-
Posts
5611 -
Joined
-
Last visited
-
Days Won
8
Content Type
Profiles
Forums
Events
Posts posted by paul
-
-
Multiple vulnerabilities has been found and corrected in mysql:
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does
not (1) properly handle errors during execution of certain SELECT
statements with subqueries, and does not (2) preserve certain
null_value flags during execution of statements that use the
GeomFromWKB function, which allows remote authenticated users to
cause a denial of service (daemon crash) via a crafted statement
(CVE-2009-4019).
The vio_verify_callback function in viosslfactories.c in MySQL
5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,
accepts a value of zero for the depth of X.509 certificates, which
allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL
servers via a crafted certificate, as demonstrated by a certificate
presented by a server linked against the yaSSL library (CVE-2009-4028).
MySQL 5.1.x before 5.1.41 allows local users to bypass certain
privilege checks by calling CREATE TABLE on a MyISAM table with
modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments
that are originally associated with pathnames without symlinks,
and that can point to tables created at a future time at which a
pathname is modified to contain a symlink to a subdirectory of the
MySQL data home directory, related to incorrect calculation of the
mysql_unpacked_real_data_home value. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079
(CVE-2009-4030).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct these
issues. Additionally for 2009.0 and MES5 mysql has also been upgraded
to the last stable 5.0 release (5.0.89).
-
Multiple vulnerabilities has been found and corrected in libthai:
Tim Starling discovered that libthai, a set of Thai language support
routines, is vulnerable of integer/heap overflow. This vulnerability
could allow an attacker to run arbitrary code by sending a very long
string (CVE-2009-4012).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct these issues.
-
Perl scripts shipped in the freeradius-web sub package use File::Temp
perl module incorrectly, preventing to execute them correctly. In these
perl scripts, a change was made to replace the line "use File::Temp
;" by "use File::Tempqw(tempfile tempdir);".
-
When a system uses dmraid, mkinitrd now calls dmraid command with the
option --rm_partitions. This option is only available in new dmraid
package, so boot will fail if, during an upgrade, initrd is generated
with new mkinitrd and old dmraid (#55427). This updated package adds
this dependency.
Additionally, two bug were fixed about drm modules inclusion
(#55676). First, when a drm module was loaded at the time mkinitrd
is run, it would be included even if it not in DRM_WHITELIST. Then,
when a module was whitelisted, all the drm modules for this hardware
where included, including proprietary ones).
-
This update adds a feature to msec to save the log message that
would be sent by email into /var/log/security/ to allow consulting
it without relying on email system.
-
Multiple vulnerabilities has been found and corrected in php:
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0,
5.2.10, and earlier versions allows context-specific attackers to
obtain sensitive information (memory contents) and cause a PHP crash
by using the ini_set function to declare a variable, then using the
ini_restore function to restore the variable (CVE-2009-2626).
The htmlspecialchars function in PHP before 5.2.12 does not properly
handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences,
and (3) invalid EUC-JP sequences, which allows remote attackers to
conduct cross-site scripting (XSS) attacks by placing a crafted byte
sequence before a special character (CVE-2009-4142).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct these issues.
-
A vulnerability has been found and corrected in php:
The htmlspecialchars function in PHP before 5.2.12 does not properly
handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences,
and (3) invalid EUC-JP sequences, which allows remote attackers to
conduct cross-site scripting (XSS) attacks by placing a crafted byte
sequence before a special character (CVE-2009-4142).
The updated packages have been patched to correct this issue.
-
Multiple vulnerabilities has been found and corrected in php:
The (1) htmlentities and (2) htmlspecialchars functions in PHP before
5.2.5 accept partial multibyte sequences, which has unknown impact and
attack vectors, a different issue than CVE-2006-5465 (CVE-2007-5898).
The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0,
5.2.10, and earlier versions allows context-specific attackers to
obtain sensitive information (memory contents) and cause a PHP crash
by using the ini_set function to declare a variable, then using the
ini_restore function to restore the variable (CVE-2009-2626).
The htmlspecialchars function in PHP before 5.2.12 does not properly
handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences,
and (3) invalid EUC-JP sequences, which allows remote attackers to
conduct cross-site scripting (XSS) attacks by placing a crafted byte
sequence before a special character (CVE-2009-4142).
The updated packages have been patched to correct these issues.
-
This is a minor bugfix release for virt-manager:
Because of default configuration that may leads to misunderstanding,
README.urpmi has been added in virt-manager package so that relocation
server option is clear. It explains also how modify this default
option.
The packages provided with this update addresses this problem.
-
This is a minor bugfix release for net-snmp:
The /etc/snmp/snmp.local.conf file contains a line that enable
quickprinting features that breaks the output from snmpget for the
nagios plugins using it.
The packages provided with this update addresses this problem.
-
This is a minor bugfix release for logcheck:
- wrong permission on configuration file
- rebuilt package with correct version of docbook-to-man to fix man
pages build
The packages provided with this update addresses this problem.
-
This is a minor bugfix release for openssh:
The openssl and makedev packages is needed at install time from cdrom
medias in %post for the openssh-server sub package in order to be
able to generate the ssh keys files (fixes #55951)
The packages provided with this update addresses this problem.
-
A new script has been added in documentation. It can be used to manage
nameservers when /etc/resolv.conf is handled by resolvconf.
-
The default pam.d/system-auth file contains references to the
pam_ccreds.so library.When I added pam_ldap.so to my system-auth file,
pam bombed out because it could not find pam_ccreds.so
This update addresses that issue.
-
A programming error in the Python bindings for GObject would make
programs like eliza and Moodvida take up all CPU resources for
unnecessary operations while running.
This update fixes the problem.
-
This updates the specific rpmsrate and compsUser.pl files for MES5.
-
The last iaora update introduced a litlle regression in some IaOra
color schemes, like Iaora-Gray, this new package is correcting
this. Also in iaora, the application's name in the titlebar wasn't
correctly centered.
-
A vulnerability have been discovered in Mandriva bash package, which
could allow a malicious user to hide files from the ls command,
or garble its output by crafting files or directories which contain
special characters or escape sequences (CVE-2010-0002). This update
fixes the issue by disabling the display of control characters
by default.
Additionally, this update fixes the unsafe file creation in bash-doc
sample scripts (CVE-2008-5374).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
-
- In Mandriva 2009 Spring, plasma crashes when moving a plasmoid from
the taskbar to the desktop. This Update fixes this issue.
- In mandriva 2009 Spring, we used a specific kde certificate
file. This update allows KDE to use rootcert certificate bundle.
-
Multiple vulnerabilities has been found and corrected in krb5:
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in
the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before
1.6.4 allows remote attackers to cause a denial of service (daemon
crash) or possibly execute arbitrary code via vectors involving an
invalid DER encoding that triggers a free of an uninitialized pointer
(CVE-2009-0846).
The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5
(aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to
cause a denial of service (application crash) via a crafted length
value that triggers an erroneous malloc call, related to incorrect
calculations with pointer arithmetic (CVE-2009-0847).
The updated packages have been patched to correct these issues.
-
A vulnerability has been found and corrected in krb5:
Multiple integer underflows in the (1) AES and (2) RC4 decryption
functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3
through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause
a denial of service (daemon crash) or possibly execute arbitrary code
by providing ciphertext with a length that is too short to be valid
(CVE-2009-4212).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
The updated packages have been patched to correct this issue.
-
Programs like hplip that use polkit to authorize privileged operations
fail in desktop environments that don't start their own polkit-agent.
This update starts the polkit-agent for GNOME in all desktop
environments.
-
A regression was discovered in fetchmail 6.3.12
The multiline SMTP error fix in release 6.3.12 caused fetchmail
to lose message codes 400..599 and treat all of these as temporary
error. This would cause messages to be left on the server even if
softbounce was turned off. Reported by Thomas Jarosch.
This update provides fetchmail 6.3.13, which addresses this problem.
-
Security vulnerabilities has been identified and fixed in pidgin:
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium
before 1.3.7 allows remote attackers to cause a denial of service
(application crash) via crafted contact-list data for (1) ICQ and
possibly (2) AIM, as demonstrated by the SIM IM client (CVE-2009-3615).
Directory traversal vulnerability in slp.c in the MSN protocol
plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows
remote attackers to read arbitrary files via a .. (dot dot) in an
application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request,
a related issue to CVE-2004-0122. NOTE: it could be argued that
this is resultant from a vulnerability in which an emoticon download
request is processed even without a preceding text/x-mms-emoticon
message that announced availability of the emoticon (CVE-2010-0013).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
This update provides pidgin 2.6.5, which is not vulnerable to these
issues.
Advisories MDVSA-2010:012: mysql
in Mandriva Security Advisories
Posted
Multiple vulnerabilities has been found and corrected in mysql:
mysqld in MySQL 5.0.x before 5.0.88 and 5.1.x before 5.1.41 does
not (1) properly handle errors during execution of certain SELECT
statements with subqueries, and does not (2) preserve certain
null_value flags during execution of statements that use the
GeomFromWKB function, which allows remote authenticated users to
cause a denial of service (daemon crash) via a crafted statement
(CVE-2009-4019).
The vio_verify_callback function in viosslfactories.c in MySQL
5.0.x before 5.0.88 and 5.1.x before 5.1.41, when OpenSSL is used,
accepts a value of zero for the depth of X.509 certificates, which
allows man-in-the-middle attackers to spoof arbitrary SSL-based MySQL
servers via a crafted certificate, as demonstrated by a certificate
presented by a server linked against the yaSSL library (CVE-2009-4028).
MySQL 5.1.x before 5.1.41 allows local users to bypass certain
privilege checks by calling CREATE TABLE on a MyISAM table with
modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments
that are originally associated with pathnames without symlinks,
and that can point to tables created at a future time at which a
pathname is modified to contain a symlink to a subdirectory of the
MySQL data home directory, related to incorrect calculation of the
mysql_unpacked_real_data_home value. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2008-4098 and CVE-2008-2079
(CVE-2009-4030).
The updated packages have been patched to correct these
issues. Additionally for 2009.1 and 2010.0 mysql has also been upgraded
to the latest stable 5.1 release (5.1.42).