mystified's Content - Page 28 - MandrivaUsers.org

Updated squid packages fix DoS vulnerability

mystified posted a topic in Mandriva Security Advisories

Package name squid Date September 15th, 2004 Advisory ID MDKSA-2004:093 Affected versions 9.2, 10.0 Synopsis Updated squid packages fix DoS vulnerability Problem Description A vulnerability in the NTLM helpers in squid 2.5 could allow for malformed NTLMSSP packets to crash squid, resulting in a DoS. The provided packages have been patched to prevent this problem. Updated Packages Mandrakelinux 9.2 ad5b562c41b764f1807bcfa4203b7f22 9.2/RPMS/squid-2.5.STABLE3-3.3.92mdk.i586.rpm 72d8e8215f7da363d28883f4a4a6d13b 9.2/SRPMS/squid-2.5.STABLE3-3.3.92mdk.src.rpm Mandrakelinux 9.2/AMD64 ef8de99bad97ad623f584fcf4eaa3962 amd64/9.2/RPMS/squid-2.5.STABLE3-3.3.92mdk.amd64.rpm 72d8e8215f7da363d28883f4a4a6d13b amd64/9.2/SRPMS/squid-2.5.STABLE3-3.3.92mdk.src.rpm Mandrakelinux 10.0 a97e24902f95afb896e1387124be81cd 10.0/RPMS/squid-2.5.STABLE4-2.1.100mdk.i586.rpm 92bc96caf7e5ccaed6250833b8c4dcdc 10.0/SRPMS/squid-2.5.STABLE4-2.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 48a9ee3a6e7b427240fc35a04b569b06 amd64/10.0/RPMS/squid-2.5.STABLE4-2.1.100mdk.amd64.rpm 92bc96caf7e5ccaed6250833b8c4dcdc amd64/10.0/SRPMS/squid-2.5.STABLE4-2.1.100mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0832 http://www.squid-cache.org/bugs/show_bug.cgi?id=1045 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

September 16, 2004

Updated samba packages fix vulnerabilities

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name samba Date September 13th, 2004 Advisory ID MDKSA-2004:092 Affected versions 10.0 Synopsis Updated samba packages fix multiple vulnerabilities Problem Description Two vulnerabilities were discovered in samba 3.0.x; the first is a defect in smbd's ASN.1 parsing that allows an attacker to send a specially crafted packet during the authentication request which will send the newly spawned smbd process into an infinite loop. As a result, it is possible to use up all available memory on the server. The second vulnerability is in nmbd's processing of mailslot packets which could allow an attacker to anonymously crash nmbd. The provided packages are patched to protect against these two vulnerabilities. Updated Packages Mandrakelinux 10.0 fbc2d7127436e5eb85c5acb74cdcf700 10.0/RPMS/libsmbclient0-3.0.6-4.1.100mdk.i586.rpm c3840923c0a3a3f7879aad67d71b83ca 10.0/RPMS/libsmbclient0-devel-3.0.6-4.1.100mdk.i586.rpm a32ffab67469831aa0a41bff1bfb6e0f 10.0/RPMS/libsmbclient0-static-devel-3.0.6-4.1.100mdk.i586.rpm 26f21d06aef89a024ab23e223ebd352e 10.0/RPMS/nss_wins-3.0.6-4.1.100mdk.i586.rpm d1bfd3bb611b18b29234225b447f578d 10.0/RPMS/samba-client-3.0.6-4.1.100mdk.i586.rpm 455d513867cdc3a48e6daff86a9baaa8 10.0/RPMS/samba-common-3.0.6-4.1.100mdk.i586.rpm 124c7ef7605291f582a0936215e93547 10.0/RPMS/samba-doc-3.0.6-4.1.100mdk.i586.rpm 5b6cff62c630e3ef422e8d7a2689e9dc 10.0/RPMS/samba-passdb-mysql-3.0.6-4.1.100mdk.i586.rpm 00007bffe9e8b1cb31b775f4c858a4fe 10.0/RPMS/samba-passdb-pgsql-3.0.6-4.1.100mdk.i586.rpm 7ae2ff0b3081750ded1b337465852119 10.0/RPMS/samba-passdb-xml-3.0.6-4.1.100mdk.i586.rpm 389df2d926ab7a648fafa6081f28c705 10.0/RPMS/samba-server-3.0.6-4.1.100mdk.i586.rpm fda3ee680a6bca3e06ff489aef330e8c 10.0/RPMS/samba-swat-3.0.6-4.1.100mdk.i586.rpm 2516390f97800e4f75cab77f69125f4c 10.0/RPMS/samba-winbind-3.0.6-4.1.100mdk.i586.rpm 00ea72438a3e6b155cc48ec0bef06f32 10.0/SRPMS/samba-3.0.6-4.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 6481a03c530b0d614fee4f635b4760e7 amd64/10.0/RPMS/lib64smbclient0-3.0.6-4.1.100mdk.amd64.rpm 1181a4a476c635ae512d93b4f5e425d4 amd64/10.0/RPMS/lib64smbclient0-devel-3.0.6-4.1.100mdk.amd64.rpm 1fdf2bbb3b46365f18ac9980dffe57c2 amd64/10.0/RPMS/lib64smbclient0-static-devel-3.0.6-4.1.100mdk.amd64.rpm 5c8b314e50486731cdfa8d57be32c6ea amd64/10.0/RPMS/nss_wins-3.0.6-4.1.100mdk.amd64.rpm 31673408cf94a8c01844feaa50ccbe13 amd64/10.0/RPMS/samba-client-3.0.6-4.1.100mdk.amd64.rpm 0e68f033a5abdaf69c2a7eead07d235f amd64/10.0/RPMS/samba-common-3.0.6-4.1.100mdk.amd64.rpm b806d5a0f505163a8edc510cd3929c0b amd64/10.0/RPMS/samba-doc-3.0.6-4.1.100mdk.amd64.rpm 60539a9d937e55630f3dc1a1de0d688a amd64/10.0/RPMS/samba-passdb-mysql-3.0.6-4.1.100mdk.amd64.rpm 5c1f865f300b3b161ebabf6804c15f65 amd64/10.0/RPMS/samba-passdb-pgsql-3.0.6-4.1.100mdk.amd64.rpm 426c446dfd68b7e778117dd711593e99 amd64/10.0/RPMS/samba-passdb-xml-3.0.6-4.1.100mdk.amd64.rpm feabeb6e85e9635f83f3d9e74afbad4f amd64/10.0/RPMS/samba-server-3.0.6-4.1.100mdk.amd64.rpm 13b6f3dee538846ec248bad245ada10b amd64/10.0/RPMS/samba-swat-3.0.6-4.1.100mdk.amd64.rpm 685de7594b2ab92323fa0dc14f9bb34b amd64/10.0/RPMS/samba-winbind-3.0.6-4.1.100mdk.amd64.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0808 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 chec

September 16, 2004

Updated cdrecord package

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name cdrecord Date September 7th, 2004 Advisory ID MDKSA-2004:091 Affected versions 9.2, 10.0 Synopsis Updated cdrecord packages fix local root vulnerability Problem Description Max Vozeler found that the cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the $RSH environment variable. This can be abused by a local attacker to obtain root privileges. The updated packages are patched to fix the vulnerability. Updated Packages Mandrakelinux 9.2 e891b428d8a011447eb6462dca30514e 9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.i586.rpm 9778aa9258911700bffe590be69e3782 9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.i586.rpm 2cdd7b8f33dd7f7ce0c08aa682498891 9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.i586.rpm 78b0c2cb0b529a54eb4607f4305809d1 9.2/RPMS/mkisofs-2.01-0.a18.2.1.92mdk.i586.rpm 3ede5ae3288520fc3a51c63cd05cc3db 9.2/SRPMS/cdrecord-2.01-0.a18.2.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64 c5306547c4f1221f3fd787d2b09dfa32 amd64/9.2/RPMS/cdrecord-2.01-0.a18.2.1.92mdk.amd64.rpm 5abf5f3fad0ec3d05f923c88c2255827 amd64/9.2/RPMS/cdrecord-cdda2wav-2.01-0.a18.2.1.92mdk.amd64.rpm b23bc43f135cc19254c81cf96e793780 amd64/9.2/RPMS/cdrecord-devel-2.01-0.a18.2.1.92mdk.amd64.rpm 86e60c70ee807846ace4b7e2a7e5db7a amd64/9.2/RPMS/mkisofs-2.01-0.a18.2.1.92mdk.amd64.rpm 3ede5ae3288520fc3a51c63cd05cc3db amd64/9.2/SRPMS/cdrecord-2.01-0.a18.2.1.92mdk.src.rpm Mandrakelinux 10.0 4b5efe36a9a154b70e62da203c21fb48 10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.i586.rpm 793909d6cce70205939fdb0b48f037e5 10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.i586.rpm 7dd067450567cf5d9a18233fe2379a5d 10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.i586.rpm 1bd94d54eed67497a8427f91239538e5 10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.i586.rpm 6afbd923794d2af44ef2e248e361382b 10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64 df08036127fd28e366fa6669ed59f88b amd64/10.0/RPMS/cdrecord-2.01-0.a28.2.100mdk.amd64.rpm f0b5a254593697ef0ac13f7574cf536f amd64/10.0/RPMS/cdrecord-cdda2wav-2.01-0.a28.2.100mdk.amd64.rpm ec1c76a1b4977e4f6e45dd097f7a45ef amd64/10.0/RPMS/cdrecord-devel-2.01-0.a28.2.100mdk.amd64.rpm 4ec3142c182f957a6d344b375d626320 amd64/10.0/RPMS/mkisofs-2.01-0.a28.2.100mdk.amd64.rpm 6afbd923794d2af44ef2e248e361382b amd64/10.0/SRPMS/cdrecord-2.01-0.a28.2.100mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0806 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

September 16, 2004

Updated zlib packages fix DoS vulnerability

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name zlib Date September 7th, 2004 Advisory ID MDKSA-2004:090 Affected versions 10.0 Synopsis Updated zlib packages fix DoS vulnerability Problem Description Due to a Debian bug report, a Denial of Service vulnerability was discovered in the zlib compression library versions 1.2.x, in the inflate() and inflateBack() functions. Older versions of zlib are not affected. Once the updated packages have been installed, all programs linked against zlib must be restarted for the new packages to take effect. Updated Packages Mandrakelinux 10.0 a9299193c467df186f5ec74438b7f39e 10.0/RPMS/zlib1-1.2.1-2.1.100mdk.i586.rpm 77e1313ce85f26c83f6b994606dceb5a 10.0/RPMS/zlib1-devel-1.2.1-2.1.100mdk.i586.rpm bfc9a9419f3c7daf4a226383d6be6ea6 10.0/SRPMS/zlib-1.2.1-2.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 954d58fcaa1576278f8c71de40361d72 amd64/10.0/RPMS/zlib1-1.2.1-2.1.100mdk.amd64.rpm 976edb0aa85913b28ef38b7d5efd2fbd amd64/10.0/RPMS/zlib1-devel-1.2.1-2.1.100mdk.amd64.rpm bfc9a9419f3c7daf4a226383d6be6ea6 amd64/10.0/SRPMS/zlib-1.2.1-2.1.100mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0797 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

September 16, 2004

Updated imlib/imlib2 packages fix bmp crash

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name imlib2 Date September 7th, 2004 Advisory ID MDKSA-2004:089 Affected versions 9.2, 10.0, CS2.1 Synopsis Updated imlib/imlib2 packages fix BMP crash vulnerability Problem Description Marcus Meissner discovered that the imlib and imlib2 libraries are also affected with a similar BMP-related vulnerability as the recent QT updates. The updated imlib and imlib2 packages are patched to protect against this problem. Updated Packages Mandrakelinux 9.2 de030104e6dd6bb5c4aa2f076c4514c6 9.2/RPMS/imlib-1.9.14-8.1.92mdk.i586.rpm fd99bd742d696ea8ac43aef9ee86d25e 9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.i586.rpm b1ef54878da62d2e5a69bdf305c574c5 9.2/RPMS/libimlib1-1.9.14-8.1.92mdk.i586.rpm 08a13f893c88051cbc66c685d8cd635d 9.2/RPMS/libimlib1-devel-1.9.14-8.1.92mdk.i586.rpm 2e4efaa54b9929fbf2e0e390907b9225 9.2/RPMS/libimlib2_1-1.0.6-4.1.92mdk.i586.rpm 525c7dc281fb0da4edf99cb3ce7d2545 9.2/RPMS/libimlib2_1-devel-1.0.6-4.1.92mdk.i586.rpm cc2460b560c5b11eeb804502954aa038 9.2/RPMS/libimlib2_1-filters-1.0.6-4.1.92mdk.i586.rpm e80a879d5da05b68ef5d9cad932ba921 9.2/RPMS/libimlib2_1-loaders-1.0.6-4.1.92mdk.i586.rpm 7dd8f9265ede345c58d05ae6ed376145 9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm 0766a9aead77eec5cec8ebbc06504003 9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm Mandrakelinux 9.2/AMD64 4391a5aecba284eabf0337002fbb924c amd64/9.2/RPMS/imlib-1.9.14-8.1.92mdk.amd64.rpm 67ba3ab94dea87029de4a64620c4f066 amd64/9.2/RPMS/imlib-cfgeditor-1.9.14-8.1.92mdk.amd64.rpm 9edd6ec450997a5773919f8035e9b159 amd64/9.2/RPMS/lib64imlib1-1.9.14-8.1.92mdk.amd64.rpm 448531d483a3c6499bface39c4cb9dfb amd64/9.2/RPMS/lib64imlib1-devel-1.9.14-8.1.92mdk.amd64.rpm 9dc5a05d737d00c5a3a18b23de02c144 amd64/9.2/RPMS/lib64imlib2_1-1.0.6-4.1.92mdk.amd64.rpm 2bcca43ad1a5138f929ce78cd753100f amd64/9.2/RPMS/lib64imlib2_1-devel-1.0.6-4.1.92mdk.amd64.rpm 87cc1762967d2aefe5f46e43a2d546b2 amd64/9.2/RPMS/lib64imlib2_1-filters-1.0.6-4.1.92mdk.amd64.rpm dbabc4165886cfeaa2c234ee7ed5b277 amd64/9.2/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.92mdk.amd64.rpm 7dd8f9265ede345c58d05ae6ed376145 amd64/9.2/SRPMS/imlib-1.9.14-8.1.92mdk.src.rpm 0766a9aead77eec5cec8ebbc06504003 amd64/9.2/SRPMS/imlib2-1.0.6-4.1.92mdk.src.rpm Mandrakelinux 10.0 45c2e00642a3261e4f084327bde0759b 10.0/RPMS/imlib-1.9.14-8.1.100mdk.i586.rpm 76ee25761136e631bc099fd76da43080 10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.i586.rpm 09f1757ab48d983437b0d40acefcf646 10.0/RPMS/libimlib1-1.9.14-8.1.100mdk.i586.rpm 94567c151d4de01561681faac1f50cbb 10.0/RPMS/libimlib1-devel-1.9.14-8.1.100mdk.i586.rpm 0f82a3fda2a6d0d22c01f6b342521840 10.0/RPMS/libimlib2_1-1.0.6-4.1.100mdk.i586.rpm 538f333c36fc795d76889e708021378e 10.0/RPMS/libimlib2_1-devel-1.0.6-4.1.100mdk.i586.rpm 0f9e9d497591a5df950a47447a7a5295 10.0/RPMS/libimlib2_1-filters-1.0.6-4.1.100mdk.i586.rpm 44636a6d15888387fa665d1ee1891ec3 10.0/RPMS/libimlib2_1-loaders-1.0.6-4.1.100mdk.i586.rpm 00f1d3fd452e0fa6099d9f3cb6a1f1d3 10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm c67b09002eb29fc6a3335467a098b0bd 10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 356ba1d0ed3b224dafc8aa935550f1c8 amd64/10.0/RPMS/imlib-1.9.14-8.1.100mdk.amd64.rpm 0020bc9b34df76ea0f5957586f4057ca amd64/10.0/RPMS/imlib-cfgeditor-1.9.14-8.1.100mdk.amd64.rpm 30b95081b048b4b2a16267e188adf06b amd64/10.0/RPMS/lib64imlib1-1.9.14-8.1.100mdk.amd64.rpm b591c6da970481fdf0eb1737689e5b7c amd64/10.0/RPMS/lib64imlib1-devel-1.9.14-8.1.100mdk.amd64.rpm 7851372f5ca5ab3d249906dbd7431690 amd64/10.0/RPMS/lib64imlib2_1-1.0.6-4.1.100mdk.amd64.rpm a66906219141ad3eaa156f4d2f18ad80 amd64/10.0/RPMS/lib64imlib2_1-devel-1.0.6-4.1.100mdk.amd64.rpm 6c086b3408883a5e05426327aa1cf020 amd64/10.0/RPMS/lib64imlib2_1-filters-1.0.6-4.1.100mdk.amd64.rpm b017bad9400095893e8faf8456db2937 amd64/10.0/RPMS/lib64imlib2_1-loaders-1.0.6-4.1.100mdk.amd64.rpm 00f1d3fd452e0fa6099d9f3cb6a1f1d3 amd64/10.0/SRPMS/imlib-1.9.14-8.1.100mdk.src.rpm c67b09002eb29fc6a3335467a098b0bd amd64/10.0/SRPMS/imlib2-1.0.6-4.1.100mdk.src.rpm Corporate Server 2.1 45155b9dc3c7ca0a08c6277f4d27d8ee corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.i586.rpm dd7059319056c8f87e1d464ef04745fb corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.i586.rpm 4498f5b1821fe1c1aae742f3a97aa2b0 corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.i586.rpm 1f4019dccb0b2e027fd094fb5e079875 corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.i586.rpm 22aadbc163940e8ebecb5142b90a5f56 corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.i586.rpm fd124ccb8b37c6f302405f059eec56da corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.i586.rpm ab77824f06eaacfba54146ccb5f5a539 corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.i586.rpm ba02b9c07de55f19df4d772b4b6dac39 corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.i586.rpm efcdd5a520d8313c1e1e4ee46c3c6dd3 corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm e4bb939ab61671005eec878af3733533 corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm Corporate Server 2.1/X86_64 f574361c2152d8dbbe39e67b752a0aae x86_64/corporate/2.1/RPMS/imlib-1.9.14-5.1.C21mdk.x86_64.rpm 084cf40c7fa5e3dbb3433091c902629d x86_64/corporate/2.1/RPMS/imlib-cfgeditor-1.9.14-5.1.C21mdk.x86_64.rpm 87adccfd0de38af4bfac1746e87715fa x86_64/corporate/2.1/RPMS/libimlib1-1.9.14-5.1.C21mdk.x86_64.rpm 8627df2906d6f4a5e6d1062219d4a57d x86_64/corporate/2.1/RPMS/libimlib1-devel-1.9.14-5.1.C21mdk.x86_64.rpm 9a8a30c93e69eea65f57ee33d5bbbc46 x86_64/corporate/2.1/RPMS/libimlib2_1-1.0.5-2.1.C21mdk.x86_64.rpm c335f9793c4ae08a39e8181af4ed6349 x86_64/corporate/2.1/RPMS/libimlib2_1-devel-1.0.5-2.1.C21mdk.x86_64.rpm 0702ec29b746e5446e03a74082120114 x86_64/corporate/2.1/RPMS/libimlib2_1-filters-1.0.5-2.1.C21mdk.x86_64.rpm 9d3238eebc7cb6c7bde0c7d7e98a51c4 x86_64/corporate/2.1/RPMS/libimlib2_1-loaders-1.0.5-2.1.C21mdk.x86_64.rpm efcdd5a520d8313c1e1e4ee46c3c6dd3 x86_64/corporate/2.1/SRPMS/imlib-1.9.14-5.1.C21mdk.src.rpm e4bb939ab61671005eec878af3733533 x86_64/corporate/2.1/SRPMS/imlib2-1.0.5-2.1.C21mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0817 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate,

September 16, 2004

Updated drakconf package

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name drakconf Date September 7th, 2004 Advisory ID MDKA-2004:039 Affected versions 10.0 Synopsis Updated drakconf package corrects various bugs. Problem Description Updated DrakConf packages are now available that fix various bugs, including: - fixed special "" entries (pablo) - drakconsole: add a title for when one run it not from mcc - make web wizard description more accurate (#8153) - translation updates - embed rfbdrake (Online Administration section) - fix buildrequires (Per Øyvind Karlsen) - fix profiles garbage (tvignaud, #9278) As well, a new rfbdrake package is provided for the embedded rfbdrake to work properly. Updated Packages Mandrakelinux 10.0 9104e160aae98d09ac0aa06cb02128af 10.0/RPMS/drakconf-10-14.1.100mdk.i586.rpm fb6c6d55ed466f64b43d8aa0e135ab13 10.0/RPMS/rfbdrake-1.0-7.1.100mdk.noarch.rpm 0a1e070f3b82d5b069183127a356c0bf 10.0/SRPMS/drakconf-10-14.1.100mdk.src.rpm c3a253fa737ba53867def8d866cab84a 10.0/SRPMS/rfbdrake-1.0-7.1.100mdk.src.rpm Mandrakelinux 10.0/AMD64 9448192f166ad5c520e4710ad0fd91d2 amd64/10.0/RPMS/drakconf-10-14.1.100mdk.amd64.rpm e9a02bd4502bdc5617a51455c0f834c7 amd64/10.0/RPMS/rfbdrake-1.0-7.1.100mdk.noarch.rpm 0a1e070f3b82d5b069183127a356c0bf amd64/10.0/SRPMS/drakconf-10-14.1.100mdk.src.rpm c3a253fa737ba53867def8d866cab84a amd64/10.0/SRPMS/rfbdrake-1.0-7.1.100mdk.src.rpm Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

September 16, 2004

Gentoo Xorg 6.8 with Transparency

mystified replied to ac_dispatcher's topic in Other Linux and Unix Distributions

You went through the wiki right? What happens when you use: xcompmgr -c & & transset .2 <--- when you run that, you click your mouse were you want transparency. What is it doing? <{POST_SNAPBACK}> It would tell me it couldn't find composite. But that's ok. X went completely flaky on me so I wound up downgrading. Guess I'll wait for stable.

Gentoo Xorg 6.8 with Transparency

mystified replied to ac_dispatcher's topic in Other Linux and Unix Distributions

I've got the new xorg but I can't get my translucencies or drop shadows to work. I've edited my xorg.config and it should work!

gimp make failed in gentoo

mystified replied to a topic in Other Linux and Unix Distributions

Glad to see you made it jsldub. :D

Updated krb5 packages fix vulnerabilties

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name krb5 Date August 31st, 2004 Advisory ID MDKSA-2004:088 Affected versions 9.1, 9.2, 10.0, MNF8.2, CS2.1 Synopsis Updated krb5 packages fix multiple vulnerabilities Problem Description A double-free vulnerability exists in the MIT Kerberos 5's KDC program that could potentially allow a remote attacker to execute arbitrary code on the KDC host. As well, multiple double-free vulnerabilities exist in the krb5 library code, which makes client programs and application servers vulnerable. The MIT Kerberos 5 development team believes that exploitation of these bugs would be difficult and no known vulnerabilities are believed to exist. The vulnerability in krb524d was discovered by Marc Horowitz; the other double-free vulnerabilities were discovered by Will Fiveash and Nico Williams at Sun. Will Fiveash and Nico Williams also found another vulnerability in the ASN.1 decoder library. This makes krb5 vulnerable to a DoS (Denial of Service) attack causing an infinite loop in the decoder. The KDC is vulnerable to this attack. The MIT Kerberos 5 team has provided patches which have been applied to the updated software to fix these issues. Mandrakesoft encourages all users to upgrade immediately. Updated Packages Mandrakelinux 9.1 097a2e12350a3ade31fae4c932d19e07 9.1/RPMS/ftp-client-krb5-1.2.7-1.4.91mdk.i586.rpm 2c633d7c508d76965cd3810dc031a4db 9.1/RPMS/ftp-server-krb5-1.2.7-1.4.91mdk.i586.rpm 76f2c05668511a7f4ba91bdc386ef4fe 9.1/RPMS/krb5-devel-1.2.7-1.4.91mdk.i586.rpm 9d40edf481b4f422428f85ff74dbc74c 9.1/RPMS/krb5-libs-1.2.7-1.4.91mdk.i586.rpm ca64ff3f58567d44e15289ef74616f53 9.1/RPMS/krb5-server-1.2.7-1.4.91mdk.i586.rpm 98b098ebc6458fbee8a4f8f8931cbb03 9.1/RPMS/krb5-workstation-1.2.7-1.4.91mdk.i586.rpm 5166992c03e97b9fa55609271747b2ae 9.1/RPMS/telnet-client-krb5-1.2.7-1.4.91mdk.i586.rpm 59a9763e113ad2f319c826b8e13762d0 9.1/RPMS/telnet-server-krb5-1.2.7-1.4.91mdk.i586.rpm 6c62e73e872133b51287c902d15511b1 9.1/SRPMS/krb5-1.2.7-1.4.91mdk.src.rpm Mandrakelinux 9.1/PPC 7105c4249b38453bc5fabf2ebe19b870 ppc/9.1/RPMS/ftp-client-krb5-1.2.7-1.4.91mdk.ppc.rpm 5b8bdffbdd3cc36b7763a9fb380e366f ppc/9.1/RPMS/ftp-server-krb5-1.2.7-1.4.91mdk.ppc.rpm d516817207e2773b33cb823d913e04c3 ppc/9.1/RPMS/krb5-devel-1.2.7-1.4.91mdk.ppc.rpm 32fa10923b950f4a125e2228ad7cabca ppc/9.1/RPMS/krb5-libs-1.2.7-1.4.91mdk.ppc.rpm 6da80b652767d48a9305448470151229 ppc/9.1/RPMS/krb5-server-1.2.7-1.4.91mdk.ppc.rpm 1f7e604cf9a7e305facd53542c3e15df ppc/9.1/RPMS/krb5-workstation-1.2.7-1.4.91mdk.ppc.rpm b9dee2c91cd387e0d6e062a1ccc00662 ppc/9.1/RPMS/telnet-client-krb5-1.2.7-1.4.91mdk.ppc.rpm fb648e078c85433de7f9ac7ef90709dc ppc/9.1/RPMS/telnet-server-krb5-1.2.7-1.4.91mdk.ppc.rpm 6c62e73e872133b51287c902d15511b1 ppc/9.1/SRPMS/krb5-1.2.7-1.4.91mdk.src.rpm Mandrakelinux 9.2 90415502d5a62a79594f5fef4244e7c8 9.2/RPMS/ftp-client-krb5-1.3-3.3.92mdk.i586.rpm 7d82c32903319720fba066204ab175e1 9.2/RPMS/ftp-server-krb5-1.3-3.3.92mdk.i586.rpm b1ddf3c172f89fb13fa0f786969ccc31 9.2/RPMS/krb5-server-1.3-3.3.92mdk.i586.rpm 40acba56c3e11c475e31de3a1bae0cb5 9.2/RPMS/krb5-workstation-1.3-3.3.92mdk.i586.rpm cfd5554e669ef905f74594bcba6ccf4c 9.2/RPMS/libkrb51-1.3-3.3.92mdk.i586.rpm 5ea52458e2d00aa6a300aaa5a50ca389 9.2/RPMS/libkrb51-devel-1.3-3.3.92mdk.i586.rpm 6c081822fb10635aa6794e9930b3a2ea 9.2/RPMS/telnet-client-krb5-1.3-3.3.92mdk.i586.rpm 2a41c73fa2475981a944062984a2dd2d 9.2/RPMS/telnet-server-krb5-1.3-3.3.92mdk.i586.rpm 8799df57f8078659c7942a18da4f180b 9.2/SRPMS/krb5-1.3-3.3.92mdk.src.rpm Mandrakelinux 9.2/AMD64 cb418490002d5bfc9a063a35e04e4b06 amd64/9.2/RPMS/ftp-client-krb5-1.3-3.3.92mdk.amd64.rpm 6eb46b17f7d259196837767edaf0362e amd64/9.2/RPMS/ftp-server-krb5-1.3-3.3.92mdk.amd64.rpm bfec6312e1bfe7df0af348238ffb3e54 amd64/9.2/RPMS/krb5-server-1.3-3.3.92mdk.amd64.rpm 8db31b019fed08e22731bcc42528b883 amd64/9.2/RPMS/krb5-workstation-1.3-3.3.92mdk.amd64.rpm 7d167edd4f1586679651851964ce90ea amd64/9.2/RPMS/lib64krb51-1.3-3.3.92mdk.amd64.rpm e16b452c492c3b38b47e5f7ac29ccb51 amd64/9.2/RPMS/lib64krb51-devel-1.3-3.3.92mdk.amd64.rpm 46e3c90ed9654d144f4c1970857abc44 amd64/9.2/RPMS/telnet-client-krb5-1.3-3.3.92mdk.amd64.rpm e6ba681247da6ff006841be52ec974d1 amd64/9.2/RPMS/telnet-server-krb5-1.3-3.3.92mdk.amd64.rpm 8799df57f8078659c7942a18da4f180b amd64/9.2/SRPMS/krb5-1.3-3.3.92mdk.src.rpm Mandrakelinux 10.0 73bb98eb62d434558f17831600fb1458 10.0/RPMS/ftp-client-krb5-1.3-6.3.100mdk.i586.rpm c478483ce848d59f3f3cf392fbc1eb4b 10.0/RPMS/ftp-server-krb5-1.3-6.3.100mdk.i586.rpm 9e373a4d304f7c6158769f7703a76b01 10.0/RPMS/krb5-server-1.3-6.3.100mdk.i586.rpm c3ec5f6e266efe0df3dea9edcf801358 10.0/RPMS/krb5-workstation-1.3-6.3.100mdk.i586.rpm 34951f4e03deff6e11025f1955035ae0 10.0/RPMS/libkrb51-1.3-6.3.100mdk.i586.rpm 2e1e16e24bcbbed0c6b9b3cd46eca10c 10.0/RPMS/libkrb51-devel-1.3-6.3.100mdk.i586.rpm b8201603630be58a4fa7facb91c7f154 10.0/RPMS/telnet-client-krb5-1.3-6.3.100mdk.i586.rpm 666908b4dea44b25838965b02f00c1dd 10.0/RPMS/telnet-server-krb5-1.3-6.3.100mdk.i586.rpm f3aaaf216f7a850eaf8cb598a20ffc10 10.0/SRPMS/krb5-1.3-6.3.100mdk.src.rpm Mandrakelinux 10.0/AMD64 2af868662b6264e92be5db61ab15d556 amd64/10.0/RPMS/ftp-client-krb5-1.3-6.3.100mdk.amd64.rpm 31bf307767c05eae0ac91a417b8bc1f9 amd64/10.0/RPMS/ftp-server-krb5-1.3-6.3.100mdk.amd64.rpm 319c35d89dddb94c6c5a70d407e466df amd64/10.0/RPMS/krb5-server-1.3-6.3.100mdk.amd64.rpm 080f4241e3b5029ca271491de7fb82c0 amd64/10.0/RPMS/krb5-workstation-1.3-6.3.100mdk.amd64.rpm dfdff0b6b8e67292226c72abdec54e02 amd64/10.0/RPMS/lib64krb51-1.3-6.3.100mdk.amd64.rpm 155f76064f777a5f2d912ff18b1f0303 amd64/10.0/RPMS/lib64krb51-devel-1.3-6.3.100mdk.amd64.rpm d20e6f4e4eb501f05d9e6af488add5a9 amd64/10.0/RPMS/telnet-client-krb5-1.3-6.3.100mdk.amd64.rpm ed5c9891c82e49b28572e7df936f6493 amd64/10.0/RPMS/telnet-server-krb5-1.3-6.3.100mdk.amd64.rpm f3aaaf216f7a850eaf8cb598a20ffc10 amd64/10.0/SRPMS/krb5-1.3-6.3.100mdk.src.rpm Multi Network Firewall 8.2 e8fb8405db0a463f4f83bad54064770f mnf8.2/RPMS/krb5-libs-1.2.2-17.8.M82mdk.i586.rpm da83d39d128b15e4ed7c5311c3753ce4 mnf8.2/SRPMS/krb5-1.2.2-17.8.M82mdk.src.rpm Corporate Server 2.1 9d22863c6d09a174166e708b7c6ba939 corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.7.C21mdk.i586.rpm 84cebdea8971d8248f93f3082fb0fe31 corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.7.C21mdk.i586.rpm 41588cb74622aae52f110ac9d15041cb corporate/2.1/RPMS/krb5-devel-1.2.5-1.7.C21mdk.i586.rpm a0c447a980bbe4690af8bf5cb1676a5c corporate/2.1/RPMS/krb5-libs-1.2.5-1.7.C21mdk.i586.rpm 36d8acaa6d56802ae6c85d62e29ed60f corporate/2.1/RPMS/krb5-server-1.2.5-1.7.C21mdk.i586.rpm 05c39800a5b323e82f670398c77fff08 corporate/2.1/RPMS/krb5-workstation-1.2.5-1.7.C21mdk.i586.rpm 1cd56fccbfa1412f5fb90c0bbcc4647f corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.7.C21mdk.i586.rpm d716bf6b8fd8836203dac119db0ee0b4 corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.7.C21mdk.i586.rpm 9447bb1a7e7520fcde4ebfc33ab72d6e corporate/2.1/SRPMS/krb5-1.2.5-1.7.C21mdk.src.rpm Corporate Server 2.1/X86_64 7cc0c84ac6d19ed0d5ce75409aaf5c32 x86_64/corporate/2.1/RPMS/ftp-client-krb5-1.2.5-1.7.C21mdk.x86_64.rpm 2f78604bcb5826934d18761973861c43 x86_64/corporate/2.1/RPMS/ftp-server-krb5-1.2.5-1.7.C21mdk.x86_64.rpm 92f08007a0f82334b7510aa51b2462a8 x86_64/corporate/2.1/RPMS/krb5-devel-1.2.5-1.7.C21mdk.x86_64.rpm 812e14a4be8fc9da8c4b8d1796e91537 x86_64/corporate/2.1/RPMS/krb5-libs-1.2.5-1.7.C21mdk.x86_64.rpm ddbf43767fe84596fd841208e4f52411 x86_64/corporate/2.1/RPMS/krb5-server-1.2.5-1.7.C21mdk.x86_64.rpm 8dd02b95a90960233afc8dcd40d1d057 x86_64/corporate/2.1/RPMS/krb5-workstation-1.2.5-1.7.C21mdk.x86_64.rpm 70dd009c061b6124d49d91464c10d7ea x86_64/corporate/2.1/RPMS/telnet-client-krb5-1.2.5-1.7.C21mdk.x86_64.rpm 7d5721b36c4d5df068c60eee73742c8a x86_64/corporate/2.1/RPMS/telnet-server-krb5-1.2.5-1.7.C21mdk.x86_64.rpm 9447bb1a7e7520fcde4ebfc33ab72d6e x86_64/corporate/2.1/SRPMS/krb5-1.2.5-1.7.C21mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0642 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0643 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0644 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0772 http://www.kb.cert.org/vuls/id/550464 http://www.kb.cert.org/vuls/id/795632 http://www.kb.cert.org/vuls/id/866472 http://www.kb.cert.org/vuls/id/350792 http://web.mit.edu/kerberos/advisories/MIT...002-dblfree.txt http://web.mit.edu/kerberos/advisories/MIT...04-003-asn1.txt Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of

September 2, 2004

updated kernel packages fix vulnabilties

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name kernel Date August 26th, 2004 Advisory ID MDKSA-2004:087 Affected versions 9.1, 9.2, 10.0, MNF8.2, CS2.1 Synopsis Updated kernel packages fix multiple vulnerabilities Problem Description A race condition was discovered in the 64bit file offset handling by Paul Starzetz from iSEC. The file offset pointer (f_pos) is changed during reading, writing, and seeking through a file in order to point to the current position of a file. The value conversion between both the 32bit and 64bit API in the kernel, as well as access to the f_pos pointer, is defective. As a result, a local attacker can abuse this vulnerability to gain access to uninitialized kernel memory, mostly via entries in the /proc filesystem. This kernel memory can possibly contain information like the root password, and other sensitive data. The updated kernel packages provided are patched to protect against this vulnerability, and all users are encouraged to upgrade immediately. Updated Packages Mandrakelinux 9.1 bec690d551d3da5058df6a511f156c21 9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.i586.rpm b6298da605021f7396d556db58fe6a05 9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.i586.rpm ea57e0af847c3638589f8c1131841cf2 9.1/RPMS/kernel-secure-2.4.21.0.33mdk-1-1mdk.i586.rpm f429f092a0c6691b83434d139af63595 9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.i586.rpm 49be199554329b217c7194dcb1da8214 9.1/RPMS/kernel-source-2.4.21-0.33mdk.i586.rpm db80c98bd9fddc1c7f92e424fb749cfe 9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm Mandrakelinux 9.1/PPC 1c7115fb314313abf81c9e6ee4378077 ppc/9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.ppc.rpm d1b8770b326fe538f463b87840a6b837 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.ppc.rpm 42c2b5da02f580744452becdd3a1eaf4 ppc/9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.ppc.rpm ff5b1972d84a48b355665b37136d9a7e ppc/9.1/RPMS/kernel-source-2.4.21-0.33mdk.ppc.rpm db80c98bd9fddc1c7f92e424fb749cfe ppc/9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm Mandrakelinux 9.2 5bef940a1edbe8ae1095bcd10467302b 9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.i586.rpm 6ee21d50e3fbe39be2e6b3b224fd1447 9.2/RPMS/kernel-enterprise-2.4.22.37mdk-1-1mdk.i586.rpm fcabb78046a63d6075d1197bc214ee6a 9.2/RPMS/kernel-i686-up-4GB-2.4.22.37mdk-1-1mdk.i586.rpm d22d6bd72c99f1af8a69a64e86208331 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.37mdk-1-1mdk.i586.rpm 1af0175e3ba79bd5e2334009760995d6 9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.i586.rpm f5ee987671743c3982cc1a3418a309da 9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.i586.rpm fc84de2d936d56056ef1599bf36bfe2f 9.2/RPMS/kernel-source-2.4.22-37mdk.i586.rpm e8901a215c637e9b6778d141cd0d6af2 9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm Mandrakelinux 9.2/AMD64 e6246736f56fb7c91d4fcc0222ffc0a6 amd64/9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.amd64.rpm fb74e209e096634ddad88216ab1d2151 amd64/9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.amd64.rpm 42661d2b2f08d2ca0c29c49bb88808b2 amd64/9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.amd64.rpm 57fac850dd2cfe63a54dc292a5982f4e amd64/9.2/RPMS/kernel-source-2.4.22-37mdk.amd64.rpm e8901a215c637e9b6778d141cd0d6af2 amd64/9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm Mandrakelinux 10.0 bb124a3bef37b02afc1f76b250934602 10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.i586.rpm 1b5a1a95566b8c95ade266280299f1f7 10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.i586.rpm 71e3945f2ee90f470b51f432da1796de 10.0/RPMS/kernel-enterprise-2.4.25.8mdk-1-1mdk.i586.rpm 971e6cb84758a85702d8327a4f38fc28 10.0/RPMS/kernel-enterprise-2.6.3.16mdk-1-1mdk.i586.rpm 45b678133982d69d20bdf0f6d20b0824 10.0/RPMS/kernel-i686-up-4GB-2.4.25.8mdk-1-1mdk.i586.rpm 5452c94f1f7d67304254e12b673b5221 10.0/RPMS/kernel-i686-up-4GB-2.6.3.16mdk-1-1mdk.i586.rpm c70db4c0885bc44e7c730cd81c605957 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.8mdk-1-1mdk.i586.rpm a3f4ca2258bd51a06d1a4d9e8c91a0d0 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.16mdk-1-1mdk.i586.rpm 3043c3d2248621d3e78c6706e0b21ec8 10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.i586.rpm 6ffee0960561541e90df6fe4a94eaeee 10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.i586.rpm a31a725de8ed04ae8f9e7513393f25d1 10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.i586.rpm 9123ffa0c274535a9a4ec81b133878d4 10.0/RPMS/kernel-source-2.4.25-8mdk.i586.rpm 6433dbb5cc1c2f022babb91f85d9fc6f 10.0/RPMS/kernel-source-2.6.3-16mdk.i586.rpm fcca7cf53668562b0a32a6586308be56 10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.i586.rpm 106cadf9771a8c9f95307c8d50acafb4 10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm afe1f32f4d1bf50d8c26532d7306ae5e 10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm Mandrakelinux 10.0/AMD64 9a3392f21a14b6f39ab58b5c668c00d6 amd64/10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.amd64.rpm 55af2f01328e9639950a574ee8581742 amd64/10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.amd64.rpm 0f7a1d450d538737dfd372b1cfa94427 amd64/10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.amd64.rpm 19ca45c3907d9e199fa4fae81f5eecce amd64/10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.amd64.rpm 210177187fcb6b2d8c2e5e35236c94e0 amd64/10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.amd64.rpm 8af7563fa5bd6bbdb624673e20ca30f8 amd64/10.0/RPMS/kernel-source-2.4.25-8mdk.amd64.rpm 1c9e60cccf8f7c23631f66e3b8fefbbb amd64/10.0/RPMS/kernel-source-2.6.3-16mdk.amd64.rpm eb66d33a1f7145b073d19d4400dfd9cd amd64/10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.amd64.rpm 106cadf9771a8c9f95307c8d50acafb4 amd64/10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm afe1f32f4d1bf50d8c26532d7306ae5e amd64/10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm Multi Network Firewall 8.2 5a3f94088190a341b3e0ba4244c64244 mnf8.2/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm d5440f2645457193cfba59858066d6fa mnf8.2/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm Corporate Server 2.1 bd6420c05282c010ce169a0bc3ef2a1d corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.i586.rpm b7851dbc3d0ef68f1817f22344945af3 corporate/2.1/RPMS/kernel-enterprise-2.4.19.44mdk-1-1mdk.i586.rpm 1522b26f3002f9acdd62c7459d93e8ae corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm 3f9ac5a25a9873b1d6467fe901bc7ac2 corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.i586.rpm 270dfc0bc5e527dc9a0f5fc19c320871 corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.i586.rpm d5440f2645457193cfba59858066d6fa corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm Corporate Server 2.1/X86_64 d9732081e8aba92f7b456bd47210919b x86_64/corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.x86_64.rpm b5e1a9b21150f93cf2cccf1844832bee x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.x86_64.rpm 09cfe0193ecbd936b97638d925d6d4d6 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.x86_64.rpm b7c8fe8c80e8e485a0064ff005206758 x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.x86_64.rpm d5440f2645457193cfba59858066d6fa x86_64/corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415 Upgrade To upgrade your kernel, view the kernel update instructions. Kernels cannot be upgraded via MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm Mandrakesoft Security Advisories Package name kernel Date August 26th, 2004 Advisory ID MDKSA-2004:087 Affected versions 9.1, 9.2, 10.0, MNF8.2, CS2.1 Synopsis Updated kernel packages fix multiple vulnerabilities Problem Description A race condition was discovered in the 64bit file offset handling by Paul Starzetz from iSEC. The file offset pointer (f_pos) is changed during reading, writing, and seeking through a file in order to point to the current position of a file. The value conversion between both the 32bit and 64bit API in the kernel, as well as access to the f_pos pointer, is defective. As a result, a local attacker can abuse this vulnerability to gain access to uninitialized kernel memory, mostly via entries in the /proc filesystem. This kernel memory can possibly contain information like the root password, and other sensitive data. The updated kernel packages provided are patched to protect against this vulnerability, and all users are encouraged to upgrade immediately. Updated Packages Mandrakelinux 9.1 bec690d551d3da5058df6a511f156c21 9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.i586.rpm b6298da605021f7396d556db58fe6a05 9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.i586.rpm ea57e0af847c3638589f8c1131841cf2 9.1/RPMS/kernel-secure-2.4.21.0.33mdk-1-1mdk.i586.rpm f429f092a0c6691b83434d139af63595 9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.i586.rpm 49be199554329b217c7194dcb1da8214 9.1/RPMS/kernel-source-2.4.21-0.33mdk.i586.rpm db80c98bd9fddc1c7f92e424fb749cfe 9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm Mandrakelinux 9.1/PPC 1c7115fb314313abf81c9e6ee4378077 ppc/9.1/RPMS/kernel-2.4.21.0.33mdk-1-1mdk.ppc.rpm d1b8770b326fe538f463b87840a6b837 ppc/9.1/RPMS/kernel-enterprise-2.4.21.0.33mdk-1-1mdk.ppc.rpm 42c2b5da02f580744452becdd3a1eaf4 ppc/9.1/RPMS/kernel-smp-2.4.21.0.33mdk-1-1mdk.ppc.rpm ff5b1972d84a48b355665b37136d9a7e ppc/9.1/RPMS/kernel-source-2.4.21-0.33mdk.ppc.rpm db80c98bd9fddc1c7f92e424fb749cfe ppc/9.1/SRPMS/kernel-2.4.21.0.33mdk-1-1mdk.src.rpm Mandrakelinux 9.2 5bef940a1edbe8ae1095bcd10467302b 9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.i586.rpm 6ee21d50e3fbe39be2e6b3b224fd1447 9.2/RPMS/kernel-enterprise-2.4.22.37mdk-1-1mdk.i586.rpm fcabb78046a63d6075d1197bc214ee6a 9.2/RPMS/kernel-i686-up-4GB-2.4.22.37mdk-1-1mdk.i586.rpm d22d6bd72c99f1af8a69a64e86208331 9.2/RPMS/kernel-p3-smp-64GB-2.4.22.37mdk-1-1mdk.i586.rpm 1af0175e3ba79bd5e2334009760995d6 9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.i586.rpm f5ee987671743c3982cc1a3418a309da 9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.i586.rpm fc84de2d936d56056ef1599bf36bfe2f 9.2/RPMS/kernel-source-2.4.22-37mdk.i586.rpm e8901a215c637e9b6778d141cd0d6af2 9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm Mandrakelinux 9.2/AMD64 e6246736f56fb7c91d4fcc0222ffc0a6 amd64/9.2/RPMS/kernel-2.4.22.37mdk-1-1mdk.amd64.rpm fb74e209e096634ddad88216ab1d2151 amd64/9.2/RPMS/kernel-secure-2.4.22.37mdk-1-1mdk.amd64.rpm 42661d2b2f08d2ca0c29c49bb88808b2 amd64/9.2/RPMS/kernel-smp-2.4.22.37mdk-1-1mdk.amd64.rpm 57fac850dd2cfe63a54dc292a5982f4e amd64/9.2/RPMS/kernel-source-2.4.22-37mdk.amd64.rpm e8901a215c637e9b6778d141cd0d6af2 amd64/9.2/SRPMS/kernel-2.4.22.37mdk-1-1mdk.src.rpm Mandrakelinux 10.0 bb124a3bef37b02afc1f76b250934602 10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.i586.rpm 1b5a1a95566b8c95ade266280299f1f7 10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.i586.rpm 71e3945f2ee90f470b51f432da1796de 10.0/RPMS/kernel-enterprise-2.4.25.8mdk-1-1mdk.i586.rpm 971e6cb84758a85702d8327a4f38fc28 10.0/RPMS/kernel-enterprise-2.6.3.16mdk-1-1mdk.i586.rpm 45b678133982d69d20bdf0f6d20b0824 10.0/RPMS/kernel-i686-up-4GB-2.4.25.8mdk-1-1mdk.i586.rpm 5452c94f1f7d67304254e12b673b5221 10.0/RPMS/kernel-i686-up-4GB-2.6.3.16mdk-1-1mdk.i586.rpm c70db4c0885bc44e7c730cd81c605957 10.0/RPMS/kernel-p3-smp-64GB-2.4.25.8mdk-1-1mdk.i586.rpm a3f4ca2258bd51a06d1a4d9e8c91a0d0 10.0/RPMS/kernel-p3-smp-64GB-2.6.3.16mdk-1-1mdk.i586.rpm 3043c3d2248621d3e78c6706e0b21ec8 10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.i586.rpm 6ffee0960561541e90df6fe4a94eaeee 10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.i586.rpm a31a725de8ed04ae8f9e7513393f25d1 10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.i586.rpm 9123ffa0c274535a9a4ec81b133878d4 10.0/RPMS/kernel-source-2.4.25-8mdk.i586.rpm 6433dbb5cc1c2f022babb91f85d9fc6f 10.0/RPMS/kernel-source-2.6.3-16mdk.i586.rpm fcca7cf53668562b0a32a6586308be56 10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.i586.rpm 106cadf9771a8c9f95307c8d50acafb4 10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm afe1f32f4d1bf50d8c26532d7306ae5e 10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm Mandrakelinux 10.0/AMD64 9a3392f21a14b6f39ab58b5c668c00d6 amd64/10.0/RPMS/kernel-2.4.25.8mdk-1-1mdk.amd64.rpm 55af2f01328e9639950a574ee8581742 amd64/10.0/RPMS/kernel-2.6.3.16mdk-1-1mdk.amd64.rpm 0f7a1d450d538737dfd372b1cfa94427 amd64/10.0/RPMS/kernel-secure-2.6.3.16mdk-1-1mdk.amd64.rpm 19ca45c3907d9e199fa4fae81f5eecce amd64/10.0/RPMS/kernel-smp-2.4.25.8mdk-1-1mdk.amd64.rpm 210177187fcb6b2d8c2e5e35236c94e0 amd64/10.0/RPMS/kernel-smp-2.6.3.16mdk-1-1mdk.amd64.rpm 8af7563fa5bd6bbdb624673e20ca30f8 amd64/10.0/RPMS/kernel-source-2.4.25-8mdk.amd64.rpm 1c9e60cccf8f7c23631f66e3b8fefbbb amd64/10.0/RPMS/kernel-source-2.6.3-16mdk.amd64.rpm eb66d33a1f7145b073d19d4400dfd9cd amd64/10.0/RPMS/kernel-source-stripped-2.6.3-16mdk.amd64.rpm 106cadf9771a8c9f95307c8d50acafb4 amd64/10.0/SRPMS/kernel-2.4.25.8mdk-1-1mdk.src.rpm afe1f32f4d1bf50d8c26532d7306ae5e amd64/10.0/SRPMS/kernel-2.6.3.16mdk-1-1mdk.src.rpm Multi Network Firewall 8.2 5a3f94088190a341b3e0ba4244c64244 mnf8.2/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm d5440f2645457193cfba59858066d6fa mnf8.2/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm Corporate Server 2.1 bd6420c05282c010ce169a0bc3ef2a1d corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.i586.rpm b7851dbc3d0ef68f1817f22344945af3 corporate/2.1/RPMS/kernel-enterprise-2.4.19.44mdk-1-1mdk.i586.rpm 1522b26f3002f9acdd62c7459d93e8ae corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.i586.rpm 3f9ac5a25a9873b1d6467fe901bc7ac2 corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.i586.rpm 270dfc0bc5e527dc9a0f5fc19c320871 corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.i586.rpm d5440f2645457193cfba59858066d6fa corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm Corporate Server 2.1/X86_64 d9732081e8aba92f7b456bd47210919b x86_64/corporate/2.1/RPMS/kernel-2.4.19.44mdk-1-1mdk.x86_64.rpm b5e1a9b21150f93cf2cccf1844832bee x86_64/corporate/2.1/RPMS/kernel-secure-2.4.19.44mdk-1-1mdk.x86_64.rpm 09cfe0193ecbd936b97638d925d6d4d6 x86_64/corporate/2.1/RPMS/kernel-smp-2.4.19.44mdk-1-1mdk.x86_64.rpm b7c8fe8c80e8e485a0064ff005206758 x86_64/corporate/2.1/RPMS/kernel-source-2.4.19-44mdk.x86_64.rpm d5440f2645457193cfba59858066d6fa x86_64/corporate/2.1/SRPMS/kernel-2.4.19.44mdk-1-1mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0415 Upgrade To upgrade your kernel, view the kernel update instructions. Kernels cannot be upgraded via MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm

September 2, 2004

updated mkinitrd packages fixed problem with scsi

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name mkinitrd Date August 26th, 2004 Advisory ID MDKA-2004:038 Affected versions 10.0 Synopsis Updated mkinitrd packages fix problem with scsi modules on 2.4 kernel Problem Description A bug existed in mkinitrd where depmod-24 would generate a modules.dep file containing "\n" if there is more than one module listed as a dependency. Because of this, when mkinitrd is called, it will miss the dependencies of certain modules and as a result the modules that need to be loaded first will be loaded last and the kernel will complain about some missing symbols. This problem only affects systems using the 2.4 kernel with SCSI devices. The updated packages are fixed to correct the problem. Updated Packages Mandrakelinux 10.0 7ca20d4c7153012b3e4e9223e82f33f0 10.0/RPMS/mkinitrd-3.5.18-4.2.100mdk.i586.rpm ad6de27371de1ed748c7f67fc2de99e6 10.0/SRPMS/mkinitrd-3.5.18-4.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64 560f3ff1be18c53c89403774dee5c9d6 amd64/10.0/RPMS/mkinitrd-3.5.18-4.2.100mdk.amd64.rpm ad6de27371de1ed748c7f67fc2de99e6 amd64/10.0/SRPMS/mkinitrd-3.5.18-4.2.100mdk.src.rpm Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM.

September 2, 2004

How do I...

mystified replied to megiddo_99's topic in Software

Kscd is a buggy program from my experience. I can quit and it will still keep playing music! Try xmms. It's great! Mplayer is also a great media player.

Command line tips and tricks

mystified replied to spinynorman's topic in Everything Linux

I'd like to know too. I update gentoo daily and ipconfig will works for me. And I'm using kernel 2.6.7

Linux Distribution Chooser

mystified replied to jlc's topic in Everything Linux

awesome!

what is ipconfig in Linux

mystified replied to axel_2078's topic in Networking

ifconfig

K3B won't burn CDs :(

mystified replied to axel_2078's topic in Software

I honestly don't think that's your problem but if you want to check your kernel in a terminal type uname -r

K3B won't burn CDs :(

mystified replied to axel_2078's topic in Software

As far as your question regarding the newer kernel that can cause burning problems with k3b that's kernel 2.6.8.1 which is the latest. You can only burn cds as root.

/usr/share/state

mystified replied to Peep's topic in Everything Linux

Yeah, I don't have it in Mandrake 10 either. And Peep is also running Gentoo.

/usr/share/state

mystified replied to Peep's topic in Everything Linux

HJ on the #irc found this http://directory.fsf.org/miscfiles.html

/usr/share/state

mystified replied to Peep's topic in Everything Linux

I thought you were joking until I checked mine. Weird is right!

Too many options in lilo

mystified replied to Parano's topic in Installing Mandriva

If you want to find out what your partitions are and what is on each one open a terminal and type df -h.

am I running out of space?

mystified replied to axel_2078's topic in Installing Mandriva

5.8 GBS should be plenty for / I have mandrake installed on a 6gb hard drive. I suggest going to advanced next time tho and making the partitions the size you want instead of letting Mandrake do it for you.

Updated kdelibs and kdebase fix vulnerabilities

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name kdelibs/kdebase Date August 20th, 2004 Advisory ID MDKSA-2004:086 Affected versions 9.2, 10.0 Synopsis Updated kdelibs and kdebase packages fix multiple vulnerabilities Problem Description A number of vulnerabilities were discovered in KDE that are corrected with these update packages. The integrity of symlinks used by KDE are not ensured and as a result can be abused by local attackers to create or truncate arbitrary files or to prevent KDE applications from functioning correctly (CAN-2004-0689). The DCOPServer creates temporary files in an insecure manner. These temporary files are used for authentication-related purposes, so this could potentially allow a local attacker to compromise the account of any user running a KDE application (CAN-2004-0690). Note that only KDE 3.2.x is affected by this vulnerability. The Konqueror web browser allows websites to load web pages into a frame of any other frame-based web page that the user may have open. This could potentially allow a malicious website to make Konqueror insert its own frames into the page of an otherwise trusted website (CAN-2004-0721). The Konqueror web browser also allows websites to set cookies for certain country-specific top-level domains. This can be done to make Konqueror send the cookies to all other web sites operating under the same domain, which can be abused to become part of a session fixation attack. All country-specific secondary top-level domains that use more than 2 characters in the secondary part of the domain name, and that use a secondary part other than com, net, mil, org, gove, edu, or int are affected (CAN-2004-0746). Updated Packages Mandrakelinux 9.2 7a437fd66146531dd156af9466460b7f 9.2/RPMS/kdebase-3.1.3-79.2.92mdk.i586.rpm 46678bcc9b2e2af5f5b83b419d022522 9.2/RPMS/kdebase-common-3.1.3-79.2.92mdk.i586.rpm abee5d0c191812f382c6247ca87ad466 9.2/RPMS/kdebase-kate-3.1.3-79.2.92mdk.i586.rpm 9afe4816f3316c153105f6fe60eb5c27 9.2/RPMS/kdebase-kdeprintfax-3.1.3-79.2.92mdk.i586.rpm 314684650edf45d258955afd7a0cd71a 9.2/RPMS/kdebase-kdm-3.1.3-79.2.92mdk.i586.rpm cebc25881d037ce59f3de2cc3ba7f3f3 9.2/RPMS/kdebase-kdm-config-file-3.1.3-79.2.92mdk.i586.rpm 538d05e93fd88a3c57cb358b5cd36dd4 9.2/RPMS/kdebase-konsole-3.1.3-79.2.92mdk.i586.rpm d48c6377c5b580d668135c4afdddf3d1 9.2/RPMS/kdebase-nsplugins-3.1.3-79.2.92mdk.i586.rpm f2ad83707508d33d9dd63d77ec2d82e8 9.2/RPMS/kdebase-progs-3.1.3-79.2.92mdk.i586.rpm beca2c6a0458a32f8433cfd3702733e6 9.2/RPMS/kdelibs-common-3.1.3-35.3.92mdk.i586.rpm 285672f9688c2fb212b51398dc3085c1 9.2/RPMS/libkdebase4-3.1.3-79.2.92mdk.i586.rpm 382e809df95c5b9ecf3cf64521a71816 9.2/RPMS/libkdebase4-devel-3.1.3-79.2.92mdk.i586.rpm d6ff93e7d16d284a96c6113c784ae60f 9.2/RPMS/libkdebase4-kate-3.1.3-79.2.92mdk.i586.rpm 9e710e6502f32e9fa12e621e9cfdf4d0 9.2/RPMS/libkdebase4-kate-devel-3.1.3-79.2.92mdk.i586.rpm 47a2a05820b54bec347afd26da339203 9.2/RPMS/libkdebase4-konsole-3.1.3-79.2.92mdk.i586.rpm 4863e95228969e3ed2f9daa2278d4276 9.2/RPMS/libkdebase4-nsplugins-3.1.3-79.2.92mdk.i586.rpm 85dabe0527172fdf9202c724776d9d62 9.2/RPMS/libkdebase4-nsplugins-devel-3.1.3-79.2.92mdk.i586.rpm f0add02f5422c3f62cfbecd0f2a26b2d 9.2/RPMS/libkdecore4-3.1.3-35.3.92mdk.i586.rpm e8923bf7bc65c13bdd8fd18208ab550e 9.2/RPMS/libkdecore4-devel-3.1.3-35.3.92mdk.i586.rpm c54061baeb0b3498ccf8d776dc36fd9d 9.2/SRPMS/kdebase-3.1.3-79.2.92mdk.src.rpm 0e24de240e1a84326df7332499b452c7 9.2/SRPMS/kdelibs-3.1.3-35.3.92mdk.src.rpm Mandrakelinux 9.2/AMD64 daf7342d2c27f510597058428738a5d3 amd64/9.2/RPMS/kdebase-3.1.3-79.2.92mdk.amd64.rpm b03fbd0ebd368d78616c99adbfcbfdd2 amd64/9.2/RPMS/kdebase-common-3.1.3-79.2.92mdk.amd64.rpm 46c62f4ef453fa25213ff26d47e46057 amd64/9.2/RPMS/kdebase-kate-3.1.3-79.2.92mdk.amd64.rpm 5ec5e4dd405ce0605780553ddbd47604 amd64/9.2/RPMS/kdebase-kdeprintfax-3.1.3-79.2.92mdk.amd64.rpm f124a86ffaa161f8101344c0bda1ae39 amd64/9.2/RPMS/kdebase-kdm-3.1.3-79.2.92mdk.amd64.rpm 36da16dd458a163090098aeefe5eb619 amd64/9.2/RPMS/kdebase-kdm-config-file-3.1.3-79.2.92mdk.amd64.rpm 7c12240ad3e6b73fd0b24ae4d98fc0da amd64/9.2/RPMS/kdebase-konsole-3.1.3-79.2.92mdk.amd64.rpm b8c04a16954a7374b6194415f6e5e15a amd64/9.2/RPMS/kdebase-nsplugins-3.1.3-79.2.92mdk.amd64.rpm 6f855be2d1961dc75c5f1283cd25e71b amd64/9.2/RPMS/kdebase-progs-3.1.3-79.2.92mdk.amd64.rpm b9a0ba03005f212d8f2c8f5b952ef8e2 amd64/9.2/RPMS/kdelibs-common-3.1.3-35.3.92mdk.amd64.rpm 999bf091090905ea8d07aec1ec97fed2 amd64/9.2/RPMS/lib64kdebase4-3.1.3-79.2.92mdk.amd64.rpm b744accc86241864b23662265a6f2c9f amd64/9.2/RPMS/lib64kdebase4-devel-3.1.3-79.2.92mdk.amd64.rpm 596fefe16698fecd8d7ce04f19d048ff amd64/9.2/RPMS/lib64kdebase4-kate-3.1.3-79.2.92mdk.amd64.rpm caa45d71983b623a59923b18f6bb4f69 amd64/9.2/RPMS/lib64kdebase4-kate-devel-3.1.3-79.2.92mdk.amd64.rpm 7dd01ca77c94ff3a018dd5779605e67c amd64/9.2/RPMS/lib64kdebase4-konsole-3.1.3-79.2.92mdk.amd64.rpm 1d3f7e3e031df08ed17f77df6505cb47 amd64/9.2/RPMS/lib64kdebase4-nsplugins-3.1.3-79.2.92mdk.amd64.rpm f6f15ceb62c4abde32406bc1ae75b864 amd64/9.2/RPMS/lib64kdebase4-nsplugins-devel-3.1.3-79.2.92mdk.amd64.rpm 9478889d65eff687203a5ccf19ca3a28 amd64/9.2/RPMS/lib64kdecore4-3.1.3-35.3.92mdk.amd64.rpm 3c53063491a5f3a5ca4e51708fd85763 amd64/9.2/RPMS/lib64kdecore4-devel-3.1.3-35.3.92mdk.amd64.rpm c54061baeb0b3498ccf8d776dc36fd9d amd64/9.2/SRPMS/kdebase-3.1.3-79.2.92mdk.src.rpm 0e24de240e1a84326df7332499b452c7 amd64/9.2/SRPMS/kdelibs-3.1.3-35.3.92mdk.src.rpm Mandrakelinux 10.0 510438b78f3516746d4b4ed60ac212b3 10.0/RPMS/kdebase-3.2-79.2.100mdk.i586.rpm c8cf4ce9cf1d249b4a2bed3c66528803 10.0/RPMS/kdebase-common-3.2-79.2.100mdk.i586.rpm d38633d8cba665bbe1237813e45b0f7b 10.0/RPMS/kdebase-kate-3.2-79.2.100mdk.i586.rpm 5854609ecb04e39b0bc07e9a33778488 10.0/RPMS/kdebase-kcontrol-data-3.2-79.2.100mdk.i586.rpm 48727a4e1dd5df1bd52276f03ae8edd3 10.0/RPMS/kdebase-kdeprintfax-3.2-79.2.100mdk.i586.rpm 52fc69771ec698ba332870cbfa618a60 10.0/RPMS/kdebase-kdm-3.2-79.2.100mdk.i586.rpm d3ae0bc755db0665e12472a2e22ebd90 10.0/RPMS/kdebase-kdm-config-file-3.2-79.2.100mdk.i586.rpm 85d8b0ebf0421963f652424b0441145c 10.0/RPMS/kdebase-kmenuedit-3.2-79.2.100mdk.i586.rpm 222d9900d8f30961f04b870c5a949a1f 10.0/RPMS/kdebase-konsole-3.2-79.2.100mdk.i586.rpm 554b091c26d0461831323389292cc72d 10.0/RPMS/kdebase-nsplugins-3.2-79.2.100mdk.i586.rpm 487748d51da06a36180d18a0cedda4c5 10.0/RPMS/kdebase-progs-3.2-79.2.100mdk.i586.rpm 0f4088f33543e6f0f263537964cfccee 10.0/RPMS/kdelibs-common-3.2-36.3.100mdk.i586.rpm 9cc536b2ffd48b6b5354ba8967638d3e 10.0/RPMS/libkdebase4-3.2-79.2.100mdk.i586.rpm 32ed1e7ed670e6c01716f491b8181e8d 10.0/RPMS/libkdebase4-devel-3.2-79.2.100mdk.i586.rpm ea55a16ba1f7cd6ea2dabd274ce023bf 10.0/RPMS/libkdebase4-kate-3.2-79.2.100mdk.i586.rpm df122aa36fd811d3d97aafcff1d6aed7 10.0/RPMS/libkdebase4-kate-devel-3.2-79.2.100mdk.i586.rpm 598709de41b8101c44e0a82e52718340 10.0/RPMS/libkdebase4-kmenuedit-3.2-79.2.100mdk.i586.rpm 71f277606a8b5d17ca3f7a09aba486f7 10.0/RPMS/libkdebase4-konsole-3.2-79.2.100mdk.i586.rpm bceb452042e0c72d475139f4efe7a0c5 10.0/RPMS/libkdebase4-nsplugins-3.2-79.2.100mdk.i586.rpm ffc1728d50b17dd3cae6f1e2ad0589e2 10.0/RPMS/libkdebase4-nsplugins-devel-3.2-79.2.100mdk.i586.rpm 82d343a84048b56353c97b72b771ea81 10.0/RPMS/libkdecore4-3.2-36.3.100mdk.i586.rpm 7fd56a29040d0708e5d4650228c3534d 10.0/RPMS/libkdecore4-devel-3.2-36.3.100mdk.i586.rpm d2a3e8c4391af933ebc2e48cc4aa8dee 10.0/SRPMS/kdebase-3.2-79.2.100mdk.src.rpm 93330083dd59710108f6977107562aaf 10.0/SRPMS/kdelibs-3.2-36.3.100mdk.src.rpm Mandrakelinux 10.0/AMD64 8edf6ee3527aef3399db27ee98d39c6f amd64/10.0/RPMS/kdebase-3.2-79.2.100mdk.amd64.rpm 58b4defe043743d137f05b27bb7c0c87 amd64/10.0/RPMS/kdebase-common-3.2-79.2.100mdk.amd64.rpm 6bc0bdb8dcebfd4f9a010a8a257c67f6 amd64/10.0/RPMS/kdebase-kate-3.2-79.2.100mdk.amd64.rpm 0cd79e56ddf5fcdaa08bb9d6d60103f8 amd64/10.0/RPMS/kdebase-kcontrol-data-3.2-79.2.100mdk.amd64.rpm 0c7e8f118a150dbe63eac16476571cec amd64/10.0/RPMS/kdebase-kdeprintfax-3.2-79.2.100mdk.amd64.rpm f659c4d625218bde4dbf87cf0c457faa amd64/10.0/RPMS/kdebase-kdm-3.2-79.2.100mdk.amd64.rpm 2065540f835e04eb269c1ab3e070289b amd64/10.0/RPMS/kdebase-kdm-config-file-3.2-79.2.100mdk.amd64.rpm 02a45357b22c1374d6919b70997b4b8d amd64/10.0/RPMS/kdebase-kmenuedit-3.2-79.2.100mdk.amd64.rpm 6db6c45484be318eb53d5cbeef9a6e0e amd64/10.0/RPMS/kdebase-konsole-3.2-79.2.100mdk.amd64.rpm 567cae5415e7b1d3d8091d264ca98ea2 amd64/10.0/RPMS/kdebase-nsplugins-3.2-79.2.100mdk.amd64.rpm 6c597ced6b9590ebfc5ed1b8fef8190c amd64/10.0/RPMS/kdebase-progs-3.2-79.2.100mdk.amd64.rpm c7c0135d79620f0a6002d546408e7be0 amd64/10.0/RPMS/kdelibs-common-3.2-36.3.100mdk.amd64.rpm 57e18c9dca64cb6d4201f49719a0f591 amd64/10.0/RPMS/lib64kdebase4-3.2-79.2.100mdk.amd64.rpm aec6a23128624c32cf8ff302e15a0dce amd64/10.0/RPMS/lib64kdebase4-devel-3.2-79.2.100mdk.amd64.rpm d331d129437e959fe5952645205c602b amd64/10.0/RPMS/lib64kdebase4-kate-3.2-79.2.100mdk.amd64.rpm eac31119b4c7450e59bc4f855fef8ee3 amd64/10.0/RPMS/lib64kdebase4-kate-devel-3.2-79.2.100mdk.amd64.rpm 7692a8d3eb9085c4e01a6f82d22e54ea amd64/10.0/RPMS/lib64kdebase4-kmenuedit-3.2-79.2.100mdk.amd64.rpm 0dfd8eb1e9389b810cd541cbe78bbb37 amd64/10.0/RPMS/lib64kdebase4-konsole-3.2-79.2.100mdk.amd64.rpm 8611b9991340db56c60c4cc25cbe5a95 amd64/10.0/RPMS/lib64kdebase4-nsplugins-3.2-79.2.100mdk.amd64.rpm a72df10c2073f103963b763b68e1d6eb amd64/10.0/RPMS/lib64kdebase4-nsplugins-devel-3.2-79.2.100mdk.amd64.rpm 249dd74dd637791186829757f06a1291 amd64/10.0/RPMS/lib64kdecore4-3.2-36.3.100mdk.amd64.rpm 308cf4ac4d2eddb590e8e867175c2311 amd64/10.0/RPMS/lib64kdecore4-devel-3.2-36.3.100mdk.amd64.rpm d2a3e8c4391af933ebc2e48cc4aa8dee amd64/10.0/SRPMS/kdebase-3.2-79.2.100mdk.src.rpm 93330083dd59710108f6977107562aaf amd64/10.0/SRPMS/kdelibs-3.2-36.3.100mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0721 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0690 http://www.kde.org/info/security/advisory-20040811-3.txt http://www.kde.org/info/security/advisory-20040811-2.txt http://www.kde.org/info/security/advisory-20040811-1.txt http://www.kde.org/info/security/advisory-20040820-1.txt Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you us

August 25, 2004

updated qt3 packages fix multiple vulnerabilities

mystified posted a topic in Mandriva Security Advisories

Mandrakesoft Security Advisories Package name qt3 Date August 18th, 2004 Advisory ID MDKSA-2004:085 Affected versions 9.2, 10.0 Synopsis Updated qt3 packages fix multiple vulnerabilities Problem Description Chris Evans discovered a heap-based overflow in the QT library when handling 8-bit RLE encoded BMP files. This vulnerability could allow for the compromise of the account used to view or browse malicious BMP files. On subsequent investigation, it was also found that the handlers for XPM, GIF, and JPEG image types were also faulty. These problems affect all applications that use QT to handle image files, such as QT-based image viewers, the Konqueror web browser, and others. The updated packages have been patched to correct these problems. Updated Packages Mandrakelinux 9.2 1ad7ba2889f42f3509d5f598fa3ed886 9.2/RPMS/libqt3-3.1.2-15.4.92mdk.i586.rpm 4d24014ae885c403535cbeef08ff7903 9.2/RPMS/libqt3-devel-3.1.2-15.4.92mdk.i586.rpm d727939706c9ce02da6b6d571f8385ba 9.2/RPMS/libqt3-mysql-3.1.2-15.4.92mdk.i586.rpm 9c375f83090adb8dde8600c1a4efa78c 9.2/RPMS/libqt3-odbc-3.1.2-15.4.92mdk.i586.rpm 5d957b60606594817142e5266eacbefe 9.2/RPMS/libqt3-psql-3.1.2-15.4.92mdk.i586.rpm 62aca38f15c5fb48505ddd9090d34cf5 9.2/RPMS/qt3-common-3.1.2-15.4.92mdk.i586.rpm 13f5e3b7863e05c37cdf2a696aac870f 9.2/RPMS/qt3-example-3.1.2-15.4.92mdk.i586.rpm 94edf3bf024e2fd75009a81101ec594b 9.2/SRPMS/qt3-3.1.2-15.4.92mdk.src.rpm Mandrakelinux 9.2/AMD64 94a17b47ecffd42bce0adac5d84e47ad amd64/9.2/RPMS/lib64qt3-3.1.2-15.4.92mdk.amd64.rpm c16857f3695c52ddc9b8128200d459f4 amd64/9.2/RPMS/lib64qt3-devel-3.1.2-15.4.92mdk.amd64.rpm 48f7ddd93ca67c1abe158d07fb45633d amd64/9.2/RPMS/lib64qt3-mysql-3.1.2-15.4.92mdk.amd64.rpm 068ae44a1df137a5c03f34ee0a708a58 amd64/9.2/RPMS/lib64qt3-odbc-3.1.2-15.4.92mdk.amd64.rpm 028ab20a009637885e78542c9724a027 amd64/9.2/RPMS/lib64qt3-psql-3.1.2-15.4.92mdk.amd64.rpm 2827dfd029093b8c2564d23750642c1d amd64/9.2/RPMS/qt3-common-3.1.2-15.4.92mdk.amd64.rpm 9b360daab6dfc57a15d6ad0e6dff8f35 amd64/9.2/RPMS/qt3-example-3.1.2-15.4.92mdk.amd64.rpm 94edf3bf024e2fd75009a81101ec594b amd64/9.2/SRPMS/qt3-3.1.2-15.4.92mdk.src.rpm Mandrakelinux 10.0 21a786e53866b3071faf0c8ea1c8b729 10.0/RPMS/libqt3-3.2.3-19.2.100mdk.i586.rpm f9a5891b174fc577eb3fc54e56a682d6 10.0/RPMS/libqt3-devel-3.2.3-19.2.100mdk.i586.rpm 564544fb071708fc02e9ab11330368f8 10.0/RPMS/libqt3-mysql-3.2.3-19.2.100mdk.i586.rpm cf5a7257a4cce067050cde773e312462 10.0/RPMS/libqt3-odbc-3.2.3-19.2.100mdk.i586.rpm b77aeed4530fc4738c9c12b4af07b075 10.0/RPMS/libqt3-psql-3.2.3-19.2.100mdk.i586.rpm e2f788f8122f993621593204f99d86de 10.0/RPMS/qt3-common-3.2.3-19.2.100mdk.i586.rpm 694a3cff5aa940e2d7f4dc2c5eefeb16 10.0/RPMS/qt3-example-3.2.3-19.2.100mdk.i586.rpm 9349845dc7b64c0beeed1be6b16267c6 10.0/SRPMS/qt3-3.2.3-19.2.100mdk.src.rpm Mandrakelinux 10.0/AMD64 ee3473b5e34eb683a3643240c659ffcc amd64/10.0/RPMS/lib64qt3-3.2.3-19.2.100mdk.amd64.rpm b15b7d5b23125b9d564b92cf93febcdc amd64/10.0/RPMS/lib64qt3-devel-3.2.3-19.2.100mdk.amd64.rpm 1b68d045c0037d08b63a795ac1e53bd7 amd64/10.0/RPMS/lib64qt3-mysql-3.2.3-19.2.100mdk.amd64.rpm 2c442445182e657e54bb74f5d9144654 amd64/10.0/RPMS/lib64qt3-odbc-3.2.3-19.2.100mdk.amd64.rpm bbd265dad6cff808a4e9ca273ef05611 amd64/10.0/RPMS/lib64qt3-psql-3.2.3-19.2.100mdk.amd64.rpm 60563c190b4da887cd805f714769345e amd64/10.0/RPMS/qt3-common-3.2.3-19.2.100mdk.amd64.rpm 3876d1490ea3dee84ceb2bcedb46aa24 amd64/10.0/RPMS/qt3-example-3.2.3-19.2.100mdk.amd64.rpm 9349845dc7b64c0beeed1be6b16267c6 amd64/10.0/SRPMS/qt3-3.2.3-19.2.100mdk.src.rpm References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0692 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0693 Upgrade To upgrade automatically, use MandrakeUpdate. Verification Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrakelinux Security Team to verify the GPG signature of each RPM. If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

August 25, 2004

Sign In

mystified

Posts

Joined

Last visited

Content Type

Profiles

Forums

Events

Everything posted by mystified

Updated squid packages fix DoS vulnerability

Updated samba packages fix vulnerabilities

Updated cdrecord package

Updated zlib packages fix DoS vulnerability

Updated imlib/imlib2 packages fix bmp crash

Updated drakconf package

Gentoo Xorg 6.8 with Transparency

Gentoo Xorg 6.8 with Transparency

gimp make failed in gentoo

Updated krb5 packages fix vulnerabilties

updated kernel packages fix vulnabilties

updated mkinitrd packages fixed problem with scsi

How do I...

Command line tips and tricks

Linux Distribution Chooser

what is ipconfig in Linux

K3B won't burn CDs :(

K3B won't burn CDs :(

/usr/share/state

/usr/share/state

/usr/share/state

Too many options in lilo

am I running out of space?

Updated kdelibs and kdebase fix vulnerabilities

updated qt3 packages fix multiple vulnerabilities

Browse

Activity