The package included with Mandriva Linux 2008 for psad had two problems. Firstly, it did not depend on perl-IPTables-ChainMgr, which in fact it does require to work. Secondly, the /etc/psad/ip_options file was incorrectly omitted from the package, making psad fail to start. This updated package fixes both issues.
Several bugs were found in util-linux-ng package: - Using an offset on loopback device was broken - Creating an encrypted loopback with losetup -e was broken - Using fdisk to modify the partition table of an image file did not write the changes The updated package fixes these issues.
In certain rare circumstances, any area of an NTFS volume, excluding the NTFS boot sector, could get corrupted. The chances for this to happen are greater when the disk is close to full utilization and when using one of the more uncommon, less than 4096 byte cluster sizes. The updated packages correct this issue.
A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration. The updated packages fix this issue.
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow. The updated packages have been patched to prevent this issue.
An incomplete fix for CVE-2008-2713 resulted in remote attackers being able to cause a denial of service via a malformed Petite file that triggered an out-of-bounds memory access . This issue is corrected with the 0.93.3 release which is being provided.