Jump to content

paul

Admin
  • Posts

    5611
  • Joined

  • Last visited

  • Days Won

    8

Everything posted by paul

  1. The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10 and 0.9.19 allows local users to change the ownership and permissions of arbitrary files via a symlink attack on a /tmp/.esd-##### temporary file (CVE-2009-1299). This update fixes this issue.
  2. This update fixes a reported buffer overflow found with ntlm authentication (MDV #59779). Update: This advisory is obsoleted by http://www.mandriva.com/en/security/advisories?name=MDVSA-2010:123
  3. This update fixes a reported buffer overflow found with ntlm authentication (MDV #59779). This advisory obsoletes MDVA-2010:172
  4. This update fixes a reported buffer overflow found with ntlm authentication (MDV #59779).
  5. The file /etc/profile.d/gpg-agent.sh uses the source statement which is not valid in sh or ksh. The source statement for sh, ksh, and bash should be . rather than source. This update fixes this issue.
  6. A vulnerability has been discovered and corrected in fastjar: Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in a non-initial pathname component in a filename within a .jar archive, a related issue to CVE-2005-1080. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-3619 (CVE-2010-0831). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue.
  7. This update contains an important fix for YouTube video parsing, fixing a problem which was introduced when YouTube introduced new rating elements.
  8. A vulnerability has been discovered and corrected in pango: Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to building a synthetic Glyph Definition (aka GDEF) table by using this font's charmap and the Unicode property database (CVE-2010-0421). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue.
  9. A vulnerability was reported in the SquirrelMail Mail Fetch plugin, wherein (when the plugin is activated by the administrator) a user is allowed to specify (without restriction) any port number for their external POP account settings. While the intention is to allow users to access POP3 servers using non-standard ports, this also allows malicious users to effectively port-scan any server through their SquirrelMail service (especially note that when a SquirrelMail server resides on a network behind a firewall, it may allow the user to explore the network topography (DNS scan) and services available (port scan) on the inside of (behind) that firewall). As this vulnerability is only exploitable post-authentication, and better more specific port scanning tools are freely available, we consider this vulnerability to be of very low severity. It has been fixed by restricting the allowable POP port numbers (with an administrator configuration override available) (CVE-2010-1637). The updated packages have been patched to correct this issue.
  10. Fix typo in initscript headers of mmc-agent Update: The MDVA-2010:165 advisory provided the wrong set of packages that is now resolved.
  11. A vulnerability has been discovered and corrected in samba: Samba versions 3.0.x, 3.2.x and 3.3.x are affected by a memory corruption vulnerability. Code dealing with the chaining of SMB1 packets did not correctly validate an input field provided by the client, making it possible for a specially crafted packet to crash the server or potentially cause the server to execute arbitrary code (CVE-2010-2063). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue.
  12. A vulnerability has been discovered and corrected in sudo: The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable (CVE-2010-1646). Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue.
  13. A vulnerability has been discovered and corrected in cacti: SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a GET request in conjunction with a valid rra_id value in a POST request or a cookie, which bypasses the validation routine (CVE-2010-2092). The updated packages have been patched to correct this issue.
  14. A problem was discovered with the perl-base package during certain conditions and which could prevent it from being installed correctly, related to a dependency problem. The fixed packages resolves this problem.
  15. It was discovered php-xdebug-2.0.5 did not work properly for php-5.3.2. This advisory upgrades php-xdebug to 2.1.0 RC1 which solves this problem.
  16. Development packages for i586 and x86_64 could not be installed at the same time due to file conflicts on documentation. This update moves documentation files into a separate package to fix that. Additionally python-celementtree has been added to this advisory to solve added dependancies.
  17. Espeak as shipped with Mandriva 2010.0 had no support for pulseaudio. An updated package was provided that added pulseaudio support, but didn't work anymore for systems that had pulseaudio disabled. This update makes espeak work in both scenarios. Additional packages has been added to this advisory to solve dependency problems.
  18. It was discovered php-eaccelerator-0.9.6 did not work properly with open_basedir for php-5.3.2. This advisory upgrades php-eaccelerator to 0.9.6.1 which solves this problem.
  19. This advisory updates wireshark to the latest version(s), fixing several security issues: The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2283). Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2284). The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors (CVE-2010-2285). The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors (CVE-2010-2286). Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors (CVE-2010-2287).
  20. Multiple vulnerabilities has been discovered and corrected in Safe.pm which could lead to escalated privilegies (CVE-2010-1168, CVE-2010-1447). The updated packages have been patched to correct these issues.
  21. Multiple vulnerabilities has been discovered and corrected in Path.pm and Safe.pm which could lead to escalated privilegies (CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, CVE-2010-1447). The updated packages have been patched to correct these issues.
  22. A vulnerability has been found and corrected in dhcp: ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service (server exit) via a zero-length client ID (CVE-2010-2156). The updated packages have been patched to correct this issue.
  23. Fix typo in initscript headers of mmc-agent
  24. This advisory updates wireshark to the latest version(s), fixing several security issues: * The SMB dissector could dereference a NULL pointer. (Bug 4734) * J. Oquendo discovered that the ASN.1 BER dissector could overrun the stack. * The SMB PIPE dissector could dereference a NULL pointer on some platforms. * The SigComp Universal Decompressor Virtual Machine could go into an infinite loop. (Bug 4826) * The SigComp Universal Decompressor Virtual Machine could overrun a buffer. (Bug 4837)
  25. Changes on the ICQ servers made the login impossible if the clientLogin and SSL options were enabled. This update adds patches to restore these options. Also add xdg patch from cooker. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490
×
×
  • Create New...