-
Posts
5611 -
Joined
-
Last visited
-
Days Won
8
Content Type
Profiles
Forums
Events
Posts posted by paul
-
-
There was a problem with inversion in the detection of network cards
between the moment when the system is being installed and the state
of the installed system.
This update solves the problem.
-
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary
code via unknown vectors (CVE-2009-3979).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird
allow remote attackers to cause a denial of service (memory corruption
and application crash) or possibly execute arbitrary code via unknown
vectors (CVE-2009-3980).
Unspecified vulnerability in the browser engine in Mozilla Firefox
before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows
remote attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via unknown
vectors (CVE-2009-3981).
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to send authenticated requests
to arbitrary applications by replaying the NTLM credentials of a
browser user (CVE-2009-3983).
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to spoof an SSL indicator for
an http URL or a file URL by setting document.location to an https
URL corresponding to a site that responds with a No Content (aka 204)
status code and an empty body (CVE-2009-3984).
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to associate spoofed content
with an invalid URL by setting document.location to this URL, and then
writing arbitrary web script or HTML to the associated blank document,
a related issue to CVE-2009-2654 (CVE-2009-3985).
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey
before 2.0.1, allows remote attackers to execute arbitrary JavaScript
with chrome privileges by leveraging a reference to a chrome
window from a content window, related to the window.opener property
(CVE-2009-3986).
The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and
3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different
exception messages depending on whether the referenced COM object
is listed in the registry, which allows remote attackers to obtain
potentially sensitive information about installed software by making
multiple calls that specify the ProgID values of different COM objects
(CVE-2009-3987).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
Additionally, some packages which require so, have been rebuilt and
are being provided as updates.
-
Security vulnerabilities have been discovered and fixed in pdf
processing code embedded in koffice package (CVE-2009-3606 and
CVE-2009-3609).
This update fixes these vulnerabilities.
Packages for 2008.0 are being provided due to extended support for
Corporate products.
-
This update improves the Polish translation used in KDE4 splash
screens.
-
In Mandriva 2010.0, because of a regression, the KTimetracker menu
was missing many options, which made it unusable.
Also in Mandriva 2010.0, when using Knotes inside Kontact the note
title was left-cutted when using a long title.
This update fixes these issues.
-
A vulnerability was discovered and corrected in ffmpeg:
MPlayer allows remote attackers to cause a denial of service
(application crash) via (1) a malformed AAC file, as demonstrated
by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as
demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718
(CVE-2008-4610).
Packages for 2008.0 are being provided due to extended support for
Corporate products.
This update provides a solution to this vulnerability.
-
In Mandriva 2010.0, when using an old X server without support for
the XrandR extension, the Gnome settings daemon would crash. This
update resolves the issue by adding a check before using the extension.
-
MDVA-2009:258 introduced a regression which made the libwebkitgtk
devel packages uninstallable.
This update fixes this issue.
-
MDVA-2009:252 introduced a regression with the newer version of the
webkit package, which made the Mandriva Control Center crash.
This update reverts the webkit package to the previous version.
Also this update reintroduces the issue fixed by MDVA-2009-252.
-
Multiple vulnerabilities was discovered and corrected in postgresql:
NULL Bytes in SSL Certificates can be used to falsify client or server
authentication. This only affects users who have SSL enabled, perform
certificate name validation or client certificate authentication,
and where the Certificate Authority (CA) has been tricked into
issuing invalid certificates. The use of a CA that can be trusted to
always issue valid certificates is recommended to ensure you are not
vulnerable to this issue (CVE-2009-4034).
Privilege escalation via changing session state in an index
function. This closes a corner case related to vulnerabilities
CVE-2009-3230 and CVE-2007-6600 (CVE-2009-4136).
Packages for 2008.0 are being provided due to extended support for
Corporate products.
This update provides a solution to these vulnerabilities.
-
In kde4-firstsetup.sh from Mandriva 2010.0 there was still some
references to plasma which have been renamed to plasma-desktop on
KDE 4.3.
This update fixes this issue.
-
Multiple vulnerabilities has been found and corrected in kdegraphics:
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and earlier allow remote attackers to cause a denial of service
(crash) via a crafted PDF file, related to (1) setBitmap and (2)
readSymbolDictSeg (CVE-2009-0146).
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier allow remote attackers to cause a denial of service (crash)
via a crafted PDF file (CVE-2009-0147).
The JBIG2 decoder in Xpdf 3.02pl2 and earlier allows remote attackers
to cause a denial of service (crash) via a crafted PDF file that
triggers a free of uninitialized memory (CVE-2009-0166).
Multiple integer overflows in the pdftops filter in CUPS 1.1.17,
1.1.22, and 1.3.7 allow remote attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via a crafted
PDF file that triggers a heap-based buffer overflow, possibly
related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4)
JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the
JBIG2Stream.cxx vector may overlap CVE-2009-1179. (CVE-2009-0791).
Use-after-free vulnerability in the garbage-collection implementation
in WebCore in WebKit in Apple Safari before 4.0 allows remote
attackers to execute arbitrary code or cause a denial of service
(heap corruption and application crash) via an SVG animation element,
related to SVG set objects, SVG marker elements, the targetElement
attribute, and unspecified caches. (CVE-2009-1709).
WebKit, as used in Safari before 3.2.3 and 4 Public Beta, on Apple
Mac OS X 10.4.11 and 10.5 before 10.5.7 and Windows allows remote
attackers to execute arbitrary code via a crafted SVGList object that
triggers memory corruption (CVE-2009-0945).
This update provides a solution to this vulnerability.
-
This update brings the new stable version 1.1.15.4 of webkitgtk, and
solves the problem with processors without the SSE2 instruction set.
-
preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not
properly identify packet fragments that have dissimilar TTL values,
which allows remote attackers to bypass detection rules by using a
different TTL for each fragment. (CVE-2008-1804)
The updated packages have been patched to prevent this.
Additionally there were problems with two rules in the snort-rules
package for 2008.0 that is also fixed with this update.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
-
A vulnerability was discovered and corrected in gimp:
Integer overflow in the ReadImage function in
plug-ins/file-bmp/bmp-read.c in GIMP 2.6.7 might allow remote attackers
to execute arbitrary code via a BMP file with crafted width and height
values that trigger a heap-based buffer overflow (CVE-2009-1570).
This update provides a solution to this vulnerability.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
-
A vulnerability was discovered and corrected in gimp:
Integer overflow in the read_channel_data function in
plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers
to execute arbitrary code via a crafted PSD file that triggers a
heap-based buffer overflow (CVE-2009-3909).
Additionally the patch for CVE-2009-1570 in MDVSA-2009:296 was
incomplete, this update corrects this as well.
This update provides a solution to this vulnerability.
-
This update fixes several issues regarding the live upgrade to a more
recent distribution, notably:
- new distributions are now only presented after all updates were
applied.
- if current distribution is no more supported, we will warn about
it and offer to upgrade to a newer release
- makes the new config tool backported from 2010.0 to work on 2009.0
too (due to older drakxtools API)
- update the authentication scheme for MES5
It also fix a couple crashes:
- a rare crash (bug #55346)
- gracefully handle (rare) server issues (bugs #51299 & #51548)
Now passwords with special caracters are properly managed.
For security, we now access api.mandriva.com through the https
protocol.
The applet now offer to configure a couple settings.
It has now more efficient system power usage.
Update:
Packages for MES5 was not provided earlier, this update addresses
the problem.
-
A regression was found and fixed for mpg123 while attempting to
load the mpg123 modules. This regression stems from MDVSA-2009:307
(libtool ltdl).
-
This update fixes an issue with graphviz:
* graphviz isn't properly upgraded to a newer version when upgrading
from a 2009.0 system
-
A bug in fontconfig language cache was generating invalid cache which
would cause crashes or freeze when upgrading previous Mandriva Linux
release to Mandriva Linux 2010 using live update feature. This updates
fixes this issue.
-
In Mandriva 2010.0, with Ktimetracker embedded in Kontact, the shortcut
to create a new task didn't work, another bug is that the shortcut ctrl
+ shift + W would make Kontact crash. This update fixes these issues.
-
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
Memory leak in the appletalk subsystem in the Linux kernel 2.4.x
through 2.4.37.6 and 2.6.x through 2.6.31, when the appletalk and
ipddp modules are loaded but the ipddpN device is not found, allows
remote attackers to cause a denial of service (memory consumption)
via IP-DDP datagrams. (CVE-2009-2903)
Multiple race conditions in fs/pipe.c in the Linux kernel before
2.6.32-rc6 allow local users to cause a denial of service (NULL pointer
dereference and system crash) or gain privileges by attempting to
open an anonymous pipe via a /proc/*/fd/ pathname. (CVE-2009-3547)
The tcf_fill_node function in net/sched/cls_api.c in the netlink
subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6
and earlier, does not initialize a certain tcm__pad2 structure member,
which might allow local users to obtain sensitive information from
kernel memory via unspecified vectors. NOTE: this issue exists
because of an incomplete fix for CVE-2005-4881. (CVE-2009-3612)
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows
local users to cause a denial of service (system hang) by creating an
abstract-namespace AF_UNIX listening socket, performing a shutdown
operation on this socket, and then performing a series of connect
operations to this socket. (CVE-2009-3621)
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function
in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel
before 2.6.31.4 allows local users to have an unspecified impact
via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl
function. (CVE-2009-3638)
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in
the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause
a denial of service (NULL pointer dereference and panic) by sending a
certain response containing incorrect file attributes, which trigger
attempted use of an open file that lacks NFSv4 state. (CVE-2009-3726)
The ip_frag_reasm function in ipv4/ip_fragment.c in Linux kernel
2.6.32-rc8, and possibly earlier versions, calls IP_INC_STATS_BH with
an incorrect argument, which allows remote attackers to cause a denial
of service (NULL pointer dereference and hang) via long IP packets,
possibly related to the ip_defrag function. (CVE-2009-1298)
To update your kernel, please follow the directions located at:
-
A vulnerability has been found and corrected in ntp:
Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd
handled certain malformed NTP packets. ntpd logged information about
all such packets and replied with an NTP packet that was treated as
malformed when received by another ntpd. A remote attacker could use
this flaw to create an NTP packet reply loop between two ntpd servers
via a malformed packet with a spoofed source IP address and port,
causing ntpd on those servers to use excessive amounts of CPU time
and fill disk space with log messages (CVE-2009-3563).
This update provides a solution to this vulnerability.
-
Multiple vulnerabilities has been found and corrected in python-django:
The Admin media handler in core/servers/basehttp.py in Django 1.0
and 0.96 does not properly map URL requests to expected static media
files, which allows remote attackers to conduct directory traversal
attacks and read arbitrary files via a crafted URL (CVE-2009-2659).
Algorithmic complexity vulnerability in the forms library in Django
1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause
a denial of service (CPU consumption) via a crafted (1) EmailField
(email address) or (2) URLField (URL) that triggers a large amount
of backtracking in a regular expression (CVE-2009-3695).
The versions of Django shipping with Mandriva Linux have been updated
to the latest patched version that include the fix for this issue.
In addition, they provide other bug fixes.
Update:
Packages for 2008.0 are being provided due to extended support for
Corporate products.
Advisories MDVSA-2009:337: proftpd
in Mandriva Security Advisories
Posted
A vulnerability has been identified and corrected in proftpd:
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as
used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl
in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,
GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)
3.12.4 and earlier, and other products, does not properly associate
renegotiation handshakes with an existing connection, which allows
man-in-the-middle attackers to insert data into HTTPS sessions,
and possibly other types of sessions protected by TLS or SSL, by
sending an unauthenticated request that is processed retroactively
by a server in a post-renegotiation context, related to a plaintext
injection attack, aka the Project Mogul issue (CVE-2009-3555).
Packages for 2008.0 are provided for Corporate Desktop 2008.0
customers.
This update fixes this vulnerability.