The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDKSA-2006:178
http://www.mandriva.com/security/
_______________________________________________________________________
Package : ntp
Date : October 2, 2006
Affected: 2006.0, 2007.0, Corporate 4.0
_______________________________________________________________________
Problem Description:
Openssl recently had several vulnerabilities which were patched
(CVE-2006-2937,2940,3738,4339, 4343). Some versions of ntp are built
against a static copy of the SSL libraries. As a precaution an updated
copy built against the new libraries in being made available.
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2006.0:
98c8d5fa78f53e234fbe25720dd7c64e 2006.0/i586/ntp-4.2.0-21.2.20060mdk.i586.rpm
690334db340a7418fd42f31f3ef0092b 2006.0/i586/ntp-client-4.2.0-21.2.20060mdk.i586.rpm
615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64:
69b70d3b9c86494a072c1897a41c62a4 2006.0/x86_64/ntp-4.2.0-21.2.20060mdk.x86_64.rpm
55e6f0121357ff75a3963f779b83621f 2006.0/x86_64/ntp-client-4.2.0-21.2.20060mdk.x86_64.rpm
615821f6def15f16d1add3ef4db74584 2006.0/SRPMS/ntp-4.2.0-21.2.20060mdk.src.rpm
Mandriva Linux 2007.0:
4b1e5dc60377ee51d9369269a82672b4 2007.0/i586/ntp-4.2.0-31.2mdv2007.0.i586.rpm
6a2eca6a384e49006d39a1d2af6eb4b4 2007.0/i586/ntp-client-4.2.0-31.2mdv2007.0.i586.rpm
b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm
Mandriva Linux 2007.0/X86_64:
9a17e864f1d5d2b5b6990729ea94c371 2007.0/x86_64/ntp-4.2.0-31.2mdv2007.0.x86_64.rpm
d267c0c5bfec9691572555e5147e459d 2007.0/x86_64/ntp-client-4.2.0-31.2mdv2007.0.x86_64.rpm
b3c8e254ab51edad15cec56a931873f4 2007.0/SRPMS/ntp-4.2.0-31.2mdv2007.0.src.rpm
Corporate 4.0:
90da334ac6d246c3b62c5ed9734f7047 corporate/4.0/i586/ntp-4.2.0-21.2.20060mlcs4.i586.rpm
ba752440cb884a7451e1f3efc877c9d9 corporate/4.0/i586/ntp-client-4.2.0-21.2.20060mlcs4.i586.rpm
27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
19aaa620b9533f90f145b77ca6bddf2b corporate/4.0/x86_64/ntp-4.2.0-21.2.20060mlcs4.x86_64.rpm
0aeb37acab5364abb19fd6af5cc33f87 corporate/4.0/x86_64/ntp-client-4.2.0-21.2.20060mlcs4.x86_64.rpm
27f37e1e3d5ea1b4bd19cfb57a501659 corporate/4.0/SRPMS/ntp-4.2.0-21.2.20060mlcs4.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFFIV//mqjQ0CJFipgRApEqAKDfrtPm9LmOw+FoQffcDyJ5TQ0UnwCdHole
JlZ71gXVFcj6A7k9cyBnzI0=
=T73Y
-----END PGP SIGNATURE-----