-
Posts
5611 -
Joined
-
Last visited
-
Days Won
8
Content Type
Profiles
Forums
Events
Posts posted by paul
-
-
A vulnerability has been found and corrected in php:
PHP before 5.2.12 does not properly handle session data,
which has unspecified impact and attack vectors related to (1)
interrupt corruption of the SESSION superglobal array and (2) the
session.save_path directive (CVE-2009-4143).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.
-
A vulnerabilitiy has been found and corrected in mysql:
MySQL is vulnerable to a symbolic link attack when the data home
directory contains a symlink to a different filesystem which allows
remote authenticated users to bypass intended access restrictions
(CVE-2008-7247).
The updated packages have been patched to correct these issues.
-
The blogtk package in 2010.0 was crashing on start. This update fixes
the problem by updating blogtk to the latest version.
Additionally the python-gdata packages are being provided as well
due to requirements.
Update:
The MDVA-2010:070 advisory was missing some new dependancies (packages)
that prevented blogtk to install using MandrivaUpdate. This advisory
provides the missing packages.
-
A vulnerability have been discovered and corrected in libtheora:
Integer overflow in libtheora in Xiph.Org Theora before 1.1 allows
remote attackers to cause a denial of service (application crash)
or possibly execute arbitrary code via a video with large dimensions
(CVE-2009-3389).
The updated packages have been patched to correct this issue.
-
Security issues were identified and fixed in firefox 3.0.x and 3.5.x:
Mozilla developers identified and fixed several stability bugs in the
browser engine used in Firefox and other Mozilla-based products. Some
of these crashes showed evidence of memory corruption under certain
circumstances and we presume that with enough effort at least some
of these could be exploited to run arbitrary code (CVE-2010-0159).
Security researcher Orlando Barrera II reported via TippingPoint's Zero
Day Initiative that Mozilla's implementation of Web Workers contained
an error in its handling of array data types when processing posted
messages. This error could be used by an attacker to corrupt heap
memory and crash the browser, potentially running arbitrary code on
a victim's computer (CVE-2010-0160).
Security researcher Alin Rad Pop of Secunia Research reported that
the HTML parser incorrectly freed used memory when insufficient space
was available to process remaining input. Under such circumstances,
memory occupied by in-use objects was freed and could later be filled
with attacker-controlled text. These conditions could result in the
execution or arbitrary code if methods on the freed objects were
subsequently called (CVE-2009-1571).
Security researcher Hidetake Jo of Microsoft Vulnerability Research
reported that the properties set on an object passed to showModalDialog
were readable by the document contained in the dialog, even when
the document was from a different domain. This is a violation of the
same-origin policy and could result in a website running untrusted
JavaScript if it assumed the dialogArguments could not be initialized
by another site. An anonymous security researcher, via TippingPoint's
Zero Day Initiative, also independently reported this issue to Mozilla
(CVE-2009-3988).
Mozilla security researcher Georgi Guninski reported that when a SVG
document which is served with Content-Type: application/octet-stream
is embedded into another document via an tag with
type=image/svg+xml, the Content-Type is ignored and the SVG document
is processed normally. A website which allows arbitrary binary data to
be uploaded but which relies on Content-Type: application/octet-stream
to prevent script execution could have such protection bypassed. An
attacker could upload a SVG document containing JavaScript as a binary
file to a website, embed the SVG document into a malicous page on
another site, and gain access to the script environment from the
SVG-serving site, bypassing the same-origin policy (CVE-2010-0162).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
Additionally, some packages which require so, have been rebuilt and
are being provided as updates.
-
The DHCP client ignores the interface-mtu option set by server. This
update fixes the issue.
-
This update enables files to be properly attached when xdg-email is
used with Thunderbird as the default mail client.
-
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
Array index error in the gdth_read_event function in
drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows
local users to cause a denial of service or possibly gain privileges
via a negative event index in an IOCTL request. (CVE-2009-3080)
The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the
Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified
impact via a crafted HDLC packet that arrives over ISDN and triggers
a buffer under-read. (CVE-2009-4005)
Additionally, the Linux kernel was updated to the stable release
2.6.27.45.
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
Update:
The nvidia173-kernel x86_64 packages was missing with MDVSA-2010:034
for the Enterprise 5 product. This advisory provides the missing
packages.
-
The new mdkonline packages adds the extended maintenance support
to mdkonline.
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
as well as for official 2008.0 updates.
Update:
A problem was discovered with unresolved dependancies. This advisory
provides the missing packages.
-
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
Array index error in the gdth_read_event function in
drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows
local users to cause a denial of service or possibly gain privileges
via a negative event index in an IOCTL request. (CVE-2009-3080)
The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the
Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified
impact via a crafted HDLC packet that arrives over ISDN and triggers
a buffer under-read. (CVE-2009-4005)
Additionally, the Linux kernel was updated to the stable release
2.6.27.45.
To update your kernel, please follow the directions located at:
http://www.mandriva.com/en/security/kernelupdate
Update:
The virtualbox DKMS modules was not provided with MDVSA-2010:034
for the Enterprise 5 product. This advisory provides the missing
virtualbox packages.
-
Multiple security vulnerabilities has been identified and fixed
in pidgin:
Certain malformed SLP messages can trigger a crash because the MSN
protocol plugin fails to check that all pieces of the message are
set correctly (CVE-2010-0277).
In a user in a multi-user chat room has a nickname containing '
'
then libpurple ends up having two users with username ' ' in the room,
and Finch crashes in this situation. We do not believe there is a
possibility of remote code execution (CVE-2010-0420).
oCERT notified us about a problem in Pidgin, where a large amount of
processing time will be used when inserting many smileys into an IM
or chat window. This should not cause a crash, but Pidgin can become
unusable slow (CVE-2010-0423).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
This update provides pidgin 2.6.6, which is not vulnerable to these
issues.
-
Multiple vulnerabilities has been discovered and corrected in
gnome-screensaver:
gnome-screensaver 2.28.0 does not resume adherence to its activation
settings after an inhibiting application becomes unavailable on the
session bus, which allows physically proximate attackers to access
an unattended workstation on which screen locking had been intended
(CVE-2009-4641).
gnome-screensaver before 2.28.2 allows physically proximate attackers
to bypass screen locking and access an unattended workstation by moving
the mouse position to an external monitor and then disconnecting that
monitor (CVE-2010-0414).
This update provides gnome-screensaver 2.28.3, which is not vulnerable
to these issues.
-
A vulnerability have been discovered and corrected in netpbm:
Stack-based buffer overflow in converter/ppm/xpmtoppm.c in netpbm
before 10.47.07 allows context-dependent attackers to cause a denial
of service (application crash) or possibly execute arbitrary code
via an XPM image file that contains a crafted header field associated
with a large color index value (CVE-2009-4274).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.
-
A vulnerability have been discovered and corrected in maildrop:
main.C in maildrop 2.3.0 and earlier, when run by root with the -d
option, uses the gid of root for execution of the .mailfilter file in
a user's home directory, which allows local users to gain privileges
via a crafted file (CVE-2010-0301).
The updated packages have been patched to correct this issue.
-
The eject package shipped in Mandriva Linux 2009.0, 2009.1, 2010.0
contains a bug which will lead to a failure when ejecting a DVD
which has space characters within its name. The updated package fixes
this problem.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
-
Update documentation for MES 5.1 release:
- KVM chapter added
- Virt-manager chapter added
- MMC-Wizard chapter recast
- Samba backend warning added
- MX configuration in Mandriva Directory Server added
-
The blogtk package in 2010.0 was crashing on start. This update fixes
the problem by updating blogtk to the latest version.
Additionally the python-gdata packages are being provided as well
due to requirements.
-
The new mandriva-release packages adds extended maintainance access
support.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
-
The new drakconf packages adds extended maintainance access support
to drakconf.
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
as well as for official 2008.0 updates.
-
The new mdkonline packages adds the extended maintenance support
to mdkonline.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
-
Allow to use ddf1 raid and to manage unpartitionned dmraid. It also
offers to install onto dmraid or existing lvm without using manual
partitionning.
Update:
drakx-installer-stage2 packages was missing with the MDVA-2010:062
advisory. The missing packages being provided with this advisory.
-
Some bugs were found in drakxtools code dropping privileges to
display help or other web pages. This updates make it more reliable
on 2009.0 and 2009.1, and make it actually drop privileges on
2008.0. Additionally it fixes drakbug on 2008.0 to actually open the
bug when launching the browser.
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
-
A vulnerability have been discovered and corrected in fetchmail:
The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13,
when running in verbose mode on platforms for which char is signed,
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via an SSL X.509 certificate
containing non-printable characters with the high bit set, which
triggers a heap-based buffer overflow during escaping (CVE-2010-0562).
This update provides fetchmail 6.3.14, which is not vulnerable to
this issue.
-
The pptp-linux packages in Mandriva Linux 2009.0, MES5, 2009.1 and
2010.0 try to call /bin/ip instead of /sbin/ip. The updated packages
fix this issue.
Advisories MDVA-2010:075: phpmyadmin
in Mandriva Security Advisories
Posted
This is a maintenance and bugfix release that upgrades phpmyadmin
to 3.2.5 that solves intermittent segfaults and brings many upstream
fixes as well.