Updated kdegraphics packages are available for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: kdegraphics
Advisory ID: MDKSA-2004:115
Date: October 21st, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as kpdf:
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like kpdf which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
The updated packages are patched to protect against these vulnerabilities.
Updated CUPS packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: cups
Advisory ID: MDKSA-2004:116
Date: October 21st, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code:
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. (CAN-2004-0888)
Also, when CUPS debugging is enabled, device URIs containing username and password end up in error_log. This information is also visible via "ps". (CAN-2004-0923)
The updated packages are patched to protect against these vulnerabilities.
Updated gpdf packages are available for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: gpdf
Advisory ID: MDKSA-2004:114
Date: October 21st, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as gpdf:
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like gpdf which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
The updated packages are patched to protect against these vulnerabilities.
Updated xpdf packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: xpdf
Advisory ID: MDKSA-2004:113
Date: October 21st, 2004
Affected versions: 10.0, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Chris Evans discovered numerous vulnerabilities in the xpdf package:
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. (CAN-2004-0888)
Multiple integer overflow issues affecting xpdf-3.0 only. These can result in DoS or possibly arbitrary code execution. (CAN-2004-0889)
Chris also discovered issues with infinite loop logic error affecting xpdf-3.0 only.
The updated packages are patched to deal with these issues.
Updated squid packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: squid
Advisory ID: MDKSA-2004:112
Date: October 21st, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through the validations performed by the ASN1 parser, leading to the server assuming there is heap corruption or some other exceptional condition, and closing all current connections then restarting.
Squid 2.5.STABLE7 has been released to address this issue; the provided packages are patched to fix the issue.
Updated wxGTK2 packages are available for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: wxGTK2
Advisory ID: MDKSA-2004:111
Date: October 21st, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities:
Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CAN-2004-0803)
Matthias Clasen discovered a division by zero through an integer overflow. (CAN-2004-0804)
Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CAN-2004-0886)
Updated gaim packages are available for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: gaim
Advisory ID: MDKSA-2004:110
Date: October 21st, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
More vulnerabilities have been discovered in the gaim instant messenger client. The vulnerabilities pertinent to version 0.75, which is the version shipped with Mandrakelinux 10.0, are: installing smiley themes could allow remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. There is also a buffer overflow in the way gaim handles receiving very long URLs.
The provided packages have been patched to fix these problems. These issues, amongst others, have been fixed upstream in version 0.82.
OSDir has posted a screenshot slideshow of Mandrakelinux Move
The new Mandrakesoft Move is now available for download
Updated cvs packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: cvs
Advisory ID: MDKSA-2004:108
Date: October 19th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an undocumented switch implemented in CVS' history command. The -X switch specifies the name of the history file which allows an attacker to determine whether arbitrary system files and directories exist and whether or not the CVS process has access to them.
This flaw has been fixed in CVS version 1.1.17.
Updated libtiff packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: libtiff
Advisory ID: MDKSA-2004:109
Date: October 19th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1,
Multi Network Firewall 8.2
______________________________________________________________________
Problem Description:
Several vulnerabilities have been discovered in the libtiff package:
Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CAN-2004-0803)
Matthias Clasen discovered a division by zero through an integer overflow. (CAN-2004-0804)
Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CAN-2004-0886)
Updated Mozilla packages are available for Mandrakelinux 10.0
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: mozilla
Advisory ID: MDKSA-2004:107
Date: October 19th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
A number of vulnerabilities were fixed in mozilla 1.7.3, the following of which have been backported to mozilla packages for Mandrakelinux 10.0:
- "Send page" heap overrun
- javascript clipboard access
- buffer overflow when displaying VCard
- BMP integer overflow
- javascript: link dragging
- Malicious POP3 server III
The details of all of these vulnerabilities are available from the Mozilla website.
The second beta of Mandrakelinux 10.1 for x86-64 has been released
OSDir has posted a screenshot review of Mandrakelinux 10.1 Community
The first beta of Mandrakelinux 10.1 for x86-64 has been released
Updated cyrus-sasl packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: cyrus-sasl
Advisory ID: MDKSA-2004:106
Date: October 7th, 2004
Affected versions: 10.0, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
A vulnerability was discovered in the libsasl library of cyrus-sasl. libsasl honors the SASL_PATH environment variable blindly, which could allow a local user to create a malicious "library" that would get executed with the effective ID of SASL when anything calls libsasl.
The provided packages are patched to protect against this vulnerability.
Updated xine-lib packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: xine-lib
Advisory ID: MDKSA-2004:105
Date: October 6th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
A number of string overflows were discovered in the xine-lib program, some of which can be used for remote buffer overflow exploits that lead to the execution of arbitrary code with the permissions of the user running a xine-lib-based media application. xine-lib versions 1-rc2 through, and including, 1-rc5 are vulnerable to these problems.
As well, a heap overflow was found in the DVD subpicture decoder of xine-lib; this vulnerability is also remotely exploitable. All versions of xine-lib prior to and including 0.5.2 through, and including, 1-rc5 are vulnerable to this problem.
Patches from the xine-lib team have been backported and applied to the program to solve these problems.
A press release from Mandrakesoft:
Moreno Valley, CA; Paris, France; October 6th, 2004 - With the release of Mandrakesoft's new Move, Linux becomes a viable option to millions of first-time Linux users. A « live » Linux system that teams up with a USB key, Move lets beginners get a first taste of Linux and gives advanced users a full Linux system they can take anywhere.
Updated kernel packages are available for Mandrakelinux
_______________________________________________________________________
Mandrakelinux Update Advisory
_______________________________________________________________________
Package name: kernel
Advisory ID: MDKA-2004:040
Date: October 5th, 2004
Affected versions: 10.0
______________________________________________________________________
Problem Description:
New kernels are available for Mandrakelinux 10.0 that fix the following bugs and/or add the following enhancements:
The 2.4 kernel adds prism54 support.
The 2.6 kernel adds atiixp support and ia64 support. It fixes alsa intel8x0 (specifically for nvidia chipsets). It includes the Megaraid newgen 2.20.3.1 (a new driver that replaces the old megaraid), adds pwc fork 0.3 (a new driver), 3w-9xxx (new driver), and updates ide piix/libata (supports ICH6, adds NVIDIA, Promise, Sis, and Vitesse chipset support). Driver updates of Bcm5700, qla, and ieee1394 were also included, as well as xfs fixes.
Updated samba packages are available for Mandrakelinux 9.2 and Corporate Server 2.1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: samba
Advisory ID: MDKSA-2004:104
Date: October 1st, 2004
Affected versions: 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Karol Wiesek discovered a bug in the input validation routines used to convert DOS path names to path names on the Samba host's file system. This bug can be exploited to gain access to files outside of the share's path as defined in the smb.conf configuration file. This vulnerability exists in all samba 2.2.x versions up to and including 2.2.11 and also in samba 3.0.x up to and including 3.0.5.
The updated packages have been patched to correct this issue.
