paul

rpmstats in 2010.0 displays strange characters for some last modified

file names, this is easy noticed on Drakstats.

This updated package fixes this bug (#56176).

A vulnerability was found in xmltok_impl.c (expat) that with

specially crafted XML could be exploited and lead to a denial of

service attack. Related to CVE-2009-2625 (CVE-2009-3720).

This update fixes this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

The a2ps package as provided in Mandriva Linux 2010.0 contains

improvements concerning paper auto-detection, locale recognition and

security issues. The locale recognition prevented the application to

perform correctly, this update fixes the issue.

Mandriva 2010 includes k3b 1.68 (alpha3) and the stable release won't

be ready before a long time, this update introduces the Aplha4 version,

with lot's of bugfixes and some new features including:

New features

* Added close buttons on project tabs (159751)

* Added support for new libmpcdec API (214149)

Bugfixes

* Crash at the beginning of burning (204333)

* Crash during DVD ripping (207958)

* Crash right after burn (195436)

* Crash during Audio CD ripping (198015)

* Crash at the beginning of ripping Audio CD with data tracks

(186555)

* Crash at the beginning of burning cue/bin image (190775)

* Fixed various typos in UI (208401, 209512)

* Fixed potential aliasing issues (210890)

* Show only one entry on the task list even when dialog window

is opened (211680)

* Show correct size when project contains invalid links (212609)

* Show correct elapsed time when burning over midnight (211604)

* Added timeout when checking version number and features of

executable (212582)

* Fixed visually endless busy status when opening an empty folder

(113649)

* Burning double-layer DVDs should be possible again (214115)

This bug also fixes an error in the migration process from 2009.0 to

2010.0 (bug #56493)

In mandriva 2010.0, KNetattach was using fish for the ssh connections,

this update makes it use the more suported sftp instead.

In mandriva 2010.0, Okular was failing to open files from firefox,

if the URL contained spaces or accents.

This update fixes this issue.

In mandriva 2010.0, a beta version of digikam was provided.

This update provides the final version of 1.0.0.

Nautilus would sometimes crash, caused by corrupted gvfs metadata.

This updates gvfs to the new fixed version.

In Konqueror of Mandriva 2010.0 there is a statusbar rendering a bug

when restoring multiple tabs. This Update fixes this issue.

Due to a change in glibc on x86_64, pam_tcb incorrectly handles

negative values in /etc/shadow. When password expiration warning

delay is set to -1, a warning would be displayed to the users saying

that their password will expire in 99999 days. This update resolves

this bug.

Dansguardian service, when launched with the stop option, would report

errors on lines 51. This update fixes the issue.

Mandriva Linux 2008.0 was released with KDE version 3.5.7.

This update upgrades KDE in Mandriva Linux 2008.0 to version 3.5.10,

which brings many bugfixes, overall improvements and many security

fixes.

kdegraphics contains security fixes for

CVE-2009-3603,3604,3605,3606,3608,3609,0146,0147,0165,0166,0799,0800,1179,1180,1181,1182,1183

kdelibs contains security fixes for

CVE-2009-0689,1687,1690,1698,2702,1725,2537

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

This update provides the pcsc-lite packages which were needed by

MDVA-2009:264 but not provided.

A vulnerability was discovered and corrected in acl:

The (1) setfacl and (2) getfacl commands in XFS acl 2.2.47, when

running in recursive (-R) mode, follow symbolic links even when the

--physical (aka -P) or -L option is specified, which might allow

local users to modify the ACL for arbitrary files or directories via

a symlink attack (CVE-2009-4411).

This update provides a fix for this vulnerability.

Security vulnerabilities has been identified and fixed in University

of Washington IMAP Toolkit:

Multiple stack-based buffer overflows in (1) University of Washington

IMAP Toolkit 2002 through 2007c, (2) University of Washington Alpine

2.00 and earlier, and (3) Panda IMAP allow (a) local users to gain

privileges by specifying a long folder extension argument on the

command line to the tmail or dmail program; and (B) remote attackers to

execute arbitrary code by sending e-mail to a destination mailbox name

composed of a username and '+' character followed by a long string,

processed by the tmail or possibly dmail program (CVE-2008-5005).

smtp.c in the c-client library in University of Washington IMAP Toolkit

2007b allows remote SMTP servers to cause a denial of service (NULL

pointer dereference and application crash) by responding to the QUIT

command with a close of the TCP connection instead of the expected

221 response code (CVE-2008-5006).

Off-by-one error in the rfc822_output_char function in the RFC822BUFFER

routines in the University of Washington (UW) c-client library, as

used by the UW IMAP toolkit before imap-2007e and other applications,

allows context-dependent attackers to cause a denial of service (crash)

via an e-mail message that triggers a buffer overflow (CVE-2008-5514).

The updated packages have been patched to prevent this. Note that the

software was renamed to c-client starting from Mandriva Linux 2009.0

and only provides the shared c-client library for the imap functions

in PHP.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

A vulnerability has been found and corrected in mod_auth_mysql:

SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql

(aka libapache2-mod-auth-mysql) module for the Apache HTTP Server

2.x allows remote attackers to execute arbitrary SQL commands via

multibyte character encodings for unspecified input (CVE-2008-2384).

This update provides fixes for this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

Multiple vulnerabilities was discovered and corrected in perl-DBD-Pg:

Heap-based buffer overflow in the DBD::Pg module for Perl might allow

context-dependent attackers to execute arbitrary code via unspecified

input to an application that uses the getline and pg_getline functions

to read database rows.

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg

(aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows

context-dependent attackers to cause a denial of service (memory

consumption) by fetching data with BYTEA columns (CVE-2009-1341).

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

This update provides a fix for these vulnerabilities.

A vulnerability was discovered and corrected in xfig:

Xfig in Debian GNU/Linux, possibly 3.2.5, allows local users to

read and write arbitrary files via a symlink attack on the (1)

xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err,

(4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7)

xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10)

xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID]

is a process ID (CVE-2009-1962).

This update provides a solution to this vulnerability.

Update:

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

A vulnerability has been found and corrected in acpid:

acpid 1.0.4 sets an unrestrictive umask, which might allow local users

to leverage weak permissions on /var/log/acpid, and obtain sensitive

information by reading this file or cause a denial of service by

overwriting this file, a different vulnerability than CVE-2009-4033

(CVE-2009-4235).

Packages for 2008.0 are provided for Corporate Desktop 2008.0

customers.

This update provides a solution to this vulnerability.

Multiple vulnerabilities has been found and corrected in acpid:

A certain Red Hat patch for acpid 1.0.4 effectively triggers a call

to the open function with insufficient arguments, which might allow

local users to leverage weak permissions on /var/log/acpid, and obtain

sensitive information by reading this file, cause a denial of service

by overwriting this file, or gain privileges by executing this file

(CVE-2009-4033).

acpid 1.0.4 sets an unrestrictive umask, which might allow local users

to leverage weak permissions on /var/log/acpid, and obtain sensitive

information by reading this file or cause a denial of service by

overwriting this file, a different vulnerability than CVE-2009-4033

(CVE-2009-4235).

This update provides a solution to these vulnerabilities.

The firefox extension for the beagle desktop search engine was not

compatible anymore with the latest firefox security update. This

update makes it work with the new firefox.

Multiple vulnerabilities has been found and corrected in dstat:

Multiple untrusted search path vulnerabilities in dstat before 0.7.0

allow local users to gain privileges via a Trojan horse Python module

in (1) the current working directory or (2) a certain subdirectory

of the current working directory (CVE-2009-3894, CVE-2009-4081).

This update provides a solution to these vulnerabilities.

A vulnerability has been found and corrected in jpgraph:

Multiple cross-site scripting (XSS) vulnerabilities in the

GetURLArguments function in jpgraph.php in Aditus Consulting JpGraph

3.0.6 allow remote attackers to inject arbitrary web script or HTML

via a key to csim_in_html_ex1.php, and other unspecified vectors

(CVE-2009-4422).

This update provides a solution to this vulnerability.

In Mandriva 2010.0, krdc was not able to connect to RDP servers as

the rdesktop package was not installed, this update fixes this by

adding rdesktop as runtime dependency for krdc.

Security issues were identified and fixed in firefox 3.5.x:

liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before

2.0.1 might allow context-dependent attackers to cause a denial of

service (application crash) or execute arbitrary code via unspecified

vectors, related to memory safety issues. (CVE-2009-3388)

Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used

in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows

remote attackers to cause a denial of service (application crash)

or possibly execute arbitrary code via a video with large dimensions

(CVE-2009-3389).

Multiple unspecified vulnerabilities in the browser engine in Mozilla

Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,

and Thunderbird allow remote attackers to cause a denial of service

(memory corruption and application crash) or possibly execute arbitrary

code via unknown vectors (CVE-2009-3979).

Multiple unspecified vulnerabilities in the browser engine in Mozilla

Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird

allow remote attackers to cause a denial of service (memory corruption

and application crash) or possibly execute arbitrary code via unknown

vectors (CVE-2009-3980).

Multiple unspecified vulnerabilities in the JavaScript engine

in Mozilla Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1,

and Thunderbird allow remote attackers to cause a denial of service

(memory corruption and application crash) or possibly execute arbitrary

code via unknown vectors (CVE-2009-3982).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey

before 2.0.1, allows remote attackers to send authenticated requests

to arbitrary applications by replaying the NTLM credentials of a

browser user (CVE-2009-3983).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey

before 2.0.1, allows remote attackers to spoof an SSL indicator for

an http URL or a file URL by setting document.location to an https

URL corresponding to a site that responds with a No Content (aka 204)

status code and an empty body (CVE-2009-3984).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey

before 2.0.1, allows remote attackers to associate spoofed content

with an invalid URL by setting document.location to this URL, and then

writing arbitrary web script or HTML to the associated blank document,

a related issue to CVE-2009-2654 (CVE-2009-3985).

Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey

before 2.0.1, allows remote attackers to execute arbitrary JavaScript

with chrome privileges by leveraging a reference to a chrome

window from a content window, related to the window.opener property

(CVE-2009-3986).

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and

3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different

exception messages depending on whether the referenced COM object

is listed in the registry, which allows remote attackers to obtain

potentially sensitive information about installed software by making

multiple calls that specify the ProgID values of different COM objects

(CVE-2009-3987).

Additionally, some packages which require so, have been rebuilt and

are being provided as updates.