[Security Announce] [ MDKA-2007:123 ] - Updated urpmi package fixes handling of source packages installation
Posted on: 11/29/2007 08:50 PM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Advisory MDKA-2007:123
http://www.mandriva.com/security/
_______________________________________________________________________

Package : urpmi
Date : November 29, 2007
Affected: 2008.0
_______________________________________________________________________

Problem Description:

The package included with Mandriva Linux 2008 for urpmi, the Mandriva
package management tool, has regressions in the behaviour of the --src
and --install-src parameters. The --install-src parameter fails to
work at all. The --src parameter does not download and install the
actual .src.rpm as it did in previous releases, it only installs the
necessary build dependencies.

This update fixes these issues.
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
cb0e955583a294e899cf3cdbb050d723 2008.0/i586/gurpmi-4.10.14.1-1.1mdv2008.0.noarch.rpm
06710daab80b78840f7474c1b9e664b8 2008.0/i586/urpmi-4.10.14.1-1.1mdv2008.0.noarch.rpm
6035be60085ac8331ff6549799ad4c15 2008.0/i586/urpmi-ldap-4.10.14.1-1.1mdv2008.0.noarch.rpm
6a164fbc91265d39ee51e12e72db5f81 2008.0/i586/urpmi-parallel-ka-run-4.10.14.1-1.1mdv2008.0.noarch.rpm
ee7bf59d80fd77b94e8a255e8a19a1f6 2008.0/i586/urpmi-parallel-ssh-4.10.14.1-1.1mdv2008.0.noarch.rpm
3395e3e030ad8c42d9b2be5cd097f8a3 2008.0/i586/urpmi-recover-4.10.14.1-1.1mdv2008.0.noarch.rpm
32f10f30cecacbfdf53add6ee5b30fbb 2008.0/SRPMS/urpmi-4.10.14.1-1.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
ceda1518ab3a30db781d343651893544 2008.0/x86_64/gurpmi-4.10.14.1-1.1mdv2008.0.noarch.rpm
8138f2ea044340fcb6de33c9a0d48286 2008.0/x86_64/urpmi-4.10.14.1-1.1mdv2008.0.noarch.rpm
692914cc218bc81b2913c489d1ce4106 2008.0/x86_64/urpmi-ldap-4.10.14.1-1.1mdv2008.0.noarch.rpm
cbae1937720af74fd713476e01912f68 2008.0/x86_64/urpmi-parallel-ka-run-4.10.14.1-1.1mdv2008.0.noarch.rpm
b0fef36a7a37efae56c3943976e16482 2008.0/x86_64/urpmi-parallel-ssh-4.10.14.1-1.1mdv2008.0.noarch.rpm
90f30903d467fbec101a283d46f57d2a 2008.0/x86_64/urpmi-recover-4.10.14.1-1.1mdv2008.0.noarch.rpm
32f10f30cecacbfdf53add6ee5b30fbb 2008.0/SRPMS/urpmi-4.10.14.1-1.1mdv2008.0.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHTteOmqjQ0CJFipgRAg7TAJ4hugztT9MdLU9A8S6yRhKln/1bAQCdGKI9
nQxXdG2x+qoFJHkRcxVmClU=
=SWyR
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdka_2007123__updated_urpmi_package_fixes_handling_of_source_packages_installation.html)