The Mandriva Security Team has published a new security update: MDKSA-2005:159 - Updated kdeedu packages fix tempfile vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:160 - Updated kdebase packages fix potential local root vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:155 - Updated apache2 packages fix integer overflow vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:127-1 - Updated mozilla-thunderbird packages fix multiple vulnerabilities for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:153 - Updated gnumeric packages fix integer overflow vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:147 - Updated slocate packages fix vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:146 - Updated php-pear packages fix more PEAR XML-RPC vulnerabilities for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:148 - Updated vim packages fix vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:145 - Updated openvpn packages fix several vulnerabilities for Mandriva Linux. Here the announcement:
Updated wxPythonGTK packages are available for Mandriva Linux
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: wxPythonGTK
Advisory ID: MDKSA-2005:144
Date: August 18th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________
Problem Description:
Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the "YCbCr subsampling" value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which can cause a program that uses the TIFF library to crash.
wxPythonGTK uses an embedded libtiff source tree, and as such has the same vulnerability.
The updated packages have been rebuilt using the system libraries and should now incorporate all the updates to libjpeg, libpng, libtiff and zlib.
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: wxPythonGTK
Advisory ID: MDKSA-2005:144
Date: August 18th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________
Problem Description:
Wouter Hanegraaff discovered that the TIFF library did not sufficiently validate the "YCbCr subsampling" value in TIFF image headers. Decoding a malicious image with a zero value resulted in an arithmetic exception, which can cause a program that uses the TIFF library to crash.
wxPythonGTK uses an embedded libtiff source tree, and as such has the same vulnerability.
The updated packages have been rebuilt using the system libraries and should now incorporate all the updates to libjpeg, libpng, libtiff and zlib.
The Mandriva Security Team has published a new security update: MDKSA-2005:141 - Updated evolution packages fixes format string vulnerabilities for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:142 - Updated libtiff packages fixes vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:143 - Updated kdegraphics packages fix kfax vulnerability for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:139 - Updated gaim packages fix yet more vulnerabilities for Mandriva Linux. Here the announcement:
The Mandriva Security Team has published a new security update: MDKSA-2005:134 - Updated xpdf packages fix vulnerability for Mandriva Linux.