Mandriva 1273 Published by

The Mandriva Security Team published a new security update: MDKSA-2006:012 - Updated kdegraphics packages fix several vulnerabilities for Mandriva Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2006:012
http://www.mandriva.com/security/
_______________________________________________________________________

Package : kdegraphics
Date : January 12, 2006
Affected: 2006.0, Corporate 3.0
_______________________________________________________________________

Problem Description:

Multiple heap-based buffer overflows in the
DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions
in the DCT stream parsing code (Stream.cc) in xpdf 3.01 and earlier,
allow user-complicit attackers to cause a denial of service (heap
corruption) and possibly execute arbitrary code via a crafted PDF file
with an out-of-range number of components (numComps), which is used as
an array index. (CVE-2005-3191)

Heap-based buffer overflow in the StreamPredictor function in Xpdf 3.01
allows remote attackers to execute arbitrary code via a PDF file with
an out-of-range numComps (number of components) field. (CVE-2005-3192)

Heap-based buffer overflow in the JPXStream::readCodestream function
in the JPX stream parsing code (JPXStream.c) for xpdf 3.01 and earlier
allows user-complicit attackers to cause a denial of service (heap
corruption) and possibly execute arbitrary code via a crafted PDF file
with large size values that cause insufficient memory to be allocated.
(CVE-2005-3193)

An additional patch re-addresses memory allocation routines in
goo/gmem.c (Martin Pitt/Canonical, Dirk Mueller/KDE).

In addition, Chris Evans discovered several other vulnerbilities in
the xpdf code base:

Out-of-bounds heap accesses with large or negative parameters to
"FlateDecode" stream. (CVE-2005-3192)

Out-of-bounds heap accesses with large or negative parameters to
"CCITTFaxDecode" stream. (CVE-2005-3624)

Infinite CPU spins in various places when stream ends unexpectedly.
(CVE-2005-3625)

NULL pointer crash in the "FlateDecode" stream. (CVE-2005-3626)

Overflows of compInfo array in "DCTDecode" stream. (CVE-2005-3627)

Possible to use index past end of array in "DCTDecode" stream.
(CVE-2005-3627)

Possible out-of-bounds indexing trouble in "DCTDecode" stream.
(CVE-2005-3627)

Kdegraphics uses an embedded copy of the xpdf code, with the same
vulnerabilities.

The updated packages have been patched to correct these problems.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?nameÊN-2005-3191
http://cve.mitre.org/cgi-bin/cvename.cgi?nameÊN-2005-3192
http://cve.mitre.org/cgi-bin/cvename.cgi?nameÊN-2005-3193
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2006.0:
5571478fa1e44afdd4b79e4064e32825 2006.0/RPMS/kdegraphics-3.4.2-11.4.20060mdk.i586.rpm
4fac0e64bb746dbc1b97a14d45e44c55 2006.0/RPMS/kdegraphics-common-3.4.2-11.4.20060mdk.i586.rpm
a21961438caec4e42951dee4daba15f3 2006.0/RPMS/kdegraphics-kdvi-3.4.2-11.4.20060mdk.i586.rpm
62ac8c14388b88574ac5f3f0ed9131a8 2006.0/RPMS/kdegraphics-kfax-3.4.2-11.4.20060mdk.i586.rpm
87c5271edeb268f3972aecd707e503de 2006.0/RPMS/kdegraphics-kghostview-3.4.2-11.4.20060mdk.i586.rpm
67311b22d57dec7d764df5841e66c644 2006.0/RPMS/kdegraphics-kiconedit-3.4.2-11.4.20060mdk.i586.rpm
f79371a7b89aff6bcc051a808c8256a6 2006.0/RPMS/kdegraphics-kolourpaint-3.4.2-11.4.20060mdk.i586.rpm
8bc799e22d31af2b70549ef0ea783dbb 2006.0/RPMS/kdegraphics-kooka-3.4.2-11.4.20060mdk.i586.rpm
badb479cf7e85465e05d4672e3d52693 2006.0/RPMS/kdegraphics-kpaint-3.4.2-11.4.20060mdk.i586.rpm
f6bd59cd551ef1e05653a24983c18f63 2006.0/RPMS/kdegraphics-kpdf-3.4.2-11.4.20060mdk.i586.rpm
80c6766ce125696062e89bc35cb0e915 2006.0/RPMS/kdegraphics-kpovmodeler-3.4.2-11.4.20060mdk.i586.rpm
78210a0f00735ea6bfda054f58af0947 2006.0/RPMS/kdegraphics-kruler-3.4.2-11.4.20060mdk.i586.rpm
f006dec257c3796f1c5d413bee436a93 2006.0/RPMS/kdegraphics-ksnapshot-3.4.2-11.4.20060mdk.i586.rpm
b1f0e66d0c752d2570025a1902e29c62 2006.0/RPMS/kdegraphics-ksvg-3.4.2-11.4.20060mdk.i586.rpm
8335914c82e841fb7657fd661ca05fda 2006.0/RPMS/kdegraphics-kuickshow-3.4.2-11.4.20060mdk.i586.rpm
084e692e116c78c3662bf11ce6a718bf 2006.0/RPMS/kdegraphics-kview-3.4.2-11.4.20060mdk.i586.rpm
262f5ad056611140a806ddfed021e545 2006.0/RPMS/kdegraphics-mrmlsearch-3.4.2-11.4.20060mdk.i586.rpm
38e429e272342355f559ba4d3d3f9018 2006.0/RPMS/libkdegraphics0-common-3.4.2-11.4.20060mdk.i586.rpm
7e331ff83ad5d29ff0ef022f2049f017 2006.0/RPMS/libkdegraphics0-common-devel-3.4.2-11.4.20060mdk.i586.rpm
50e5b541f1ef115981d2a79bd165ed3a 2006.0/RPMS/libkdegraphics0-kghostview-3.4.2-11.4.20060mdk.i586.rpm
4dd31e2802711701043be68a79b8148b 2006.0/RPMS/libkdegraphics0-kghostview-devel-3.4.2-11.4.20060mdk.i586.rpm
b94b9b4f40663bc1528847ff6063dfe0 2006.0/RPMS/libkdegraphics0-kooka-3.4.2-11.4.20060mdk.i586.rpm
b6e2b0c853c7ddbb12bc9df946f8b588 2006.0/RPMS/libkdegraphics0-kooka-devel-3.4.2-11.4.20060mdk.i586.rpm
77061dddbf3ffcf92de724df5625a5d5 2006.0/RPMS/libkdegraphics0-kpovmodeler-3.4.2-11.4.20060mdk.i586.rpm
4fe20acd3d9cac3ea9de78ef300ef1d2 2006.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.4.2-11.4.20060mdk.i586.rpm
c5a6ae9a15abaf40eb0a73431f30c308 2006.0/RPMS/libkdegraphics0-ksvg-3.4.2-11.4.20060mdk.i586.rpm
bdffb4513b48da6f406f1cfd5f611048 2006.0/RPMS/libkdegraphics0-ksvg-devel-3.4.2-11.4.20060mdk.i586.rpm
a4741e1a2ade1bb107e5a640ab522912 2006.0/RPMS/libkdegraphics0-kuickshow-3.4.2-11.4.20060mdk.i586.rpm
6201f4264502e199996e06e5c28a9f40 2006.0/RPMS/libkdegraphics0-kview-3.4.2-11.4.20060mdk.i586.rpm
d2126b8ca9782352d7f4bfc814ee27b3 2006.0/RPMS/libkdegraphics0-kview-devel-3.4.2-11.4.20060mdk.i586.rpm
1cb39fe5f5eb9b52dec73ac4fb7dc3bc 2006.0/RPMS/libkdegraphics0-mrmlsearch-3.4.2-11.4.20060mdk.i586.rpm
d3d8c4bcc6a07894765b4f54dcc33c90 2006.0/SRPMS/kdegraphics-3.4.2-11.4.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
511b7d335a7cab1a0b579d2017ab4399 x86_64/2006.0/RPMS/kdegraphics-3.4.2-11.4.20060mdk.x86_64.rpm
6ee9e54ed0e2faf5764b92497325c04b x86_64/2006.0/RPMS/kdegraphics-common-3.4.2-11.4.20060mdk.x86_64.rpm
c23c3abb4fa6fd5f9864a1c1990ae3b3 x86_64/2006.0/RPMS/kdegraphics-kdvi-3.4.2-11.4.20060mdk.x86_64.rpm
ec30639e148e5059bfa0e057c267900a x86_64/2006.0/RPMS/kdegraphics-kfax-3.4.2-11.4.20060mdk.x86_64.rpm
f9417d62d6d313a627079d951d15c093 x86_64/2006.0/RPMS/kdegraphics-kghostview-3.4.2-11.4.20060mdk.x86_64.rpm
4f9f422e21039a0da91b6ee96a4fbfcb x86_64/2006.0/RPMS/kdegraphics-kiconedit-3.4.2-11.4.20060mdk.x86_64.rpm
e5e8bcc1bfe22c90dccd400042830114 x86_64/2006.0/RPMS/kdegraphics-kolourpaint-3.4.2-11.4.20060mdk.x86_64.rpm
969e1bf13dfc87dbb915b8545bbc1e8a x86_64/2006.0/RPMS/kdegraphics-kooka-3.4.2-11.4.20060mdk.x86_64.rpm
1220fc72581d7f5805bccf64a2946ae5 x86_64/2006.0/RPMS/kdegraphics-kpaint-3.4.2-11.4.20060mdk.x86_64.rpm
6f87404a6083a1cedc91d4732a7991c5 x86_64/2006.0/RPMS/kdegraphics-kpdf-3.4.2-11.4.20060mdk.x86_64.rpm
a186ae8d3d68ba29221d2e77df09b62c x86_64/2006.0/RPMS/kdegraphics-kpovmodeler-3.4.2-11.4.20060mdk.x86_64.rpm
45a7044953ea9010e8953a5adc6f6814 x86_64/2006.0/RPMS/kdegraphics-kruler-3.4.2-11.4.20060mdk.x86_64.rpm
24c394f49c0dea341ac408ac04c9191f x86_64/2006.0/RPMS/kdegraphics-ksnapshot-3.4.2-11.4.20060mdk.x86_64.rpm
a50907b9f26bc19b3d2681dbb66a958c x86_64/2006.0/RPMS/kdegraphics-ksvg-3.4.2-11.4.20060mdk.x86_64.rpm
6f12d203896e0dfefe1a75d0e0bc0a69 x86_64/2006.0/RPMS/kdegraphics-kuickshow-3.4.2-11.4.20060mdk.x86_64.rpm
4c736a65e317ddc3d1f22413d30735e2 x86_64/2006.0/RPMS/kdegraphics-kview-3.4.2-11.4.20060mdk.x86_64.rpm
c01486cdf68d0ec2b1027762f90b1403 x86_64/2006.0/RPMS/kdegraphics-mrmlsearch-3.4.2-11.4.20060mdk.x86_64.rpm
3333ad89cdd605754a0650b12f145472 x86_64/2006.0/RPMS/lib64kdegraphics0-common-3.4.2-11.4.20060mdk.x86_64.rpm
3313cb0ce01f9a401190039b16e70fa9 x86_64/2006.0/RPMS/lib64kdegraphics0-common-devel-3.4.2-11.4.20060mdk.x86_64.rpm
e7c58e4080885697d9634cf59254f726 x86_64/2006.0/RPMS/lib64kdegraphics0-kghostview-3.4.2-11.4.20060mdk.x86_64.rpm
a8f183fa72d80237c9de22b46e16dd79 x86_64/2006.0/RPMS/lib64kdegraphics0-kghostview-devel-3.4.2-11.4.20060mdk.x86_64.rpm
78416878556439d5fb543e2f68922e54 x86_64/2006.0/RPMS/lib64kdegraphics0-kooka-3.4.2-11.4.20060mdk.x86_64.rpm
28c37696391fd8872681271a4e59af67 x86_64/2006.0/RPMS/lib64kdegraphics0-kooka-devel-3.4.2-11.4.20060mdk.x86_64.rpm
67dfbf91800f29f9e3600bb7ce10dbe1 x86_64/2006.0/RPMS/lib64kdegraphics0-kpovmodeler-3.4.2-11.4.20060mdk.x86_64.rpm
815356158c0fb042b44e88faa62d369f x86_64/2006.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.4.2-11.4.20060mdk.x86_64.rpm
bdc1d335afe024fbf197918d44f33717 x86_64/2006.0/RPMS/lib64kdegraphics0-ksvg-3.4.2-11.4.20060mdk.x86_64.rpm
f1f513f068a102cc911a1540c16533ed x86_64/2006.0/RPMS/lib64kdegraphics0-ksvg-devel-3.4.2-11.4.20060mdk.x86_64.rpm
cbc938763ca576a67a05c71f1f834ef0 x86_64/2006.0/RPMS/lib64kdegraphics0-kuickshow-3.4.2-11.4.20060mdk.x86_64.rpm
5f9e65528f868bf924d51cbf50166e7e x86_64/2006.0/RPMS/lib64kdegraphics0-kview-3.4.2-11.4.20060mdk.x86_64.rpm
b096a0661234a1b74911adf4c556a25d x86_64/2006.0/RPMS/lib64kdegraphics0-kview-devel-3.4.2-11.4.20060mdk.x86_64.rpm
ba40ceb00e6e5b31ba07f6dc292bc250 x86_64/2006.0/RPMS/lib64kdegraphics0-mrmlsearch-3.4.2-11.4.20060mdk.x86_64.rpm
d3d8c4bcc6a07894765b4f54dcc33c90 x86_64/2006.0/SRPMS/kdegraphics-3.4.2-11.4.20060mdk.src.rpm

Corporate 3.0:
c39f852b3d214fc4aaf5bb2e9b833410 corporate/3.0/RPMS/kdegraphics-3.2-15.10.C30mdk.i586.rpm
a5ca353a196301ea280d4e44bc5dc915 corporate/3.0/RPMS/kdegraphics-common-3.2-15.10.C30mdk.i586.rpm
536c90a22629af75c9beeb74b97ee834 corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.10.C30mdk.i586.rpm
6455c40fdc006c3ca586f5857e40325a corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.10.C30mdk.i586.rpm
d5d802c57842ac1880549c8de7e9483f corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.10.C30mdk.i586.rpm
553f227e00b02730ecdc867ddab8230d corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.10.C30mdk.i586.rpm
79c467ada6993af684a1f0ec2f031dc6 corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.10.C30mdk.i586.rpm
4fcfd15bc4680b046f936cb90be34d7b corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.10.C30mdk.i586.rpm
8ef781fb7f45d38695ceb9f72f4b798e corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.10.C30mdk.i586.rpm
4c4a0f82f97641cef064d6ab94403249 corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.10.C30mdk.i586.rpm
72374d03b49e27ea13d7694d97cce12b corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.10.C30mdk.i586.rpm
4788fa2a5dc91f0e4fc458c6109290c5 corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.10.C30mdk.i586.rpm
9a6ee664e940732d19a66702a472e455 corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.10.C30mdk.i586.rpm
a676a8a6b2822adf10e4d2d796df3067 corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.10.C30mdk.i586.rpm
469ac5e8b126f2d41df4417b62b0bd7a corporate/3.0/RPMS/kdegraphics-kview-3.2-15.10.C30mdk.i586.rpm
7ef54f74c757b83e78480bffe539c276 corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.10.C30mdk.i586.rpm
a788cd2f26d8eb376fa64e7001608970 corporate/3.0/RPMS/libkdegraphics0-common-3.2-15.10.C30mdk.i586.rpm
bb7b505b53b5e378b740590840193e9e corporate/3.0/RPMS/libkdegraphics0-common-devel-3.2-15.10.C30mdk.i586.rpm
8a3fe88a91e2dfc1eda4b0d12e62e586 corporate/3.0/RPMS/libkdegraphics0-kooka-3.2-15.10.C30mdk.i586.rpm
0d157bf382ddf00f4ff823af7b0c466e corporate/3.0/RPMS/libkdegraphics0-kooka-devel-3.2-15.10.C30mdk.i586.rpm
6fa38d8c0399479e02c86d8106707418 corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-3.2-15.10.C30mdk.i586.rpm
36497cc6ce05c95934ec173b2066f545 corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.2-15.10.C30mdk.i586.rpm
56f62a8bb3392610d744ef12129a97da corporate/3.0/RPMS/libkdegraphics0-ksvg-3.2-15.10.C30mdk.i586.rpm
55e0fd59587efcde7746b43ab3621615 corporate/3.0/RPMS/libkdegraphics0-ksvg-devel-3.2-15.10.C30mdk.i586.rpm
7a6aaa83db931cf1c98cf0443d7acb4e corporate/3.0/RPMS/libkdegraphics0-kuickshow-3.2-15.10.C30mdk.i586.rpm
d39c7a51511a2e129cb852b2fa4bc582 corporate/3.0/RPMS/libkdegraphics0-kview-3.2-15.10.C30mdk.i586.rpm
15a294973510b07ad69362ec44535ec4 corporate/3.0/RPMS/libkdegraphics0-kview-devel-3.2-15.10.C30mdk.i586.rpm
0bfaeaf37e9d2155fd7797a28129bd23 corporate/3.0/RPMS/libkdegraphics0-mrmlsearch-3.2-15.10.C30mdk.i586.rpm
7eb358dc7de55e5d5a1462cf7ac1bfc2 corporate/3.0/SRPMS/kdegraphics-3.2-15.10.C30mdk.src.rpm

Corporate 3.0/X86_64:
4f308aa0245d68fbc18b97d3c87ef9bb x86_64/corporate/3.0/RPMS/kdegraphics-3.2-15.10.C30mdk.x86_64.rpm
42a339541c59d94a2a531ebbc150dcae x86_64/corporate/3.0/RPMS/kdegraphics-common-3.2-15.10.C30mdk.x86_64.rpm
950921f60034cfac79240e8752a7844f x86_64/corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.10.C30mdk.x86_64.rpm
8c4caaf3ca6a37a96ee34d56edc04406 x86_64/corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.10.C30mdk.x86_64.rpm
b2da83492903ab053c1e7578cffc00f8 x86_64/corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.10.C30mdk.x86_64.rpm
8dd4ec6cf174bf26acc5a159a65dc31e x86_64/corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.10.C30mdk.x86_64.rpm
45b712bb5d414dc26bbd478adb89284c x86_64/corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.10.C30mdk.x86_64.rpm
5aa242203cab6cf863e269f24fdfbc50 x86_64/corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.10.C30mdk.x86_64.rpm
870120fb6eda29a8c581136e40610ee8 x86_64/corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.10.C30mdk.x86_64.rpm
7e9e83a20b3f59e50645e325f0de083c x86_64/corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.10.C30mdk.x86_64.rpm
f3595b639604376576e64199e569e994 x86_64/corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.10.C30mdk.x86_64.rpm
aec4f9d72c7534f7e999844abec2bb5c x86_64/corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.10.C30mdk.x86_64.rpm
9daa2ed864224c4137023a2e504355ae x86_64/corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.10.C30mdk.x86_64.rpm
832990c2578381beed0b0623696bd0c2 x86_64/corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.10.C30mdk.x86_64.rpm
2f6fb9db1e52a97652599d022f8d9c9b x86_64/corporate/3.0/RPMS/kdegraphics-kview-3.2-15.10.C30mdk.x86_64.rpm
66189a8429d22d3068151cdb0a5c2290 x86_64/corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.10.C30mdk.x86_64.rpm
71150325ca380cdbaa5bba2d3e6d33ae x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-3.2-15.10.C30mdk.x86_64.rpm
284b2540649f98d7e603e99b494e0c0a x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-devel-3.2-15.10.C30mdk.x86_64.rpm
f0dded89caccda5ce65c9880cfe23e8c x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-3.2-15.10.C30mdk.x86_64.rpm
ccfed406ed331e0ec4ab69a4d984c4c1 x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-devel-3.2-15.10.C30mdk.x86_64.rpm
f6ab21589eaca857f79612c426126bbe x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-3.2-15.10.C30mdk.x86_64.rpm
f1814f7487c16b35e8546ea20987c037 x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2-15.10.C30mdk.x86_64.rpm
dc024e62088163e4b77604340f56a754 x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-3.2-15.10.C30mdk.x86_64.rpm
36e50208d862299f399532adb8bd6c6c x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-devel-3.2-15.10.C30mdk.x86_64.rpm
23318e52cee183d5aadd7081356f781a x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kuickshow-3.2-15.10.C30mdk.x86_64.rpm
5754f83186964102365dd48188952b3e x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-3.2-15.10.C30mdk.x86_64.rpm
4cfb54fa564a453644d7cd41e8dde7f0 x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-devel-3.2-15.10.C30mdk.x86_64.rpm
73b5f37e8fd9a6c09efe89ca2be3bc66 x86_64/corporate/3.0/RPMS/lib64kdegraphics0-mrmlsearch-3.2-15.10.C30mdk.x86_64.rpm
7eb358dc7de55e5d5a1462cf7ac1bfc2 x86_64/corporate/3.0/SRPMS/kdegraphics-3.2-15.10.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDxswBmqjQ0CJFipgRAsK0AKDAGdSx+VzBWepKGbxo0M8sz1e+hgCeIyaj
DVNiOCxqnVaU3Pfig7VOiQQ=
=MaW9
-----END PGP SIGNATURE-----