An updated drakxtools package has been released for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Update Advisory
_______________________________________________________________________
Package name: drakxtools
Advisory ID: MDKA-2004:035
Date: August 4th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
The following bugs have been corrected in the provided update packages:
- diskdrake:
o fix Compaq Smart Array support
o misc bug fixes
- drakbackup:
o fix Anthill bugs #927 and #929 (filenames with spaces,
.backupignore, misc GUI issues)
o fix AntHill bugs #1009 and #1010 (DVD recording, disk quota)
o fix .backupignore issue
o typo in "other" routine
- drakboot: fix doble windows on LILO/GRUB error
- drakconnect: misc bug fixes
- draksplash: make it works again...
- drakTermServ: misc fixes
- drakupdate_fstab: add support for floppies
- drakxtv: fix tv modules that weren't loaded on boot
- globetrooter support (a mdk10.0 based product with automatic hw
configuration in harddrake service)
- harddrake GUI: do not automatically configure removable media but
run the proper config tool instead
- harddrake service:
o fix adding a removable medium
o fix misdetection of nvidia nforce ethernet cards (broken since
forcedeth replaced nvnet on 2004-01-21 in MDK10's ldetect-lst)
o fix logs of newly added hardware
o only stop boot progressbar if there a non automatic tool to run
o fix duplicated USB disks (in both disk and unknown categories in GUI)
- XFdrake: fix monitor detection (based on mandrakemove)
Updated libpng package has been released for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: libpng
Advisory ID: MDKSA-2004:079
Date: August 4th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the libpng graphics library, including a remotely exploitable stack-based buffer overrun in the png_handle_tRNS function, dangerous code in png_handle_sBIT, a possible NULL-pointer crash in png_handle_iCCP (which is also duplicated in multiple other locations), a theoretical integer overflow in png_read_png, and integer overflows during progressive reading.
All users are encouraged to upgrade immediately.
An updated OpenOffice package has been released for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: OpenOffice.org
Advisory ID: MDKSA-2004:078
Date: July 29th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
The OpenOffice.org office suite contains an internal libneon library which allows it to connect to WebDAV servers. This internal library is subject to the same vulnerabilities that were fixed in libneon recently. These updated packages contain fixes to libneon to correct the several format string vulnerabilities in it, as well as a heap-based buffer overflow vulnerability.
Updated wv packages are available for Mandrakelinux _______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: wv
Advisory ID: MDKSA-2004:077
Date: July 29th, 2004
Affected versions: 10.0, 9.2
______________________________________________________________________
Problem Description:
iDefense discovered a buffer overflow vulnerability in the wv package which could allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application.
The updated packages are patched to protect against this problem.
Updated sox packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: sox
Advisory ID: MDKSA-2004:076
Date: July 28th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Ulf Harnhammar discovered two buffer overflows in SoX. They occur when the sox or play commands handle malicious .WAV files.
Versions 12.17.4, 12.17.3 and 12.17.2 are vulnerable to these overflows. 12.17.1, 12.17 and 12.16 are some versions that are not.
Updated libneon packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Update Advisory
_______________________________________________________________________
Package name: libneon
Advisory ID: MDKA-2004:033
Date: July 29th, 2004
Affected versions: 10.0, 9.2
______________________________________________________________________
Problem Description:
Compression interface fixes:
- fix issues handling content decoding and request retries from authentication challenges (Justin Erenkrantz)
- fix places where reader callback would receive spurious size=0 calls
- fix to pass user-supplied userdata to user-supplied acceptance callback
The updated packages fix the problems.
Updated postgresql packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: postgresql
Advisory ID: MDKSA-2004:072
Date: July 27th, 2004
Affected versions: Corporate Server 2.1
______________________________________________________________________
Problem Description:
A buffer overflow has been discovered in the ODBC driver of PostgreSQL. It is possible to exploit this problem and crash the surrounding application. Hence, a PHP script using php4-odbc can be utilised to crash the surrounding Apache webserver. Other parts of postgresql are not affected.
The updated packages are patched to correct the problem.
Updated webmin packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: webmin
Advisory ID: MDKSA-2004:074
Date: July 27th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module. (CAN-2004-0582)
The account lockout functionality in Webmin 1.140 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. (CAN-2004-0583)
The updated packages are patched to correct the problem.
Updated xfree86 packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: XFree86
Advisory ID: MDKSA-2004:073
Date: July 27th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
Steve Rumble discovered XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
The updated packages are patched to correct the problem.
Updated Samba packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: samba
Advisory ID: MDKSA-2004:071
Date: July 22nd, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
A vulnerability was discovered in SWAT, the Samba Web Administration Tool. The routine used to decode the base64 data during HTTP basic authentication is subject to a buffer overrun caused by an invalid base64 character. This same code is also used to internally decode the sambaMungedDial attribute value when using the ldapsam passdb backend, and to decode input given to the ntlm_auth tool.
This vulnerability only exists in Samba versions 3.0.2 or later; the 3.0.5 release fixes the vulnerability. Systems using SWAT, the ldapsam passdb backend, and tose running winbindd and allowing third- party applications to issue authentication requests via ntlm_auth tool should upgrade immediately. (CAN-2004-0600)
A buffer overrun has been located in the code used to support the 'mangling method = hash' smb.conf option. Please be aware that the default setting for this parameter is 'mangling method = hash2' and therefore not vulnerable. This bug is present in Samba 3.0.0 and later, as well as Samba 2.2.X (CAN-2004-0686)
This update also fixes a bug where attempting to print in some cases would cause smbd to exit with a signal 11.
A cooker snapshot of the upcoming Mandrakelinux 10.1 has been released.
Download CD 1 Download CD 2 Download CD 3
A press release from Mandrakesoft:
New Mandrakeonline easily updates Mandrakelinux systems
Moreno Valley, CA; Paris, France - July, 15th 2004 - Mandrakesoft today announced the availability of a new update service aimed at helping corporates to keep their systems up-to-date: Mandrakeonline provides a wide range of valuable services for easily taking care of all updates on a range of Mandrakelinux systems, at a low cost.
Updated PHP packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: php
Advisory ID: MDKSA-2004:068
Date: July 14th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Stefan Esser discovered a remotely exploitable vulnerability in PHP where a remote attacker could trigger a memory_limit request termination in places where an interruption is unsafe. This could be used to execute arbitrary code.
As well, Stefan Esser also found a vulnerability in the handling of allowed tags within PHP's strip_tags() function. This could lead to a number of XSS issues on sites that rely on strip_tags(); however, this only seems to affect the Internet Explorer and Safari browsers.
The updated packages have been patched to correct the problem and all users are encouraged to upgrade immediately.
Updated ipsec-tools packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: ipsec-tools
Advisory ID: MDKSA-2004:069
Date: July 14th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
A vulnerability in racoon prior to version 20040408a would allow a remote attacker to cause a DoS (memory consumption) via an ISAKMP packet with a large length field.
Another vulnerability in racoon was discovered where, when using RSA signatures, racoon would validate the X.509 certificate but would not validate the signature. This can be exploited by an attacker sending a valid and trusted X.509 certificate and any private key. Using this, they could perform a man-in-the-middle attack and initiate an unauthorized connection. This has been fixed in ipsec-tools 0.3.3.
The updated packages contain patches backported from 0.3.3 to correct the problem.
Updated freeswan packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: freeswan
Advisory ID: MDKSA-2004:070
Date: July 14th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. As well, another hole exists in the CA checking code that could create an endless loop in certain instances.
Mandrakesoft encourages all users who use FreeS/WAN or super-freeswan to upgrade to the updated packages which are patched to correct these flaws.
Mandrakesoft send a press-release about the new HP441, a new concept of computer which comes pre-loaded with Mandrakelinux:
HP launches a 4 in 1 computer solution with Mandrakelinux
Moreno Valley, CA ; Paris, France ; July 12th, 2004 - HP has introduced the "441" solution, consisting of four keyboard-mouse-screens running on one computer. This economical and innovative concept ships with Mandrakelinux and is specifically targetted for the education market.
Built to meet school needs, the HP 441 desktop solution has a pre-installed Mandrakelinux operating system, productivity applications, educational software, and a custom graphical user interface. Mandrakelinux was choosen for its increased reliability and enhanced security to minimise the maintenance of the computer in the classroom.
Updated ethereal packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: ethereal
Advisory ID: MDKSA-2004:067
Date: July 9th, 2004
Affected versions: 10.0, 9.2
______________________________________________________________________
Problem Description:
Three vulnerabilities were discovered in Ethereal versions prior to 0.10.5 in the iSNS, SMB SID, and SNMP dissectors. It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet into the wire or by convincing someone to read a malformed packet trace file.
These vulnerabilities have been corrected in Ethereal 0.10.5.
A press release from Mandrakesoft:
Moreno Valley, California; Paris, France; July 9th, 2004 - The French Ministry of Equipment's migration to Linux project is replacing 1,500 office and infrastructure Microsoft Windows NT servers with Mandrakelinux Corporate servers. Mandrakesoft, the premier European Linux player, was also chosen for deployment, training and support for its Linux solution.
The French Ministry of Equipment has approximately 100,000 agents, located throughout France, in several services: central administration, local administration, technical services and navigation services. With 160 remote locations, including 102 local administrations, the Ministry's IT infrastructure is composed of more than 60,000 workstations and 2,000 Microsoft Windows NT servers near end of useful life.
A kernel update is available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: kernel
Advisory ID: MDKSA-2004:066
Date: July 6th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
A number of vulnerabilities were discovered in the Linux kernel that are corrected with this update:
Multiple vulnerabilities were found by the Sparse source checker that could allow local users to elevate privileges or gain access to kernel memory (CAN-2004-0495).
Missing Discretionary Access Controls (DAC) checks in the chown(2) system call could allow an attacker with a local account to change the group ownership of arbitrary files, which could lead to root privileges on affected systems (CAN-2004-0497).
An information leak vulnerability that affects only ia64 systems was fixed (CAN-2004-0565).
Insecure permissions on /proc/scsi/qla2300/HbaApiNode could allow a local user to cause a DoS on the system; this only affects Mandrakelinux 9.2 and below (CAN-2004-0587).
A vulnerability that could crash the kernel has also been fixed. This crash, however, can only be exploited via root (in br_if.c).
The provided packages are patched to fix these vulnerabilities. All users are encouraged to upgrade to these updated kernels.
To update your kernel, please follow the directions located at:
http://www.mandrakesoft.com/security/kernelupdate
Updated tripwire packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: tripwire
Advisory ID: MDKSA-2004:057-1
Date: July 6th, 2004
Original Advisory Date: June 7th, 2004
Affected versions: 9.2
______________________________________________________________________
Problem Description:
Paul Herman discovered a format string vulnerability in tripwire that could allow a local user to execute arbitrary code with the rights of the user running tripwire (typically root). This vulnerability only exists when tripwire is generating an email report.
Update:
The packages previously released for Mandrakelinux 9.2 would segfault when doing a check due to compilation problems. The updated packages correct the problem.
