paul

In mandriva 2010.0, we provided KDE 4.3.2, this update brings KDE to version 4.3.5, overall, it provides many bug fixes and enhancements. For a complete list with changes, access the official announcement at http://www.kde.org/announcements/announce-4.3.5.php In addiction we are providing new versions of digikam, k3b and kbluetooth. Update: This update also provides new package python-mwclient, required by kde 4.3.5.

In mandriva 2010.0, we provided KDE 4.3.2, this update brings KDE to version 4.3.5, overall, it provides many bug fixes and enhancements. For a complete list with changes, access the official announcement at http://www.kde.org/announcements/announce-4.3.5.php In addiction we are providing new versions of digikam, k3b and kbluetooth.

A vulnerability has been found and corrected in curl: content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service (application crash) or have unspecified other impact by sending crafted compressed data to an application that relies on the intended data-length limit (CVE-2010-0734). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct theis issue.

The version of PulseAudio shipped with 2010.0 has had numerous bug fixes since it was released. This updates the PulseAudio package to 0.9.21 which contains most of the bug fixes (the package versions from 0.9.17 through 0.9.21 are all considered bugfix updates). Additional fixes from the upstream stable-queue branch are also included in this package. The fixes include better support for variations in ALSA mixer elements, bluetooth fixes and general stability fixes. Additionally, the alsa library shipped with 2010.0 had some flaws in the way certain timer events were handled and with how paramaters were set for some input devices (most notably the microphone in some Logitech Web Cams). Fixes for these flaws are also included.

In mandriva 2010.0, there was a missing requires that make impossible to choose a printer though samba. Also, in mandriva 2010.0, the cups service couldn't be started if the user started s-c-p manually. This update fixes these issues.

Updated packages for lvm2 and device mapper correct malfunctioning of dmeventd and errors while creating snapshots and mirrored targets.

This update adds missing header files which are necessary to compile third-party applications based on iptables.

Poppler cairo backend was not handling PDF images prescaling correctly, causing some PDF files (mostly from scanned text) to be unreadable. This updates fixes this issues and includes other stability fixes.

Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information.

The RPM packages tag was wrong in the mandriva-release package released with Mandriva Enterprise Server 5.1. This only affected packages rebuilt in that system. This update addresses that issue.

The Adobe Flash plugin has https support, but only searches for SSL certificates in /etc/ssl/certs. This advisory provides a compatibility symlink at /etc/ssl/certs pointing to /etc/pki/tls/certs to remedy this problem. Additionally this advisory also brings the latest root CA certs from the mozilla cvs dated 2010-02-16. The mozilla nss library has consequently been rebuilt to pickup these changes and are also being provided. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

Multiple vulnerabilities has been found and corrected in ncpfs: sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name (CVE-2010-0790). The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits (CVE-2010-0791). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

There was a regression in certain versions of foomatic-rip 3 and 4, which has since been fixed. As a result, old versions fail the LSB printing tests. This advisory updates foomatic-db to 4.0 that passes the LSB tests and also provides various updated printing softwares and drivers.

A vulnerability has been found and corrected in squid: The htcpHandleTstRequest function in htcp.c in Squid 2.x and 3.0 through 3.0.STABLE23 allows remote attackers to cause a denial of service (crash) via crafted packets to the HTCP port, which triggers a NULL pointer dereference (CVE-2010-0639). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in virtualbox: Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors (CVE-2009-3940). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been found and corrected in php: * Improved LCG entropy. (Rasmus, Samy Kamkar) * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) * Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak. (Ilia) Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

Fix packages signature management when a package is in 2 sub-repositories same version but different signature. This problem occured when local media were used.

Revert third party integration for now as some issues were discovered. Update: The mmc-wizard-1.0-13.10mdvmes5 update packages brought new unresolved dependancies wich prevented it from installing using MandrivaUpdate. This advisory resolves this problem by providing the missing packages.

A vulnerabilitiy has been found and corrected in apache: The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request (CVE-2010-0434). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

This update provides the OpenOffice.org 3.0 major version and holds the security fixes for the following issues: An integer underflow might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document leading to a heap-based buffer overflow (CVE-2009-0200). An heap-based buffer overflow might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document related to table parsing. (CVE-2009-0201). Multiple heap-based buffer overflows allow remote attackers to execute arbitrary code via a crafted EMF+ file (CVE-2009-2140). OpenOffice's xmlsec uses a bundled Libtool which might load .la file in the current working directory allowing local users to gain privileges via a Trojan horse file. For enabling such vulnerability xmlsec has to use --enable-crypto_dl building flag however it does not, although the fix keeps protected against this threat whenever that flag had been enabled (CVE-2009-3736). Additional packages are also being provided due to dependencies. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

Add a buildrequire on python-twisted-core to get rid of a file deps on /usr/bin/twistd

An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service (crash) via a crafted PDF file (CVE-2009-0799). Multiple input validation flaws in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file (CVE-2009-0800). An integer overflow in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file (CVE-2009-1179). A free of invalid data flaw in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF (CVE-2009-1180). A NULL pointer dereference flaw in the JBIG2 decoder allows remote attackers to cause denial of service (crash) via a crafted PDF file (CVE-2009-1181). Multiple buffer overflows in the JBIG2 MMR decoder allows remote attackers to cause denial of service or to execute arbitrary code via a crafted PDF file (CVE-2009-1182, CVE-2009-1183). An integer overflow in the JBIG2 decoding feature allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CVE-2009-1187). An integer overflow in the JBIG2 decoding feature allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document (CVE-2009-1188). Integer overflow in the SplashBitmap::SplashBitmap function in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1 might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1188 (CVE-2009-3603). The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow (CVE-2009-3604). Multiple integer overflows allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file, related to (1) glib/poppler-page.cc; (2) ArthurOutputDev.cc, (3) CairoOutputDev.cc, (4) GfxState.cc, (5) JBIG2Stream.cc, (6) PSOutputDev.cc, and (7) SplashOutputDev.cc in poppler/; and (8) SplashBitmap.cc, (9) Splash.cc, and (10) SplashFTFont.cc in splash/. NOTE: this may overlap CVE-2009-0791 (CVE-2009-3605). Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3606). Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of these details are obtained from third party information (CVE-2009-3607). Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow (CVE-2009-3608). Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read (CVE-2009-3609). Buffer overflow in the ABWOutputDev::endWord function in poppler/ABWOutputDev.cc as used by the Abiword pdftoabw utility, allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PDF file (CVE-2009-3938). This update provides fixes for that vulnerabilities.

Revert third party integration for now as some issues were discovered.

This update provides lots of bugs fixes and new functionalities for installation: - Add pt_BR translation for Advanced and Others stack - Add NuFW stack - Open postinstall links in new window - Add post-installation feature + supplementary text description in bundle display - Request my.mandriva.com account validation when media add fails - Check if media is already configured - Remember login lang setting with a cookie

This update provides the latest version of nufw software suite, with many bugfixes and usage improvements.