openoffice.org-l10n-de openoffice.org-l10n-el openoffice.org-l10n-en_GB openoffice.org-l10n-es openoffice.org-l10n-et openoffice.org-l10n-eu openoffice.org-l10n-fi openoffice.org-l10n-fr openoffice.org-l10n-he openoffice.org-l10n-hi openoffice.org-l10n-hu openoffice.org-l10n-it openoffice.org-l10n-ja openoffice.org-l10n-ko openoffice.org-l10n-mk openoffice.org-l10n-nb openoffice.org-l10n-nl openoffice.org-l10n-nn openoffice.org-l10n-pl openoffice.org-l10n-pt openoffice.org-l10n-pt_BR openoffice.org-l10n-ru openoffice.org-l10n-sk openoffice.org-l10n-sl openoffice.org-l10n-sv openoffice.org-l10n-ta openoffice.org-l10n-tr openoffice.org-l10n-zh_CN openoffice.org-l10n-zh_TW openoffice.org-l10n-zu openoffice.org-mono openoffice.org-ooqstart Update: Thu Sep 20 11:04:12 2007 Importance: security ID: MDKSA-2007:186 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:186 %pre An integer overflow in the TIFF parser in OpenOffice.org prior to version 2.3 allows remote attackers to execute arbitrary code via a TIFF file with crafted values which triggers the allocation of an incorrect amount of memory which results in a heap-based buffer overflow. Updated packages have been patched to prevent this issue. %description OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editing and drawing program, with a user interface and feature set similar to other office suites. Sophisticated and flexible, OpenOffice.org also works transparently with a variety of file formats, including Microsoft Office. %package libphp5_common5 php-cgi php-cli php-devel php-fcgi php-gd php-mcrypt php-openssl php-soap php-zlib Update: Fri Sep 21 14:10:34 2007 Importance: security ID: MDKSA-2007:187 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:187 %pre Numerous vulnerabilities were discovered in the PHP scripting language that are corrected with this update. An integer overflow in the substr_compare() function allows context-dependent attackers to read sensitive memory via a large value in the length argument. This only affects PHP5 (CVE-2007-1375). A stack-based buffer overflow in the zip:// URI wrapper in PECL ZIP 1.8.3 and earlier allowes remote attackers to execute arbitrary code via a long zip:// URL. This only affects Corporate Server 4.0 (CVE-2007-1399). A CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter could allow an attacker to inject arbitrary email headers via a special email address. This only affects Mandriva Linux 2007.1 (CVE-2007-1900). The mcrypt_create_iv() function calls php_rand_r() with an uninitialized seed variable, thus always generating the same initialization vector, which may allow an attacker to decrypt certain data more easily because of the guessable encryption keys (CVE-2007-2727). The soap extension calls php_rand_r() with an uninitialized seec variable, which has unknown impact and attack vectors; an issue similar to that affecting mcrypt_create_iv(). This only affects PHP5 (CVE-2007-2728). The substr_count() function allows attackers to obtain sensitive information via unspecified vectors. This only affects PHP5 (CVE-2007-2748). An infinite loop was found in the gd extension that could be used to cause a denial of service if a script were forced to process certain PNG images from untrusted sources (CVE-2007-2756). An integer overflow flaw was found in the chunk_split() function that ould possibly execute arbitrary code as the apache user if a remote attacker was able to pass arbitrary data to the third argument of chunk_split() (CVE-2007-2872). A flaw in the PHP session cookie handling could allow an attacker to create a cross-site cookie insertion attack if a victim followed an untrusted carefully-crafted URL (CVE-2007-3799). Various integer overflow flaws were discovered in the PHP gd extension that could allow a remote attacker to execute arbitrary code as the apache user (CVE-2007-3996). A flaw in the wordwrap() frunction could result in a denial of ervice if a remote attacker was able to pass arbitrary data to the function (CVE-2007-3998). A flaw in the money_format() function could result in an information leak or denial of service if a remote attacker was able to pass arbitrary data to this function; this situation would be unlikely however (CVE-2007-4658). A bug in the PHP session cookie handling could allow an attacker to stop a victim from viewing a vulnerable website if the victim first visited a malicious website under the control of the attacker who was able to use that page to set a cookie for the vulnerable website (CVE-2007-4670). Updated packages have been patched to prevent these issues. In addition, PECL ZIP version 1.8.10 is being provided for Corporate Server 4.0. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package libecpg5 libecpg5-devel libpq5 libpq5-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Tue Sep 25 08:47:03 2007 Importance: security ID: MDKSA-2007:188 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:188 %pre PostgreSQL 8.1 and probably later and earlier versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host parameter that proxies the connection from 127.0.0.1. (CVE-2007-3278) PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileges to the PUBLIC domain, which allows remote attackers to create and execute functions, as demonstrated by functions that perform local brute-force password guessing attacks, which may evade intrusion detection. (CVE-2007-3279) The Database Link library (dblink) in PostgreSQL 8.1 implements functions via CREATE statements that map to arbitrary libraries based on the C programming language, which allows remote authenticated superusers to map and execute a function from any library, as demonstrated by using the system function in libc.so.6 to gain shell access. (CVE-2007-3280) Updated packages fix these issues, by requiring non-superusers who use /contrib/dblink to use only password authentication. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package libt1lib5 libt1lib5-devel libt1lib5-static-devel t1lib-config t1lib-progs Update: Thu Sep 27 12:16:26 2007 Importance: security ID: MDKSA-2007:189 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:189 %pre A buffer overflow vulnerability was discovered in t1lib due to improper bounds checking. An attacker could send specially crafted input to an application linked against t1lib which could lead to a denial of service or the execution of arbitrary code. Updated packages have been patched to prevent this issue. %description T1lib is a library for generating character and string-glyphs from Adobe Type 1 fonts under UNIX. T1lib uses most of the code of the X11 rasterizer donated by IBM to the X11-project. But some disadvantages of the rasterizer being included in X11 have been eliminated. T1lib also includes a support for antialiasing. %package kdebase kdebase-common kdebase-kate kdebase-kdeprintfax kdebase-kdm kdebase-kmenuedit kdebase-konsole kdebase-nsplugins kdebase-progs kdebase-session-plugins libkdebase4 libkdebase4-devel libkdebase4-kate libkdebase4-kate-devel libkdebase4-kmenuedit libkdebase4-konsole Update: Thu Sep 27 15:22:47 2007 Importance: security ID: MDKSA-2007:190 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:190 %pre A vulnerability was discovered in KDM by Kees Huijgen where under certain circumstances and in particular configurations, KDM could be tricked into allowing users to login without a password. Updated packages have been patched to prevent this issue. %description Core applications for the K Desktop Environment. Here is an overview of the directories: - drkonqi: if ever an app crashes (heaven forbid!) then Dr.Konqi will be so kind and make a stack trace. This is a great help for the developers to fix the bug. - kappfinder: searches your hard disk for non-KDE applications, e.g. Acrobat Reader (tm) and installs those apps under the K start button - kate: a fast and advanced text editor with nice plugins - kcheckpass: small program to enter and check passwords, only to be used by other programs - kcontrol: the KDE Control Center allows you to tweak the KDE settings - kdcop: GUI app to browse for DCOP interfaces, can also execute them - kdebugdialog: allows you to specify which debug messages you want to see - kdeprint: the KDE printing system - kdesktop: you guessed it: the desktop above the panel - kdesu: a graphical front end to "su" - kdm: replacement for XDM, for those people that like graphical logins - kfind: find files - khelpcenter: the app to read all great documentation about KDE - khotkeys: intercepts keys and can call applications - kicker: the panel at the botton with the K start button and the taskbar etc - kioslave: infrastructure that helps make every application internet enabled e.g. to directly save a file to ftp://place.org/dir/file.txt - klipper: enhances and extenses the X clipboard - kmenuedit: edit for the menu below the K start button - konqueror: the file manager and web browser you get easily used to - kpager: applet to show the contents of the virtual desktops - kpersonalizer: the customization wizard you get when you first start KDE - kreadconfig: a tool for shell scripts to get info from KDE's config files - kscreensaver: the KDE screensaver environment and lot's of savers - ksmserver: the KDE session manager (saves program status on login, restarts those program at the next login) - ksplash: the screen displayed while KDE starts - kstart: to launch applications with special window properties such as iconified etc - ksysguard: task manager and system monitor, even for remote systems - ksystraycmd: allows to run any application in the system tray - ktip: gives you tips how to use KDE - kwin: the KDE window manager - kxkb: a keyboard map tool - legacyimport: odd name for a cute program to load GTK themes - libkonq: some libraries needed by Konqueror - nsplugins: together with OSF/Motif or Lesstif allows you to use Netscape (tm) plugins in Konqueror %package libsndfile-progs libsndfile1 libsndfile1-devel libsndfile1-static-devel Update: Mon Oct 01 11:29:53 2007 Importance: security ID: MDKSA-2007:191 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:191 %pre A heap-based buffer overflow in libsndfile could allow remote attackers to execute arbitrary code via a FLAC file with crafted PCM data which contains a block with a size exceeding that of the previous block. Updated packages have been patched to prevent this issue. %description libsndfile is a C library for reading and writing sound files such as AIFF, AU and WAV files through one standard interface. It can currently read/write 8, 16, 24 and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats. %package libdha1.0 mencoder mplayer mplayer-doc mplayer-gui Update: Mon Oct 01 14:52:18 2007 Importance: security ID: MDKSA-2007:192 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:192 %pre A heap-based buffer overflow was found in MPlayer's AVI handling that could allow a remote attacker to cause a denial of service or possibly execute arbitrary code via a crafted .avi file. Updated packages have been patched to prevent this issue. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/codecs %package libopenssl0.9.8 libopenssl0.9.8-devel libopenssl0.9.8-static-devel openssl Update: Thu Oct 04 14:49:40 2007 Importance: security ID: MDKSA-2007:193 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:193 %pre A flaw in how OpenSSL performed Montgomery multiplications was discovered %that could allow a local attacker to reconstruct RSA private keys by examining another user's OpenSSL processes (CVE-2007-3108). Moritz Jodeit found that OpenSSL's SSL_get_shared_ciphers() function did not correctly check the size of the buffer it was writing to. As a result, a remote attacker could exploit this to write one NULL byte past the end of the applications's cipher list buffer, which could possibly lead to a denial of service or the execution of arbitrary code (CVE-2007-5135). Updated packages have been patched to prevent these issues. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). %package drakx-net drakx-net-text libdrakx-net Update: Mon Oct 08 12:50:36 2007 Importance: bugfix ID: MDKA-2007:091 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:091 %pre Drakroam could erroneusly detect and reset the wireless mode to Master, instead of Managed. (bug 30303) Draksambashare would check shares' names for partial matches, preventing the use of a share name partially equal to another. (bug 30099) Draknfs and draksambashare were using the wrong translation text domain, making these tools show only english interfaces. (bug 33221) Updated packages fix these issues. Net_applet was also improved to always show interfaces in left-click menu, and to not show empty menus. %description This package contains the Mandriva network tools. net_applet: applet to check network connection net_monitor: connection monitoring %package mc Update: Mon Oct 08 14:24:07 2007 Importance: bugfix ID: MDKA-2007:092 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:092 %pre This update fixes two separate problems in mc. Firstly, translations to several languages may not have been correctly displayed due to an encoding issue. Secondly, files uploaded to certain types of ssh servers via mc's fish protocol were corrupted. %description Midnight Commander is a visual shell much like a file manager, only with way more features. It is text mode, but also includes mouse support if you are running GPM. Its coolest feature is the ability to ftp, view tar, zip files, and poke into RPMs for specific files. :-) %package libvorbis0 libvorbis0-devel libvorbisenc2 libvorbisfile3 Update: Wed Oct 10 17:04:36 2007 Importance: security ID: MDKSA-2007:194 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:194 %pre More vulnerabilities in libvorbis were found that could be used to cause an application linked to libvorbis to crash or execute arbitrary code if used to open a carefully crafted OGG file. Updated packages have been patched to prevent this issue. %description Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. Find some free Ogg Vorbis music here: http://www.vorbis.com/music.html %package kernel-2.6.17.16mdv kernel-doc-2.6.17.16mdv kernel-doc-latest kernel-enterprise-2.6.17.16mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.16mdv kernel-legacy-latest kernel-source-2.6.17.16mdv kernel-source-latest kernel-source-stripped-2.6.17.16mdv kernel-source-stripped-latest kernel-xen0-2.6.17.16mdv kernel-xen0-latest kernel-xenU-2.6.17.16mdv kernel-xenU-latest Update: Mon Oct 15 16:01:56 2007 Importance: security ID: MDKSA-2007:195 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:195 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: A stack-based buffer overflow in the random number generator could allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater than the output pool size (CVE-2007-3105). The lcd_write function did not limit the amount of memory used by a caller, which allows local users to cause a denial of service (memory consumption) (CVE-2007-3513). The decode_choice function allowed remote attackers to cause a denial of service (crash) via an encoded out-of-range index value for a choice field which triggered a NULL pointer dereference (CVE-2007-3642). The Linux kernel allowed local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die which delivered an attacker-controlled parent process death signal (PR_SET_PDEATHSIG) (CVE-2007-3848). The aac_cfg_openm and aac_compat_ioctl functions in the SCSI layer ioctl patch in aacraid did not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges (CVE-2007-4308). The IA32 system call emulation functionality, when running on the x86_64 architecture, did not zero extend the eax register after the 32bit entry path to ptrace is used, which could allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register (CVE-2007-4573). In addition to these security fixes, other fixes have been included such as: - More NVidia PCI ids wre added - The 3w-9xxx module was updated to version 2.26.02.010 - Fixed the map entry for ICH8 - Added the TG3 5786 PCI id - Reduced the log verbosity of cx88-mpeg To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package tar Update: Mon Oct 15 16:07:08 2007 Importance: security ID: MDKSA-2007:197 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:197 %pre A buffer overflow in GNU tar has unspecified attack vectors and impact, resulting in a crashing stack. Updated packages fix this issue. %description The GNU tar program saves many files together into one archive and can restore individual files (or all of the files) from the archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive compression/ decompression, the ability to perform remote archives and the ability to perform incremental and full backups. If you want to use Tar for remote backups, you'll also need to install the rmt package. You should install the tar package, because you'll find its compression and decompression utilities essential for working with files. %package losetup mount util-linux Update: Mon Oct 15 16:15:13 2007 Importance: security ID: MDKSA-2007:198 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:198 %pre The mount and umount programs in util-linux called the setuid() and setgid() functions in the wrong order and did not check the return values, which could allow attackers to grain privileges via helper applications such as mount.nfs. Updated packages have been patched to fix this issue. %description The util-linux package contains a large variety of low-level system utilities that are necessary for a Linux system to function. Among others, Util-linux contains the fdisk configuration tool and the login program. %package libtk8.4 libtk8.4-devel tk Update: Thu Oct 18 12:56:05 2007 Importance: security ID: MDKSA-2007:200 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:200 %pre A vulnerablity in Tk was found that could be used to overrun a buffer when loading certain GIF images. If a user were tricked into opening a specially crafted GIF file, it could lead to a denial of service condition or possibly the execution of arbitrary code with the user's privileges. Updated packages have been patched to prevent this issue. %description Tk is a X Windows widget set designed to work closely with the tcl scripting language. It allows you to write simple programs with full featured GUI's in only a little more time then it takes to write a text based interface. Tcl/Tk applications can also be run on Windows and Macintosh platforms. %package hplip hplip-doc hplip-hpijs hplip-hpijs-ppds hplip-model-data libhpip0 libhpip0-devel libsane-hpaio1 Update: Mon Oct 22 16:48:33 2007 Importance: security ID: MDKSA-2007:201 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:201 %pre A vulnerability in the hpssd tool was discovered where it did not correctly handle shell meta-characters. A local attacker could use this flaw to execute arbitrary commands as the hplip user. As well, this update fixes a problem with some HP scanners on Mandriva Linux 2007.1, particularly HP PSC 1315, which wouldn't be detected and also fixes a problem with HP 1220 and possibly other models when scanning via the OpenOffice.org suite. Updated packages have been patched to prevent these issues. %description This is the HP driver package to supply Linux support for most Hewlett-Packard DeskJet, LaserJet, PSC, OfficeJet, and PhotoSmart printers and all-in-one peripherals (also known as Multi-Function Peripherals or MFPs), which can print, scan, copy, fax, and/or access flash memory cards. It is work in progress, but printing, scanning, memory card access, ink/toner/battery/consumable level checking, and inkjet printer maintenance are supported on most models, when either connected to the USB or LAN (built-in interfaces or selected HP JetDirect models) on a Linux workstation with CUPS printing system. For status and consumable checking and also for inkjet maintenance there is the graphical tool "hp-toolbox" available (Menu: "System"/"Monitoring"/"HP Printer Toolbox"). %package nfs-utils nfs-utils-clients Update: Mon Oct 22 19:59:50 2007 Importance: bugfix ID: MDKA-2007:094 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:094 %pre The nfs-utils package had some issues with it's provided initscripts including: a lack of dependency on portmap made the various services start in an arbitary order prior to portmap starting, and parallel execution of rpcidmapd and rpcgss led to a launch failure due to a sunrpc module loading failure. The updated packages correct these issues. %description The nfs-utils package provides a daemon for the kernel NFS server and related tools, which provides a much higher level of performance than the traditional Linux NFS server used by most users. This package also contains the showmount program. Showmount queries the mount daemon on a remote host for information about the NFS (Network File System) server on the remote host. For example, showmount can display the clients which are mounted on that host. The following are valid build options. (ie. use with rpm --rebuild): --without nfsv4 Build with NFS protocol v4 support --without wrap Build with tcp_wrappers support %package deskbar-applet devhelp devhelp-plugins eclipse-ecj eclipse-jdt eclipse-jdt-sdk eclipse-pde eclipse-pde-runtime eclipse-pde-sdk eclipse-platform eclipse-platform-sdk eclipse-rcp eclipse-rcp-sdk eclipse-sdk epiphany epiphany-devel galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox2.0.0.8 libmozilla-firefox2.0.0.8-devel libswt3-gtk2 libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox mozilla-firefox-ar mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-et_EE mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gnome-support mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ko mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk_UA mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Tue Oct 23 08:59:08 2007 Importance: security ID: MDKSA-2007:202 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:202 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.8. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.8 for older products. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package irssi irssi-devel irssi-perl Update: Wed Oct 24 10:39:44 2007 Importance: bugfix ID: MDKA-2007:095 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:095 %pre The irssi IRC client provided with Mandriva 2007.1 and 2008.0 did not contain SSL support. This update enables that support. %description Irssi is a modular and flexible IRC client for UNIX that has only a text mode user interface (but as 80-90% of the code isn't text mode specific, other UIs could be created pretty easily). Also, Irssi isn't really even IRC specific anymore, there are already working SILC and ICB modules available. Support for other protocols like ICQ and Jabber could be created some day too. Irssi is one of the most popular IRC clients at the moment. %package timezone Update: Wed Oct 24 10:53:19 2007 Importance: normal ID: MDKA-2007:096 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:096 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package xen Update: Thu Nov 01 08:49:04 2007 Importance: security ID: MDKSA-2007:203 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 %pre Tavis Ormandy discovered a heap overflow flaw during video-to-video copy operations in the Cirrus VGA extension code that is used in Xen. A malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain (CVE-2007-1320). Tavis Ormandy also discovered insufficient input validation leading to a heap overflow in the NE2000 network driver in Xen. If the driver is in use, a malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain (CVE-2007-1321, CVE-2007-5729, CVE-2007-5730). Steve Kemp found that xen-utils used insecure temporary files within the xenmon tool that could allow local users to truncate arbitrary files (CVE-2007-3919). Joris van Rantwijk discovered a flaw in Pygrub, which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully-crafted grub.conf file which could trigger the execution of arbitrary code outside of that domain (CVE-2007-4993). Updated packages have been patched to prevent these issues. %description The basic tools for managing XEN virtual machines. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Thu Nov 01 11:30:17 2007 Importance: security ID: MDKSA-2007:204 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:204 %pre Alin Rad Pop of Secunia Research discovered a vulnerability in CUPS that can be exploited by malicious individuals to execute arbitrary code. This flaw is due to a boundary error when processing IPP (Internet Printing Protocol) tags. Updated packages have been patched to prevent these issues. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package libopal2 libopal2-devel Update: Fri Nov 02 12:58:43 2007 Importance: security ID: MDKSA-2007:205 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:205 %pre A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga. Updated packages have been patched to prevent these issues. %description This is a Open Source class library for the development of applications that wish to use SIP / H.323 protocols for multi-media communications over packet based networks. %package libpwlib1 libpwlib1-devel libpwlib1-plugins libpwlib1-plugins-avc libpwlib1-plugins-dc Update: Fri Nov 02 13:12:10 2007 Importance: security ID: MDKSA-2007:206 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:206 %pre A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga. Updated packages have been patched to prevent these issues. %description PWLib is a moderately large class library that has its genesis many years ago asa method to product applications to run on both Microsoft Windows and Unix X-Window systems. It also was to have a Macintosh port as well but this never eventeated. Unfortunately this package contains no GUI code. %package perl perl-base perl-devel perl-doc perl-suid Update: Mon Nov 05 19:28:17 2007 Importance: security ID: MDKSA-2007:207 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:207 %pre Tavis Ormandy and Will Drewry discovered a flaw in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, resulting in the possible execution of arbitrary code with the permissions of the user running Perl. Updated packages have been patched to prevent these issues. %description Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. You need perl-base to have a full perl. %package libnetpbm10 libnetpbm10-devel libnetpbm10-static-devel netpbm Update: Mon Nov 05 19:37:41 2007 Importance: security ID: MDKSA-2007:209 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:209 %pre A function in the JasPer JPEG-2000 library before 1.900 could allow a remote user-assisted attack to cause a crash and possibly corrupt the heap via malformed image files. netpbm contains an embedded copy of libjasper and as such is vulnerable to this issue. Updated packages have been patched to prevent this issue. %description The netpbm package contains a library of functions which support programs for handling various graphics file formats, including .pbm (portable bitmaps), .pgm (portable graymaps), .pnm (portable anymaps), .ppm (portable pixmaps) and others. %package xfs Update: Tue Nov 06 11:59:34 2007 Importance: security ID: MDKSA-2007:210 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:210 %pre Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. (CVE-2007-4568) The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. (CVE-2007-4990) Updated package fixes these issues. %description This is a font server for X11. You can serve fonts to other X servers remotely with this package, and the remote system will be able to use all fonts installed on the font server, even if they are not installed on the remote computer. %package libpcre-devel libpcre0 pcre Update: Thu Nov 08 11:02:13 2007 Importance: security ID: MDKSA-2007:211 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:211 %pre Multiple vulnerabilities were discovered by Tavis Ormandy and Will Drewry in the way that pcre handled certain malformed regular expressions. If an application linked against pcre, such as Konqueror, parses a malicious regular expression, it could lead to the execution of arbitrary code as the user running the application. Updated packages have been patched to prevent this issue. %description PCRE has its own native API, but a set of "wrapper" functions that are based on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow Perl syntax and semantics. This package contains a grep variant based on the PCRE library. %package flac libflac++6 libflac++6-devel libflac8 libflac8-devel Update: Thu Nov 08 14:08:31 2007 Importance: security ID: MDKSA-2007:214 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:214 %pre A security vulnerability was discovered in how flac processed audio data. An attacker could create a carefully crafted FLAC audio file that could cause an application linked against the flac libraries to crash or execute arbitrary code when opened. Updated packages have been patched to prevent this issue. %description FLAC is an Open Source lossless audio codec developed by Josh Coalson. FLAC is comprised of 1) `libFLAC', a library which implements reference encoders and decoders, licensed under the GNU Lesser General Public License (LGPL); 2) `flac', a command-line program for encoding and decoding files, licensed under the GNU General public License (GPL); 3) `metaflac', a command-line program for editing FLAC metadata, licensed under the GPL; 4) player plugins for XMMS and Winamp, licensed under the GPL; and 5) documentation, licensed under the GNU Free Documentation License. %package libldap2.3_0 libldap2.3_0-devel libldap2.3_0-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Thu Nov 08 18:19:34 2007 Importance: security ID: MDKSA-2007:215 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:215 %pre A flaw in the way OpenLDAP's slapd daemon handled malformed objectClasses LDAP attributes was discovered. A local or remote attacker could create an LDAP request that could cause a denial of service by crashing slapd. Updated packages have been patched to prevent this issue. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) and stand-alone LDAP replication server (slurpd) which are in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package timezone Update: Fri Nov 09 15:11:57 2007 Importance: normal ID: MDKA-2007:107 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:107 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package libpng3 libpng3-devel libpng3-static-devel Update: Tue Nov 13 10:45:07 2007 Importance: security ID: MDKSA-2007:217 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:217 %pre Multiple vulnerabilities were discovered in libpng: An off-by-one error when handling ICC profile chunks in the png_set_iCCP() function (CVE-2007-5266; only affects Mandriva Linux 2008.0). George Cook and Jeff Phillips reported several errors in pngrtran.c, such as the use of logical instead of bitwise functions and incorrect comparisons (CVE-2007-5268; only affects Mandriva Linux 2008.0). Tavis Ormandy reported out-of-bounds read errors in several PNG chunk handling functions (CVE-2007-5269). Updated packages have been patched to correct these issues. For Mandriva Linux 2008.0, libpng 1.2.22 is being provided which corrects all three issues. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package jay libmono0 libmono0-devel mono mono-bytefx-data-mysql mono-data mono-data-firebird mono-data-oracle mono-data-postgresql mono-data-sqlite mono-data-sybase mono-doc mono-extras mono-ibm-data-db2 mono-jscript mono-locale-extras mono-nunit mono-web mono-winforms Update: Wed Nov 14 07:24:11 2007 Importance: security ID: MDKSA-2007:218 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:218 %pre IOActive Inc. found a buffer overflow in Mono.Math.BigInteger class in Mono 1.2.5.1 and previous versions, which allows arbitrary code execution by context-dependent attackers. Updated packages fix this issue. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. This package contains the core of the Mono runtime including its Virtual Machine, Just-in-time compiler, C# compiler, security tools and libraries (corlib, XML, System.Security, System.Drawing, ZipLib, I18N, Cairo and Mono.*). %package xpdf xpdf-tools Update: Thu Nov 15 10:06:15 2007 Importance: security ID: MDKSA-2007:219 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:219 %pre Alin Rad Pop found several flaws in how PDF files are handled in xpdf. An attacker could create a malicious PDF file that would cause xpdf to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. PDF files are sometimes called Acrobat files, after Adobe Acrobat (Adobe's PDF viewer). Xpdf is a small and efficient program which uses standard X fonts. %package kdegraphics kdegraphics-common kdegraphics-kcolorchooser kdegraphics-kcoloredit kdegraphics-kdvi kdegraphics-kfax kdegraphics-kghostview kdegraphics-kiconedit kdegraphics-kolourpaint kdegraphics-kooka kdegraphics-kpdf kdegraphics-kpovmodeler kdegraphics-kruler kdegraphics-ksnapshot kdegraphics-ksvg kdegraphics-kuickshow kdegraphics-kview kdegraphics-mrmlsearch libkdegraphics0-common libkdegraphics0-common-devel libkdegraphics0-kghostview libkdegraphics0-kghostview-devel libkdegraphics0-kooka libkdegraphics0-kooka-devel libkdegraphics0-kpovmodeler libkdegraphics0-kpovmodeler-devel libkdegraphics0-ksvg libkdegraphics0-ksvg-devel libkdegraphics0-kview libkdegraphics0-kview-devel Update: Thu Nov 15 18:00:51 2007 Importance: security ID: MDKSA-2007:221 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:221 %pre Alin Rad Pop found several flaws in how PDF files are handled in kpdf. An attacker could create a malicious PDF file that would cause kpdf to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications: - kamera: digital camera io_slave for Konqueror. Together gPhoto this allows you to access your camera's picture with the URL kamera:/ - kcoloredit: contains two programs: a color value editor and also a color picker - kdvi: program (and embeddable KPart) to display *.DVI files from TeX - kfax: a program to display raw and tiffed fax images (g3, g3-2d, g4) - kfaxview: an embeddable KPart to display tiffed fax images - kfile-plugins: provide meta information for graphic files - kghostview: program (and embeddable KPart) to display *.PDF and *.PS - kiconedit: an icon editor - kooka: a raster image scan program, based on SANE and libkscan - kruler: a ruler in inch, centimeter and pixel to check distances on the screen - ksnapshot: make snapshots of the screen contents - kuickshow: fast and comfortable imageviewer - kview: picture viewer, provided as standalone program and embeddable KPart - kviewshell: generic framework for viewer applications %package koffice koffice-karbon koffice-kexi koffice-kformula koffice-kivio koffice-koshell koffice-kplato koffice-kpresenter koffice-krita koffice-kspread koffice-kugar koffice-kword koffice-progs libkoffice2-karbon libkoffice2-karbon-devel libkoffice2-kexi libkoffice2-kexi-devel libkoffice2-kformula libkoffice2-kformula-devel libkoffice2-kivio libkoffice2-kivio-devel libkoffice2-koshell libkoffice2-kplato libkoffice2-kpresenter libkoffice2-kpresenter-devel libkoffice2-krita libkoffice2-krita-devel libkoffice2-kspread libkoffice2-kspread-devel libkoffice2-kugar libkoffice2-kugar-devel libkoffice2-kword libkoffice2-kword-devel libkoffice2-progs libkoffice2-progs-devel Update: Sat Nov 17 09:55:38 2007 Importance: security ID: MDKSA-2007:222 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:222 %pre Alin Rad Pop found several flaws in how PDF files are handled in koffice. An attacker could create a malicious PDF file that would cause koffice to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description Office applications for the K Desktop Environment. KOffice contains: * KWord: word processor * KSpread: spreadsheet * KPresenter: presentations * KChart: diagram generator * Kugar: A tool for generating business quality reports. * Kivio: A Visio(r)-style flowcharting application. * Kexi: an integrated environment for managing data * Some filters (Excel 97, Winword 97/2000, etc.) * karbon: the scalable vector drawing application for KDE. * kformula: a formula editor for KOffice. * krita: painting and image editing application. * koshell * kplato: a project management. %package pdftohtml Update: Sat Nov 17 10:12:05 2007 Importance: security ID: MDKSA-2007:223 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:223 %pre Alin Rad Pop found several flaws in how PDF files are handled in pdftohtml. An attacker could create a malicious PDF file that would cause pdftohtml to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description PDFTOHTML converts Portable Document Format (PDF) files to HTML format. This release converts text and links. Bold and italic face are preserved, but high level HTML structures ( like lists or tables ) are not yet generated. Images are ignored ( but you can extract them from the PDF file using pdfimages, distributed with the Xpdf package ). The current version is tested on Linux and Solaris 2.6 %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Sat Nov 17 10:59:02 2007 Importance: security ID: MDKSA-2007:224 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:224 %pre The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398). The updated packages have been patched to correct these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package libnet-snmp10 libnet-snmp10-devel libnet-snmp10-static-devel net-snmp net-snmp-mibs net-snmp-trapd net-snmp-utils perl-NetSNMP Update: Mon Nov 19 08:05:00 2007 Importance: security ID: MDKSA-2007:225 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:225 %pre The SNMP agent in net-snmp 5.4.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value. Updated packages fix this issue. %description SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. %package libpoppler-qt1 libpoppler-qt1-devel libpoppler-qt4-1 libpoppler-qt4-1-devel libpoppler1 libpoppler1-devel poppler Update: Mon Nov 19 16:09:27 2007 Importance: security ID: MDKSA-2007:227 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:227 %pre Alin Rad Pop found several flaws in how PDF files are handled in poppler. An attacker could create a malicious PDF file that would cause poppler to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description Poppler is a PDF rendering library based on the xpdf-3.0 code base. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Mon Nov 19 16:16:19 2007 Importance: security ID: MDKSA-2007:228 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:228 %pre Alin Rad Pop found several flaws in how PDF files are handled in cups. An attacker could create a malicious PDF file that would cause cups to crash or potentially execute arbitrary code when opened. The updated packages have been patched to correct this issue. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package jadetex tetex tetex-afm tetex-context tetex-devel tetex-doc tetex-dvilj tetex-dvipdfm tetex-dvips tetex-latex tetex-mfwin tetex-texi2html tetex-usrlocal tetex-xdvi xmltex Update: Tue Nov 20 15:14:26 2007 Importance: security ID: MDKSA-2007:230 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:230 %pre A flaw in the t1lib library where an attacker could create a malicious file that would cause tetex to crash or possibly execute arbitrary code when opened (CVE-2007-4033). Alin Rad Pop found several flaws in how PDF files are handled in tetex. An attacker could create a malicious PDF file that would cause tetex to crash or potentially execute arbitrary code when opened (CVE-2007-4352, CVE-2007-5392, CVE-2007-5393). A stack-based buffer overflow in dvips in tetex allows for user-assisted attackers to execute arbitrary code via a DVI file with a long href tag (CVE-2007-5935). A vulnerability in dvips in tetex allows local users to obtain sensitive information and modify certain data by creating certain temporary files before they are processed by dviljk, which can then be read or modified in place (CVE-2007-5936). Multiple buffer overflows in dviljk in tetext may allow users-assisted attackers to execute arbitrary code via a crafted DVI input file (CVE-2007-5937). The updated packages have been patched to correct this issue. %description teTeX is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a typesetter independent .dvi (DeVice Independent) file as output. Usually, TeX is used in conjunction with a higher level formatting package like LaTeX or PlainTeX, since TeX by itself is not very user-friendly. Install teTeX if you want to use the TeX text formatting system. If you are installing teTeX, you will also need to install tetex-afm (a PostScript(TM) font converter for TeX), tetex-dvilj (for converting .dvi files to HP PCL format for printing on HP and HP compatible printers), tetex-dvips (for converting .dvi files to PostScript format for printing on PostScript printers), tetex-latex (a higher level formatting package which provides an easier-to-use interface for TeX) and tetex-xdvi (for previewing .dvi files in X). Unless you're an expert at using TeX, you'll also want to install the tetex-doc package, which includes the documentation for TeX. %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Wed Nov 21 14:31:00 2007 Importance: security ID: MDKSA-2007:224-1 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:224-1 %pre The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398). Update: The patch that fixed CVE-2007-4572 introduced a regression that would prevent shares from being mounted properly and would cause the remote (patched) smbd to crash. This update contains another fix from upstream to correct the problem. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package dosfstools Update: Wed Nov 21 15:51:23 2007 Importance: bugfix ID: MDKA-2007:113 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:113 %pre The program mkdosfs was compiled without large file support and as a result couldn't check for bad blocks on filesystems greater than 2GB in size. This update rebuilds the program with the right flags. %description Inside of this package there are two utilities to create and to check MS-DOS FAT filesystems on either harddisks or floppies under Linux. This version uses the enhanced boot sector/superblock format of DOS 3.3+ as well as provides a default dummy boot sector code. %package cups-drivers printer-filters printer-filters-doc printer-utils Update: Fri Nov 23 12:00:16 2007 Importance: bugfix ID: MDKA-2007:121 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:121 %pre Due to a change of URLs on foo2zjs project, the firmware download for some common printers was failing, when configuring such printers with printerdrake. This update packages fix the issue by updating those URLs. %description This source RPM builds the printer-filters and printer-utils packages. These two packages are built by one source RPM, as many upstream source packages contain both a filter and a utility. %package printerdrake printerdrake-common Update: Mon Nov 26 13:15:30 2007 Importance: bugfix ID: MDKA-2007:122 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:122 %pre In Mandriva Linux 2007 Spring, printerdrake would not detect many network printers, due to defaulting to using a less comprehensive printer scan method than previous releases did. (bug 30090) When changing the protocol for a configured network printer, printerdrake released with Mandriva Linux 2007 Spring would not update the associated protocol port number, leaving it in a non-working state. Also, general reconfiguration of network printers would fail, due to the use of an incorrect command. (bug 29524) This update fixes these issues. %description Drakprinter detects and configures your printer(s). Listsupportedprinters lists available printers. %package cpio Update: Wed Nov 28 12:34:51 2007 Importance: security ID: MDKSA-2007:233 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:233 %pre %description GNU cpio copies files into or out of a cpio or tar archive. Archives are files which contain a collection of other files plus information about them, such as their file name, owner, timestamps, and access permissions. The archive can be another file on the disk, a magnetic tape, or a pipe. GNU cpio supports the following archive formats: binary, old ASCII, new ASCII, crc, HPUX binary, HPUX old ASCII, old tar and POSIX.1 tar. By default, cpio creates binary format archives, so that they are compatible with older cpio programs. When it is extracting files from archives, cpio automatically recognizes which kind of archive it is reading and can read archives created on machines with a different byte-order. Install cpio if you need a program to manage file archives. archives %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Thu Nov 29 18:56:47 2007 Importance: security ID: MDKSA-2007:224-3 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:224-3 %pre The samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. If samba is configured as a Primary or Backup Domain Controller, this could be used by a remote attacker to send malicious logon requests and possibly cause a denial of service (CVE-2007-4572). As well, Alin Rad Pop of Secunia Research found that nmbd did not properly check the length of netbios packets. If samba is configured as a WINS server, this could be used by a remote attacker able to send multiple crafted requests to nmbd, resulting in the execution of arbitrary code with root privileges (CVE-2007-5398). Update: This update corrects all known regressions with previous Samba updates due to the security fixes to correct CVE-2007-4572. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package vixie-cron Update: Mon Dec 03 13:30:42 2007 Importance: security ID: MDKSA-2007:234 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:234 %pre Raphael Marichez discovered a denial of service bug in how vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab could prevent vixie-cron from executing certain system cron jobs. The updated packages have been patched to correct this issue. %description The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Vixie cron adds better security and more powerful configuration options to the standard version of cron. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-mod_userdir apache-modules apache-mpm-event apache-mpm-itk apache-mpm-prefork apache-mpm-worker apache-source Update: Mon Dec 03 13:38:15 2007 Importance: security ID: MDKSA-2007:235 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:235 %pre A flaw in the Apache mod_proxy module was found that could potentially lead to a denial of service is using a threaded Multi-Processing Module. On sites where a reverse proxy is configured, a remote attacker could send a special reequest that would cause the Apache child process handling the request to crash. Likewise, a similar crash could occur on sites with a forward proxy configured if a user could be persuaded to visit a malicious site using the proxy (CVE-2007-3847). A flaw in the Apache mod_autoindex module was found. On sites where directory listings are used and the AddDefaultCharset directive was removed from the configuration, a cross-site-scripting attack could be possible against browsers that to not correctly derive the response character set according to the rules in RGC 2616 (CVE-2007-4465). The updated packages have been patched to correct this issue. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Tue Dec 04 17:10:20 2007 Importance: security ID: MDKSA-2007:236 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:236 %pre A flaw in OpenSSH prior to 4.7 prevented ssh from properly handling when an untrusted cookie could not be created and used a trusted X11 cookie instead, which could allow attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. The updated packages have been patched to correct these issue. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftplog sftp logging support (disabled) --with[out] chroot chroot support (disabled) %package libopenssl0.9.8 libopenssl0.9.8-devel libopenssl0.9.8-static-devel openssl Update: Tue Dec 04 17:21:59 2007 Importance: security ID: MDKSA-2007:237 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:237 %pre A buffer overflow in the DTLS implementation of OpenSSL 0.9.8 could be exploited by attackers to potentially execute arbitrary code. It is questionable as to whether the DTLS support even worked or is used in any applications; as a result this flaw most likely does not affect most Mandriva users. The updated packages have been patched to correct these issue. %description The openssl certificate management tool and the shared libraries that provide various encryption and decription algorithms and protocols, including DES, RC4, RSA and SSL. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com). %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Mon Dec 10 13:17:00 2007 Importance: security ID: MDKSA-2007:241 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:241 %pre A number of vulnerabilities were found in Tomcat: A directory traversal vulnerability, when using certain proxy modules, allows a remote attacker to read arbitrary files via a .. (dot dot) sequence with various slash, backslash, or url-encoded backslash characters (CVE-2007-0450; affects Mandriva Linux 2007.1 only). Multiple cross-site scripting vulnerabilities in certain JSP files allow remote attackers to inject arbitrary web script or HTML (CVE-2007-2449). Multiple cross-site scripting vulnerabilities in the Manager and Host Manager web applications allow remote authenticated users to inject arbitrary web script or HTML (CVE-2007-2450). Tomcat treated single quotes as delimiters in cookies, which could cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks (CVE-2007-3382). Tomcat did not properly handle the " character sequence in a cookie value, which could cause sensitive information such as session IDs to be leaked and allow remote attackers to conduct session hijacking attacks (CVE-2007-3385). A cross-site scripting vulnerability in the Host Manager servlet allowed remote attackers to inject arbitrary HTML and web script via crafted attacks (CVE-2007-3386). Finally, an absolute path traversal vulnerability, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag (CVE-2007-5461). The updated packages have been patched to correct these issues. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package e2fsprogs libext2fs2 libext2fs2-devel Update: Mon Dec 10 14:54:49 2007 Importance: security ID: MDKSA-2007:242 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:242 %pre Rafal Wojtczuk of McAfee AVERT Research found that e2fsprogs contained multiple integer overflows in memory allocations, based on sizes taken directly from filesystem information. These flaws could result in heap-based overflows potentially allowing for the execution of arbitrary code. The updated packages have been patched to correct these issues. %description The e2fsprogs package contains a number of utilities for creating, checking, modifying and correcting any inconsistencies in second extended (ext2) filesystems. E2fsprogs contains e2fsck (used to repair filesystem inconsistencies after an unclean shutdown), mke2fs (used to initialize a partition to contain an empty ext2 filesystem), debugfs (used to examine the internal structure of a filesystem, to manually repair a corrupted filesystem or to create test cases for e2fsck), tune2fs (used to modify filesystem parameters) and most of the other core ext2fs filesystem utilities. You should install the e2fsprogs package if you need to manage the performance of an ext2 filesystem. %package MySQL MySQL-Max MySQL-bench MySQL-client MySQL-common MySQL-ndb-extra MySQL-ndb-management MySQL-ndb-storage MySQL-ndb-tools libmysql15 libmysql15-devel libmysql15-static-devel Update: Mon Dec 10 15:12:45 2007 Importance: security ID: MDKSA-2007:243 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:243 %pre A vulnerability in MySQL prior to 5.0.45 did not require priveliges such as SELECT for the source table in a CREATE TABLE LIKE statement, allowing remote authenticated users to obtain sensitive information such as the table structure (CVE-2007-3781). A vulnerability in the InnoDB engine in MySQL allowed remote authenticated users to cause a denial of service (database crash) via certain CONTAINS operations on an indexed column, which triggered an assertion error (CVE-2007-5925). Using RENAME TABLE against a table with explicit DATA DIRECTORY and INDEX DIRECTORY options could be used to overwrite system table information by replacing the file to which a symlink pointed to (CVE-2007-5969). The updated packages have been patched to correct these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package openssh-askpass-qt Update: Tue Dec 11 12:46:27 2007 Importance: bugfix ID: MDKA-2007:127 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:127 %pre The QT openssh password asking dialog, provided by openssh-askpass-qt package, would always exit with successful status (0), even when the user did not press the Ok button. This would, at least, make the openssh client always allow sharing a connection when ControlMaster option was set to ask. This update fixes the issue. %description Qt version of ssh auth agent for keychain %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Tue Dec 11 16:06:57 2007 Importance: security ID: MDKSA-2007:244 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:244 %pre Alin Rad Pop of Secunia Research discovered a stack buffer overflow in how Samba authenticates remote users. A remote unauthenticated user could trigger this flaw to cause the Samba server to crash, or possibly execute arbitrary code with the permissions of the Samba server. The updated packages have been patched to correct these issues. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package deskbar-applet devhelp devhelp-plugins eclipse-ecj eclipse-jdt eclipse-jdt-sdk eclipse-pde eclipse-pde-runtime eclipse-pde-sdk eclipse-platform eclipse-platform-sdk eclipse-rcp eclipse-rcp-sdk eclipse-sdk epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox-devel libmozilla-firefox2.0.0.11 libswt3-gtk2 libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox mozilla-firefox-af mozilla-firefox-ar mozilla-firefox-be mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-en_GB mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-et_EE mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ka mozilla-firefox-ko mozilla-firefox-ku mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-mn mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Thu Dec 13 20:28:00 2007 Importance: security ID: MDKSA-2007:246 URL: http://www.mandriva.com/security/advisories?name=MDKSA-2007:246 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.11. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.11 for older products. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package procps procps-devel Update: Tue Dec 18 08:41:42 2007 Importance: bugfix ID: MDKA-2007:131 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:131 %pre A bug in the program 'top' prevented the saving of user's preferences. The updated package fixes this issue. %description The procps package contains a set of system utilities which provide system information. Procps includes ps, free, skill, snice, tload, top, uptime, vmstat, w and watch. * The ps command displays a snapshot of running processes. * The top command provides a repetitive update of the statuses of running processes. * The free command displays the amounts of free and used memory on your system. * The skill command sends a terminate command (or another specified signal) to a specified set of processes. * The snice command is used to change the scheduling priority of specified processes. * The tload command prints a graph of the current system load average to a specified tty. * The uptime command displays the current time, how long the system has been running, how many users are logged on and system load averages for the past one, five and fifteen minutes. * The w command displays a list of the users who are currently logged on and what they're running. * The watch program watches a running program. * The vmstat command displays virtual memory statistics about processes, memory, paging, block I/O, traps and CPU activity. %package timezone Update: Tue Dec 18 13:44:43 2007 Importance: normal ID: MDKA-2007:133 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:133 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package nss_ldap Update: Mon Dec 31 12:01:20 2007 Importance: bugfix ID: MDKA-2007:137 URL: http://www.mandriva.com/security/advisories?name=MDKA-2007:137 %pre This update corrects an issue in nss_ldap when handling SIGPIPE, which could manifest itself in many different ways in systems running with nss_ldap installed and configured, such as a simple application silent error to a complete abort. %description This package includes two LDAP access clients: nss_ldap and pam_ldap. Nss_ldap is a set of C library extensions which allows X.500 and LDAP directory servers to be used as a primary source of aliases, ethers, groups, hosts, networks, protocol, users, RPCs, services and shadow passwords (instead of or in addition to using flat files or NIS). %package libsmi-mibs-ext libsmi-mibs-std libsmi2 libsmi2-devel libwireshark0 smi-tools tshark wireshark wireshark-tools Update: Wed Jan 02 13:26:42 2008 Importance: security ID: MDVSA-2008:1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:1 %pre A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or arbitrary code execution. This update rovides Wireshark 0.99.7 which is not vulnerable to these issues. An updated version of libsmi is also being provided, not because of security issues, but because this version of wireshark uses it instead of net-snmp for SNMP support. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package squid squid-cachemgr Update: Fri Jan 04 13:36:51 2008 Importance: security ID: MDVSA-2008:002 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:002 %pre The cache update reply processing functionality in Squid 2.x before 2.6.STABLE17, and Squid 3.0, allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers. The updated package fixes this issue. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change this value at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. %package timezone Update: Fri Jan 04 22:53:06 2008 Importance: normal ID: MDVA-2008:004 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:004 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package libwireshark0 tshark wireshark wireshark-tools Update: Mon Jan 07 19:56:17 2008 Importance: security ID: MDVSA-2008:001-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:001-1 %pre A number of vulnerabilities in the Wireshark program were found that could cause crashes, excessive looping, or arbitrary code execution. This update provides Wireshark 0.99.7 which is not vulnerable to these issues. An updated version of libsmi is also being provided, not because of security issues, but because this version of wireshark uses it instead of net-snmp for SNMP support. Update: This update is being reissued without libcap (kernel capabilities) support, as that is not required by the original released packages, and thus gave trouble for a number of users. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package clamav clamav-db clamav-milter clamd clamdmon klamav libclamav-devel libclamav3 Update: Tue Jan 08 21:12:12 2008 Importance: security ID: MDVSA-2008:003 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:003 %pre An integer overflow vulnerability was reported by iDefense with clamav when parsing Portable Executable (PE) files packed in he MEW format. This could be exploited to cause a heap-based buffer overflow (CVE-2007-6335). Toeroek Edwin reported an off-by-one error when decompressing MS-ZIP compressed CAB files (CVE-2007-6336). As well, an unspecified vulnerability related to the bzip2 decompression algorithm was also discovered (CVE-2007-6337). Other bugs have also been corrected in 0.92 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package libecpg5 libecpg5-devel libpq5 libpq5-devel postgresql postgresql-contrib postgresql-devel postgresql-docs postgresql-pl postgresql-plperl postgresql-plpgsql postgresql-plpython postgresql-pltcl postgresql-server postgresql-test Update: Tue Jan 08 21:52:52 2008 Importance: security ID: MDVSA-2008:004 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 %pre Index Functions Privilege Escalation (CVE-2007-6600): as a unique feature, PostgreSQL allows users to create indexes on the results of user-defined functions, known as expression indexes. This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Regular Expression Denial-of-Service (CVE-2007-4772, CVE-2007-6067, CVE-2007-4769): three separate issues in the regular expression libraries used by PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend. DBLink Privilege Escalation (CVE-2007-6601): DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle (see CVE-2007-3278), but that patch failed to close all forms of the loophole. Updated packages fix these issues by upgrading to the latest maintenance versions of PostgreSQL. %description PostgreSQL is an advanced Object-Relational database management system (DBMS) that supports almost all SQL constructs (including transactions, subselects and user-defined types and functions). The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DBMS server. These PostgreSQL client programs are programs that directly manipulate the internal structure of PostgreSQL databases on a PostgreSQL server. These client programs can be located on the same machine with the PostgreSQL server, or may be on a remote machine which accesses a PostgreSQL server over a network connection. This package contains the client libraries for C and C++, as well as command-line utilities for managing PostgreSQL databases on a PostgreSQL server. If you want to manipulate a PostgreSQL database on a remote PostgreSQL server, you need this package. You also need to install this package if you're installing the postgresql-server package. %package libexif12 libexif12-devel Update: Wed Jan 09 12:50:20 2008 Importance: security ID: MDVSA-2008:005 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:005 %pre An infinite recursion flaw was found in the way that libexif parses Exif image tags. A carefully crafted Exif image file opened by an application linked against libexif could cause the application to crash (CVE-2007-6351). An integer overflow flaw was also found in how libexif parses Exif image tags. A carefully crafted Exif image file opened by an application linked against libexif could cause the application to crash or execute arbitrary code with the privileges of the user executing the application (CVE-2007-6352). The updated packages have been patched to correct these issues. %description Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows you to parse an EXIF file and read the data from those tags. %package exiv2 libexiv2 libexiv2-devel Update: Thu Jan 10 10:05:11 2008 Importance: security ID: MDVSA-2008:006 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:006 %pre An integer overflow in the Exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow. The updated packages have been patched to correct these issues. %description Exiv2 is a command line utility to access image metadata. Exiv2 is free software. The Exiv2 library provides * full read and write access to the Exif and IPTC metadata of an image through Exiv2 keys and standard C++ iterators (Example1, Example2, Example3, Example4) * a smart IPTC implementation that does not affect data that programs like Photoshop store in the same image segment * Exif MakerNote support: o MakerNote tags can be accessed just like any other Exif metadata o a sophisticated write algorithm avoids corrupting the MakerNote: 1) the MakerNote is not re-located if possible at all, and 2) MakerNote Ifd offsets are re-calculated if the MakerNote needs to be moved (for known Ifd MakerNotes) * extract and delete methods for Exif thumbnails (both, JPEG and TIFF thumbnails) * set methods for Exif thumbnails (JPEG only, TIFF thumbnails can be set from individual tags) * complete API documentation (by Doxygen) Exiv2 is a command line utility to * print the Exif metadata of JPEG, TIFF and several RAW image formats as summary info, interpreted values, or the plain data for each tag (a sample is here) * print the IPTC metadata of JPEG images * print, set and delete the JPEG comment of JPEG images * set, add and delete Exif and IPTC metadata of JPEG images * adjust the Exif timestamp (that's how it all started...) * rename Exif image files according to the Exif timestamp * extract, insert and delete Exif metadata, IPTC metadata and JPEG comments * extract, insert and delete the thumbnail image embedded in the Exif metadata * fix the Exif ISO setting of picture taken with Nikon cameras %package madwifi-source wpa_gui wpa_supplicant Update: Thu Jan 10 19:43:00 2008 Importance: security ID: MDVSA-2008:007 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:007 %pre MadWifi prior to 0.9.3.3 allowed remote attackers to cause a denial of service (panic) via a beacon frame with a large length value in the extended supported rates (xrates) element, which would trigger an assertion error. Updated packages have been updated to 0.9.3.3 to correct this issue. Wpa_supplicant is built using madwifi-source and has been rebuilt using 0.9.3.3 source. %description wpa_supplicant is a WPA Supplicant for Linux, BSD and Windows with support for WPA and WPA2 (IEEE 802.11i / RSN). Supplicant is the IEEE 802.1X/WPA component that is used in the client stations. It implements key negotiation with a WPA Authenticator and it controls the roaming and IEEE 802.11 authentication/association of the wlan driver. wpa_supplicant is designed to be a "daemon" program that runs in the background and acts as the backend component controlling the wireless connection. wpa_supplicant supports separate frontend programs and an example text-based frontend, wpa_cli, is included with wpa_supplicant. Supported WPA/IEEE 802.11i features: * WPA-PSK ("WPA-Personal") * WPA with EAP (e.g., with RADIUS authentication server) ("WPA-Enterprise") * key management for CCMP, TKIP, WEP104, WEP40 * WPA and full IEEE 802.11i/RSN/WPA2 * RSN: PMKSA caching, pre-authentication See the project web site or the eap_testing.txt file for a complete list of supported EAP methods (IEEE 802.1X Supplicant), supported drivers and interoperability testing. %package autofs Update: Fri Jan 11 12:58:14 2008 Importance: security ID: MDVSA-2008:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:009 %pre The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the default hosts map, it would allow the user to obtain root privileges (CVE-2007-5964). Likewise, the same scenario would be available for local users able to create device files on the exported filesystem which could allow the user to gain access to important system devices (CVE-2007-6285). Because the default behaviour of autofs was to mount -hosts map entries with the dev and suid options enabled by default, autofs has been altered to always use nodev and nosuid by default. In order to have the old behaviour, the configuration must now explicitly set the dev and/or suid options. This change only affects the -hosts map which corresponds to the /net entry in the default configuration. %description autofs is a daemon which automatically mounts filesystems when you use them, and unmounts them later when you are not using them. This can include network filesystems, CD-ROMs, floppies, and so forth. %package libxml2 libxml2-devel libxml2-python libxml2-utils Update: Fri Jan 11 14:59:33 2008 Importance: security ID: MDVSA-2008:010 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:010 %pre A denial of service flaw was discovered by the Google Security Team in the way libxml2 processes malformed XML content. This flaw could cause the application to stop responding. The updated packages have been patched to correct this issue. %description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. %package rsync Update: Fri Jan 11 15:13:44 2008 Importance: security ID: MDVSA-2008:011 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:011 %pre rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy. (CVE-2007-6199) Unspecified vulnerability in rsync before 3.0.0pre6, when running a writable rsync daemon, allows remote attackers to bypass exclude, exclude_from, and filter and read or write hidden files via (1) symlink, (2) partial-dir, (3) backup-dir, and unspecified (4) dest options. (CVE-2007-6200) This update fixes these issues. It is recommended users (specially system and network administrators) read the manpage about the introduced munge symlinks feature. This update also upgrades rsync to version 2.6.9 for all Mandriva Linux versions earlier than 2008.0. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has these patches applied from rsync tree: - acl: allow to mirror acl Rebuild the source rpm with `--without patches' if you don't want these patches %package autofs Update: Sat Jan 12 12:05:08 2008 Importance: security ID: MDVSA-2008:009 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:009 %pre The default behaviour of autofs 5 for the hosts map did not specify the nosuid and nodev mount options. This could allow a local user with control of a remote NFS server to create a setuid root executable on the exported filesystem of the remote NFS server. If this filesystem was mounted with the default hosts map, it would allow the user to obtain root privileges (CVE-2007-5964). Likewise, the same scenario would be available for local users able to create device files on the exported filesystem which could allow the user to gain access to important system devices (CVE-2007-6285). Because the default behaviour of autofs was to mount -hosts map entries with the dev and suid options enabled by default, autofs has been altered to always use nodev and nosuid by default. In order to have the old behaviour, the configuration must now explicitly set the dev and/or suid options. This change only affects the -hosts map which corresponds to the /net entry in the default configuration. Update: The previous update shipped with an incorrect LDAP lookup module that would prevent the automount daemon from starting. This update corrects that problem. %description autofs is a daemon which automatically mounts filesystems when you use them, and unmounts them later when you are not using them. This can include network filesystems, CD-ROMs, floppies, and so forth. %package libpython2.5 libpython2.5-devel python python-base python-docs tkinter Update: Mon Jan 14 12:49:33 2008 Importance: security ID: MDVSA-2008:013 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:013 %pre Multiple integer overflows were found in python's imageop module. If an application written in python used the imageop module to process untrusted images, it could cause the application to crash, enter an infinite loop, or possibly execute arbitrary code with the privileges of the python interpreter. The updated packages have been patched to correct this issue. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-mod_userdir apache-modules apache-mpm-event apache-mpm-itk apache-mpm-prefork apache-mpm-worker apache-source Update: Wed Jan 16 13:25:46 2008 Importance: security ID: MDVSA-2008:016 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:016 %pre A number of vulnerabilities were found and fixed in the Apache 2.2.x packages: A flaw found in the mod_imagemap module could lead to a cross-site scripting attack on sites where mod_imagemap was enabled and an imagemap file was publically available (CVE-2007-5000). A flaw found in the mod_status module could lead to a cross-site scripting attack on sites where mod_status was enabled and the status pages were publically available (CVE-2007-6388). A flaw found in the mod_proxy_balancer module could lead to a cross-site scripting attack against an authorized user on sites where mod_proxy_balancer was enabled (CVE-2007-6421). Another flaw in the mod_proxy_balancer module was found where, on sites with the module enabled, an authorized user could send a carefully crafted request that would cause the apache child process handling the request to crash, which could lead to a denial of service if using a threaded MPM (CVE-2007-6422). A flaw found in the mod_proxy_ftp module could lead to a cross-site scripting attack against web browsers which do not correctly derive the response character set following the rules in RFC 2616, on sites where the mod_proxy_ftp module was enabled (CVE-2008-0005). The updated packages have been patched to correct these issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) %package skencil Update: Fri Jan 18 13:52:45 2008 Importance: bugfix ID: MDVA-2008:013 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:013 %pre The package for the drawing application Skencil contained a bug which causes it not to be able to access the system fonts correctly. Consequently, it was impossible to enter text properly in Skencil, and Skencil would consume a high level of system resources if you attempt to use the text tools. Also, Skencil would not run on x86-64 installations of Mandriva Linux 2007 Spring, crashing with an 'undefined symbol: Py_InitModule4' error. The updated packages fix both issues, and also add Skencil to the system menus. %description Drawing tool written in Python, using Bezier curves. %package gftp Update: Mon Jan 21 15:21:51 2008 Importance: security ID: MDVSA-2008:018 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:018 %pre Kalle Olavi Niemitalo found two boundary errors in the fsplib library, a copy of which is included in gFTP source. A remote attacer could trigger these vulnerabilities by enticing a user to download a file with a specially crafted directory or file name, possibly resulting in the execution of arbitrary code (CVE-2007-3962) or a denial of service (CVE-2007-3961). The updated packages have been patched to correct these issues. %description gFTP is a multithreaded FTP client for X Window written using Gtk. It features simultaneous downloads, resuming of interrupted file transfers, file transfer queues, downloading of entire directories, ftp proxy support, remote directory caching, passive and non-passive file transfers, drag-n-drop, bookmarks menu, stop button, and many more features. %package libcairo2 libcairo2-devel libcairo2-static-devel Update: Mon Jan 21 20:15:33 2008 Importance: security ID: MDVSA-2008:019 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:019 %pre Peter Valchev discovered that Cairo did not correctly decode PNG image data. By tricking a user or automated system into processing a specially crafted PNG with Cairo, a remote attacker could execute arbitrary code with the privileges of the user opening the file. The updated packages have been patched to correct this issue. %description Cairo provides anti-aliased vector-based rendering for X. Paths consist of line segments and cubic splines and can be rendered at any width with various join and cap styles. All colors may be specified with optional translucence (opacity/alpha) and combined using the extended Porter/Duff compositing algebra as found in the X Render Extension. Cairo exports a stateful rendering API similar in spirit to the path construction, text, and painting operators of PostScript, (with the significant addition of translucence in the imaging model). When complete, the API is intended to support the complete imaging model of PDF 1.4. Cairo relies on the Xc library for backend rendering. Xc provides an abstract interface for rendering to multiple target types. As of this writing, Xc allows Cairo to target X drawables as well as generic image buffers. Future backends such as PostScript, PDF, and perhaps OpenGL are currently being planned. %package libxine1 libxine1-devel xine-aa xine-arts xine-caca xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-jack xine-plugins xine-pulse xine-sdl xine-smb Update: Tue Jan 22 14:08:43 2008 Importance: security ID: MDVSA-2008:020 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:020 %pre Two vulnerabilities discovered in xine-lib allow remote execution of arbitrary code: Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_dump_header function and related to disregarding the max field. (CVE-2008-0225) Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. (CVE-2008-0238) Besides those security issues, the xine-lib provided in Mandriva Linux 2008.0 and 2007.1 did not automatically use Real binary codecs, when the user had them installed in /usr/lib64/real on x86_64 architecture. Also, xine-lib of Mandriva Linux 2007.1 did not automatically use the Real codecs from /usr/lib/RealPlayer10GOLD/codecs, which is provided by RealPlayer package of Mandriva Powerpack editions. The updated packages fix these issues. %description xine is a free gpl-licensed video player for unix-like systems. %package x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Wed Jan 23 18:20:43 2008 Importance: security ID: MDVSA-2008:023 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:023 %pre An input validation flaw was found in the X.org server's XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-5760). A flaw was found in the X.org server's XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user (CVE-2007-5958). A memory corruption flaw was found in the X.org server's XInput extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-6427). An information disclosure flaw was found in the X.org server's TOG-CUP extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially view arbitrary memory content within the X.org server's address space (CVE-2007-6428). Two integer overflow flaws were found in the X.org server's EVI and MIT-SHM modules that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server (CVE-2007-6429). The updated packages have been patched to correct these issues. %description X11 servers %package libxfont1 libxfont1-devel libxfont1-static-devel Update: Wed Jan 23 18:22:10 2008 Importance: security ID: MDVSA-2008:024 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:024 %pre A heap-based buffer overflow flaw was found in how the X.org server handled malformed font files that could allow a malicious local user to potentially execute arbitrary code with the privileges of the X.org server (CVE-2008-0006). The updated packages have been patched to correct this issue. %description X font Library %package x11-server-xgl Update: Wed Jan 23 20:43:54 2008 Importance: security ID: MDVSA-2008:025 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:025 %pre An input validation flaw was found in the X.org server's XFree86-Misc extension that could allow a malicious authorized client to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-5760). A flaw was found in the X.org server's XC-SECURITY extension that could allow a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user (CVE-2007-5958). A memory corruption flaw was found in the X.org server's XInput extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with root privileges on the X.org server (CVE-2007-6427). An information disclosure flaw was found in the X.org server's TOG-CUP extension that could allow a malicious authorized client to cause a denial of service (crash) or potentially view arbitrary memory content within the X.org server's address space (CVE-2007-6428). Two integer overflow flaws were found in the X.org server's EVI and MIT-SHM modules that could allow a malicious authorized client to cause a denial of service (crash) or potentially execute arbitrary code with the privileges of the X.org server (CVE-2007-6429). The updated packages have been patched to correct these issues. %description Xgl is an Xserver that uses OpenGL for its drawing operations. Some operations like antialiased font rendering is noticably faster with this technology, and future graphics hardware might only have support for 3D operations and no 2D core any more. Note that this is highly experimental code, it has been tested only on few hardware platforms, and depending on driver state it may even crash your computer. %package php-timezonedb Update: Fri Jan 25 11:04:45 2008 Importance: normal ID: MDVA-2008:017 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:017 %pre Updated PHP timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2007 and later for certain time zones. In Mandriva Linux 2007.1 and newer, package php-timezonedb provides the PHP timezone database. These updated packages contain the new information. %description This extension is a drop-in replacement for the builtin timezone database that comes with PHP. You should only install this extension in case you need to get a later version of the timezone database than the one that ships with PHP. The data that this extension uses comes from the "Olson" database, which is located at ftp://elsie.nci.nih.gov/pub/. %package libpulseaudio0 libpulseaudio0-devel libpulsecore2 pulseaudio Update: Fri Jan 25 14:11:38 2008 Importance: security ID: MDVSA-2008:027 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:027 %pre A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration. The updated packages fix this issue. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (ESOUND). In addition to the features ESOUND provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package libmysql-devel libmysql-static-devel libmysql15 mysql mysql-bench mysql-client mysql-common mysql-max mysql-ndb-extra mysql-ndb-management mysql-ndb-storage mysql-ndb-tools Update: Tue Jan 29 17:37:53 2008 Importance: security ID: MDVSA-2008:028 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:028 %pre The mysql_change_db() function in MySQL 5.0.x before 5.0.40 did not restore THD::db_access privileges when returning from SQL SECURITY INVOKER stored routines, which allowed remote authenticated users to gain privileges (CVE-2007-2692). The federated engine in MySQL 5.0.x, when performing a certain SHOW TABLE STATUS query, did not properly handle a response with a small number of columns, which could allow a remote MySQL server to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns (CVE-2007-6304). The updated packages provide MySQL 5.0.45 for all Mandriva Linux platforms that shipped with MySQL 5.0.x which offers a number of feature enhancements and bug fixes. In addition, the updates for Corporate Server 4.0 include support for the Sphinx engine. Please note that due to the package name change (from 'MySQL' to 'mysql'), the mysqld service will not restart automatically so users must execute 'service mysqld start' after the upgrade is complete. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package drakbt Update: Wed Jan 30 15:47:57 2008 Importance: bugfix ID: MDVA-2008:020 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:020 %pre A minor bug in drakbt was causing it to crash when opening some dialogs such as the help. This update corrects the bug. %description Drakbt reports status information for a given torrent file or URL. It can connect automatically to Mandriva Linux websites to grab and display available torrents. You should provide login and password if you want to connect to club member restricted torrents. After all checks are done, you can trigger the download process from drakbt. Information displayed are : - current number of complete copies (seeds) - incomplete copies (leeches) currently active. - Bittorrent port reachability - Hash info .... %package ruby ruby-devel ruby-doc ruby-tk Update: Wed Jan 30 21:39:31 2008 Importance: security ID: MDVSA-2008:029 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:029 %pre Ruby network libraries Net::HTTP, Net::IMAP, Net::FTPTLS, Net::Telnet, Net::POP3, and Net::SMTP, up to Ruby version 1.8.6 are affected by a possible man-in-the-middle attack, when using SSL, due to a missing check of the CN (common name) attribute in SSL certificates against the server's hostname. The updated packages have been patched to prevent the issue. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package xdg-utils Update: Thu Jan 31 23:52:38 2008 Importance: security ID: MDVSA-2008:031 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:031 %pre A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is tricked into trying to open a maliciously crafted URL. The updated packages have been patched to prevent the issue. %description This version of xdg-utils contains the following commands: xdg-desktop-menu: command line tool for (un)installing desktop menu items xdg-desktop-icon: command line tool for (un)installing icons to the desktop xdg-mime: command line tool for querying information about file type handling and adding descriptions for new file types xdg-icon-resource: command line tool for (un)installing icon resources xdg-open: opens a file or URL in the user's preferred application xdg-email: command line tool for sending mail using the user's preferred e-mail composer xdg-su: run a program as root after prompting for the root password xdg-screensaver: command line tool for controlling the screensaver Testsuite for xdg-utils is available from http://portland.freedesktop.org/wiki/TestSuite %package libboost1 libboost1-devel libboost1-examples libboost1-static-devel Update: Fri Feb 01 12:32:15 2008 Importance: security ID: MDVSA-2008:032 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:032 %pre Tavis Ormandy and Will Drewry found that the bost library did not properly perform input validation on regular expressions. An attacker could exploit this by sening a specially crafted regular expression to an application linked against boost and cause a denial of service via an application crash. The updated packages have been patched to correct this issue. %description Boost is a collection of free peer-reviewed portable C++ source libraries. The emphasis is on libraries which work well with the C++ Standard Library. This package contains only the shared libraries needed for running programs using Boost. %package ruby-atk ruby-gconf2 ruby-gdkpixbuf2 ruby-glib2 ruby-gnome2 ruby-gnome2-devel ruby-gnomecanvas2 ruby-gnomeprint2 ruby-gnomeprintui2 ruby-gnomevfs2 ruby-gtk2 ruby-gtkglext ruby-gtkhtml2 ruby-gtkmozembed ruby-gtksourceview ruby-libart2 ruby-libglade2 ruby-panelapplet2 ruby-pango ruby-poppler ruby-rsvg2 ruby-vte Update: Fri Feb 01 13:20:38 2008 Importance: security ID: MDVSA-2008:033 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:033 %pre A format string vulnerability in Ruby-GNOME 2 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter. The updated packages have been patched to prevent this issue. %description set of Ruby language bindings for the GNOME 2.0 development environment. This is the next generation of Ruby-GNOME. %package emacs emacs-X11 emacs-doc emacs-el emacs-leim emacs-nox Update: Mon Feb 04 19:42:03 2008 Importance: security ID: MDVSA-2008:034 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:034 %pre The hack-local-variable function in Emacs 22 prior to version 22.2, when enable-local-variables is set to ':safe', did not properly search lists of unsafe or risky variables, which could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration (CVE-2007-5795; only affects Mandriva Linux 2008.0). A stack-based buffer overflow in emacs could allow user-assisted attackers to cause an application crash or possibly have other unspecified impacts via a large precision value in an integer format string specifier to the format function (CVE-2007-6109). The updated packages have been patched to correct these issues. %description Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news and more without leaving the editor. This package includes the libraries you need to run the Emacs editor, so you need to install this package if you intend to use Emacs. You also need to install the actual Emacs program package (emacs-nox or emacs-X11). Install emacs-nox if you are not going to use the X Window System; install emacs-X11 if you will be using X. %package ImageMagick ImageMagick-desktop ImageMagick-doc libMagick10.7.0 libMagick10.7.0-devel perl-Image-Magick Update: Tue Feb 05 11:01:17 2008 Importance: security ID: MDVSA-2008:035 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:035 %pre Multiple vulnerabilities were discovered in the image decoders of ImageMagick. If a user or automated system were tricked into processing malicious DCM, DIB, XBM, XCF, or XWD images, a remote attacker could execute arbitrary code with user privileges. The updated packages have been patched to correct these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Wed Feb 06 10:40:33 2008 Importance: security ID: MDVSA-2008:036 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:036 %pre Wei Wang found that the SNMP discovery backend in CUPS did not correctly calculate the length of strings. If a user could be tricked into scanning for printers, a remote attacker could send a specially crafted packet and possibly execute arbitrary code (CVE-2007-5849). As well, the fix for CVE-2007-0720 in MDKSA-2007:086 caused another denial of service regression within SSL handling (CVE-2007-4045). The updated packages have been patched to correct these issues. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package libcdio++0 libcdio-apps libcdio-devel libcdio-static-devel libcdio7 libcdio_cdda0 libiso9660_5 Update: Thu Feb 07 10:28:59 2008 Importance: security ID: MDVSA-2008:037 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:037 %pre A stack-based buffer overflow was discovered in libcdio that allowed context-dependent attackers to cause a denial of service (core dump) and possibly execute arbitrary code via a disk or image file that contains a long joliet file name. In addition, a fix for failed UTF-8 conversions that would cause a segfault on certain ISOs was also fixed. The updated packages have been patched to correct this issue. %description This library is to encapsulate CD-ROM reading and control. Applications wishing to be oblivious of the OS- and device-dependent properties of a CD-ROM can use this library. Some support for disk image types like BIN/CUE and NRG is available, so applications that use this library also have the ability to read disc images as though they were CD's. %package libSDL_image1.2 libSDL_image1.2-devel libSDL_image1.2-test Update: Thu Feb 07 16:43:22 2008 Importance: security ID: MDVSA-2008:040 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:040 %pre The LWZReadByte() and IMG_LoadLBM_RW() functions in SDL_image contain a boundary error that could be triggered to cause a static buffer overflow and a heap-based buffer overflow. If a user using an application linked against the SDL_image library were to open a carefully crafted GIF or IFF ILBM file, the application could crash or possibly allow for the execution of arbitrary code. The updated packages have been patched to correct this issue. %description This is a simple library to load images of various formats as SDL surfaces. This library currently supports BMP, PPM, PCX, GIF, JPEG, and PNG formats. This package contains the binary `sdlshow' to test the library. %package libtk8.4 libtk8.4-devel tk Update: Thu Feb 07 16:44:48 2008 Importance: security ID: MDVSA-2008:041 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:041 %pre The ReadImage() function in Tk did not check codeSize read from GIF images prior to initializing the append array, which could lead to a buffer overflow with unknown impact. The updated packages have been patched to correct this issue. %description Tk is a X Windows widget set designed to work closely with the tcl scripting language. It allows you to write simple programs with full featured GUI's in only a little more time then it takes to write a text based interface. Tcl/Tk applications can also be run on Windows and Macintosh platforms. %package kernel-2.6.17.17mdv kernel-doc-2.6.17.17mdv kernel-doc-latest kernel-enterprise-2.6.17.17mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.17mdv kernel-legacy-latest kernel-source-2.6.17.17mdv kernel-source-latest kernel-source-stripped-2.6.17.17mdv kernel-source-stripped-latest kernel-xen0-2.6.17.17mdv kernel-xen0-latest kernel-xenU-2.6.17.17mdv kernel-xenU-latest Update: Mon Feb 11 20:56:42 2008 Importance: security ID: MDVSA-2008:043 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:043 %pre A flaw in the vmsplice system call did not properly verify address arguments passed by user-space processes, which allowed local attackers to overwrite arbitrary kernel memory and gain root privileges. Mandriva urges all users to upgrade to these new kernels immediately as this flaw is being actively exploited. This issue only affects 2.6.17 and newer Linux kernels, so neither Corporate 3.0 nor Corporate 4.0 are affected. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package libdha1.0 mencoder mplayer mplayer-doc mplayer-gui Update: Thu Feb 14 13:45:37 2008 Importance: security ID: MDVSA-2008:045 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:045 %pre Heap-based buffer overflow in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmff_dump_header function and related to disregarding the max field. Although originally a xine-lib issue, also affects MPlayer due to code similarity. (CVE-2008-0225) Multiple heap-based buffer overflows in the rmff_dump_cont function in input/libreal/rmff.c in xine-lib 1.1.9 allow remote attackers to execute arbitrary code via the SDP (1) Title, (2) Author, or (3) Copyright attribute, related to the rmff_dump_header function, different vectors than CVE-2008-0225. Although originally a xine-lib issue, also affects MPlayer due to code similarity. (CVE-2008-0238) Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. (CVE-2008-0485) Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. (CVE-2008-0486) Buffer overflow in stream_cddb.c in MPlayer 1.0rc2 and SVN before r25824 allows remote user-assisted attackers to execute arbitrary code via a CDDB database entry containing a long album title. (CVE-2008-0629) Buffer overflow in url.c in MPlayer 1.0rc2 and SVN before r25823 allows remote attackers to execute arbitrary code via a crafted URL that prevents the IPv6 parsing code from setting a pointer to NULL, which causes the buffer to be reused by the unescape code. (CVE-2008-0630) The updated packages have been patched to prevent these issues. %description MPlayer is a movie player for LINUX (runs on many other Unices, and non-x86 CPUs, see the documentation). It plays most MPEG, VOB, AVI, VIVO, ASF/WMV, QT/MOV, FLI, NuppelVideo, yuv4mpeg, FILM, RoQ, and some RealMedia files, supported by many native, XAnim, and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, FLI, and even DivX movies too (and you don't need the avifile library at all!). The another big feature of mplayer is the wide range of supported output drivers. It works with X11, Xv, DGA, OpenGL, SVGAlib, fbdev, AAlib, but you can use SDL (and this way all drivers of SDL), VESA (on every VESA compatible card, even without X!), and some lowlevel card-specific drivers (for Matrox, 3Dfx and Radeon) too! Most of them supports software or hardware scaling, so you can enjoy movies in fullscreen. MPlayer supports displaying through some hardware MPEG decoder boards, such as the DVB and DXR3/Hollywood+! And what about the nice big antialiased shaded subtitles (9 supported types!!!) with european/ISO 8859-1,2 (hungarian, english, czech, etc), cyrillic, korean fonts, and OSD? Note: If you want to play Real content, you need to have the content of RealPlayer's Codecs directory in /usr/lib/RealPlayer10GOLD/codecs %package libxine1 libxine1-devel xine-aa xine-arts xine-caca xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-jack xine-plugins xine-pulse xine-sdl xine-smb Update: Fri Feb 15 12:24:52 2008 Importance: security ID: MDVSA-2008:046 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:046 %pre An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity. The updated packages have been patched to prevent this issue. %description xine is a free gpl-licensed video player for unix-like systems. %package mozilla-thunderbird mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ro mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Tue Feb 19 11:43:04 2008 Importance: security ID: MDVSA-2007:047 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2007:047 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.9. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package libxine1 libxine1-devel xine-aa xine-arts xine-caca xine-dxr3 xine-esd xine-flac xine-gnomevfs xine-image xine-jack xine-plugins xine-pulse xine-sdl xine-smb Update: Wed Feb 20 14:59:28 2008 Importance: security ID: MDVSA-2008:046-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:046-1 %pre An array index vulnerability found in the FLAC audio demuxer might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. Although originally an MPlayer issue, it also affects xine-lib due to code similarity. The updated packages have been patched to prevent this issue. Update: The previous update used a bad patch which made Amarok interface very unresponsive while playing FLAC files. This new update fixes the security issue with a better patch. %description xine is a free gpl-licensed video player for unix-like systems. %package deskbar-applet devhelp devhelp-plugins eclipse-ecj eclipse-jdt eclipse-jdt-sdk eclipse-pde eclipse-pde-runtime eclipse-pde-sdk eclipse-platform eclipse-platform-sdk eclipse-rcp eclipse-rcp-sdk eclipse-sdk epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox-devel libmozilla-firefox2.0.0.12 libswt3-gtk2 libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox mozilla-firefox-af mozilla-firefox-ar mozilla-firefox-be mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-en_GB mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-et_EE mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ka mozilla-firefox-ko mozilla-firefox-ku mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-mn mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Fri Feb 22 13:26:53 2008 Importance: security ID: MDVSA-2008:048 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:048 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.12. This update provides the latest Firefox to correct these issues. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Tue Feb 26 12:40:25 2008 Importance: security ID: MDVSA-2008:051 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:051 %pre A flaw was found in how CUPS handled the addition and removal of remote printers via IPP that could allow a remote attacker to send a malicious IPP packet to the UDP port causing CUPS to crash. The updated packages have been patched to correct these issues. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package libpcre-devel libpcre0 pcre Update: Wed Feb 27 12:24:12 2008 Importance: security ID: MDVSA-2008:053 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:053 %pre A buffer overflow in PCRE 7.x before 7.6 allows remote attackers to execute arbitrary code via a regular expression that contains a character class with a large number of characters with Unicode code points greater than 255. The updated packages have been patched to correct these issues. %description PCRE has its own native API, but a set of "wrapper" functions that are based on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow Perl syntax and semantics. This package contains a grep variant based on the PCRE library. %package dbus dbus-x11 libdbus-1_3 libdbus-1_3-devel Update: Thu Feb 28 12:02:27 2008 Importance: security ID: MDVSA-2008:054 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:054 %pre A vulnerability was discovered by Havoc Pennington in how the dbus-daemon applied its security policy. A user with the ability to connect to the dbus-daemon could possibly execute certain method calls that they should not normally have access to. The updated packages have been patched to correct these issues. Users will have to reboot the system once these packages have been installed in order to prevent problems due to service dependencies on the messagebus service. %description D-Bus is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging facility. %package ghostscript ghostscript-X ghostscript-common ghostscript-doc ghostscript-dvipdf ghostscript-module-X libgs8 libgs8-devel libijs1 libijs1-devel Update: Thu Feb 28 21:42:51 2008 Importance: security ID: MDVSA-2008:055 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:055 %pre Chris Evans found a buffer overflow condition in Ghostscript, which can lead to arbitrary code execution as the user running any application using it to process a maliciously crafted Postscript file. The updated packages have been patched to prevent this issue. %description Ghostscript is a set of software tools that provide a PostScript(TM) interpreter, a set of C procedures (the Ghostscript library, which implements the graphics capabilities in the PostScript language) and an interpreter for Portable Document Format (PDF) files. Ghostscript translates PostScript code into many common, bitmapped and vector formats, like those understood by your printer or screen. Ghostscript is normally used to display PostScript files and to print PostScript files to non-PostScript printers. You should install ghostscript if you need to display PostScript or PDF files, or if you have a non-PostScript printer. %package gnumeric libspreadsheet1.7.8 libspreadsheet1.7.8-devel Update: Fri Feb 29 10:50:39 2008 Importance: security ID: MDVSA-2008:056 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:056 %pre A vulnerability was found in the excel_read_HLINK function in the Microsoft Excel plugin in Gnumeric prior to version 1.8.1 that would allow for the execution of arbitrary code via a crafted XLS file containing XLS HLINK opcodes. The updated packages have been patched to correct this issues. %description This is the Gnumeric, the GNOME spreadsheet program. If you are familiar with Excel, you should be ready to use Gnumeric. It tries to clone all of the good features and stay as compatible as possible with Excel in terms of usability. Hopefully the bugs have been left behind :). %package park-rpmdrake rpmdrake Update: Fri Feb 29 16:35:18 2008 Importance: bugfix ID: MDVA-2008:033 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:033 %pre rpmdrake in Mandriva Linux 2007.1 cannot install packages that are excluded by /etc/urpmi/skip.list. This is not how the system is intended to work (these packages should be left out of automatic updates, but should be installable manually if the user wishes). This bug made it difficult to install, for instance, the kernel-source-stripped-latest package, as it is listed in skip.list by default. This update fixes the problem and allows the user manually to install packages listed in skip.list if they so choose. %description rpmdrake is a simple graphical frontend to manage software packages on a Mandriva Linux system; it has 3 different modes: - software packages installation; - software packages removal; - MandrivaUpdate (software packages updates). A fourth program manages the media (add, remove, edit). %package libwireshark0 tshark wireshark wireshark-tools Update: Mon Mar 03 11:52:27 2008 Importance: security ID: MDVSA-2008:057 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:057 %pre A few vulnerabilities were found in Wireshark, that could cause it to crash or consume excessive memory under certain conditions. This update rovides Wireshark 0.99.8 which is not vulnerable to the issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package libldap2.3_0 libldap2.3_0-devel libldap2.3_0-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Wed Mar 05 09:27:24 2008 Importance: security ID: MDVSA-2008:058 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:058 %pre A vulnerability was found in slapo-pcache in slapd of OpenLDAP prior to 2.3.39 when running as a proxy-caching server. It would allocate memory using a malloc variant rather than calloc, which prevented an array from being properly initialized and could possibly allow attackers to cause a denial of service (CVE-2007-5708). Two vulnerabilities were found in how slapd handled modify (prior to 2.3.26) and modrdn (prior to 2.3.29) requests with NOOP control on objects stored in the BDB backend. An authenticated user with permission to perform modify (CVE-2007-6698) or modrdn (CVE-2008-0658) operations could cause slapd to crash. The updated packages have been patched to correct these issues. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) and stand-alone LDAP replication server (slurpd) which are in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package libtcl8.4 libtcl8.4-devel tcl Update: Wed Mar 05 11:57:37 2008 Importance: security ID: MDVSA-2008:059 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:059 %pre A flaw in the Tcl regular expression handling engine was originally discovered by Will Drewry in the PostgreSQL database server's Tcl regular expression engine. This flaw can result in an infinite loop when processing certain regular expressions. The updated packages have been patched to correct these issues. %description Tcl is a simple scripting language designed to be embedded into other applications. Tcl is designed to be used with Tk, a widget set, which is provided in the tk package. This package also includes tclsh, a simple example of a Tcl application. If you're installing the tcl package and you want to use Tcl for development, you should also install the tk and tclx packages. %package joomla joomla-administrator Update: Wed Mar 05 12:54:48 2008 Importance: security ID: MDVSA-2008:060 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:060 %pre Several severe security issues were discovered in the Joomla! PHP-based content management system. These issues have been fixed in version 1.0.15 which is provided with this update. %description Joomla! is a Content Management System (CMS) created by the same award-winning team that brought the Mambo CMS to its current state of stardom. %package mailman Update: Thu Mar 06 11:10:24 2008 Importance: security ID: MDVSA-2008:061 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:061 %pre Multiple cross-site scripting (XSS) vulnerabilities were found in Mailman prior to version 2.1.10b1, which allow remote attackers to inject arbitrary web script or HTML via edting templates and the list's info attribute in the web administrator interface. The updated packages have been patched to correct these issues. %description Mailman -- The GNU Mailing List Management System -- is a mailing list management system written mostly in Python. Features: o Most standard mailing list features, including: moderation, mail based commands, digests, etc... o An extensive Web interface, customizable on a per-list basis. o Web based list administration interface for *all* admin-type tasks o Automatic Web based hypermail-style archives (using pipermail or other external archiver), including provisions for private archives o Integrated mail list to newsgroup gatewaying o Integrated newsgroup to mail list gatewaying (polling-based... if you have access to the nntp server, you should be able to easily do non-polling based news->mail list gatewaying; email viega@list.org, I'd like to help get that going and come up with instructions) o Smart bounce detection and correction o Integrated fast bulk mailing o Smart spam protection o Extensible logging o Multiple list owners and moderators are possible o Optional MIME-compliant digests o Nice about which machine you subscribed from if you're from the right domain Conditional build options: mailman uid --with uid mail mailman gid --with gid mail %package mozilla-thunderbird mozilla-thunderbird-be mozilla-thunderbird-bg mozilla-thunderbird-ca mozilla-thunderbird-cs mozilla-thunderbird-da mozilla-thunderbird-de mozilla-thunderbird-devel mozilla-thunderbird-el mozilla-thunderbird-en_GB mozilla-thunderbird-enigmail mozilla-thunderbird-enigmail-ca mozilla-thunderbird-enigmail-cs mozilla-thunderbird-enigmail-de mozilla-thunderbird-enigmail-el mozilla-thunderbird-enigmail-es mozilla-thunderbird-enigmail-es_AR mozilla-thunderbird-enigmail-fi mozilla-thunderbird-enigmail-fr mozilla-thunderbird-enigmail-hu mozilla-thunderbird-enigmail-it mozilla-thunderbird-enigmail-ja mozilla-thunderbird-enigmail-ko mozilla-thunderbird-enigmail-nb mozilla-thunderbird-enigmail-nl mozilla-thunderbird-enigmail-pl mozilla-thunderbird-enigmail-pt mozilla-thunderbird-enigmail-pt_BR mozilla-thunderbird-enigmail-ro mozilla-thunderbird-enigmail-ru mozilla-thunderbird-enigmail-sk mozilla-thunderbird-enigmail-sl mozilla-thunderbird-enigmail-sv mozilla-thunderbird-enigmail-tr mozilla-thunderbird-enigmail-zh_CN mozilla-thunderbird-enigmail-zh_TW mozilla-thunderbird-es_AR mozilla-thunderbird-es_ES mozilla-thunderbird-et_EE mozilla-thunderbird-eu mozilla-thunderbird-fi mozilla-thunderbird-fr mozilla-thunderbird-gu_IN mozilla-thunderbird-he mozilla-thunderbird-hu mozilla-thunderbird-it mozilla-thunderbird-ja mozilla-thunderbird-ko mozilla-thunderbird-lt mozilla-thunderbird-mk mozilla-thunderbird-nb_NO mozilla-thunderbird-nl mozilla-thunderbird-nn_NO mozilla-thunderbird-pa_IN mozilla-thunderbird-pl mozilla-thunderbird-pt_BR mozilla-thunderbird-pt_PT mozilla-thunderbird-ru mozilla-thunderbird-sk mozilla-thunderbird-sl mozilla-thunderbird-sv_SE mozilla-thunderbird-tr mozilla-thunderbird-zh_CN mozilla-thunderbird-zh_TW nsinstall Update: Thu Mar 06 15:47:10 2008 Importance: security ID: MDVSA-2008:062 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:062 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.12. This update provides the latest Thunderbird to correct these issues. %description Mozilla Thunderbird is a full-featured email, RSS and newsgroup client that makes emailing safer, faster and easier than ever before. %package evolution evolution-devel evolution-mono evolution-pilot Update: Thu Mar 06 16:40:33 2008 Importance: security ID: MDVSA-2008:063 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:063 %pre Ulf Harnhammar of Secunia Research discovered a format string flaw in how Evolution displayed encrypted mail content. If a user were to open a carefully crafted email message, arbitrary code could be executed with the permissions of the user running Evolution. The updated packages have been patched to correct this issue. %description Evolution is the GNOME mailer, calendar, contact manager and communications tool. The tools which make up Evolution will be tightly integrated with one another and act as a seamless personal information-management tool. %package tomboy Update: Fri Mar 07 11:04:17 2008 Importance: security ID: MDVSA-2008:064 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:064 %pre A flaw in how tomboy handles LD_LIBRARY_PATH was discovered where by appending paths to LD_LIBRARY_PATH the program would also search the current directory for shared libraries. In directories containing network data, those libraries could be injected into the application. The updated packages have been patched to correct this issue. %description Tomboy is a desktop note-taking application for Linux and Unix. Simple and easy to use, but with potential to help you organize the ideas and information you deal with every day. The key to Tomboy's usefulness lies in the ability to relate notes and ideas together. Using a WikiWiki-like linking system, organizing ideas is as simple as typing a name. Branching an idea off is easy as pressing the Link button. And links between your ideas won't break, even when renaming and reorganizing them. %package libpulseaudio0 libpulseaudio0-devel libpulsecore2 pulseaudio Update: Sun Mar 09 12:48:59 2008 Importance: security ID: MDVSA-2008:065 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:065 %pre Luigi Auriemma found a few programming errors in Pulseaudio, that can be used to crash the Pulseaudio daemon, by authenticated and unauthenticated users. The updated packages fix these issues. %description pulseaudio is a sound server for Linux and other Unix like operating systems. It is intended to be an improved drop-in replacement for the Enlightened Sound Daemon (ESOUND). In addition to the features ESOUND provides pulseaudio has: * Extensible plugin architecture (by loading dynamic loadable modules with dlopen()) * Support for more than one sink/source * Better low latency behaviour * Embedabble into other software (the core is available as C library) * Completely asynchronous C API * Simple command line interface for reconfiguring the daemon while running * Flexible, implicit sample type conversion and resampling * "Zero-Copy" architecture * Module autoloading * Very accurate latency measurement for playback and recording. * May be used to combine multiple sound cards to one (with sample rate adjustment) * Client side latency interpolation %package timezone Update: Thu Mar 13 16:10:24 2008 Importance: normal ID: MDVA-2008:036 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:036 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2008 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package unzip Update: Tue Mar 18 16:20:21 2008 Importance: security ID: MDVSA-2008:068 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:068 %pre Tavis Ormandy of Google Security discovered an invalid pointer flaw in unzip that could lead to the execution of arbitrary code with the privileges of the user running unzip. The updated packages have been patched to correct this issue. %description unzip will list, test, or extract files from a ZIP archive, commonly found on MS-DOS systems. A companion program, zip, creates ZIP archives; both programs are compatible with archives created by PKWARE's PKZIP and PKUNZIP for MS-DOS, but in many cases the program options or default behaviors differ. This version also has encryption support. %package ftp-client-krb5 ftp-server-krb5 krb5-server krb5-workstation libkrb53 libkrb53-devel telnet-client-krb5 telnet-server-krb5 Update: Wed Mar 19 12:55:59 2008 Importance: security ID: MDVSA-2008:069 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:069 %pre Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code (CVE-2007-5901, CVE-2007-5971). A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions of its memory, or possibly %execute arbitrary code using malformed or truncated Kerberos v4 protocol requests (CVE-2008-0062, CVE-2008-0063). This issue only affects krb5kdc when it has Kerberos v4 protocol compatibility enabled, which is a compiled-in default in all Kerberos versions that Mandriva Linux ships prior to Mandriva Linux 2008.0. Kerberos v4 protocol support can be disabled by adding v4_mode=none (without quotes) to the [kdcdefaults] section of /etc/kerberos/krb5kdc/kdc.conf. A flaw in the RPC library as used in Kerberos' kadmind was discovered by Jeff Altman of Secure Endpoints. An unauthenticated remote attacker could use this vulnerability to crash kadmind or possibly execute arbitrary code in systems with certain resource limits configured; this does not affect the default resource limits used by Mandriva Linux (CVE-2008-0947). The updated packages have been patched to correct these issues. %description Kerberos V5 is a trusted-third-party network authentication system, which can improve your network's security by eliminating the insecure practice of cleartext passwords. %package perl-Net-DNS Update: Thu Mar 20 11:32:56 2008 Importance: security ID: MDVSA-2008:073 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:073 %pre A vulnerability in the Net::DNS perl module was found that could allow remote attackers to cause a denial of service via a crafted DNS response. The updated packages have been patched to correct this issue. %description Net::DNS is a collection of Perl modules that act as a Domain Name System (DNS) resolver. It allows the programmer to perform DNS queries that are beyond the capabilities of gethostbyname and gethostbyaddr. The programmer should be somewhat familiar with the format of a DNS packet and its various sections. See RFC 1035 or DNS and BIND (Albitz & Liu) for details. %package audacity Update: Thu Mar 20 13:33:42 2008 Importance: security ID: MDVSA-2008:074 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:074 %pre Audacity creates a temporary directory with a predictable name without checking for previous existence of that directory, which allows local users to cause a denial of service (recording deadlock) by creating the directory before Audacity is run. This issue can also be leveraged to delete arbitrary files or directories via a symlink attack. The updated package fixes the issue. %description Audacity is a program that lets you manipulate digital audio waveforms. In addition to letting you record sounds directly from within the program, it imports many sound file formats, including WAV, AIFF, MP3 and Ogg/Vorbis. It supports all common editing operations such as Cut, Copy, and Paste, plus it will mix tracks and let you apply plug-in effects to any part of a sound. It also has a built-in amplitude envelope editor, a customizable spectrogram mode and a frequency analysis window for audio analysis applications. %package bzip2 libbzip2_1 libbzip2_1-devel Update: Sun Mar 23 12:38:44 2008 Importance: security ID: MDVSA-2008:075 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:075 %pre Bzip2 versions before 1.0.5 are vulnerable to a denial of service attack via malicious compressed data. The updated packages have been patched to prevent the issue. %description Bzip2 compresses files using the Burrows-Wheeler block-sorting text compression algorithm, and Huffman coding. Compression is generally considerably better than that achieved by more conventional LZ77/LZ78-based compressors, and approaches the performance of the PPM family of statistical compressors. The command-line options are deliberately very similar to those of GNU Gzip, but they are not identical. %package webmin Update: Mon Mar 24 15:37:24 2008 Importance: bugfix ID: MDVA-2008:041 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:041 %pre Webmin would always fail the login if the user's password contained UTF-8 non-ascii characters. This update corrects the issue. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package wml Update: Wed Mar 26 11:51:29 2008 Importance: security ID: MDVSA-2008:076 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:076 %pre Two vulnerabilities were found in the Website META Language (WML) package that allowed local users to overwrite arbitrary files via symlink attacks. The updated packages have been patched to correct these issues. %description WML is a free and extensible Webdesigner's off-line HTML generation toolkit for Unix, distributed under the GNU General Public License (GPL v2). It is written in ANSI C and Perl 5, build via a GNU Autoconf based source tree and runs out-of-the-box on all major Unix derivates. It can be used free of charge both in educational and commercial environments. %package perl-Tk perl-Tk-devel perl-Tk-doc Update: Wed Mar 26 15:04:56 2008 Importance: security ID: MDVSA-2008:077 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:077 %pre A vulnerability in perl-Tk was found where specially crafted GIF images could crash perl-Tk (an identical issue to that found in php-gd, gd, and SDL_image). The updated packages have been patched to correct this issue. %description This package provides the modules and Tk code for Perl/Tk, as written by Nick Ing-Simmons (pTk), John Ousterhout(Tk), and Ioi Kim Lam(Tix). It gives you the ability to develop perl applications using the Tk GUI. It includes the source code for the Tk and Tix elements it uses. The licences for the various components differ, so check the copyright. %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Wed Mar 26 16:30:25 2008 Importance: security ID: MDVSA-2008:078 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:078 %pre OpenSSH allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port. The updated packages have been patched to prevent this issue. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftplog sftp logging support (disabled) --with[out] chroot chroot support (disabled) %package sarg Update: Thu Mar 27 13:11:17 2008 Importance: security ID: MDVSA-2008:079 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:079 %pre A stack-based buffer overflow in sarg (Squid Analysis Report Generator) allowed remote attackers to execute arbitrary code via a long Squid proxy server User-Agent header (CVE-2008-1167). A cross-site scripting vulnerability in sarg version 2.x prior to 2.2.5 allowed remote attackers to inject arbitrary web script or HTML via the User-Agent heder, which is not properly handled when displaying the Squid proxy log (CVE-2008-1168). In addition, a number of other fixes have been made such as making the getword() function more robust which should prevent any overflows, other segfaults have been fixed, and the useragent report is now more consistent with the other reports. The updated packages have been patched to correct these issues. %description Sarg (was Sqmgrlog) generate reports per user/ip/name from SQUID log file. The reports will be generated in HTML or email. %package deskbar-applet devhelp devhelp-plugins eclipse-ecj eclipse-jdt eclipse-jdt-sdk eclipse-pde eclipse-pde-runtime eclipse-pde-sdk eclipse-platform eclipse-platform-sdk eclipse-rcp eclipse-rcp-sdk eclipse-sdk epiphany epiphany-devel epiphany-extensions galeon gnome-python-extras gnome-python-gda gnome-python-gda-devel gnome-python-gdl gnome-python-gksu gnome-python-gtkhtml2 gnome-python-gtkmozembed gnome-python-gtkspell libdevhelp-1_0 libdevhelp-1_0-devel libmozilla-firefox-devel libmozilla-firefox2.0.0.13 libswt3-gtk2 libtotem-plparser1 libtotem-plparser1-devel mozilla-firefox mozilla-firefox-af mozilla-firefox-ar mozilla-firefox-be mozilla-firefox-bg mozilla-firefox-br_FR mozilla-firefox-ca mozilla-firefox-cs mozilla-firefox-da mozilla-firefox-de mozilla-firefox-el mozilla-firefox-en_GB mozilla-firefox-es_AR mozilla-firefox-es_ES mozilla-firefox-et_EE mozilla-firefox-eu mozilla-firefox-fi mozilla-firefox-fr mozilla-firefox-fy mozilla-firefox-ga mozilla-firefox-gu_IN mozilla-firefox-he mozilla-firefox-hu mozilla-firefox-it mozilla-firefox-ja mozilla-firefox-ka mozilla-firefox-ko mozilla-firefox-ku mozilla-firefox-lt mozilla-firefox-mk mozilla-firefox-mn mozilla-firefox-nb_NO mozilla-firefox-nl mozilla-firefox-nn_NO mozilla-firefox-pa_IN mozilla-firefox-pl mozilla-firefox-pt_BR mozilla-firefox-pt_PT mozilla-firefox-ro mozilla-firefox-ru mozilla-firefox-sk mozilla-firefox-sl mozilla-firefox-sv_SE mozilla-firefox-tr mozilla-firefox-uk mozilla-firefox-zh_CN mozilla-firefox-zh_TW totem totem-common totem-gstreamer totem-mozilla totem-mozilla-gstreamer yelp Update: Fri Mar 28 14:55:32 2008 Importance: security ID: MDVSA-2008:080 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:080 %pre A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.13. This update provides the latest Firefox to correct these issues. %description Help browser for GNOME 2 which supports docbook documents, info and man. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Wed Apr 02 11:32:59 2008 Importance: security ID: MDVSA-2008:081 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:081 %pre A heap-based buffer overflow in CUPS 1.2.x and later was discovered by regenrecht of VeriSign iDenfense that could allow a remote attacker to execute arbitrary code via a crafted CGI search expression (CVE-2008-0047). A validation error in the Hp-GL/2 filter was also discovered (CVE-2008-0053). Finally, a vulnerability in how CUPS handled GIF files was found by Tomas Hoger of Red Hat, similar to previous issues corrected in PHP, gd, tk, netpbm, and SDL_image (CVE-2008-1373). The updated packages have been patched to correct these issues. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package timezone Update: Fri Apr 04 13:32:09 2008 Importance: normal ID: MDVA-2008:043 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:043 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2008 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package rsync Update: Fri Apr 11 14:01:56 2008 Importance: security ID: MDVSA-2008:084 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:084 %pre Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attakcer could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash (CVE-2008-1720). The updated packages have been patched to correct this issue. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has these patches applied from rsync tree: - acl: allow to mirror acl Rebuild the source rpm with `--without patches' if you don't want these patches %package rsync Update: Fri Apr 11 14:10:42 2008 Importance: security ID: MDVSA-2008:084 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:084 %pre Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attakcer could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash (CVE-2008-1720). The updated packages have been patched to correct this issue. %description Rsync uses a quick and reliable algorithm to very quickly bring remote and host files into sync. Rsync is fast because it just sends the differences in the files over the network (instead of sending the complete files). Rsync is often used as a very powerful mirroring process or just as a more capable replacement for the rcp command. A technical report which describes the rsync algorithm is included in this package. Install rsync if you need a powerful mirroring program. This rpm has these patches applied from rsync tree: - acl: allow to mirror acl Rebuild the source rpm with `--without patches' if you don't want these patches %package libpython2.5 libpython2.5-devel python python-base python-docs tkinter Update: Tue Apr 15 00:26:34 2008 Importance: security ID: MDVSA-2008:085 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:085 %pre Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. The updated packages have been patched to prevent this issue. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package giftrans Update: Tue Apr 15 10:04:48 2008 Importance: bugfix ID: MDVA-2008:044 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:044 %pre The giftrans package was using the wrong path to the color definition file and couldn't be used at all. This update uses the correct path. %description Giftrans will convert an existing GIF87 file to GIF89 format. In other words, Giftrans can make one color in a .gif image (normally the background) transparent. Install the giftrans package if you need a quick, small, one-purpose graphics program to make transparent .gifs out of existing .gifs. %package clamav clamav-db clamav-milter clamd clamdmon libclamav4 libclamav-devel Update: Thu Apr 17 15:18:01 2008 Importance: security ID: MDVSA-2008:088 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:088 %pre Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including: ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled (CVE-2007-6595). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted PeSpin packed PE binary (CVE-2008-0314). An integer overflow in libclamav prior to 0.92.1 allowed remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Petite packed PE file, which triggered a heap-based buffer overflow (CVE-2008-0318). An unspecified vulnerability in ClamAV prior to 0.92.1 triggered heap corruption (CVE-2008-0728). A buffer overflow in ClamAV 0.92 and 0.92.1 allowed remote attackers to execute arbitrary code via a crafted Upack PE file (CVE-2008-1100). ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (CPU consumption) via a crafted ARJ archive (CVE-2008-1387). A heap-based buffer overflow in ClamAV 0.92.1 allowed remote attackers to execute arbitrary code via a crafted WWPack compressed PE binary (CVE-2008-1833). ClamAV prior to 0.93 allowed remote attackers to bypass the scanning engine via a RAR file with an invalid version number (CVE-2008-1835). A vulnerability in rfc2231 handling in ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (crash) via a crafted message that produced a string that was not null terminated, triggering a buffer over-read (CVE-2008-1836). A vulnerability in libclamunrar in ClamAV prior to 0.93 allowed remote attackers to cause a denial of service (crash) via a crafted RAR file (CVE-2008-1837). Other bugs have also been corrected in 0.93 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package libwireshark0 tshark wireshark wireshark-tools Update: Thu Apr 24 16:02:23 2008 Importance: security ID: MDVSA-2008:091 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:091 %pre A few vulnerabilities were found in Wireshark, that could cause it to crash or hang under certain conditions. This update provides Wireshark 1.0.0, which is not vulnerable to the issues. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package libspeex1 libspeex1-devel libspeex1-static-devel speex Update: Tue Apr 29 12:33:09 2008 Importance: security ID: MDVSA-2008:094 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:094 %pre A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the application calling the Speex library (CVE-2008-1686). The updated packages have been patched to correct this issue. %description Speex is a patent-free audio codec designed especially for voice (unlike Vorbis which targets general audio) signals and providing good narrowband and wideband quality. This project aims to be complementary to the Vorbis codec. %package libwine1 libwine1-devel wine Update: Fri May 02 19:42:12 2008 Importance: bugfix ID: MDVA-2008:057 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:057 %pre Some commercial Windows programs did not run under previous builds of Wine, producing an error message notifying the user that a debugger has been detected. This update corrects the issue. %description Wine is a program which allows running Microsoft Windows programs (including DOS, Windows 3.x and Win32 executables) on Unix. It consists of a program loader which loads and executes a Microsoft Windows binary, and a library (called Winelib) that implements Windows API calls using their Unix or X11 equivalents. The library may also be used for porting Win32 code into native Unix executables. %package emacs emacs-doc emacs-el emacs-leim emacs-nox emacs-X11 Update: Tue May 06 13:16:09 2008 Importance: security ID: MDVSA-2008:096 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:096 %pre Steve Grubb found that the vcdiff script in Emacs create temporary files insecurely when used with SCCS. A local user could exploit a race condition to create or overwrite files with the privileges of the user invoking the program (CVE-2008-1694). The updated packages have been patched to correct this issue. %description Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news and more without leaving the editor. This package includes the libraries you need to run the Emacs editor, so you need to install this package if you intend to use Emacs. You also need to install the actual Emacs program package (emacs-nox or emacs-X11). Install emacs-nox if you are not going to use the X Window System; install emacs-X11 if you will be using X. %package openssh openssh-askpass openssh-askpass-common openssh-askpass-gnome openssh-clients openssh-server Update: Tue May 06 15:04:02 2008 Importance: security ID: MDVSA-2008:098 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:098 %pre A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc (CVE-2008-1657). The updated packages have been patched to correct this issue. %description Ssh (Secure Shell) is a program for logging into a remote machine and for executing commands in a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's rework of the last free version of SSH, bringing it up to date in terms of security and features, as well as removing all patented algorithms to separate libraries (OpenSSL). This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. You can build openssh with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] skey smartcard support (disabled) --with[out] krb5 kerberos support (enabled) --with[out] watchdog watchdog support (disabled) --with[out] x11askpass X11 ask pass support (enabled) --with[out] gnomeaskpass Gnome ask pass support (enabled) --with[out] ldap OpenLDAP support (disabled) --with[out] sftplog sftp logging support (disabled) --with[out] chroot chroot support (disabled) %package ImageMagick ImageMagick-desktop ImageMagick-doc libMagick10.7.0 libMagick10.7.0-devel perl-Image-Magick Update: Thu May 08 14:39:10 2008 Importance: security ID: MDVSA-2008:099 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:099 %pre A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick (CVE-2008-1096). Another heap-based buffer overflow vulnerability was found in how ImageMagick processed certain malformed PCX images. If ImageMagick opened a specially-crafted PCX image file, an attacker could possibly execute arbitrary code on the system running ImageMagick (CVE-2008-1097). The updated packages have been patched to correct these issues. %description ImageMagick is a powerful image display, conversion and manipulation tool. It runs in an X session. With this tool, you can view, edit and display a variety of image formats. Build Options: --with plf Build for PLF (fpx support) --with modules Compile all supported image types as modules --with jasper Enable JPEG2000 support (enabled) --with graphviz Enable Graphviz support (enabled) %package perl perl-base perl-devel perl-doc perl-suid Update: Sun May 11 00:45:15 2008 Importance: security ID: MDVSA-2008:100 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:100 %pre A double free vulnerability in Perl 5.8.8 and earlier versions, allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. The updated packages have been patched to prevent this. %description Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. You need perl-base to have a full perl. %package rdesktop Update: Fri May 16 11:33:33 2008 Importance: security ID: MDVSA-2008:101 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:101 %pre Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service (crash) and possibly execute arbitrary code with the privileges of the logged-in user (CVE-2008-1801). A buffer overflow vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user (CVE-2008-1802). An integer signedness vulnerability allowed attackers to execute arbitrary code with the privileges of the logged-in user (CVE-2008-1803). In order for these vulnerabilities to be exploited, an attacker must persuade a targeted user to connect to a malicious RDP server. The updated packages have been patched to correct these issues. %description rdesktop is an open source client for Windows NT Terminal Server and Windows 2000 Terminal Services, capable of natively speaking Remote Desktop Protocol (RDP) in order to present the user's NT desktop. Unlike Citrix ICA, no server extensions are required. rdesktop currently runs on most UNIX based platforms with the X Window System, and other ports should be fairly straightforward. rdesktop is used through rfbdrake. %package libvorbis0 libvorbis0-devel libvorbisenc2 libvorbisfile3 Update: Fri May 16 11:43:29 2008 Importance: security ID: MDVSA-2008:102 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:102 %pre Will Drewry of the Google Security Team reported several vulnerabilities in how libvorbis processed audio data. An attacker could create a carefuly crafted OGG audio file in such a way that it would cause an application linked to libvorbis to crash or possibly execute arbitray code when opened (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423). The updated packages have been patched to correct these issues. %description Ogg Vorbis is a fully open, non-proprietary, patent-and-royalty-free, general-purpose compressed audio format for audio and music at fixed and variable bitrates from 16 to 128 kbps/channel. Find some free Ogg Vorbis music here: http://www.vorbis.com/music.html %package kernel-2.6.17.18mdv kernel-doc-2.6.17.18mdv kernel-doc-latest kernel-enterprise-2.6.17.18mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.18mdv kernel-legacy-latest kernel-source-2.6.17.18mdv kernel-source-latest kernel-source-stripped-2.6.17.18mdv kernel-source-stripped-latest kernel-xen0-2.6.17.18mdv kernel-xen0-latest kernel-xenU-2.6.17.18mdv kernel-xenU-latest Update: Wed May 21 04:06:20 2008 Importance: security ID: MDVSA-2008:105 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:105 %pre The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges. (CVE-2007-3740) The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer. (CVE-2007-3851) The (1) hugetlb_vmtruncate_list and (2) hugetlb_vmtruncate functions in fs/hugetlbfs/inode.c in the Linux kernel before 2.6.19-rc4 perform certain prio_tree calculations using HPAGE_SIZE instead of PAGE_SIZE units, which allows local users to cause a denial of service (panic) via unspecified vectors. (CVE-2007-4133) The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by triggering an out-of-bounds access to the system call table using the %RAX register. This vulnerability is now being fixed in the Xen kernel too. (CVE-2007-4573) Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an off-by-two error. (CVE-2007-4997) The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 relies on user space to close the device, which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consumption in khubd) by not closing the device after the disconnect is invoked. NOTE: this rarely crosses privilege boundaries, unless the attacker can convince the victim to unplug the affected device. (CVE-2007-5093) A race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors. (CVE-2008-1375) The Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain re-ordered access to the descriptor table. (CVE-2008-1669) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package gnutls libgnutls13 libgnutls13-devel Update: Fri May 23 16:14:58 2008 Importance: security ID: MDVSA-2008:106 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:106 %pre Flaws discovered in versions prior to 2.2.4 (stable) and 2.3.10 (development) of GnuTLS allow an attacker to cause denial of service (application crash), and maybe (so far undetermined) execute arbitrary code. The updated packages have been patched to fix these flaws. Note that any applications using this library must be restarted for the update to take effect. %description GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel mount-cifs nss_wins samba-client samba-common samba-doc samba-server samba-smbldap-tools samba-swat samba-vscan-clamav samba-vscan-icap samba-winbind Update: Wed May 28 14:47:47 2008 Importance: security ID: MDVSA-2008:108 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:108 %pre %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package timezone Update: Mon Jun 02 15:27:43 2008 Importance: normal ID: MDVA-2008:082 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:082 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2008 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package kernel-2.6.17.19mdv kernel-doc-2.6.17.19mdv kernel-doc-latest kernel-enterprise-2.6.17.19mdv kernel-enterprise-latest kernel-latest kernel-legacy-2.6.17.19mdv kernel-legacy-latest kernel-source-2.6.17.19mdv kernel-source-latest kernel-source-stripped-2.6.17.19mdv kernel-source-stripped-latest kernel-xen0-2.6.17.19mdv kernel-xen0-latest kernel-xenU-2.6.17.19mdv kernel-xenU-latest Update: Thu Jun 12 09:54:06 2008 Importance: security ID: MDVSA-2008:112 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:112 %pre Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The Datagram Congestion Control Protocol (DCCP) subsystem in the Linux kernel 2.6.18, and probably other versions, does not properly check feature lengths, which might allow remote attackers to execute arbitrary code, related to an unspecified overflow. (CVE-2008-2358) VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories. (CVE-2008-0001) Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset. (CVE-2008-0007) Integer overflow in the hrtimer_start function in kernel/hrtimer.c in the Linux kernel before 2.6.23.10 allows local users to execute arbitrary code or cause a denial of service (panic) via a large relative timeout value. NOTE: some of these details are obtained from third party information. (CVE-2007-5966) The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash). (CVE-2007-6417) The isdn_ioctl function in isdn_common.c in Linux kernel 2.6.23 allows local users to cause a denial of service via a crafted ioctl struct in which iocts is not null terminated, which triggers a buffer overflow. (CVE-2007-6151) The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information. (CVE-2007-6206) Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function. (CVE-2007-6063) The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors. NOTE: some of these details are obtained from third party information. (CVE-2007-5500) The minix filesystem code in Linux kernel 2.6.x before 2.6.24, including 2.6.18, allows local users to cause a denial of service (hang) via a malformed minix file stream that triggers an infinite loop in the minix_bmap function. NOTE: this issue might be due to an integer overflow or signedness error. (CVE-2006-6058) To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate %description The kernel package contains the Linux kernel (vmlinuz), the core of your Mandriva Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. It supports both up and smp systems using smp alternatives. For instructions for update, see: http://www.mandriva.com/security/kernelupdate %package x11-server x11-server-common x11-server-devel x11-server-xati x11-server-xchips x11-server-xdmx x11-server-xephyr x11-server-xepson x11-server-xfake x11-server-xfbdev x11-server-xgl x11-server-xi810 x11-server-xmach64 x11-server-xmga x11-server-xneomagic x11-server-xnest x11-server-xnvidia x11-server-xorg x11-server-xpm2 x11-server-xprt x11-server-xr128 x11-server-xsdl x11-server-xsmi x11-server-xvesa x11-server-xvfb x11-server-xvia x11-server-xvnc Update: Mon Jun 16 10:59:20 2008 Importance: security ID: MDVSA-2008:116 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:116 %pre An input validation flaw was found in X.org's Security and Record extensions. A malicious authorized client could exploit the issue to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server (CVE-2008-1377). An input validation flaw was found in X.org's MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server (CVE-2008-1379). Multiple integer overflows were found in X.org's Render extension. A malicious authorized client could explot these issues to cause a denial of service (crash) or possibly execute arbitrary code with root privileges on the X.org server (CVE-2008-2360, CVE-2008-2361, CVE-2008-2362). In addition, this update corrects a problem that could cause memory corruption or segfaults in the render code of the vnc server on Mandriva Linux 2008.1 The updated packages have been patched to prevent these issues. %description X11 servers %package fetchmail fetchmailconf fetchmail-daemon Update: Thu Jun 19 19:45:41 2008 Importance: security ID: MDVSA-2008:117 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:117 %pre A flaw in fetchmail was discovered that allowed remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed message with long headers. The crash only occured when fetchmail was called in '-v -v' mode (CVE-2008-2711). The updated packages have been patched to prevent this issue. %description Fetchmail is a free, full-featured, robust, and well-documented remote mail retrieval and forwarding utility intended to be used over on-demand TCP/IP links (such as SLIP or PPP connections). It retrieves mail from remote mail servers and forwards it to your local (client) machine's delivery system, so it can then be read by normal mail user agents such as Mutt, Elm, Pine, (X)Emacs/Gnus or Mailx. It comes with an interactive GUI configurator suitable for end-users. Fetchmail supports every remote-mail protocol currently in use on the Internet (POP2, POP3, RPOP, APOP, KPOP, all IMAPs, ESMTP ETRN) for retrieval. Then Fetchmail forwards the mail through SMTP, so you can read it through your normal mail client. %package libnet-snmp10 libnet-snmp10-devel libnet-snmp10-static-devel net-snmp net-snmp-mibs net-snmp-trapd net-snmp-utils perl-NetSNMP Update: Fri Jun 20 12:15:23 2008 Importance: security ID: MDVSA-2008:118 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:118 %pre A vulnerability was found in how Net-SNMP checked an SNMPv3 packet's Keyed-Hash Message Authentication Code (HMAC). An attacker could exploit this flaw to spoof an authenticated SNMPv3 packet (CVE-2008-0960). A buffer overflow was found in the perl bindings for Net-SNMP that could be exploited if an attacker could convince an application using the Net-SNMP perl modules to connect to a malicious SNMP agent (CVE-2008-2292). The updated packages have been patched to prevent these issues. %description SNMP (Simple Network Management Protocol) is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl mib browser. This package contains the snmpd and snmptrapd daemons, documentation, etc. You will probably also want to install the net-snmp-utils package, which contains NET-SNMP utilities. %package exiv2 libexiv2 libexiv2-devel Update: Fri Jun 20 21:05:14 2008 Importance: security ID: MDVSA-2008:119 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:119 %pre A flaw was found in exiv2 that would cause exiv2, or applictions linked to libexiv2, to crash on image files with certain metadata in the image (CVE-2008-2696). The updated packages have been patched to prevent this issue. %description Exiv2 is a command line utility to access image metadata. Exiv2 is free software. The Exiv2 library provides * full read and write access to the Exif and IPTC metadata of an image through Exiv2 keys and standard C++ iterators (Example1, Example2, Example3, Example4) * a smart IPTC implementation that does not affect data that programs like Photoshop store in the same image segment * Exif MakerNote support: o MakerNote tags can be accessed just like any other Exif metadata o a sophisticated write algorithm avoids corrupting the MakerNote: 1) the MakerNote is not re-located if possible at all, and 2) MakerNote Ifd offsets are re-calculated if the MakerNote needs to be moved (for known Ifd MakerNotes) * extract and delete methods for Exif thumbnails (both, JPEG and TIFF thumbnails) * set methods for Exif thumbnails (JPEG only, TIFF thumbnails can be set from individual tags) * complete API documentation (by Doxygen) Exiv2 is a command line utility to * print the Exif metadata of JPEG, TIFF and several RAW image formats as summary info, interpreted values, or the plain data for each tag (a sample is here) * print the IPTC metadata of JPEG images * print, set and delete the JPEG comment of JPEG images * set, add and delete Exif and IPTC metadata of JPEG images * adjust the Exif timestamp (that's how it all started...) * rename Exif image files according to the Exif timestamp * extract, insert and delete Exif metadata, IPTC metadata and JPEG comments * extract, insert and delete the thumbnail image embedded in the Exif metadata * fix the Exif ISO setting of picture taken with Nikon cameras %package libfreetype6 libfreetype6-devel libfreetype6-static-devel Update: Mon Jun 23 12:10:40 2008 Importance: security ID: MDVSA-2008:121 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:121 %pre Multiple vulnerabilities were discovered in FreeType's Printer Font Binary (PFB) font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code (CVE-2008-1806, CVE-2008-1807, CVE-2008-1808). The updated packages have been patched to prevent this issue. %description The FreeType2 engine is a free and portable TrueType font rendering engine. It has been developed to provide TT support to a great variety of platforms and environments. Note that FreeType2 is a library, not a stand-alone application, though some utility applications are included %package clamav clamav-db clamav-milter clamd libclamav4 libclamav-devel Update: Tue Jun 24 10:09:53 2008 Importance: security ID: MDVSA-2008:122 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:122 %pre A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. (CVE-2008-2713) Other bugs have also been corrected in 0.93.1 which is being provided with this update. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package imlib2-data libimlib2_1 libimlib2_1-devel libimlib2_1-filters libimlib2_1-loaders Update: Wed Jun 25 10:01:51 2008 Importance: security ID: MDVSA-2008:123 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:123 %pre Stefan Cornelius discovered two buffer overflows in Imlib's image loaders for PNM and XPM images, which could possibly result in the execution of arbitrary code (CVE-2008-2426). The updated packages have been patched to prevent this issue. %description Imlib2 is an advanced replacement library for libraries like libXpm that provides many more features with much greater flexibility and speed than standard libraries, including font rasterization, rotation, RGBA space rendering and blending, dynamic binary filters, scripting, and more. Build Options: --with mmx Enable mmx cpu detection (10% - 30% speedup) %package libphp5_common5 php-cgi php-cli php-devel php-fcgi php-imap php-openssl php-zlib Update: Thu Jul 03 14:54:48 2008 Importance: security ID: MDVSA-2008:126 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:126 %pre A number of vulnerabilities have been found and corrected in PHP: PHP 5.2.1 would allow context-dependent attackers to read portions of heap memory by executing certain scripts with a serialized data input string beginning with 'S:', which did not properly track the number of input bytes being processed (CVE-2007-1649). A vulnerability in the chunk_split() function in PHP prior to 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation (CVE-2007-4660). The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL (CVE-2007-5899). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). The updated packages have been patched to correct these issues. %description PHP5 is an HTML-embeddable scripting language. PHP5 offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled script with PHP5 is fairly simple. The most common use of PHP5 coding is probably as a replacement for CGI scripts. %package squid squid-cachemgr Update: Fri Jul 04 15:20:00 2008 Importance: security ID: MDVSA-2008:134 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:134 %pre An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service (CVE-2008-1612). The updated packages have been patched to correct this issue. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. This package defaults to a maximum of 1024 filedescriptors. You can change this value at build time by using for example: --define 'maxfiles 4096' The package was built to support a maximum of 1024 filedescriptors. %package bind bind-devel bind-utils Update: Wed Jul 09 11:40:45 2008 Importance: security ID: MDVSA-2008:139 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:139 %pre A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic (CVE-2008-1447). This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue. %description BIND (Berkeley Internet Name Domain) is an implementation of the DNS (domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses, and a resolver library (routines for applications to use when interfacing with DNS). A DNS server allows clients to name resources or objects and share the information with other network machines. The named DNS server can be used on workstations as a caching name server, but is generally only needed on one machine for an entire network. Note that the configuration files for making BIND act as a simple caching nameserver are included in the caching-nameserver package. Install the bind package if you need a DNS server for your network. If you want bind to act a caching name server, you will also need to install the caching-nameserver package. Many BIND 8 features previously unimplemented in BIND 9, including domain-specific forwarding, the \$GENERATE master file directive, and the "blackhole", "dialup", and "sortlist" options Forwarding of dynamic update requests; this is enabled by the "allow-update-forwarding" option A new, simplified database interface and a number of sample drivers based on it; see doc/dev/sdb for details Support for building single-threaded servers for environments that do not supply POSIX threads New configuration options: "min-refresh-time", "max-refresh-time", "min-retry-time", "max-retry-time", "additional-from-auth", "additional-from-cache", "notify explicit" Faster lookups, particularly in large zones. Build Options: --without sdb_ldap Build without ldap simple database support (enabled per default) --with sdb_mysql Build with MySQL database support (disables ldap support, it's either way.) --with geoip Build with GeoIP support (disabled per default) %package ruby ruby-devel ruby-doc ruby-tk Update: Wed Jul 09 16:54:34 2008 Importance: security ID: MDVSA-2008:141 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:141 %pre Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1) ..%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. (CVE-2008-1145) Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3) . (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. (CVE-2008-1891) Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. (CVE-2008-2662) Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. (CVE-2008-2663) The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. (CVE-2008-2664) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. (CVE-2008-2725) Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. (CVE-2008-2726) Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. (CVE-2008-2376) The updated packages have been patched to fix these issues. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package libldap2.3_0 libldap2.3_0-devel libldap2.3_0-static-devel openldap openldap-clients openldap-doc openldap-servers openldap-testprogs openldap-tests Update: Fri Jul 11 21:07:14 2008 Importance: security ID: MDVSA-2008:144 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:144 %pre A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon (CVE-2008-2952). The updated packages have been patched to correct this issue. %description OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. The suite includes a stand-alone LDAP server (slapd) and stand-alone LDAP replication server (slurpd) which are in the -servers package, libraries for implementing the LDAP protocol (in the lib packages), and utilities, tools, and sample clients (in the -clients package). The openldap binary package includes configuration files used by the libraries. Install openldap if you need LDAP applications and tools. %package bluez-utils bluez-utils-cups libbluez2 libbluez2-devel Update: Mon Jul 14 19:45:52 2008 Importance: security ID: MDVSA-2008:145 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:145 %pre An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and potentially execute arbitrary code with the privileges of the hcid daemon (CVE-2008-2374). The updated packages have been patched to correct this issue. %description These are the official Bluetooth communication libraries for Linux. %package libpcre0 libpcre-devel pcre Update: Tue Jul 15 21:55:10 2008 Importance: security ID: MDVSA-2008:147 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:147 %pre Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execution of arbitrary code or a denial of service (CVE-2008-2371). The updated packages have been patched to correct this issue. %description PCRE has its own native API, but a set of "wrapper" functions that are based on the POSIX API are also supplied in the library libpcreposix. Note that this just provides a POSIX calling interface to PCRE: the regular expressions themselves still follow Perl syntax and semantics. This package contains a grep variant based on the PCRE library. %package timezone Update: Wed Jul 16 15:32:21 2008 Importance: normal ID: MDVA-2008:109 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:109 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2008 and later for certain time zones. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package libmysql15 libmysql-devel libmysql-static-devel mysql mysql-bench mysql-client mysql-common mysql-max mysql-ndb-extra mysql-ndb-management mysql-ndb-storage mysql-ndb-tools Update: Sat Jul 19 13:52:06 2008 Importance: security ID: MDVSA-2008:150 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:150 %pre Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code (CVE-2008-0226) or cause a denial of service via a special Hello packet (CVE-2008-0227). Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges (CVE-2008-2079). The updated packages have been patched to correct these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package libxslt1 libxslt1-devel libxslt-proc python-libxslt Update: Mon Jul 21 16:30:18 2008 Importance: security ID: MDVSA-2008:151 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:151 %pre A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code (CVE-2008-1767). The updated packages have been patched to correct this issue. %description This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. %package libwireshark0 tshark wireshark wireshark-tools Update: Tue Jul 22 13:50:50 2008 Importance: security ID: MDVSA-2008:152 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:152 %pre A vulnerability was found in Wireshark, that could cause it to crash while processing malicious packets. This update provides Wireshark 1.0.2, which is not vulnerable to that. %description Wireshark is a network traffic analyzer for Unix-ish operating systems. It is based on GTK+, a graphical user interface library, and libpcap, a packet capture and filtering library. Wireshark is a fork of Ethereal(tm) %package emacs emacs-doc emacs-el emacs-leim emacs-nox emacs-X11 Update: Wed Jul 23 12:36:19 2008 Importance: security ID: MDVSA-2008:153 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:153 %pre A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs (CVE-2008-2142). The updated packages have been patched to correct this issue. %description Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news and more without leaving the editor. This package includes the libraries you need to run the Emacs editor, so you need to install this package if you intend to use Emacs. You also need to install the actual Emacs program package (emacs-nox or emacs-X11). Install emacs-nox if you are not going to use the X Window System; install emacs-X11 if you will be using X. %package libpng3 libpng3-devel libpng3-static-devel Update: Mon Jul 28 14:33:11 2008 Importance: security ID: MDVSA-2008:156 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:156 %pre Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions (CVE-2008-1382). The updated packages have been patched to correct this issue. %description The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng should be installed if you need to manipulate PNG format image files. %package kino kino-devel Update: Tue Jul 29 14:49:14 2008 Importance: bugfix ID: MDVA-2008:112 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:112 %pre The kino package included in Mandriva Linux 2007.1 had an invalid symbolink link (kino2raw), which would prevent kino2raw from being launched. The updated package fixes this problem. %description The new generation of digital camcorders use the Digital Video (DV) data format. Kino allows you to record, create, edit, and play movies recorded with DV camcorders. Unlike other editors, this program uses many keyboard commands for fast navigating and editing inside the movie. %package libxslt1 libxslt1-devel libxslt-proc python-libxslt Update: Fri Aug 01 11:31:42 2008 Importance: security ID: MDVSA-2008:160 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:160 %pre Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibly execute arbitrary code with the privileges of the application in question (CVE-2008-2935). The updated packages have been patched to correct this issue. %description This C library allows to transform XML files into other XML files (or HTML, text, ...) using the standard XSLT stylesheet transformation mechanism. %package rxvt rxvt-CJK Update: Thu Aug 07 11:31:53 2008 Importance: security ID: MDVSA-2008:161 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:161 %pre A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections (CVE-2008-1142). The updated packages have been patched to correct this issue. %description Rxvt is a color VT102 terminal emulator for the X Window System. Rxvt is intended to be an xterm replacement for users who don't need the more esoteric features of xterm, like Tektronix 4014 emulation, session logging and toolkit style configurability. Since it doesn't support those features, rxvt uses much less swap space than xterm uses. This is a significant advantage on a machine which is serving a large number of X sessions. The rxvt package should be installed on any machine which serves a large number of X sessions, if you'd like to improve that machine's performance. This version of rxvt can display Japanese, Chinese (Big5 and GuoBiao) and Korean. %package libpython2.5 libpython2.5-devel python python-base python-docs tkinter tkinter-apps Update: Thu Aug 07 16:12:12 2008 Importance: security ID: MDVSA-2008:163 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:163 %pre Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows (CVE-2008-1679). This was due to an incomplete fix for CVE-2007-4965. David Remahl of Apple Product Security reported several integer overflows in a number of core modules (CVE-2008-2315). He also reported an integer overflow in the hashlib module on Python 2.5 that lead to unreliable cryptographic digest results (CVE-2008-2316). Justin Ferguson reported multiple buffer overflows in unicode string processing that affected 32bit systems (CVE-2008-3142). Multiple integer overflows were reported by the Google Security Team that had been fixed in Python 2.5.2 (CVE-2008-3143). Justin Ferguson reported a number of integer overflows and underflows in the PyOS_vsnprintf() function, as well as an off-by-one error when passing zero-length strings, that led to memory corruption (CVE-2008-3144). The updated packages have been patched to correct these issues. As well, Python packages on Mandriva Linux 2007.1 and 2008.0 have been updated to version 2.5.2. Due to slight packaging changes on Mandriva Linux 2007.1, a new package is available (tkinter-apps) that contains binary files (such as /usr/bin/idle) that were previously in the tkinter package. %description Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems (X11, Motif, Tk, Mac and MFC). Programmers can write new built-in modules for Python in C or C++. Python can be used as an extension language for applications that need a programmable interface. This package contains most of the standard Python modules, as well as modules for interfacing to the Tix widget set for Tk and RPM. Note that documentation for Python is provided in the python-docs package. %package clamav clamav-db clamav-milter clamd libclamav4 libclamav-devel Update: Tue Aug 12 14:54:10 2008 Importance: security ID: MDVSA-2008:166 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:166 %pre An incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access (CVE-2008-3215). This issue is corrected with the 0.93.3 release which is being provided. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package libstunnel0 libstunnel0-devel stunnel Update: Wed Aug 13 19:11:52 2008 Importance: security ID: MDVSA-2008:168 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:168 %pre A vulnerability was found in the OCSP search functionality in stunnel that could allow a remote attacker to use a revoked certificate that would be successfully authenticated by stunnel (CVE-2008-2420). This flaw only concerns users who have enabled OCSP validation in stunnel. The updated packages have been patched to correct this issue. %description The stunnel program is designed to work as SSL encryption wrapper between remote clients and local (inetd-startable) or remote servers. The concept is that having non-SSL aware daemons running on your system you can easily set them up to communicate with clients over secure SSL channels. stunnel can be used to add SSL functionality to commonly used inetd daemons like POP-2, POP-3, and IMAP servers, to standalone daemons like NNTP, SMTP and HTTP, and in tunneling PPP over network sockets without changes to the source code. %package hplip hplip-doc hplip-hpijs hplip-hpijs-ppds hplip-model-data libhpip0 libhpip0-devel libsane-hpaio1 Update: Wed Aug 13 19:15:38 2008 Importance: security ID: MDVSA-2008:169 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:169 %pre Marc Schoenefeld of the Red Hat Security Response Team discovered a vulnerability in the hplip alert-mailing functionality that could allow a local attacker to elevate their privileges by using specially-crafted packets to trigger alert mails that are sent by the root account (CVE-2008-2940). Another vulnerability was discovered by Marc Schoenefeld in the hpssd message parser that could allow a local attacker to stop the hpssd process by sending specially-craftd packets, causing a denial of service (CVE-2008-2941). The updated packages have been patched to correct these issues. %description This is the HP driver package to supply Linux support for most Hewlett-Packard DeskJet, LaserJet, PSC, OfficeJet, and PhotoSmart printers and all-in-one peripherals (also known as Multi-Function Peripherals or MFPs), which can print, scan, copy, fax, and/or access flash memory cards. It is work in progress, but printing, scanning, memory card access, ink/toner/battery/consumable level checking, and inkjet printer maintenance are supported on most models, when either connected to the USB or LAN (built-in interfaces or selected HP JetDirect models) on a Linux workstation with CUPS printing system. For status and consumable checking and also for inkjet maintenance there is the graphical tool "hp-toolbox" available (Menu: "System"/"Monitoring"/"HP Printer Toolbox"). %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Wed Aug 13 19:22:45 2008 Importance: security ID: MDVSA-2008:170 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:170 %pre Thomas Pollet discovered an integer overflow vulnerability in the PNG image handling filter in CUPS. This could allow a malicious user to execute arbitrary code with the privileges of the user running CUPS, or cause a denial of service by sending a specially crafted PNG image to the print server (CVE-2008-1722). The updated packages have been patched to correct this issue. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package libpostfix1 postfix postfix-ldap postfix-mysql postfix-pcre postfix-pgsql Update: Fri Aug 15 11:24:12 2008 Importance: security ID: MDVSA-2008:171 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:171 %pre Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to (CVE-2008-2936). The updated packages have been patched to correct this issue. %description Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), TLS and running in a chroot environment. Postfix is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different. This software was formerly known as VMailer. It was released by the end of 1998 as the IBM Secure Mailer. From then on it has lived on as Postfix. PLEASE READ THE /usr/share/doc/postfix-2.3.8/README.MDK FILE. This rpm supports different build time options, to enable or disable these features you must rebuild the source rpm using the --with ... or --without ... rpm option. Currently postfix has been built with: Smtpd multiline greeting: --without multiline Virtual Delivery Agent: --without VDA Munge bare CR: --without barecr TLS support: --with tls %{with_TXT_tls} IPV6 support: --with IPV6 %{with_TXT_ipv6} CDB support: --without cdb Chroot by default: --with chroot %package libxml2 libxml2-devel libxml2-python libxml2-utils Update: Thu Aug 21 14:37:58 2008 Importance: security ID: MDVSA-2008:180 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:180 %pre Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding (CVE-2008-3281). The updated packages have been patched to prevent this issue. %description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. %package libxml2 libxml2-devel libxml2-python libxml2-utils Update: Tue Aug 26 10:31:53 2008 Importance: security ID: MDVSA-2008:180-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:180-1 %pre Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding (CVE-2008-3281). Update: The original fix used to correct this issue caused some applications that used the libxml2 library to crash. These new updated packages use a different fix that does not cause certain linked applications to crash as the old packages did. %description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. %package timezone Update: Thu Aug 28 10:59:37 2008 Importance: bugfix ID: MDVA-2008:119 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:119 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package ipsec-tools libipsec0 libipsec0-devel Update: Thu Aug 28 19:59:05 2008 Importance: security ID: MDVSA-2008:181 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:181 %pre Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory (CVE-2008-3651, CVE-2008-3652). The updated packages have been patched to prevent these issues. %description This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.6 and above kernels. This package builds: - libipsec, a PFKeyV2 library - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon %package libopensc2 libopensc2-devel mozilla-plugin-opensc opensc Update: Tue Sep 02 11:57:32 2008 Importance: security ID: MDVSA-2008:183 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:183 %pre Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card's PIN without first having the PIN or PUK, or the superuser's PIN or PUK (CVE-2008-2235). Please note that this issue can not be used to discover the PIN on a card. If the PIN on a card is the same that was always there, it is unlikely that this vulnerability has been exploited. As well, this issue only affects smart cards and USB crypto tokens based on Siemens CardOS M4, and then only those devices that were initialized by OpenSC. Users of other smart cards or USB crypto tokens, or cards that were not initialized by OpenSC, are not affected. After applying the update, executing 'pkcs15-tool -T' will indicate whether the card is fine or vulnerable. If the card is vulnerable, the security settings need to be updated by executing 'pkcs15-tool -T -U'. The updated packages have been patched to prevent this issue. %description opensc is a library for accessing smart card devices using PC/SC Lite middleware package. It is also the core library of the OpenSC project. Basic functionality (e.g. SELECT FILE, READ BINARY) should work on any ISO 7816-4 compatible smart card. Encryption and decryption using private keys on the SmartCard is at the moment possible only with PKCS #15 compatible cards. %package libtiff3 libtiff3-devel libtiff3-static-devel libtiff-progs Update: Wed Sep 03 09:54:03 2008 Importance: security ID: MDVSA-2008:184 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:184 %pre Drew Yaro of the Apple Product Security Team reported multiple uses of uninitialized values in libtiff's LZW compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked to libtiff to crash or potentially execute arbitrary code (CVE-2008-2327). The updated packages have been patched to prevent this issue. %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package python-django Update: Wed Sep 03 11:37:01 2008 Importance: security ID: MDVSA-2008:185 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:185 %pre A cross-site request forgery vulnerability was discovered in Django that, if exploited, could be used to perform unrequested deletion or modification of data. Updated versions of Django will now discard posts from users whose sessions have expired, so data will need to be re-entered in these cases. The versions of Django shipping with Mandriva Linux have been updated to the latest patched versions that include the fix for this issue. In addition, they provide other bug fixes. %description Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Developed and used over the past two years by a fast-moving online-news operation, Django was designed from scratch to handle two challenges: the intensive deadlines of a newsroom and the stringent requirements of experienced Web developers. It has convenient niceties for developing content-management systems, but it's an excellent tool for building any Web site. Django focuses on automating as much as possible and adhering to the DRY principle. %package tomcat5 tomcat5-admin-webapps tomcat5-common-lib tomcat5-jasper tomcat5-jasper-javadoc tomcat5-jsp-2.0-api tomcat5-jsp-2.0-api-javadoc tomcat5-server-lib tomcat5-servlet-2.4-api tomcat5-servlet-2.4-api-javadoc tomcat5-webapps Update: Fri Sep 05 13:35:03 2008 Importance: security ID: MDVSA-2008:187 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:187 %pre A number of vulnerabilities have been discovered in the Apache Tomcat server: The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files (CVE-2007-5342). The SingleSignOn Valve did not properly set the secure flag for the JESSIONIDSSO cookie in an HTTPS session, which could cause the cookie to be sent unprotected in HTTP requests (CVE-2008-0128). A cross-site scripting vulnerability was found in the HttpServletResponse.sendError() method which could allow a remote attacker to inject arbitrary web script or HTML via forged HTTP headers (CVE-2008-1232). A cross-site scripting vulnerability was found in the host manager application that could allow a remote attacker to inject arbitrary web script or HTML via the hostname parameter (CVE-2008-1947). A traversal vulnerability was found when using a RequestDispatcher in combination with a servlet or JSP that could allow a remote attacker to utilize a specially-crafted request parameter to access protected web resources (CVE-2008-2370). A traversal vulnerability was found when the 'allowLinking' and 'URIencoding' settings were actived which could allow a remote attacker to use a UTF-8-encoded request to extend their privileges and obtain local files accessible to the Tomcat process (CVE-2008-2938). The updated packages have been patched to correct these issues. %description Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java Servlet and JavaServer Pages specifications are developed by Sun under the Java Community Process. Tomcat is developed in an open and participatory environment and released under the Apache Software License. Tomcat is intended to be a collaboration of the best-of-breed developers from around the world. We invite you to participate in this open development project. To learn more about getting involved, click here. %package clamav clamav-db clamav-milter clamd klamav libclamav5 libclamav-devel Update: Tue Sep 09 19:43:52 2008 Importance: security ID: MDVSA-2008:189 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:189 %pre Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including: A vulnerability in ClamAV's chm-parser allowed remote attackers to cause a denial of service (application crash) via a malformed CHM file (CVE-2008-1389). A vulnerability in libclamav would allow attackers to cause a denial of service via vectors related to an out-of-memory condition (CVE-2008-3912). Multiple memory leaks were found in ClamAV that could possibly allow attackers to cause a denial of service via excessive memory consumption (CVE-2008-3913). A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks (CVE-2008-3914). Other bugs have also been corrected in 0.94 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package rsh rsh rsh-server rsh-server Update: Thu Sep 11 16:42:05 2008 Importance: security ID: MDVSA-2008:191 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:191 %pre A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server (CVE-2004-0175). This issue was originally corrected in MDKSA-2005:100, but the patch had not been applied to the development tree, so released packages after that date did not have the fix applied. This update also corrects an issue where rexecd did not honor settings in /etc/security/limits if pam_limits was in use. %description The rsh package contains a set of programs which allow users to run commmands on remote machines, login to other machines and copy files between machines (rsh, rlogin and rcp). All three of these commands use rhosts style authentication. This package contains the clients needed for all of these services. The rsh package should be installed to enable remote access to other machines. %package libxml2 libxml2-devel libxml2-python libxml2-utils Update: Thu Sep 11 16:49:47 2008 Importance: security ID: MDVSA-2008:192 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:192 %pre A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code (CVE-2008-3529). The updated packages have been patched to prevent this issue. As well, the patch to fix CVE-2008-3281 has been updated to remove the hard-coded entity limit that was set to 5M, instead using XML entity density heuristics. Many thanks to Daniel Veillard of Red Hat for his hard work in tracking down and dealing with the edge cases discovered with the initial fix to this issue. %description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. %package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-prefork apache-mpm-worker apache-source Update: Sat Sep 13 13:31:59 2008 Importance: security ID: MDVSA-2008:195 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:195 %pre A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses (CVE-2008-2364). A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI (CVE-2008-2939). The updated packages have been patched to prevent these issues. %description This package contains the main binary of apache, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache is fully modular, and many modules are available in pre-compiled formats, like PHP and mod_auth_external. Check for available Apache modules for Mandriva Linux at: http://nux.se/apache/ (most of them can be installed from the contribs repository) %package clamav clamav-db clamav-milter clamd libclamav5 libclamav-devel Update: Wed Sep 17 11:27:10 2008 Importance: security ID: MDVSA-2008:189-1 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:189-1 %pre Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including: A vulnerability in ClamAV's chm-parser allowed remote attackers to cause a denial of service (application crash) via a malformed CHM file (CVE-2008-1389). A vulnerability in libclamav would allow attackers to cause a denial of service via vectors related to an out-of-memory condition (CVE-2008-3912). Multiple memory leaks were found in ClamAV that could possibly allow attackers to cause a denial of service via excessive memory consumption (CVE-2008-3913). A number of unspecified vulnerabilities in ClamAV were reported that have an unknown impact and attack vectors related to file descriptor leaks (CVE-2008-3914). Other bugs have also been corrected in 0.94 which is being provided with this update. Because this new version has increased the major of the libclamav library, updated dependent packages are also being provided. Update: The previous update had experimental support enabled, which caused ClamAV to report the version as 0.94-exp rather than 0.94, causing ClamAV to produce bogus warnings about the installation being outdated. This update corrects that problem. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. You can build clamav with some conditional build swithes; (ie. use with rpm --rebuild): --with[out] milter Build clamav-milter (default) %package apache-conf Update: Mon Sep 22 11:11:00 2008 Importance: bugfix ID: MDVA-2008:129 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:129 %pre The Apache init script did not take into consideration using non-default MPM's, which prevented it from properly handling httpd processes that were named, for example, httpd-worker rather than just httpd. This update corrects the init script to properly handle these non-default cases. %description This package contains configuration files for apache. It is necessary for operation of the apache webserver. Having those files into a separate modules provides better customization for OEMs and ISPs, who can modify the look and feel of the apache webserver without having to re-compile the whole suite to change a logo or config file. %package ed Update: Mon Sep 22 11:13:07 2008 Importance: security ID: MDVSA-2008:200 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:200 %pre A heap-based buffer overflow was found in GNU ed that allowed context-dependent or user-assisted attackers to execute arbitrary code via a long filename (CVE-2008-3916). This update provides GNU ed 1.0, which is not vulnerable to this issue. %description Ed is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts). For most purposes, ed has been replaced in normal usage by full-screen editors (emacs and vi, for example). Ed was the original UNIX editor, and may be used by some programs. In general, however, you probably don't need to install it and you probably won't use it much. %package dkms-libafs libopenafs1 libopenafs1-devel openafs openafs-client openafs-doc openafs-server Update: Mon Sep 29 11:48:33 2008 Importance: security ID: MDVSA-2008:207 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:207 %pre A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks (CVE-2007-6559). The updated packages have been patched to prevent this issue. %description AFS is a distributed filesystem allowing cross-platform sharing of files among multiple computers. Facilities are provided for access control, authentication, backup and administrative management. This package provides common files shared across all the various OpenAFS packages but are not necessarily tied to a client or server. %package pam_mount pam_mount-devel Update: Mon Sep 29 17:56:21 2008 Importance: security ID: MDVSA-2008:208 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:208 %pre pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. %description Pam_mount is a PAM module that allows dynamic remote volume mounting. It is mainly useful for users that have private volumes in Samba / Windows NT / Netware servers and need access to them during a Unix session. %package pam_krb5 Update: Fri Oct 03 14:12:29 2008 Importance: security ID: MDVSA-2008:209 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:209 %pre Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user's credential cache (CVE-2008-3825). The updated packages have been patched to prevent this issue. %description This is pam_krb5, a pluggable authentication module that can be used with Linux-PAM and Kerberos 5. This module supports password checking, ticket creation, and optional TGT verification and conversion to Kerberos IV tickets. The included pam_krb5afs module also gets AFS tokens if so configured. %package jay libmono0 libmono0-devel mono mono-bytefx-data-mysql mono-data mono-data-firebird mono-data-oracle mono-data-postgresql mono-data-sqlite mono-data-sybase mono-doc mono-extras mono-ibm-data-db2 mono-jscript mono-locale-extras mono-nunit mono-web mono-winforms Update: Fri Oct 03 15:02:07 2008 Importance: security ID: MDVSA-2008:210 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:210 %pre CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. %description Mono is an implementation of the ECMA Common Language Infrastructure, it contains both a just-in-time compiler for maximum performance, and an interpeter. It can also be used to run programs from the .NET Framework. This package contains the core of the Mono runtime including its Virtual Machine, Just-in-time compiler, C# compiler, security tools and libraries (corlib, XML, System.Security, System.Drawing, ZipLib, I18N, Cairo and Mono.*). %package timezone Update: Tue Oct 07 11:32:42 2008 Importance: bugfix ID: MDVA-2008:133 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:133 %pre Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. %description This package contains data files with rules for various timezones around the world. %package libpopt0 libpopt0-devel librpm4.4 librpm4.4-devel perl-RPM popt-data python-rpm rpm rpm-build Update: Tue Oct 07 12:36:11 2008 Importance: bugfix ID: MDVA-2008:134 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:134 %pre This package update adds support for LZMA compression in rpm. This will allow users of Mandriva Linux 2007.1 to upgrade to the Mandriva Linux 2009.0 release. %description RPM is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Each software package consists of an archive of files along with information about the package like its version, a description, etc. %package symlinks Update: Thu Oct 09 11:51:20 2008 Importance: bugfix ID: MDVA-2008:140 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:140 %pre The symlinks program did not work on files larger than 2GB, reporting the error Value too large for defined data type. This update fixes this issue in addition to an error where symlinks converted from absolute to relative paths were not shortened (Red Hat bug #89655). %description The symlinks utility performs maintenance on symbolic links. Symlinks checks for symlink problems, including dangling symlinks which point to nonexistent files. Symlinks can also automatically convert absolute symlinks to relative symlinks. Install the symlinks package if you need a program for maintaining symlinks on your system. %package gdb Update: Fri Oct 10 13:09:18 2008 Importance: bugfix ID: MDVA-2008:142 URL: http://www.mandriva.com/security/advisories?name=MDVA-2008:142 %pre A bug was found in the gdb package that prevented the build of the gdbserver binary and its manpage. Updated packages are being provided to fix the issue. %description Gdb is a full featured, command driven debugger. Gdb allows you to trace the execution of programs and examine their internal state at any time. Gdb works for C and C++ compiled with the GNU C compiler gcc. If you are going to develop C and/or C++ programs and use the GNU gcc compiler, you may want to install gdb to help you debug your programs. %package cups cups-common cups-serial libcups2 libcups2-devel php-cups Update: Fri Oct 10 23:20:09 2008 Importance: security ID: MDVSA-2008:211 URL: http://www.mandriva.com/security/advisories?name=MDVSA-2008:211 %pre A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed (CVE-2008-3639). An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text file that could possibly execute arbitrary code if the file was printed (CVE-2008-3640). Finally, an insufficient buffer bounds checking flaw was found in the HP-GL/2-to-PostScript hpgltops filter. An attacker could create a malicious HP-GL/2 file that could possibly execute arbitrary code if the file was printed (CVE-2008-3641). The updated packages have been patched to prevent this issue; for Mandriva Linux 2009.0 the latest CUPS version (1.3.9) is provided that corrects these issues and also provides other bug fixes. %description CUPS 1.2 is fully compatible with CUPS-1.1 machines in the network and with software built against CUPS-1.1 libraries. The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file.