Download
| Alert*
|
oval:org.secpod.oval:def:300475
A flaw was found in how NTP checked the return value of signature verification. A remote attacker could use this to bypass certificate validation by using a malformed SSL/TLS signature . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301505 Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input . The updated packages have been patched to prevent these issues. oval:org.secpod.oval:def:300537 A vulnerability have been discovered in the load function of the XPM loader for imlib2, which allows attackers to cause a denial of service and possibly execute arbitrary code via a crafted XPM file . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301401 A buffer overflow was found by Russell O"Conner in the libsamplerate library versions prior to 0.1.4 that could possibly lead to the execution of arbitrary code via a specially crafted audio file . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:300570 The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 1.6.3, when SPNEGO is used, allows remote attackers to cause a denial of service via invalid ContextFlags data in the reqFlags field in a negTokenInit token . This update provides the fix for that secur ... oval:org.secpod.oval:def:301555 Stefan Cornelius discovered two buffer overflows in Imlib"s image loaders for PNM and XPM images, which could possibly result in the execution of arbitrary code . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:300595 A vulnerability has been found and corrected in libgadu: libgadu before 1.8.2 allows remote servers to cause a denial of service via a contact description with a large length, which triggers a buffer over-read . This update provides a solution to this vulnerability. oval:org.secpod.oval:def:300852 A vulnerability was discovered and corrected in newt: A heap-based buffer overflow flaw was found in the way newt processes content that is to be displayed in a text dialog box. A local attacker could issue a specially-crafted text dialog box display request , leading to a denial of service or, pot ... oval:org.secpod.oval:def:300974 Security vulnerabilities have been discovered and corrected in gstreamer0.10-plugins-good, might allow remote attackers to execute arbitrary code via a malformed QuickTime media file . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300983 A vulnerability has been found and corrected in xerces-c: Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service via vectors involving nested parentheses and invalid byte values in simply ... oval:org.secpod.oval:def:301604 Alan Rad Pop of Secunia Research discovered the following two vulnerabilities in Evolution: Evolution did not properly validate timezone data when processing iCalendar attachments. If a user disabled the Itip Formatter plugin and viewed a crafted iCalendar attachment, an attacker could cause a denia ... oval:org.secpod.oval:def:300647 Security vulnerabilies have been identified and fixed in jhead. Buffer overflow in the DoCommand function in jhead before 2.84 might allow context-dependent attackers to cause a denial of service . Jhead before 2.84 allows local users to overwrite arbitrary files via a symlink attack on a temporary ... oval:org.secpod.oval:def:301613 Chris Evans of the Google Security Team found a vulnerability in the RC4 processing code in libxslt that did not properly handle corrupted key information. A remote attacker able to make an application linked against libxslt process malicious XML input could cause the application to crash or possibl ... oval:org.secpod.oval:def:300900 A vulnerability was discovered and corrected in graphviz: Stack-based buffer overflow in the push_subg function in parser.y in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service or execute arbitrary code via a DOT file with a large nu ... oval:org.secpod.oval:def:300920 Multiple vulnerabilities has been found and corrected in openafs: The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service via an RX response with a large error-code value that is interpreted as a pointer and ... oval:org.secpod.oval:def:301582 Stefan Cornelius of Secunia Research reported a boundary error when Blender processed RGBE images which could be used to execute arbitrary code with the privileges of the user running Blender if a specially crafted .hdr or .blend file were opened. As well, multiple vulnerabilities involving insecure ... oval:org.secpod.oval:def:301580 Pavel Polischouk found a boundary error in the PartsBatch class in the Pan newsreader when processing .nzb files, which could allow remote attackers to cause a denial of serice or possibly execute arbitrary code via a crafted .nzb file . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301596 A heap-based buffer overflow was found in GNU ed that allowed context-dependent or user-assisted attackers to execute arbitrary code via a long filename . This update provides GNU ed 1.0, which is not vulnerable to this issue. oval:org.secpod.oval:def:301370 An off-by-one error was found in ClamAV versions prior to 0.94.1 that could allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted VBA project file . Other bugs have also been corrected in 0.94.1 which is being provided with this update. oval:org.secpod.oval:def:301380 A heap overflow was found in the CDDB retrieval code of libcdaudio, which could result in the execution of arbitrary code . In addition, the fixes for CVE-2005-0706 were not applied to newer libcdaudio packages as shipped with Mandriva Linux, so the patch to fix that issue has been applied to 2008.1 ... oval:org.secpod.oval:def:301390 Two buffer overflow vulnerabilities were discovered in GNU enscript, which could allow an attacker to execute arbitrary commands via a specially crafted ASCII file, if the file were opened with the -e or --escapes option enabled . The updated packages have been patched to prevent these issues. oval:org.secpod.oval:def:301284 Rob Holland found several programming errors in WordNet which could lead to the execution or arbitrary code when used with untrusted input . Update: The previous patch had a typo that caused incorrect behaviour in WordNet. This update uses an update patch that corrects the issue and also notes the a ... oval:org.secpod.oval:def:300866 A vulnerability has been identified and corrected in php-smarty: The _expand_quoted_text function in libs/Smarty_Compiler.class.php in Smarty 2.6.20 before r2797 allows remote attackers to execute arbitrary PHP code via vectors related to templates and a dollar-sign character, aka php executed in t ... oval:org.secpod.oval:def:301585 A vulnerability was found in how Emacs would import python scripts from the current working directory during the editing of a python file. This could allow a local user to execute arbitrary code via a trojan python file . oval:org.secpod.oval:def:301625 Steve Grubb found that the vcdiff script in Emacs create temporary files insecurely when used with SCCS. A local user could exploit a race condition to create or overwrite files with the privileges of the user invoking the program . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300816 passwdehd script in pam_mount would allow local users to overwrite arbitrary files via a symlink attack on a temporary file. The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300951 A vulnerability has been found and corrected in netpbm: pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service via a crafted image file that triggers an out-of-bounds read . This update fixes this v ... oval:org.secpod.oval:def:300834 A vulnerability has been found and corrected in sympa: sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. NOTE: wwsympa.fcgi was also reported, but the issue occurred in a dead function, so it is not a vulnerability . This update fixes t ... oval:org.secpod.oval:def:300851 A vulnerability have been discovered and corrected in VirtualBox, affecting versions prior to 2.0.6, which allows local users to overwrite arbitrary files via a symlink attack on a /tmp/.vbox-qateam-ipc/lock temporary file . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300743 A security vulnerability has been identified and fixed in login application from shadow-utils, which could allow local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line field in a utmp entry . The updated packages have been patched to ... oval:org.secpod.oval:def:300527 senddoc uses temporary files in a insecure way which enables local attackers to overwrite arbitrary files by using a symlink attack . This update provides fix for that vulnerability. Update: Further this update is a rebuild against xulrunner 1.9.0.6. oval:org.secpod.oval:def:300497 Multiple vulnerabilities was discovered and corrected in silc-toolkit: Multiple format string vulnerabilities in lib/silcclient/client_entry.c in Secure Internet Live Conferencing Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format string ... oval:org.secpod.oval:def:301357 A format string vulnerability was discovered in yelp after version 2.19.90 and before 2.24 that could allow remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command-line or via URI helpers in Firefox, Evolution, or possibly other programs . The updated ... oval:org.secpod.oval:def:301590 A flaw in Amarok prior to 1.4.10 would allow local users to overwrite arbitrary files via a symlink attack on a temporary file that Amarok created with a predictable name . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301269 A symlink vulnerability was found in the javareconf script in R that allows local users to overwrite arbitrary files . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:300456 A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user"s acco ... oval:org.secpod.oval:def:300494 A vulnerability has been found and corrected in mod_auth_mysql: SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input . This update ... oval:org.secpod.oval:def:301620 Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.93 release, including: ClamAV 0.92 allowed local users to overwrite arbitrary files via a symlink attack on temporary files or on .ascii files in sigtool, when utf16-decode is enabled . A heap-based buffer overflow in ClamAV ... oval:org.secpod.oval:def:300657 The daemon in acpid before 1.0.10 allows remote attackers to cause a denial of service by opening a large number of UNIX sockets without closing them, which triggers an infinite loop . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301630 Multiple vulnerabilities were discovered in FreeType"s Printer Font Binary font-file format parser. If a user were to load a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or potentially execute arbitrary code . The updated packages have ... oval:org.secpod.oval:def:301644 An incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access . This issue is corrected with the 0.93.3 release which is being provided. oval:org.secpod.oval:def:301529 Uncontrolled array index in the sdpplin_parse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. The updated packages have been patched to fix this issue. oval:org.secpod.oval:def:301528 A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the applicatio ... oval:org.secpod.oval:def:300684 A vulnerability has been found and corrected in irssi: Off-by-one error in the event_wallops function in fe-common/irc/fe-events.c in irssi 0.8.13 allows remote IRC servers to cause a denial of service via an empty command, which triggers a one-byte buffer under-read and a one-byte buffer underflow ... oval:org.secpod.oval:def:300682 racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service via crafted fragmented packets without a payload, which triggers a NULL pointer dereference . Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009. ... oval:org.secpod.oval:def:301416 An input validation flaw was found in X.org"s Security and Record extensions. A malicious authorized client could exploit the issue to cause a denial of service or possibly execute arbitrary code with root privileges on the X.org server . An input validation flaw was found in X.org"s MIT-SHM extens ... oval:org.secpod.oval:def:301535 A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the applicatio ... oval:org.secpod.oval:def:300693 A vulnerability has been found and corrected in ntp: A buffer overflow flaw was discovered in the ntpd daemon"s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request pa ... oval:org.secpod.oval:def:301308 Several vulnerabilities were discovered in rdesktop, a Remote Desktop Protocol client. An integer underflow vulnerability allowed attackers to cause a denial of service and possibly execute arbitrary code with the privileges of the logged-in user . A buffer overflow vulnerability allowed attackers ... oval:org.secpod.oval:def:301546 Ilja van Sprundel found that ClamAV contained a denial of service vulnerability in how it handled processing JPEG files, due to it not limiting the recursion depth when processing JPEG thumbnails . Other bugs have also been corrected in 0.94.2 which is being provided with this update. oval:org.secpod.oval:def:300478 A vulnerability has been found and corrected in mpg123: Integer signedness error in the store_id3_text function in the ID3v2 code in mpg123 before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an ID3 tag with a negative encoding value. NOTE: some ... oval:org.secpod.oval:def:300952 A vulnerability has been found and corrected in subversion: Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows tha ... oval:org.secpod.oval:def:300727 A vulnerability has been found and corrected in ntp: Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300719 A vulnerability has been found and corrected in ImageMagick, which could lead to integer overflow in the XMakeImage function in magick/xwindow.c, allowing remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow . Th ... oval:org.secpod.oval:def:300618 A vulnerability has been found and corrected in wxgtk: Integer overflow in the wxImage::Create function in src/common/image.cpp in wxWidgets 2.8.10 allows attackers to cause a denial of service and possibly execute arbitrary code via a crafted JPEG file, which triggers a heap-based buffer overflow. ... oval:org.secpod.oval:def:300869 Data length values in metadata Audible Audio media file can lead to an integer overflow enabling remote attackers use it to trigger an heap overflow and enabling the possibility to execute arbitrary code . Failure on checking heap allocation on Audible Audio media files allows remote attackers eit ... oval:org.secpod.oval:def:300649 Multiple integer overflows in the user_info_callback, user_endrow_callback, and gst_pngdec_task functions in GStreamer Good Plug-ins 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow . oval:org.secpod.oval:def:301346 A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the applicatio ... oval:org.secpod.oval:def:301595 An input validation flaw was found in X.org"s MIT-SHM extension. A client connected to the X.org server could read arbitrary server memory, resulting in the disclosure of sensitive data of other users of the X.org server . Multiple integer overflows were found in X.org"s Render extension. A maliciou ... oval:org.secpod.oval:def:301498 A vulnerability in the Speex library was found where it did not properly validate input values read from the Speex files headers. An attacker could create a malicious Speex file that would crash an application or potentially allow the execution of arbitrary code with the privileges of the applicatio ... oval:org.secpod.oval:def:301398 A flaw was found in exiv2 that would cause exiv2, or applictions linked to libexiv2, to crash on image files with certain metadata in the image . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301285 A vulnerability was discovered in ClamAV and corrected with the 0.93.1 release: libclamav/petite.c in ClamAV before 0.93.1 allows remote attackers to cause a denial of service via a crafted Petite file that triggers an out-of-bounds read. Other bugs have also been corrected in 0.93.1 which is being ... oval:org.secpod.oval:def:300669 The glibc packages released with Mandriva Linux 2008 and Mandriva Linux 2008 Spring had the /etc/ld.so.conf file using relative paths to include other config files at /etc/ld.so.conf.d, breaking usage of ldconfig -r, for example when you have chroot environments. This update fixes ld.so.conf to use ... oval:org.secpod.oval:def:301635 kdesdk packages in Mandriva Linux 2008 and 2008 Spring had packaging bugs which led to the subversion ioslave to not build and thus not be provided. The updated packages fixed the bugs and provide the subversion access ioslave. oval:org.secpod.oval:def:300675 This update upgrades the php-ssh2 package to version 0.11.0 to address intermittent segfaults . oval:org.secpod.oval:def:301523 This update corrects a problem where an incorrect path was being used to execute xdm scripts. oval:org.secpod.oval:def:301409 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301408 Automatic mirror geolocation in drakxtools-backend in Mandriva Linux 2008.1 would fail for some locales, because it uses backward compatibility timezone names for which there were no zone.tab entries in timezone , this makes software like urpmi to not select optimal mirrors in its automatic media/mi ... oval:org.secpod.oval:def:301649 In certain rare circumstances, any area of an NTFS volume, excluding the NTFS boot sector, could get corrupted. The chances for this to happen are greater when the disk is close to full utilization and when using one of the more uncommon, less than 4096 byte cluster sizes. The updated packages corre ... oval:org.secpod.oval:def:301415 A bug was found in the gdb package that prevented the build of the gdbserver binary and its manpage. Updated packages are being provided to fix the issue. oval:org.secpod.oval:def:301536 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301548 kdesdk packages in Mandriva Linux 2008 and 2008 Spring had packaging bugs which led to the subversion ioslave to not build and thus not be provided. The updated packages fixed the bugs and provide the subversion access ioslave. Update: The previous kdesdk update placed subversion-related files in su ... oval:org.secpod.oval:def:301327 This update fixes a crash that some users saw, which resulted in either a segfault or a strange perl error . oval:org.secpod.oval:def:300485 This stable update fixes a bug in depmod which may cause the corruption of the modules.dep file when triggered oval:org.secpod.oval:def:301452 The nfs server initscript in Mandriva Linux 2008 and 2008 Spring releases lacked support for NFS quota, preventing quota information to be available on user side. The updated packages fix this issue. oval:org.secpod.oval:def:301217 This update fixes several issues with clamav: - update unexpectely changes location of clamd socket - clamav-milter was not built - Clamav-milter wanted to remove postfix - Scanning mail with clamav leaves a big temporary folder - Build fails if invoked with --with milter, in a configure stage ... oval:org.secpod.oval:def:300481 Internet Systems Consortium BIND 9.6.0 and earlier does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulnerability to CVE-2008-5077 and CVE-2009 ... oval:org.secpod.oval:def:300943 Acroread would not react to keyboard input. This update also fixes non working Flash browser plugin using this wrapper in 64bits architecture. oval:org.secpod.oval:def:300605 The tommath library will be needed for future clamav updates. oval:org.secpod.oval:def:300718 The dos2unix command removes the last line of a file if no newline character follow. This package fixes the issue. Update: This update now provides corrected packages for Mandriva Linux 2008.x and Corporate Server 4.0. oval:org.secpod.oval:def:300732 This update fixes several issues with clamav: - update unexpectely changes location of clamd socket - clamav-milter was not built - Clamav-milter wanted to remove postfix - Scanning mail with clamav leaves a big temporary folder - Build fails if invoked with --with milter, in a configure stage ... oval:org.secpod.oval:def:301353 Some commercial Windows programs did not run under previous builds of Wine, producing an error message notifying the user that a debugger has been detected. This update corrects the issue. oval:org.secpod.oval:def:301474 The LIRC packages included with Mandriva Linux 2008 and Mandriva Linux 2008 Spring did not include the "commandir" module, which is necessary to properly support CommandIR remote controls. These updated packages do include the module. oval:org.secpod.oval:def:301471 The symlinks program did not work on files larger than 2GB, reporting the error Value too large for defined data type. This update fixes this issue in addition to an error where symlinks converted from absolute to relative paths were not shortened . oval:org.secpod.oval:def:301248 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301263 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301394 A bug in the rsh package prevented it from having the alternatives symlinks created if installed via auto_inst.cfg.pl. This update corrects the issue. oval:org.secpod.oval:def:301286 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain the new Daylight Savings Time information for 2008 and later for certain time zones. These updated packages contain the new information. oval:org.secpod.oval:def:301296 A flaw in the locales packages could make the spell checker in OpenOffice.org and other programs to not work as intended . This was a side-effect of the locales packges not updating the _install_langs rpm macro on the system with provided locale variants for some cases. This update also contains add ... oval:org.secpod.oval:def:301501 Under certain conditions, imwheel would enter an infinite loop and force the X server to consume a lot of CPU time, rendering the system unusable. This update fixes the issue. oval:org.secpod.oval:def:301621 ksplash-engine-moodin has some background caching routines for simulating the transparency and the fade-in effect of the loading steps. When the session loading happens too fast, the first steps don"t have enough time to finish the caching before the later steps start to happen, showing some images ... oval:org.secpod.oval:def:301628 This update fixes a few minor issues with draksound: - it greys PulseAudio options in the GUI if PulseAudio is disabled - it disables PulseAudio routing when PulseAudio is disabled oval:org.secpod.oval:def:301633 This update fixes several minor issues in rpmdrake: - it prevents crashing if the RPM database is locked when trying to install some packages - it fixes a crash when the default view is unknown - it enables searching also with the numeric pad"s Enter key - it makes rpmdrake not list backports as ... oval:org.secpod.oval:def:301631 A bug in cairo library could incorrectly position text when printing PDF files with evince . This update to latest stable version of cairo fixes this issue, as well as removing incorrect dependency on standard C++ library and includes stability fixes for usage with old X servers. oval:org.secpod.oval:def:300783 Mandriva system library was not handling configuration files that had "#" character inside parameters correctly. This update fixes the issue. oval:org.secpod.oval:def:301518 This update provides an X.org ATI video driver that fixes VGA output on RS300/350/400/480 integrated Radeon chipsets. oval:org.secpod.oval:def:301637 This update fixes several minor issues with rpmdrake, including preventing a rare crash when canceling and fixing a crash when selecting all packages. It also corrects another rare crash when installing packges with strange non-standard names, packages not provided by Mandriva. Finally, it also make ... oval:org.secpod.oval:def:301514 This drakxtools update contains file leaks and automatic disk discovery fixes. The network driver detection used to leak file descriptors, meaning that network applications like the wireless tool or the network center stopped working after extended use. The automatic disk discovery tool did not corr ... oval:org.secpod.oval:def:301634 This update adds support for ATM bridging in the network configuration tools and backend. It is mostly used for ADSL pppoe connections with USB modems . oval:org.secpod.oval:def:300552 Mandriva Security team has identified and fixed a vulnerability in initscripts which could lead to partial wireless password disclosure for WPA/WPA2 passwords of certain length which contained spaces. This update fixes the vulnerability. oval:org.secpod.oval:def:301520 Previous Rhythmbox packages would crash with a formatted, but not yet initialized, iPod. This update prevents the crash. oval:org.secpod.oval:def:301641 This update fixes errors in be-latin1, be2-latin1, ro-comma, ro-academic, and gr-utf8 keymaps, shipped on Mandriva Linux 2008 Spring and Mandriva Linux 2009. oval:org.secpod.oval:def:301640 The network applet would crash when the mandi monitoring daemon was restarted. This updated drakx-net package corrects the issue. oval:org.secpod.oval:def:301647 It is mandatory to use UTF-8 encoding in communication on newer cups versions. It prevents hplip from working properly in non-UTF-8 environments. The updated packages fix this issue. oval:org.secpod.oval:def:301412 The udev rules for network interfaces used to write persistent settings for hso devices in /etc/udev/rules.d/61-net_config.rules, which is wrong since their MAC address is random . The udev rules for automatic driver loading used to load video drivers during the dkms service start, which could break ... oval:org.secpod.oval:def:301654 An updated x11-driver-video-mga package is available that corrects a problem where an earlier version was used to update the mga driver version 1.47, instead of the proper 1.4.8 version. oval:org.secpod.oval:def:301411 The dkms-minimal package in Mandriva Linux 2008 Spring did not require lsb-release. If lsb-release was not installed, the dkms modules were installed in the standard location, instead of the intended /dkms or /dkms-binary. This update fixes that issue. Due to another bug, dkms would consider older i ... oval:org.secpod.oval:def:301653 The virtual package x11-driver-video would incorrectly require sparc specific video drivers on a x86 architecture computer. The updated package fixes the issue. oval:org.secpod.oval:def:301410 This update of the drakx-net and initscripts packages improves wireless strength detection and fixes connection with rt61 devices . Such connections used to fail when the wpa_supplicant daemon was used. This update makes the network tools force a reassociation when the rt61pci driver is used. oval:org.secpod.oval:def:301419 A missing initialization was preventing correct text rendering in the GTK2 file selector, when using non-UTF8 locales. This updated package fixes this issue, as well as memory leaks and also includes new translations from the GNOME 2.22.2 release. oval:org.secpod.oval:def:301418 This initscripts update provides fixes for ppp connections, fixes for automatic configuration of ethernet interfaces, and support for 3G devices using the hso driver. The ppp connections can now cohabit with ethernet connections with their own routes, and the PIN code is automatically set up if conf ... oval:org.secpod.oval:def:300447 Mandriva Linux 2008.1 is installed oval:org.secpod.oval:def:301545 The clock applet in GNOME could crash when using some specific locations or when using updated timezone data. The Recent Documents menu was not always able to start the right application for a specific document. Updated packages for gnome-panel, libgweather, and gnome-applets fix these issues and in ... oval:org.secpod.oval:def:301423 This update fixes several issues in draksnapshot: The draksnapshot applet received the following fixes: - on desktop startup, it will wait for 30s before checking for available disc so that notification is positioned at the right place, on the applet icon - it prevents crashing if DBus is not reacha ... oval:org.secpod.oval:def:300453 A vulnerability has been found and corrected in neon: neon before 0.28.6, when OpenSSL is used, does not properly handle a "\0" character in a domain name in the subject"s Common Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafte ... oval:org.secpod.oval:def:301421 This update fixes several minor issues in rpmdrake: - it fixes a crash due to bad timing with the X server - it fix empty per importance lists of updates in rpmdrake - it makes rpmdrake only warn once per session when media XML metadata are newer than synthesis: in that case rpmdrake complained ... oval:org.secpod.oval:def:301542 The freeradius package included in Mandriva Linux 2008.1 had hardcoded the use of the "-y" option in its initscript, which is no longer a valid option in the new major version of 2.0. As a result, the initscript was unable to launch the service correctly. As well, a file name error in the EAP module ... oval:org.secpod.oval:def:301541 The silc libraries for Mandriva Linux 2008.1 contained an obsolete patch for a bug that was already fixed, preventing the libraries from connecting to the silc network. This update removes the obsolete patch, restoring correct functionality of the libraries. oval:org.secpod.oval:def:301307 Beagle provides extensions for both Mozilla Firefox and Mozilla Thunderbird, that depend on the exact version of these programs. Rebuilding these packages did not occur with the lastest Mozilla Firefox and Mozilla Thunderbird security advisories, so these packages are being provided rebuilt against ... oval:org.secpod.oval:def:301306 The updated mdkonline package improves the upgrade process to Mandriva Linux 2009.0 and includes many other bugfixes and enhancements. oval:org.secpod.oval:def:301547 Beagle was looking for the static indexes generated by beagle-crawl-system in the wrong directory. This update corrects the problem. oval:org.secpod.oval:def:301314 Alfredo Ortega found a flaw in how Vinagre uses format strings. A remote attacker could exploit this vulnerability if they were able to trick a user into connecting to a malicious VNC server, or opening a specially crafted URI with Vinagre. With older versions of Vinagre, it was possible to execute ... oval:org.secpod.oval:def:301435 A regression was introduced in the Mandriva Linux GNOME package while fixing CD-ROM drives ejecting when using the hardware button when the CD-ROM drive was present in the system fstab. This regression caused an error popup to appear when using the eject hardware button on CD-ROM drives not present ... oval:org.secpod.oval:def:301553 The last line in notification bubbles created by programs like gnome-power-manager was truncated. This update makes those notifications readable. oval:org.secpod.oval:def:301318 Mandriva Linux 2008.1 introduced an improved Finnish default keyboard layout called Kotoistus. This layout adds altgr-space as a key combination for non-breaking space. However, that key combination can be easily hit accidentally when a normal space was intended instead, especially after typing the ... oval:org.secpod.oval:def:301559 A Xvnc server running in 16 bpp depth would crash when a client with 16 bpp depth connected. Also, keyboard behaviour was incorrect when the X server was run with Xkb extension disabled. This update fixes both issues. oval:org.secpod.oval:def:301316 Amazon.com has removed support for the cover image fetching API used in rhythmbox. This updates to the new API to make cover image support work again. oval:org.secpod.oval:def:301437 This x11-sever update disables offscreen pixmaps by default as they were causing drawing issues with Firefox 3 and other applications. To re-enable this option, use "Option XaaOffscreenPixmaps on" in xorg.conf. oval:org.secpod.oval:def:300469 Protocol changes on the ICQ servers made pidgin incompatible. This update upgrades pidgin to version 2.5.5 which will take care of this problem. oval:org.secpod.oval:def:301324 mandriva-release for Mandriva 2008 Spring should contain a product_branch set to Official, and not devel, otherwise it could lead to an error with the new mdkonline. The updated package fixes it. oval:org.secpod.oval:def:301202 A regression was found with the self signed certificate signatures checking after applying the fix for CVE-2009-2409. An upstream patch has been applied to address this issue. oval:org.secpod.oval:def:301200 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301321 Gnome-settings-daemon was not respecting correctly user settings when disabling the background completely. This bug has been sfixed, improvement have been made in the time needed to display background when nautilus is used by the system, additional bugfixes and translations have been integrated in t ... oval:org.secpod.oval:def:301561 This update provides a new upstream version of OpenOffice.org - 2.4.1.10. It also corrects the following bugs: Under 2.4 versions of OpenOffice.org, the Orientation option was removed from printer properties which prevented users from printing on a booklet format in a way they were used to do. This ... oval:org.secpod.oval:def:300591 Additional official patches have been released for db 4.6 after Mandriva release. They fix the following issues: - There was the possibility that the wrong number of mutexes would be allocated. This issue could cause applications with multiple cache regions to see undefined behavior in rare cases un ... oval:org.secpod.oval:def:301456 These updated packages add support for notification of new distribution releases and allow users to easily upgrade Mandriva Linux 2008.1 to future Mandriva Linux releases online. To disable new distribution release notification on a system-wide basis, change the DO_NOT_ASK_FOR_DISTRO_UPGRADE to "tru ... oval:org.secpod.oval:def:301333 Audacity as shipped with Mandriva Linux 2008.1 was built with the libresample sample rate conversion library, but the resampling feature did not work. This updated package switches to using libsamplerate for sample rate conversion. oval:org.secpod.oval:def:301451 This is an updated mandriva-kde-config package containing the new artwork for the next Mandriva Flash. oval:org.secpod.oval:def:301450 A typo in the Darklooks GTK theme definition file made this theme unusable. This update fixes it. oval:org.secpod.oval:def:300837 This update fixes several issues regarding the live upgrade to a more recent distribution, notably: - new distributions are now only presented after all updates were applied. - if current distribution is no more supported, we will about it and offer to upgrade to a newer release It also fix a couple ... oval:org.secpod.oval:def:300728 A security vulnerability has been identified and fixed in libsamplerate: Lev Givon discovered a buffer overflow in libsamplerate that could lead to a segfault with specially crafted python code. This problem has been fixed with libsamplerate-0.1.7 but older versions are affected. This update provide ... oval:org.secpod.oval:def:300848 This update prevents unwanted dependency with gpilotd . oval:org.secpod.oval:def:300608 Parental control application available in Mandriva Linux was not detecting the previously configured parental control level correctly. This update fixes this issue. oval:org.secpod.oval:def:300620 This bugfix release makes it possible to pass additional options to the freshclam utility and the clamd server by utilizing the /etc/sysconfig/freshclam and /etc/sysconfig/clamd files while starting the services. The clamav packages has also been upgraded to the latest version 0.95.2 that also has a ... oval:org.secpod.oval:def:300741 This update provides the kernel modules which were not distributed with the last kernel update. oval:org.secpod.oval:def:300868 This bugfix release makes it possible to pass additional options to the ntpdate utility and for the releases lacking it the ntpd server by utilizing the /etc/sysconfig/ntpd file while starting the ntp service. oval:org.secpod.oval:def:301607 The iproute2 package released with mandriva 2008.1 had a problem which prevented its usage with kernels of versions 2.6.21 and older, notably the Xen kernel . This update fixes the issue. oval:org.secpod.oval:def:300638 The CVE-2009-1195 patch broke the mod_perl build. Patches from upstream svn has been applied to this update that fixes the issue. oval:org.secpod.oval:def:301603 The bootsplash text messages were not correctly appearing at startup . The /dev/fb0 device was missing in early boot and bootsplash initialization was complaining about it . The shutdown process of network services could be troublesome, because resolvconf would be stopped too early. The updated pack ... oval:org.secpod.oval:def:300634 A stack-based buffer overflow was found in the zsh command interpreter. An attacker could use this flaw to cause a denial of service , when providing a specially-crafted string as input to the zsh shell . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300761 The SDL12 package shipped in 2008.1 and 2009.0 have a bug which will cause segment fault error on some games such as ri-li. oval:org.secpod.oval:def:301618 Updated Mesa packages are available that correct a problem of reversed logic in Mesa 7.0.3rc2 on Intel i965 cards. oval:org.secpod.oval:def:301609 Beagle"s Mozilla Thunderbird extension was not built for the correct version of Mozilla Thunderbird. This update builds it against the correct version so the extension is made available in Mozilla Thunderbird. oval:org.secpod.oval:def:301199 FUSE default setup was requiring non privileged users to be added manually to fuse group to be able to use fuse feature and this feature was not available immediatly after fuse package installation. This package updates ensure fuse is now immediatly available after package installation and for all u ... oval:org.secpod.oval:def:300903 This update addresses minor issues with eclipse. eclipse can not be installed after firefox3 installation oval:org.secpod.oval:def:301345 The package included with Mandriva Linux 2008 Spring for swi-prolog could not be installed due to an incorrect dependency. This updated package removes the incorrect dependency and can be installed as normal. oval:org.secpod.oval:def:301466 openoffice.org-voikko provides Finnish spellchecker and hyphenator component for OpenOffice.org. The package is being updated for the new OpenOffice.org version. oval:org.secpod.oval:def:301344 The graphviz package shipped in Mandriva Linux 2008.1 has a bug in its builtin ps renderer: included images are displayed as blank area. An upstream patch fixes the issue. oval:org.secpod.oval:def:301221 Updated timezone packages are being provided for older Mandriva Linux systems that do not contain new Daylight Savings Time information and Time Zone information for some locations. These updated packages contain the new information. oval:org.secpod.oval:def:301342 This update corrects two issues with the evdev driver Xorg. The first is that button events were not generated for mice with more than seven buttons ; the second is that the pointer did not cross screens using the evdev driver. This update corrects both issues. oval:org.secpod.oval:def:301462 This update of the ppp package introduces a new multipledefaultroutes option, which allows pppd to add a default route even if one already exists. This allows ppp and ethernet connections to cohabit smoothly. oval:org.secpod.oval:def:301340 Display session in Krandr-config window could hang the X server. This update fixes that bug. oval:org.secpod.oval:def:301479 This drakxtools and drakconf update provides fixes for the harddrake auto-configuration tool and for the live system installer. It also allows mounting ntfs-3g partitions from diskdrake. Finally, it detects the USB cellular devices controlled by the hso driver. oval:org.secpod.oval:def:301597 Gnome-session was not migrating files from the old GNOME trash system to its new location at login, preventing old trash management with Nautilus. This package fixes the issue and provides new translations from GNOME 2.22.2. oval:org.secpod.oval:def:301473 This update ensures that the distribution upgrade notification is not detected in incorrect cases, and ensures that a distribution upgrade is only suggested after all security updates have been applied. It also improves the distribution upgrade confirmation dialog and reliability of network package ... oval:org.secpod.oval:def:301472 The clock applet in GNOME could crash when using some specific locations or when using updated timezone data. The Recent Documents menu was not always able to start the right application for a specific document. Update: The previous gnome-applets package on x86_64 was improperly built and included a ... oval:org.secpod.oval:def:301593 Display session in Kdesktop preference window would hang the X server. This update fixes this bug. oval:org.secpod.oval:def:301359 An updated blt package is provided that fixes two issues. The first is that the package contains two symlinks named /usr/bin/bltsh and /usr/bin/bltwish that were intended to make it easier to launch these two utilities. However, they were linked to files that did not exist, and consequently did not ... oval:org.secpod.oval:def:301591 An updated x11-driver-video-mga package is available that corrects a problem where an earlier version was used to update the mga driver version 1.47, instead of the proper 1.4.8 version. oval:org.secpod.oval:def:301369 This update fixes several minor issues in drakxtools: - it fixes management of XEN kernels in bootloader-config, when adding a new kernel, a xen entry should not replace an existing "linux" - it fixes a crash in rpmdrake when description begins by Gtk2::.. It also really enable draksnapashot to us ... oval:org.secpod.oval:def:301247 Evince was not properly handling multi-page TIFF files and was crashing under specific conditions when requesting printing. This package update fixes those issues and includes additional translations from the GNOME 2.22.2 release. oval:org.secpod.oval:def:301367 Keject would not raise an error when trying to eject USB devices. Kdesktop was using too much CPU every minute and wasting power. This update fixes these bugs. oval:org.secpod.oval:def:301487 This update ensures distribution upgrade notification is not detected in incorrect cases and the distribution upgrade confirmation dialog is not displayed after security updates are applied. oval:org.secpod.oval:def:301244 This update fixes a few issues in draksnapshot. It prevents the applet from crashing if DBUS is not accessible . The applet will also now ignore the root disc, if it"s USB. The configurator will now prevent to recursively backup the backup directory . Last but not least, it will default to /media in ... oval:org.secpod.oval:def:301241 A protocol change at the ICQ servers made it impossible to connect with Pidgin. This update adapts Pidgin to the new protocol version. oval:org.secpod.oval:def:301360 This mkinitrd update fixes issues with systems using dmraid. It makes sure that the modules for the disk controllers used by a dmraid array are included in the initrd. oval:org.secpod.oval:def:301259 Automatic mirror geolocation in drakxtools-backend in Mandriva Linux 2008.1 would fail for some locales, because it uses backward compatibility timezone names for which there were no zone.tab entries in timezone , this makes software like urpmi to not select optimal mirrors in its automatic media/mi ... oval:org.secpod.oval:def:301257 The cracklib library package was incorrectly providing the development package, which was preventing the compilation of anything relying on cracklib-devel. This update fixes the incorrect Provides. It also corrects an issue when /usr is a separate partition the fails to mount at start, logging in is ... oval:org.secpod.oval:def:301499 This update fixes several minor issues with draksnapshot, such as backups not being completed due to bad permissions. A number of fixes were done to the applet as well, including notifications showing as information instead of warnings. Draksnapshot now no longer auto-disables after configuring, and ... oval:org.secpod.oval:def:301497 This drakx-net update provides new features for cellular connections and fixes . It adds support for more cellular devices , and makes the network center easier to use with cellular devices. It detects better the wireless signal strength for some drivers, and handles better the switch to a roaming d ... oval:org.secpod.oval:def:301388 This update changes konqueror"s default search-engine to ask.com, and adds Exalead.com to the search-engine list. oval:org.secpod.oval:def:301266 The vpnc package that shipped with Mandriva Linux 2008.1 was missing the cisco-decrypt binary, which is used for converting Cisco VPN client profile files encrypted passwords. As a result, any call to pcf2vpnc failed due to the missing binary. This update provides the missing binary. oval:org.secpod.oval:def:301261 Some thesaurus files of some languages were not properly working witn Mandriva Linux 2008.1. The thesaurus would not bring out the meaning and synonym for any searched word for the following languages: American English, Spanish, French, German, Polish, Czeck, Slovakian, and Hungarian. This release u ... oval:org.secpod.oval:def:301260 The bash-completion package shipped in Mandriva Linux 2008 Spring had a problem with scp remote host completion, as reported in bug #42063. The updated package fixes the issue. oval:org.secpod.oval:def:301397 Several feature bugfixes and stability fixes from GNOME 2.22.3 are provided by this package update, as well as translation updates. oval:org.secpod.oval:def:301271 A bug with drakbt caused it to crash when selecting private torrents. This update corrects the problem. oval:org.secpod.oval:def:301287 This package adds quirks to fix suspend/resume on Airis Kira, Asus EEE PC. It also ensure fake CDROM on Option/Huawei 3G keys are ignored, and fix Delete key not working properly on Acer Extensa 5220. oval:org.secpod.oval:def:301283 The video player totem was associated as an autostart application for audio CDs, but the totem version in Mandriva Linux 2008.1 did not support CD playback anymore. This update removes totem from the list of default applications. oval:org.secpod.oval:def:301282 On certain circumstances, specially when using Wine, keys would get stuck, and stay so, even after quitting the application, requiring the user to restart Xorg. The updated packages fix this issue. oval:org.secpod.oval:def:301298 openoffice.org-voikko provides Finnish spellchecker and hyphenator component for OpenOffice.org. The package is being updated for the new OpenOffice.org version. Update: Due to a build error, the previous update for i586 architecture was built against the old OpenOffice.org. This update fixes that. oval:org.secpod.oval:def:301294 The pulseaudio package shipped with Mandriva 2008 Spring does not remember a default device setting across sessions. If a user were to use pavucontrol to select an alternate default device, it will only work for that session. Logging out then back in again will revert back to the system default. A s ... oval:org.secpod.oval:def:301638 A vulnerability in the rcp protocol was discovered that allows a server to instruct a client to write arbitrary files outside of the current directory, which could potentially be a security concern if a user used rcp to copy files from a malicious server . This issue was originally corrected in MDKS ... oval:org.secpod.oval:def:301482 The rmtree function in lib/File/Path.pm in Perl 5.10 does not properly check permissions before performing a chmod, which allows local users to modify the permissions of arbitrary files via a symlink attack. The updated packages have been patched to fix this. oval:org.secpod.oval:def:300818 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current X-Chat working directory . This update provides fix fo ... oval:org.secpod.oval:def:300975 Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a crafted WMF file . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300660 mod/server.mod/servmsg.c in Eggheads Eggdrop and Windrop 1.6.19 and earlier allows remote attackers to cause a denial of service via a crafted PRIVMSG that causes an empty string to trigger a negative string length copy. NOTE: this issue exists because of an incorrect fix for CVE-2007-2807 . oval:org.secpod.oval:def:300810 preprocessors/spp_frag3.c in Sourcefire Snort before 2.8.1 does not properly identify packet fragments that have dissimilar TTL values, which allows remote attackers to bypass detection rules by using a different TTL for each fragment. The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301469 A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301478 A vulnerability was found in the Lynxcgi: URI handler that could allow an attacker to create a web page redirecting to a malicious URL that would execute arbitrary code as the user running Lynx, if they were using the non-default Advanced user mode . This update corrects these issues and, in additio ... oval:org.secpod.oval:def:300714 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Blender working directory . This update provides fix f ... oval:org.secpod.oval:def:300991 A vulnerability has been identified and corrected in valgrind: Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. N ... oval:org.secpod.oval:def:300790 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current dia working directory . This update provides fix for t ... oval:org.secpod.oval:def:300510 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current eog working directory . This update provides fix for t ... oval:org.secpod.oval:def:300827 A vulnerability has been discovered in Avahi before 0.6.24, which allows remote attackers to cause a denial of service via a crafted mDNS packet with a source port of 0 . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300737 A security vulnerability has been identified and fixed in avahi which could allow remote attackers to cause a denial of service via a crafted legacy unicast mDNS query packet . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300882 A vulnerability has been found and corrected in python-django: The Admin media handler in core/servers/basehttp.py in Django 1.0 and 0.96 does not properly map URL requests to expected static media files, which allows remote attackers to conduct directory traversal attacks and read arbitrary files v ... oval:org.secpod.oval:def:300798 Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. This problem allows any client to perform a denial of service attack on the Squid service . The updated packages have been patched to adress this. oval:org.secpod.oval:def:301320 Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim . Ulf Härnhammar of Secunia Resear ... oval:org.secpod.oval:def:301449 A vulnerability in Postfix 2.4 and later was discovered, when running on Linux kernel 2.6, where a local user could cause a denial of service due to Postfix leaking the epoll file descriptor when executing non-Postfix commands . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300738 ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificate. This update corrects the problem, including for ... oval:org.secpod.oval:def:300978 Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of servi ... oval:org.secpod.oval:def:300768 Multiple vulnerabilities has been found and corrected in squid: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses . Due to incorrect data validation Squid is vulnerable to a denial of serv ... oval:org.secpod.oval:def:300526 Some vulnerabilities were discovered and corrected in perl-MDK-Common: The functions used to write strings into shell like configuration files by Mandriva tools were not taking care of some special characters. This could lead to some bugs , and privilege escalation. This update fixes that issue by e ... oval:org.secpod.oval:def:301484 Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim . Ulf Härnhammar of Secunia Resear ... oval:org.secpod.oval:def:300480 A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301601 Marc Schoenefeld of the Red Hat Security Response Team discovered a vulnerability in the hplip alert-mailing functionality that could allow a local attacker to elevate their privileges by using specially-crafted packets to trigger alert mails that are sent by the root account . Another vulnerability ... oval:org.secpod.oval:def:301463 Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user"s credential cache . The updated packages have bee ... oval:org.secpod.oval:def:301470 Joe Nall reported a stack-based buffer overflow in Audit"s log handling that could allow remote attackers to execute arbitrary code via a long command argument . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301275 A vulnerability was found in the OCSP search functionality in stunnel that could allow a remote attacker to use a revoked certificate that would be successfully authenticated by stunnel . This flaw only concerns users who have enabled OCSP validation in stunnel. The updated packages have been patche ... oval:org.secpod.oval:def:301302 A cross-site request forgery vulnerability was discovered in Django that, if exploited, could be used to perform unrequested deletion or modification of data. Updated versions of Django will now discard posts from users whose sessions have expired, so data will need to be re-entered in these cases. ... oval:org.secpod.oval:def:300551 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory . This update provides fix ... oval:org.secpod.oval:def:300865 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Epiphany working directory . This update provides fix ... oval:org.secpod.oval:def:300579 A vulnerability has been found and corrected in wget: GNU Wget before 1.12 does not properly handle a '' (NUL) character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued ... oval:org.secpod.oval:def:301461 Tavis Ormandy of the Google Security Team discovered a flaw in how libpng handles zero-length unknown chunks in PNG files, which could lead to memory corruption in applications that make use of certain functions . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300901 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current gedit working directory . This update provides fix for ... oval:org.secpod.oval:def:301629 A vulnerability was found in start_kdeinit in KDE 3.5.5 through 3.5.9 where, if it was installed setuid root, it could allow local users to cause a denial of service or possibly execute arbitrary code . By default, start_kdeinit is not installed setuid root on Mandriva Linux, however updated package ... oval:org.secpod.oval:def:300672 A vulnerability has been found and corrected in ISC DHCP: ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP ... oval:org.secpod.oval:def:300989 A vulnerability has been found and corrected in ISC DHCP: Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Bu ... oval:org.secpod.oval:def:300628 A vulnerability has been found and corrected in ISC BIND: The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service via an ANY record in th ... oval:org.secpod.oval:def:301563 Chaskiel M Grundman found that OpenSC would initialize smart cards with the Siemens CardOS M4 card operating system without proper access rights. This allowed everyone to change the card"s PIN without first having the PIN or PUK, or the superuser"s PIN or PUK . Please note that this issue can not be ... oval:org.secpod.oval:def:300766 A vulnerability has been found and corrected in fetchmail: socket.c in fetchmail before 6.3.11 does not properly handle a "\0" character in a domain name in the subject"s Common Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted ... oval:org.secpod.oval:def:300524 OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a low level APDU command or debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program. The updated packages fix th ... oval:org.secpod.oval:def:300547 PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests . This upda ... oval:org.secpod.oval:def:301292 Will Drewry of the Google Security Team reported several vulnerabilities in how libvorbis processed audio data. An attacker could create a carefuly crafted OGG audio file in such a way that it would cause an application linked to libvorbis to crash or possibly execute arbitray code when opened . The ... oval:org.secpod.oval:def:300755 Multiple vulnerabilities has been found and corrected in libsndfile: Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service and possibly execute arbitrary code ... oval:org.secpod.oval:def:300525 Crafted data - channels per frame value - in CAF files enables remote attackers to execute arbitrary code or denial of service via a possible integer overflow, leading to a possible heap overflow . This update provides fix for that vulnerability. oval:org.secpod.oval:def:301571 Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including: A vulnerability in ClamAV"s chm-parser allowed remote attackers to cause a denial of service via a malformed CHM file . A vulnerability in libclamav would allow attackers to cause a denial of service ... oval:org.secpod.oval:def:301378 Multiple vulnerabilities were discovered in ClamAV and corrected with the 0.94 release, including: A vulnerability in ClamAV"s chm-parser allowed remote attackers to cause a denial of service via a malformed CHM file . A vulnerability in libclamav would allow attackers to cause a denial of service ... oval:org.secpod.oval:def:301218 Multiple vulnerabilities has been found and corrected in clamav: Unspecified vulnerability in ClamAV before 0.95 allows remote attackers to bypass detection of malware via a modified RAR archive . libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service via a crafte ... oval:org.secpod.oval:def:301427 CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the query string. The updated packages have been patched to fix the issue. oval:org.secpod.oval:def:300749 Multiple vulnerabilities has been found and corrected in mono: Multiple cross-site scripting vulnerabilities in the ASP.net class libraries in Mono 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via crafted attributes related to HtmlControl.cs , HtmlForm.cs , HtmlI ... oval:org.secpod.oval:def:301443 A denial of service condition was found in Ruby"s regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash . A number of flaws were found in Ruby that could allow an attacker to create a care ... oval:org.secpod.oval:def:301509 Drew Yaro of the Apple Product Security Team reported multiple uses of uninitialized values in libtiff"s LZW compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application linked to libtiff to crash or potentially execute arbitrary c ... oval:org.secpod.oval:def:301432 A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301569 Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execu ... oval:org.secpod.oval:def:301447 A vulnerability in OpenSSH 4.4 through 4.8 allowed local attackers to bypass intended security restrictions enabling them to execute commands other than those specified by the ForceCommand directive, provided they are able to modify to ~/.ssh/rc . The updated packages have been patched to correct th ... oval:org.secpod.oval:def:300512 A security vulnerability has been identified and fixed in neon: neon 0.28.0 through 0.28.2 allows remote servers to cause a denial of service via vectors related to Digest authentication and Digest domain parameter support . The updated packages have been upgraded to version 0.28.3 to prevent this. oval:org.secpod.oval:def:300982 Heap-based overflow on functions to manipulate WMF and EMF files in OpenOffice.org documments enables remote attackers to execute arbitrary code on documments holding certain crafted either WMF or EMF files . This update provide the fix for these security issues and further openoffice.org-voikko pa ... oval:org.secpod.oval:def:301460 Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents ... oval:org.secpod.oval:def:301326 A few vulnerabilities were found in Wireshark, that could cause it to crash or hang under certain conditions. This update provides Wireshark 1.0.0, which is not vulnerable to the issues. oval:org.secpod.oval:def:300896 A vulnerability has been identified and corrected in wireshark: o Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service via crafted PCNFSD packets . This update provides Wireshark 1.0.8, which is not vulnerable to th ... oval:org.secpod.oval:def:301639 Two vulnerabilities were discovered in Wireshark. The first is a vulnerability in the SMTP dissector that could cause it to consume excessive CPU and memory via a long SMTP request . The second is an issue with the WLCCP dissector that could cause it to go into an infinite loop. This update also pro ... oval:org.secpod.oval:def:300958 Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service via a crafted Tektron ... oval:org.secpod.oval:def:300999 Multiple vulnerabilities has been identified and corrected in wireshark: o The PROFINET dissector was vulnerable to a format string overflow . o The Check Point High-Availability Protocol dissecto could crash . o Wireshark could crash while loading a Tektronix .rf5 file . This update provides Wires ... oval:org.secpod.oval:def:301476 A vulnerability was found in Wireshark, that could cause it to crash while processing malicious packets. This update provides Wireshark 1.0.2, which is not vulnerable to that. oval:org.secpod.oval:def:301495 A number of vulnerabilities were discovered in Wireshark that could cause it to crash or abort while processing malicious packets . This update provides Wireshark 1.0.4, which is not vulnerable to these issues. oval:org.secpod.oval:def:301500 Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened . This vulnerability also ... oval:org.secpod.oval:def:301382 Kees Cook of Ubuntu security found a flaw in how poppler prior to version 0.6 displayed malformed fonts embedded in PDF files. An attacker could create a malicious PDF file that would cause applications using poppler to crash, or possibly execute arbitrary code when opened . This vulnerability also ... oval:org.secpod.oval:def:300909 A vulnerability has been found and corrected in perl-Compress-Raw-Zlib: Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service ... oval:org.secpod.oval:def:300862 A vulnerability has been found and corrected in ISC DHCP: Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafte ... oval:org.secpod.oval:def:301222 A vulnerability has been found and corrected in pulseaudio: Tavis Ormandy and Julien Tinnes of the Google Security Team discovered that pulseaudio, when installed setuid root, does not drop privileges before re-executing itself to achieve immediate bindings. This can be exploited by a user who has w ... oval:org.secpod.oval:def:301417 A memory management issue was found in libpoppler by Felipe Andres Manzano that could allow for the execution of arbitrary code with the privileges of the user running a poppler-based application, if they opened a specially crafted PDF file . The updated packages have been patched to correct this is ... oval:org.secpod.oval:def:301626 Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2"s XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop . The second is an intege ... oval:org.secpod.oval:def:301230 Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space . Buffer overflow in the util_path_encode function in ud ... oval:org.secpod.oval:def:300653 A wrong handling of signed Secure/Multipurpose Internet Mail Extensions e-mail messages enables attackers to spoof its signatures by modifying the latter copy . Crafted authentication challange packets sent by a malicious remote mail server enables remote attackers either to cause denial of servic ... oval:org.secpod.oval:def:300592 Multiple security vulnerabilities has been identified and fixed in Little cms: A memory leak flaw allows remote attackers to cause a denial of service via a crafted image file . Multiple integer overflows allow remote attackers to execute arbitrary code via a crafted image file that triggers a heap ... oval:org.secpod.oval:def:300626 Integer overflows in gstreamer0.10-plugins-base Base64 encoding and decoding functions may lead attackers to cause denial of service. Altough vector attacks are not known yet . This update provide the fix for that security issue. oval:org.secpod.oval:def:300793 Multiple integer overflows in GLib"s Base64 encoding and decoding functions enable attackers either to cause denial of service and to execute arbitrary code via an untrusted input . This update provide the fix for that security issue. oval:org.secpod.oval:def:300508 Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.8 . This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages requiring it have also been rebuilt and are being provided as ... oval:org.secpod.oval:def:301350 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.19 . This update provides the latest Mozilla Firefox 2.x to correct these issues. oval:org.secpod.oval:def:301256 A number of vulnerabilities were discovered in Wireshark that could cause it to crash while processing malicious packets . This update provides Wireshark 1.0.3, which is not vulnerable to these issues. oval:org.secpod.oval:def:301379 Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory . The updated packages have been patched to prevent these issues. oval:org.secpod.oval:def:301538 A vulnerability was discovered and corrected in the Linux 2.6 kernel: The asn1 implementation in the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and the gxsnmp package; does not properly validate length values during decoding of ASN. ... oval:org.secpod.oval:def:301404 field.c in the libid3tag 0.15.0b library allows context-dependent attackers to cause a denial of service via an ID3_FIELD_TYPE_STRINGLIST field that ends in "\0", which triggers an infinite loop. The updated packages have been patched to correct this. oval:org.secpod.oval:def:301560 Argument injection vulnerability in login in util-linux-ng 2.14 and earlier makes it easier for remote attackers to hide activities by modifying portions of log events. The updated packages have been patched to fix the issue. oval:org.secpod.oval:def:300742 A buffer overflow in the imageloadfont function in PHP allowed context-dependent attackers to cause a denial of service and potentially execute arbitrary code via a crafted font file . A buffer overflow in the memnstr function allowed context-dependent attackers to cause a denial of service and po ... oval:org.secpod.oval:def:301237 Sebastian Krahmer of SUSE discovered that rsync could overflow when handling ACLs. An attakcer could construct a malicious set of files that, when processed, could lead to arbitrary code execution or a crash . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301438 A flaw in fetchmail was discovered that allowed remote attackers to cause a denial of service via a malformed message with long headers. The crash only occured when fetchmail was called in "-v -v" mode . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301616 A vulnerability in rxvt allowed it to open a terminal on :0 if the environment variable was not set, which could be used by a local user to hijack X11 connections . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300771 The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem. oval:org.secpod.oval:def:300747 The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, and 8.2 before 8.2.14 allows remote authenticated users to cause a denial of service by re-LOAD-ing libraries from a certain plugins directory . The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8. ... oval:org.secpod.oval:def:300536 Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnera ... oval:org.secpod.oval:def:301212 A security vulnerability has been identified and fixed in OpenSSL, which could crash applications using OpenSSL library when parsing malformed certificates . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301197 Multiple vulnerabilities has been found and corrected in libmikmod: libmikmod 3.1.9 through 3.2.0, as used by MikMod, SDL-mixer, and possibly other products, relies on the channel count of the last loaded song, rather than the currently playing song, for certain playback calculations, which allows u ... oval:org.secpod.oval:def:300806 Multiple vulnerabilities has been found and corrected in samba: The SMB subsystem in Apple Mac OS X 10.5.8, when Windows File Sharing is enabled, does not properly handle errors in resolving pathnames, which allows remote authenticated users to bypass intended sharing restrictions, and read, create ... oval:org.secpod.oval:def:300836 A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method . A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bu ... oval:org.secpod.oval:def:300913 A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bug is consequence of a wrong processing on FormWidgetChoice::loadDefaults method . A crafted PDF file that triggers a parsing error allows remote attackers to cause definal of service. This bu ... oval:org.secpod.oval:def:300690 A security vulnerability has been identified and fixed in curl, which could allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files via a redirect to a file: URL, or execute arbitrary commands via a redirect to an scp: URL . The updated packa ... oval:org.secpod.oval:def:300466 A vulnerability has been found and corrected in curl: lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a "\0" character in a domain name in the subject"s Common Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof a ... oval:org.secpod.oval:def:300856 Multiple buffer overflows in the CMU Cyrus SASL library before 2.1.23 might allow remote attackers to execute arbitrary code or cause a denial of service application crash(CVE-2009-0688 oval:org.secpod.oval:def:300459 A vulnerability has been found and corrected in xmlsec1: A missing check for the recommended minimum length of the truncated form of HMAC-based XML signatures was found in xmlsec1 prior to 1.2.12. An attacker could use this flaw to create a specially-crafted XML file that forges an XML signature, al ... oval:org.secpod.oval:def:300917 A vulnerability have been discovered and corrected in GnuTLS before 2.8.2, which could allow man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority . This update fixes this vulnerability. oval:org.secpod.oval:def:301430 An integer overflow flaw was found in Pidgin"s MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message . In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVA-2008:103 . The updated pa ... oval:org.secpod.oval:def:301363 The D-Bus library did not correctly validate certain corrupted signatures which could cause a crash of applications linked against the D-Bus library if a local user were to send a specially crafted D-Bus request . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:300820 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.5 . This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. oval:org.secpod.oval:def:300897 Several vulnerabilities have been discovered in mplayer, which could allow remote attackers to execute arbitrary code via a malformed TwinVQ file , and in ffmpeg, as used by mplayer, related to the execution of DTS generation code and incorrect handling of DCA_MAX_FRAME_SIZE value . The updated pac ... oval:org.secpod.oval:def:300953 Failure on Ogg files manipulation can lead remote attackers to cause a denial of service by using crafted files . Failure on manipulation of either MNG or Real or MOD files can lead remote attackers to cause a denial of service by using crafted files . Heap-based overflow allows remote attackers to ... oval:org.secpod.oval:def:300528 Several vulnerabilities have been discovered in ffmpeg, related to the execution of DTS generation code and incorrect handling of DCA_MAX_FRAME_SIZE value . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301276 A vulnerability was found in how ffmpeg handled STR file demuxing. If a user were tricked into processing a malicious STR file, a remote attacker could execute arbitrary code with user privileges via applications linked against ffmpeg . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:300979 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Gnumeric working directory . This update provides fix ... oval:org.secpod.oval:def:301614 Multiple vulnerabilities have been found in Qemu. Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to ... oval:org.secpod.oval:def:300911 A security vulnerability have been discovered and corrected in VNC server of qemu 0.9.1 and earlier, which could lead to a denial-of-service attack . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301506 A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16 . This update provides the latest Thunderbird to correct these issues. It also provides Thunderbird 2.x for Corporate 3.0 systems. oval:org.secpod.oval:def:301513 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.16 . This update provides the latest Firefox to correct these issues. oval:org.secpod.oval:def:301323 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.17 . This update provides the latest Firefox to correct these issues. oval:org.secpod.oval:def:300964 A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.19 . This update provides the latest Thunderbird to correct these issues. oval:org.secpod.oval:def:301588 A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.16 . This update provides the latest Thunderbird to correct these issues. It also provides Thunderbird 2.x for Corporate 3.0 systems. Update: The previous update provided ... oval:org.secpod.oval:def:301366 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.15 . This update provides the latest Firefox to correct these issues. oval:org.secpod.oval:def:301362 A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.17 . This update provides the latest Thunderbird to correct these issues. oval:org.secpod.oval:def:301381 A vulnerability was found in how Net-SNMP checked an SNMPv3 packet"s Keyed-Hash Message Authentication Code . An attacker could exploit this flaw to spoof an authenticated SNMPv3 packet . A buffer overflow was found in the perl bindings for Net-SNMP that could be exploited if an attacker could convi ... oval:org.secpod.oval:def:301557 A number of vulnerabilities have been discovered in the Apache Tomcat server: The default catalina.policy in the JULI logging component did not restrict certain permissions for web applications which could allow a remote attacker to modify logging configuration options and overwrite arbitrary files ... oval:org.secpod.oval:def:301246 Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing + , %2b , ... oval:org.secpod.oval:def:301349 A vulnerability was discovered and corrected in the Linux 2.6 kernel: The bdx_ioctl_priv function in the tehuti driver in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related ... oval:org.secpod.oval:def:301229 A vulnerability was found by the Google Security Team with how OpenSSL checked the verification of certificates. An attacker in control of a malicious server or able to effect a man-in-the-middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, whi ... oval:org.secpod.oval:def:301434 Guido Landi found A stack-based buffer overflow in xine-lib that could allow a remote attacker to cause a denial of service and potentially execute arbitrary code via a long NSF title . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301615 A vulnerability that was discovered in xine-lib that allowed remote RTSP servers to execute arbitrary code via a large streamid SDP parameter also affects MPlayer . Several integer overflows were discovered by Felipe Andres Manzano in MPlayer"s Real video stream demuxing code. These vulnerabilities ... oval:org.secpod.oval:def:301486 A race condition in the directory notification subsystem in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service and possibly gain privileges via unspecified vectors. The Linux kernel before 2.6.25.2 does not apply a certain protection me ... oval:org.secpod.oval:def:300540 A vulnerability was discovered and corrected in dbus: The _dbus_validate_signature_with_reason function in D-Bus uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix for CVE-2008-3834 . This updat ... oval:org.secpod.oval:def:300829 Multiple security vulnerabilities has been identified and fixed in libmodplug: Integer overflow in the CSoundFile::ReadMed function in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted ... oval:org.secpod.oval:def:300723 A buffer underflow in Ghostscript"s CCITTFax decoding filter allows remote attackers to cause denial of service and possibly to execute arbitrary by using a crafted PDF file . Buffer overflow in Ghostscript"s BaseFont writer module allows remote attackers to cause a denial of service and possibly to ... oval:org.secpod.oval:def:300968 A security vulnerability has been identified and fixed in pam: Integer signedness error in the _pam_StrTok function in libpam/pam_misc.c in Linux-PAM 1.0.3 and earlier, when a configuration file contains non-ASCII usernames, might allow remote attackers to cause a denial of service, and might allow ... oval:org.secpod.oval:def:300797 A vulnerability has been identified and corrected in audacity: Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service and possibly execute ar ... oval:org.secpod.oval:def:300568 A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length . The updated packages have been patched to prevent this. Update: The previous update package w ... oval:org.secpod.oval:def:300870 A vulnerability have been discovered and corrected in PyCrypto ARC2 module 2.0.1, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large ARC2 key length . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:301220 A vulnerability has been discovered in xterm, which can be exploited by malicious people to compromise a user"s system. The vulnerability is caused due to xterm not properly processing the DECRQSS Device Control Request Status String escape sequence. This can be exploited to inject and execute arbit ... oval:org.secpod.oval:def:301402 A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially-crafted request which would cause snmpd to crash . Please note that for this to be successfully exploited, an attacker must have ... oval:org.secpod.oval:def:301587 pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. oval:org.secpod.oval:def:301594 pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify mountpoint and source ownership before mounting a user-defined volume, which allows local users to bypass intended access restrictions via a local mount. The updated packages have been patched to fix the issue. Update: The fix f ... oval:org.secpod.oval:def:301583 Sebastian Krahmer of the SUSE Security Team discovered a flaw in the way Postfix dereferenced symbolic links. If a local user had write access to a mail spool directory without a root mailbox file, it could be possible for them to append arbitrary data to files that root had write permissions to . T ... oval:org.secpod.oval:def:301334 A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon . The updated packages have been patched to correct this issue. oval:org.secpod.oval:def:301325 An off-by-one error was found in nasm 2.02 that allowed context-dependent attackers to cause a denial of service or possibly execute arbitrary code via a crafted file that triggers a stack-based buffer overflow . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301293 Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel before 2.6.25.3 allows remote attackers to cause a denial of service via network traffic to a Simple Internet Transition tunnel interface, related ... oval:org.secpod.oval:def:301556 Testing using the Codenomicon TLS test suite discovered a flaw in the handling of server name extension data in OpenSSL 0.9.8f and OpenSSL 0.9.8g. If OpenSSL has been compiled using the non-default TLS server name extensions, a remote attacker could send a carefully crafted packet to a server applic ... oval:org.secpod.oval:def:301508 Flaws discovered in versions prior to 2.2.4 and 2.3.10 of GnuTLS allow an attacker to cause denial of service , and maybe execute arbitrary code. The updated packages have been patched to fix these flaws. Note that any applications using this library must be restarted for the update to take effec ... oval:org.secpod.oval:def:301249 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.14. This update provides the latest Firefox to correct these issues. oval:org.secpod.oval:def:301444 A format string vulnerability in the grant helper, in PolicyKit 0.7 and earlier, allows attackers to cause a denial of service and possibly execute arbitrary code via format strings in a password. The updated package has been patched to correct this issue. oval:org.secpod.oval:def:300879 Apache Tomcat does not properly handle certain characters in a cookie value, which could possibly lead to the leak of sensitive information such as session IDs . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:300473 Multiple vulnerabilities has been found and corrected in libtiff: Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service via a crafted TIFF image, a different vulnerability than CVE-2008-2327 . Fix several places in tiff2rgb ... oval:org.secpod.oval:def:300564 A flaw was found in how BIND checked the return value of the OpenSSL DSA_do_verify function. On systems that use DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, which would allow for spoofing attacks . The updated packages have been patche ... oval:org.secpod.oval:def:301201 Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b"" token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service by using this token in a SQL statement ... oval:org.secpod.oval:def:301209 A vulnerability has been found and corrected in mysql: Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service and possibly have unspecified other impact v ... oval:org.secpod.oval:def:301492 Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with a ... oval:org.secpod.oval:def:301658 A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic . This update provides the latest stable BIND releases for all platfo ... oval:org.secpod.oval:def:301527 An incorrect memory deallocation was causing a crash when the GNOME display manager was exiting. This package update fixes this issue and includes additional bug fixes and translation updates. oval:org.secpod.oval:def:300452 Multiple security vulnerabilities has been identified and fixed in ghostscript: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation . Buffer overflow in the ja ... oval:org.secpod.oval:def:300701 Multiple security vulnerabilities has been identified and fixed in jasper: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library before 1.900 allows remote user-assisted attackers to cause a denial of service and possibly corrupt the heap via malformed image files, as ... oval:org.secpod.oval:def:301632 Thomas Pollet discovered an integer overflow vulnerability in the PNG image handling filter in CUPS. This could allow a malicious user to execute arbitrary code with the privileges of the user running CUPS, or cause a denial of service by sending a specially crafted PNG image to the print server . T ... oval:org.secpod.oval:def:300455 Security vulnerabilities have been discovered and corrected in CUPS. CUPS before 1.3.8 allows local users, and possibly remote attackers, to cause a denial of service by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference . The web interface in CUPS before 1.3.8 u ... oval:org.secpod.oval:def:301543 A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed . An integer overflow flaw leading to a heap buffer ove ... oval:org.secpod.oval:def:300886 Multiple buffer overflows in the JBIG2 decoder allows remote attackers to cause a denial of service via a crafted PDF file . Multiple integer overflows in the JBIG2 decoder allows remote attackers to cause a denial of service via a crafted PDF file . An integer overflow in the JBIG2 decoder has un ... oval:org.secpod.oval:def:301203 A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root . The updated packages have been patched to prevent this. oval:org.secpod.oval:def:300861 A vulnerability has been found and corrected in cyrus-imapd: Buffer overflow in the SIEVE script component in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14 allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to the incorrect us ... oval:org.secpod.oval:def:300498 The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. Pidgin 2.4.1 allows remote attackers to cause a denial of service via a long filename that co ... oval:org.secpod.oval:def:300502 Multiple vulnerabilities has been found and corrected in libxml: Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service via a large depth of element declarations in a DTD, related to a ... oval:org.secpod.oval:def:301643 A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code . The updated packages have been patched to prevent this ... oval:org.secpod.oval:def:301426 Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding . Update: The original fix used to correct this issue caused some applications tha ... oval:org.secpod.oval:def:301612 A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Thunderbird program, version 2.0.0.18 . This update provides the latest Thunderbird to correct these issues. oval:org.secpod.oval:def:301598 Andreas Solberg found a denial of service flaw in how libxml2 processed certain content. If an application linked against libxml2 processed such malformed XML content, it could cause the application to stop responding . The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301255 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 2.x, version 2.0.0.18 . This update provides the latest Mozilla Firefox 2.x to correct these issues. oval:org.secpod.oval:def:300676 A vulnerability was discovered and corrected in glib2.0: The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of a symbolic link , which allows user-assisted local users to modify files of other users, as demonstrated by using Nautilus to modify the permissio ... oval:org.secpod.oval:def:300687 Multiple vulnerabilities has been found and corrected in OpenEXR: Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to the ... oval:org.secpod.oval:def:301235 Multiple security vulnerabilities has been identified and fixed in OpenSSL: The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service via a large series of future epoch DTLS records that are buffered in a queue ... oval:org.secpod.oval:def:300822 Multiple vulnerabilities has been found and corrected in gnutls: lib/pk-libgcrypt.c in libgnutls in GnuTLS before 2.6.6 does not properly handle invalid DSA signatures, which allows remote attackers to cause a denial of service and possibly have unspecified other impact via a malformed DSA key that ... oval:org.secpod.oval:def:300824 Multiple vulnerabilities has been found and corrected in krb5: The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 1.5 through 1.6.3 allows remote attackers to cause a denial of service and possibly obtain sensitive information via a crafted length value that triggers a buf ... oval:org.secpod.oval:def:300815 Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.7 . This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. A ... oval:org.secpod.oval:def:300969 A number of vulnerabilities have been found and corrected in libpng: Fixed 1-byte buffer overflow in pngpread.c . This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword that allowed setting arbitrary bytes in the process memory to 0 . Fix a potential DoS or to potentia ... oval:org.secpod.oval:def:300490 A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21 . This update provides the latest Thunderbird to correct these issues. Additionaly, Mozilla Thunderbird released with Mandriva Linux 2009.0, when ... oval:org.secpod.oval:def:301477 Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . Update: It was found ... oval:org.secpod.oval:def:301494 Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . The updated packages ... oval:org.secpod.oval:def:300593 Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Vim working directory . This update provides fix for t ... oval:org.secpod.oval:def:300448 Multiple vulnerabilities has been found and corrected in libneon0.27: neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service via a crafted XML document containing a large number of nes ... oval:org.secpod.oval:def:300808 A vulnerability has been found and corrected in mod_perl v1.x and v2.x: Cross-site scripting vulnerability in Status.pm in Apache::Status and Apache2::Status in mod_perl1 and mod_perl2 for the Apache HTTP Server, when /perl-status is accessible, allows remote attackers to inject arbitrary web scrip ... oval:org.secpod.oval:def:300759 Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in smooth/ftsmooth.c, sfnt/ttcmap.c, and cff/cffload.c. This update corrects the problem. oval:org.secpod.oval:def:300450 A vulnerability has been found and corrected in PHP: - Fixed upstream bug #48378 . The updated packages have been patched to correct these issues. oval:org.secpod.oval:def:300908 A vulnerability was discovered and corrected in the Linux 2.6 kernel: The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain ... oval:org.secpod.oval:def:301208 Multiple vulnerabilities was discovered and corrected in openssl: Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service and possibly have unspecified other impact via a DTLS packet, ... oval:org.secpod.oval:def:300704 Security issues in nss prior to 3.12.3 could lead to a man-in-the-middle attack via a spoofed X.509 certificate and md2 algorithm flaws , and also cause a denial-of-service and possible code execution via a long domain name in X.509 certificate . This update provides the latest versions of NSS and ... oval:org.secpod.oval:def:300539 Multiple vulnerabilities has been found and corrected in apache: The stream_reqbody_cl function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server before 2.3.3, when a reverse proxy is configured, does not properly handle an amount of streamed data that exceeds the Content-Length ... oval:org.secpod.oval:def:301655 A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service via a large number of interim responses . A cross-site scripting vulnerability was found in the mod_proxy_ftp ... oval:org.secpod.oval:def:300446 A vulnerability has been identified and corrected in apr and apr-util: Fix potential overflow in pools and rmm , where size alignment was taking place . This update provides fixes for these vulnerabilities. oval:org.secpod.oval:def:300451 Multiple vulnerabilities was discovered and corrected in apache: The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service via a malformed reply to an EPSV command . T ... oval:org.secpod.oval:def:300813 Multiple vulnerabilities has been found and corrected in apache: Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service via multiple calls, as demonstrated by initial SSL client handshake ... oval:org.secpod.oval:def:300957 Multiple security vulnerabilities has been identified and fixed in apr-util: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service via crafted input involving a .htaccess file used with the Apache HTTP S ... oval:org.secpod.oval:def:300637 Multiple vulnerabilities has been found and corrected in apache: Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service via multiple calls, as demonstrated by initial SSL client handshake ... oval:org.secpod.oval:def:301214 Security vulnerabilities has been identified and fixed in University of Washington IMAP Toolkit: Multiple stack-based buffer overflows in University of Washington IMAP Toolkit 2002 through 2007c, University of Washington Alpine 2.00 and earlier, and Panda IMAP allow local users to gain privilege ... oval:org.secpod.oval:def:301573 Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux implementation in the Linux kernel before 2.6.26.1 has unknown impact and ... oval:org.secpod.oval:def:301540 An input validation flaw was found in the Bluetooth Session Description Protocol packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and p ... oval:org.secpod.oval:def:301530 A number of vulnerabilities have been found and corrected in PHP: php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors . The escapeshellcmd API function in PHP prior to 5.2.6 has unknown impact and context-dependent atta ... oval:org.secpod.oval:def:300594 PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied to other virtual hosts on the same server . The u ... oval:org.secpod.oval:def:300859 A vulnerability has been found and corrected in PHP: The JSON_parser function in PHP 5.2.x before 5.2.9 allows remote attackers to cause a denial of service via a malformed string to the json_decode API function . The updated packages have been patched to correct these issues. oval:org.secpod.oval:def:300878 A number of vulnerabilities have been found and corrected in PHP: improve mbfl_filt_conv_html_dec_flush error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c . Additionally on Mandriva Linux 2009.0 and up the php-mbstring module is linked against a separate shared libmbfl library that al ... oval:org.secpod.oval:def:300650 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:300937 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:300807 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:300845 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:300734 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:300925 A vulnerability was found in xmltok_impl.c that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. oval:org.secpod.oval:def:301646 Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. The updated packages have been patched to prevent this issue. oval:org.secpod.oval:def:301568 Multiple integer overflows in the imageop module in Python prior to 2.5.3 allowed context-dependent attackers to cause a denial of service or possibly execute arbitrary code via crafted images that trigger heap-based buffer overflows . This was due to an incomplete fix for CVE-2007-4965. David Rema ... oval:org.secpod.oval:def:300731 Multiple vulnerabilities was discovered and corrected in php: The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service via a key with the NULL byte. NOTE: this might only be a vulnerability in limited circumstances in which the attacker can modif ... |
