-
Posts
5611 -
Joined
-
Last visited
-
Days Won
8
Content Type
Profiles
Forums
Events
Posts posted by paul
-
-
A vulnerability was discovered and corrected in dovecot:
Multiple stack-based buffer overflows in the Sieve plugin in Dovecot
1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve,
allow context-dependent attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a crafted SIEVE
script, as demonstrated by forwarding an e-mail message to a large
number of recipients, a different vulnerability than CVE-2009-2632
(CVE-2009-3235).
Packages for 2009.1 were missing with the previous MDVSA-2009:242
update. This update corrects this.
This update provides a solution to this vulnerability.
-
A vulnerability has been found and corrected in git:
Stack-based buffer overflow in the is_git_directory function in setup.c
in Git before 1.7.2.1 allows local users to gain privileges via a
long gitdir: field in a .git file in a working copy (CVE-2010-2542).
The updated packages have been patched to correct this issue.
-
The gpg-agent has a problem making it stop to work after 1 minute or
even not start at all. This update has fixes for this problems.
-
A vulnerability has been found in Qt Creator 2.0.0 and previous
versions. The vulnerability occurs because of an insecure manipulation
of a Unix environment variable by the qtcreator shell script. It
manifests by causing Qt or Qt Creator to attempt to load certain
library names from the current working directory (CVE-2010-3374).
The updated packages have been patched to correct this issue.
-
A denial of service attack against apr_brigade_split_line() was
discovered in apr-util (CVE-2010-1623).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
-
The cron files included in freeradius-web package were syntactically
invalid, by lacking mention of the user expected to run the task.
-
This update:
- fixes bug related to loading png files after upgrading GTK (#59025)
in distro upgrade;
- Adds the mdkapplet restart feature to mdkapplet-upgrade-helper,
triggered after a successful upgrade (#59481).
-
Multiple vulnerabilities has been found and corrected in mailman:
Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman
before 2.1.14rc1 allow remote authenticated users to inject arbitrary
web script or HTML via vectors involving (1) the list information
field or (2) the list description field (CVE-2010-3089).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
-
A vulnerability has been found and corrected in libtiff:
libtiff allows remote attackers to cause a denial of service (memory
corruption) or possibly execute arbitrary code via a crafted TIFF image
(CVE-2010-3087).
The updated packages have been patched to correct this issue.
-
Evolution would sometimes crash when you view and close messages
quickly, while the preview panel is disabled. This updates Evolution
to the latest version that prevents this problem.
-
Hi Paul
Good news, at least we have our new server, we don't need to bother you anymore :)
thanks for your help !
so we just need to install on this new server phpbb3 !
i will do that during the night, we did not have any post for the moment so no need to save the db.
do you want to be admin of this forum ?
Raphaël
oh well that was fun for a week .. looks like they don't want our help, or our 20,000 users .. they would prefer doing it them selves
-
my last email
but they don't seem to be listening. they seem to want control.
The discussion I had with Anne lead me to believeforum.mageia.org will not offer support to "end users" as it competeswith the very community that is supposed to supporting the project.If Mageia offers its' own support then why shouldcommunity leaders (such as myself) bother?
This is the same problem mandriva had.
If this forum is for developers, and the support is offeredthrough the community, then this "competition" does not happen.
In any case, the dns has changed over the last 24 hours.Forum.mageia.org does not resolve
Paul Willard.
-
Multiple vulnerabilities has been found and corrected in pcsc-lite:
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart
Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow
local users to cause a denial of service (daemon crash) via crafted
SCARD_SET_ATTRIB message data, which is improperly demarshalled
and triggers a buffer over-read, a related issue to CVE-2010-0407
(CVE-2009-4901).
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c
in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4
and earlier might allow local users to gain privileges via crafted
SCARD_CONTROL message data, which is improperly demarshalled. NOTE:
this vulnerability exists because of an incorrect fix for CVE-2010-0407
(CVE-2009-4902).
Multiple buffer overflows in the MSGFunctionDemarshall function in
winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE
PCSC-Lite before 1.5.4 allow local users to gain privileges via
crafted message data, which is improperly demarshalled (CVE-2010-0407).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Update:
The previous MDVSA-2010:189 advisory was missing the packages for CS4,
this advisory corrects the problem.
-
Multiple vulnerabilities has been found and corrected in pcsc-lite:
The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart
Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 might allow
local users to cause a denial of service (daemon crash) via crafted
SCARD_SET_ATTRIB message data, which is improperly demarshalled
and triggers a buffer over-read, a related issue to CVE-2010-0407
(CVE-2009-4901).
Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c
in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite 1.5.4
and earlier might allow local users to gain privileges via crafted
SCARD_CONTROL message data, which is improperly demarshalled. NOTE:
this vulnerability exists because of an incorrect fix for CVE-2010-0407
(CVE-2009-4902).
Multiple buffer overflows in the MSGFunctionDemarshall function in
winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE
PCSC-Lite before 1.5.4 allow local users to gain privileges via
crafted message data, which is improperly demarshalled (CVE-2010-0407).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
-
This update fixes a wrong notice message for updates regarding the
reports of supported and unsupported packages (bug #60629).
-
Some vulnerabilities were discovered and corrected in the Linux
2.6 kernel:
fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always
follow NFS automount symlinks, which allows attackers to have an
unknown impact, related to LOOKUP_FOLLOW. (CVE-2010-1088)
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem
in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9
does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure
members, which might allow local users to obtain sensitive information
from kernel memory via unspecified vectors. (CVE-2009-3228)
The do_pages_move function in mm/migrate.c in the Linux kernel before
2.6.33-rc7 does not validate node values, which allows local users
to read arbitrary kernel memory locations, cause a denial of service
(OOPS), and possibly have unspecified other impact by specifying a
node that is not part of the kernel node set. (CVE-2010-0415)
The ATI Rage 128 (aka r128) driver in the Linux kernel before
2.6.31-git11 does not properly verify Concurrent Command Engine (CCE)
state initialization, which allows local users to cause a denial of
service (NULL pointer dereference and system crash) or possibly gain
privileges via unspecified ioctl calls. (CVE-2009-3620)
The wake_futex_pi function in kernel/futex.c in the Linux kernel
before 2.6.33-rc7 does not properly handle certain unlock operations
for a Priority Inheritance (PI) futex, which allows local users to
cause a denial of service (OOPS) and possibly have unspecified other
impact via vectors involving modification of the futex value from
user space. (CVE-2010-0622)
The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel
2.6 before 2.6.30, when running on x86 systems, does not validate
the page table root in a KVM_SET_SREGS call, which allows local
users to cause a denial of service (crash or hang) via a crafted cr3
value, which triggers a NULL pointer dereference in the gfn_to_rmap
function. (CVE-2009-2287)
The handle_dr function in arch/x86/kvm/vmx.c in the KVM subsystem
in the Linux kernel before 2.6.31.1 does not properly verify the
Current Privilege Level (CPL) before accessing a debug register,
which allows guest OS users to cause a denial of service (trap)
on the host OS via a crafted application. (CVE-2009-3722)
The ext4_decode_error function in fs/ext4/super.c in the ext4
filesystem in the Linux kernel before 2.6.32 allows user-assisted
remote attackers to cause a denial of service (NULL pointer
dereference), and possibly have unspecified other impact, via a
crafted read-only filesystem that lacks a journal. (CVE-2009-4308)
The eisa_eeprom_read function in the parisc isa-eeprom component
(drivers/parisc/eisa_eeprom.c) in the Linux kernel before 2.6.31-rc6
allows local users to access restricted memory via a negative ppos
argument, which bypasses a check that assumes that ppos is positive
and causes an out-of-bounds read in the readb function. (CVE-2009-2846)
Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the
XDR implementation in the NFS server in the Linux kernel before
2.6.34-rc6 allow remote attackers to cause a denial of service (panic)
or possibly execute arbitrary code via a crafted NFSv4 compound
WRITE request, related to the read_buf and nfsd4_decode_compound
functions. (CVE-2010-2521)
mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict
overcommit is enabled and CONFIG_SECURITY is disabled, does not
properly handle the export of shmemfs objects by knfsd, which allows
attackers to cause a denial of service (NULL pointer dereference and
knfsd crash) or possibly have unspecified other impact via unknown
vectors. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2010-1643. (CVE-2008-7256)
The release_one_tty function in drivers/char/tty_io.c in the
Linux kernel before 2.6.34-rc4 omits certain required calls to the
put_pid function, which has unspecified impact and local attack
vectors. (CVE-2010-1162)
mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict
overcommit is enabled, does not properly handle the export of shmemfs
objects by knfsd, which allows attackers to cause a denial of service
(NULL pointer dereference and knfsd crash) or possibly have unspecified
other impact via unknown vectors. (CVE-2010-1643)
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c
in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled,
allows remote attackers to cause a denial of service (system crash)
via an SCTPChunkInit packet containing multiple invalid parameters
that require a large amount of error data. (CVE-2010-1173)
The Transparent Inter-Process Communication (TIPC) functionality in
Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions,
allows local users to cause a denial of service (kernel OOPS) by
sending datagrams through AF_TIPC before entering network mode,
which triggers a NULL pointer dereference. (CVE-2010-1187)
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c
in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled,
allows remote attackers to cause a denial of service (system crash)
via an SCTPChunkInit packet containing multiple invalid parameters
that require a large amount of error data. (CVE-2010-1173)
fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel
before 2.6.34-rc4 allows remote attackers to cause a denial of service
(panic) via an SMB response packet with an invalid CountHigh value,
as demonstrated by a response from an OS/2 server, related to the
CIFSSMBWrite and CIFSSMBWrite2 functions. (CVE-2010-2248)
Buffer overflow in the ecryptfs_uid_hash macro in
fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux
kernel before 2.6.35 might allow local users to gain privileges
or cause a denial of service (system crash) via unspecified
vectors. (CVE-2010-2492)
The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel
before 2.6.35 does not properly check the file descriptors passed
to the SWAPEXT ioctl, which allows local users to leverage write
access and obtain read access by swapping one file into another
file. (CVE-2010-2226)
The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux
kernel before 2.6.35 uses an incorrect size value in calculations
associated with sentinel directory entries, which allows local
users to cause a denial of service (NULL pointer dereference and
panic) and possibly have unspecified other impact by renaming a
file in a GFS2 filesystem, related to the gfs2_rename function in
fs/gfs2/ops_inode.c. (CVE-2010-2798)
The do_anonymous_page function in mm/memory.c in the Linux kernel
before 2.6.27.52, 2.6.32.x before 2.6.32.19, 2.6.34.x before 2.6.34.4,
and 2.6.35.x before 2.6.35.2 does not properly separate the stack
and the heap, which allows context-dependent attackers to execute
arbitrary code by writing to the bottom page of a shared memory
segment, as demonstrated by a memory-exhaustion attack against the
X.Org X server. (CVE-2010-2240)
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct
Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.27.53,
2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x
before 2.6.35.4 allows local users to obtain potentially sensitive
information from kernel memory by requesting a large memory-allocation
amount. (CVE-2010-2803)
Integer overflow in net/can/bcm.c in the Controller Area Network (CAN)
implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before
2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.6.35.4
allows attackers to execute arbitrary code or cause a denial of service
(system crash) via crafted CAN traffic. (CVE-2010-2959)
Double free vulnerability in the snd_seq_oss_open function
in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before
2.6.36-rc4 might allow local users to cause a denial of service or
possibly have unspecified other impact via an unsuccessful attempt
to open the /dev/sequencer device. (CVE-2010-3080)
A vulnerability in Linux kernel caused by insecure allocation of user
space memory when translating system call inputs to 64-bit. A stack
pointer underflow can occur when using the compat_alloc_user_space
method with an arbitrary length input. (CVE-2010-3081)
The IA32 system call emulation functionality in
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2
on the x86_64 platform does not zero extend the %eax register after
the 32-bit entry path to ptrace is used, which allows local users to
gain privileges by triggering an out-of-bounds access to the system
call table using the %rax register. NOTE: this vulnerability exists
because of a CVE-2007-4573 regression. (CVE-2010-3301)
To update your kernel, please follow the directions located at:
-
A vulnerability has been found and corrected in squid:
The string-comparison functions in String.cci in Squid 3.x before
3.1.8 and 3.2.x before 3.2.0.2 allow remote attackers to cause a
denial of service (NULL pointer dereference and daemon crash) via a
crafted request (CVE-2010-3072).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
-
This is a bugfix release that upgrades clamav to the latest version
(0.96.3).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
-
-
-
This is a bugfix release that upgrades phpMyAdmin to 2.11.11 that
fixes a regression with showing rows.
-
A vulnerability has been found and corrected in phpmyadmin:
Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php
in the setup script in phpMyAdmin 3.x before 3.3.7 allows remote
attackers to inject arbitrary web script or HTML via a server name
(CVE-2010-3263).
This upgrade provides phpmyadmin 3.3.7 which is not vulnerable for
this security issue.
-
It was discovered the mozilla-thunderbird-beagle packages wasn't
built against the latest mozilla-thunderbird 3.0.8. The fixed packages
addresses this problem.
-
An integer overflow has been found and corrected in bzip2 which could
be exploited by using a specially crafted bz2 file and cause a denial
of service attack (CVE-2010-0405).
Additionally clamav has been upgraded to 0.96.2 and has been patched
for this issue. perl-Compress-Bzip2 in MES5 has been linked against
the system bzip2 library to resolv this issue.
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
Advisories MDVSA-2010:197: postgresql
in Mandriva Security Advisories
Posted
Multiple vulnerabilities was discovered and corrected in postgresql:
An authenticated database user can manipulate modules and tied
variables in some external procedural languages to execute code with
enhanced privileges (CVE-2010-3433).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
This update provides a solution to these vulnerabilities.