Date: Fri, 31 Aug 2001 15:04:11 -0600
From: Linux Mandrake Security Team <security@linux-mandrake.com>
Subject: MDKSA-2001:072 - fetchmail update
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: fetchmail
Date: August 31st, 2001
Advisory ID: MDKSA-2001:072
Affected versions: 7.1, 7.2, 8.0, Corporate Server 1.0.1
______________________________________________________________________
Problem Description:
A vulnerability was found by Salvatore Sanfilippo in both the IMAP and
POP3 code of fetchmail where the input is not verified and no bounds
checking is done. This can be exploited by a remote attacker to write
arbitrary data into memory. The attacker must have control of the mail
server the client is connecting to via fetchmail in order to exploit
this vulnerability.
______________________________________________________________________
References:
______________________________________________________________________
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.
Linux-Mandrake 7.1:
ff5474afdc3969147bb460561327c6d0 7.1/RPMS/fetchmail-5.3.8-4.2mdk.i586.rpm
32f4be82c09adfbe0c61ce748982c4f8 7.1/RPMS/fetchmailconf-5.3.8-4.2mdk.i586.rpm
12d83eef760314bd3ecfacf9910e0119 7.1/SRPMS/fetchmail-5.3.8-4.2mdk.src.rpm
Linux-Mandrake 7.2:
30968c4a530d86aef6eb8a035e1fb0f4 7.2/RPMS/fetchmail-5.5.2-5.2mdk.i586.rpm
691a814f4bf4d42c9a9175a393be1861 7.2/RPMS/fetchmail-daemon-5.5.2-5.2mdk.i586.rpm
a757421dc5d03124a64c360631d6bdd9 7.2/RPMS/fetchmailconf-5.5.2-5.2mdk.i586.rpm
654e13cf2049db36d4f7ddc9ed8a7e01 7.2/SRPMS/fetchmail-5.5.2-5.2mdk.src.rpm
Mandrake Linux 8.0:
d3d60c3ff5b5a07869a10b3f9519a592 8.0/RPMS/fetchmail-5.7.4-5.2mdk.i586.rpm
c7eb824dd7f7b4cd5144bf9d13608388 8.0/RPMS/fetchmail-daemon-5.7.4-5.2mdk.i586.rpm
dd686925435feb7777ff93e19e136897 8.0/RPMS/fetchmailconf-5.7.4-5.2mdk.i586.rpm
9bfd4b3ee6f4f4dab297d735eb5c81c4 8.0/SRPMS/fetchmail-5.7.4-5.2mdk.src.rpm
Mandrake Linux 8.0 (PPC):
e04c544cfd8eb8f4d76bde638a462b0e ppc/8.0/RPMS/fetchmail-5.7.4-5.2mdk.ppc.rpm
25af9f4b03072a6a55927da8469c1b12 ppc/8.0/RPMS/fetchmail-daemon-5.7.4-5.2mdk.ppc.rpm
49712c3b104eeace680f92cd61de933c ppc/8.0/RPMS/fetchmailconf-5.7.4-5.2mdk.ppc.rpm
4302ccfec542787c01bea6518df42920 ppc/8.0/SRPMS/fetchmail-5.7.4-5.2mdk.src.rpm
Corporate Server 1.0.1:
ff5474afdc3969147bb460561327c6d0 1.0.1/RPMS/fetchmail-5.3.8-4.2mdk.i586.rpm
32f4be82c09adfbe0c61ce748982c4f8 1.0.1/RPMS/fetchmailconf-5.3.8-4.2mdk.i586.rpm
12d83eef760314bd3ecfacf9910e0119 1.0.1/SRPMS/fetchmail-5.3.8-4.2mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".
You can download the updates directly from one of the mirror sites
listed at:
http://www.linux-mandrake.com/en/ftp.php3.
Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source
RPMs are available as well, but you generally do not need to download
them.
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other security advisories for Mandrake Linux at:
http://www.linux-mandrake.com/en/security/
If you want to report vulnerabilities, please contact
security@linux-mandrake.com
______________________________________________________________________
Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:
security-announce@linux-mandrake.com
Mandrake Linux's security announcements mailing list. Only
announcements are sent to this list and it is read-only.
security-discuss@linux-mandrake.com
Mandrake Linux's security discussion mailing list. This list is open
to anyone to discuss Mandrake Linux security specifically and Linux
security in general.
To subscribe to either list, send a message to
sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.
To remove yourself from either list, send a message to
sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.
To get more information on either list, send a message to
sympa@linux-mandrake.com
with "info [listname]" in the body of the message.
Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:
http://www.linux-mandrake.com/en/flists.php3#security
______________________________________________________________________
Date: Fri, 31 Aug 2001 15:06:39 -0600
From: Linux Mandrake Security Team <security@linux-mandrake.com>
Subject: MDKSA-2001:076 - xinetd update
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: xinetd
Date: August 31st, 2001
Advisory ID: MDKSA-2001:076
Affected versions: 7.2, 8.0, Single Network Firewall 7.2
______________________________________________________________________
Problem Description:
An audit has been performed on the xinetd 2.3.0 source code by Solar
Designer for many different possible vulnerabilities. The 2.3.1
release incorporated his patches into the xinetd source tree. The
audit was very thorough and found and fixed many problems. This xinetd
update includes his audit patch.
______________________________________________________________________
References:
http://www.xinetd.org/#changes
______________________________________________________________________
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.
Linux-Mandrake 7.2:
a2173e85bed3b3173e040b242864dcc0 7.2/RPMS/xinetd-2.3.0-5.2mdk.i586.rpm
5b8663eeeefae36206b0003d61b67206 7.2/SRPMS/xinetd-2.3.0-5.2mdk.src.rpm
Mandrake Linux 8.0:
2f559b028fe14780460c37de5a521bce 8.0/RPMS/xinetd-2.3.0-5.1mdk.i586.rpm
81766c2104aa7e1f197dac9dce1c09af 8.0/RPMS/xinetd-ipv6-2.3.0-5.1mdk.i586.rpm
3f18d89cce258d2a71cc57c84068c8ce 8.0/SRPMS/xinetd-2.3.0-5.1mdk.src.rpm
Mandrake Linux 8.0 (PPC):
3826a60dc427f880056622df0ef086db ppc/8.0/RPMS/xinetd-2.3.0-5.1mdk.ppc.rpm
223c5c1566adacb46d95de1a24842c19 ppc/8.0/RPMS/xinetd-ipv6-2.3.0-5.1mdk.ppc.rpm
3e1b86780d9f59088754cbca5ff55a08 ppc/8.0/SRPMS/xinetd-2.3.0-5.1mdk.src.rpm
Single Network Firewall 7.2:
a2173e85bed3b3173e040b242864dcc0 snf7.2/RPMS/xinetd-2.3.0-5.2mdk.i586.rpm
5b8663eeeefae36206b0003d61b67206 snf7.2/SRPMS/xinetd-2.3.0-5.2mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".
You can download the updates directly from one of the mirror sites
listed at:
http://www.linux-mandrake.com/en/ftp.php3.
Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source
RPMs are available as well, but you generally do not need to download
them.
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other security advisories for Mandrake Linux at:
http://www.linux-mandrake.com/en/security/
If you want to report vulnerabilities, please contact
security@linux-mandrake.com
______________________________________________________________________
Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:
security-announce@linux-mandrake.com
Mandrake Linux's security announcements mailing list. Only
announcements are sent to this list and it is read-only.
security-discuss@linux-mandrake.com
Mandrake Linux's security discussion mailing list. This list is open
to anyone to discuss Mandrake Linux security specifically and Linux
security in general.
To subscribe to either list, send a message to
sympa@liMessage-ID: <20010831150638.F19560@mandrakesoft.com>
Mail-Followup-To: Linux Mandrake Security Announcements ,
Linux Mandrake Security ,
Bugtraq ,
Linux Security List
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
User-Agent: Mutt/1.3.15i
X-Mailer: Linux
X-loop: marty@linuxtoday.com
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1nux-mandrake.com
with "subscribe [listname]" in the body of the message.
To remove yourself from either list, send a message to
sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.
To get more information on either list, send a message to
sympa@linux-mandrake.com
with "info [listname]" in the body of the message.
Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:
http://www.linux-mandrake.com/en/flists.php3#security
Date: Fri, 31 Aug 2001 15:04:47 -0600
From: Linux Mandrake Security Team
Subject: MDKSA-2001:073 - xli update
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: xli
Date: August 31st, 2001
Advisory ID: MDKSA-2001:073
Affected versions: 7.1, 7.2, 8.0, Corporate Server 1.0.1
______________________________________________________________________
Problem Description:
A buffer overflow exists in xli due to missing boundary checks. This
could be triggered by an external attacker to execute commands on the
victim's machine. An exploit is publically available. xli is an image
viewer that is used by Netscape's plugger to display TIFF, PNG, and
Sun-Raster images.
______________________________________________________________________
References:
______________________________________________________________________
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.
Linux-Mandrake 7.1:
994bc689c7ab60fac976816abfa71a8e 7.1/RPMS/xli-1.16-4.1mdk.i586.rpm
32eebf37c2562a088409a31b363555c4 7.1/SRPMS/xli-1.16-4.1mdk.src.rpm
Linux-Mandrake 7.2:
2a4a20ba543f917b41ec8b92bda3107a 7.2/RPMS/xli-1.16-7.1mdk.i586.rpm
3cf0768d88055b81011b9d56224f3858 7.2/SRPMS/xli-1.16-7.1mdk.src.rpm
Mandrake Linux 8.0:
f1eff4c239eaebb0ff41f169de8ccd3e 8.0/RPMS/xli-1.17.0-1.1mdk.i586.rpm
b3aa5d5d8598e02c8bff9132dd312e06 8.0/SRPMS/xli-1.17.0-1.1mdk.src.rpm
Mandrake Linux 8.0 (PPC):
ae86f1d74de0a0b6fa15b699530a1c6d ppc/8.0/RPMS/xli-1.17.0-1.1mdk.ppc.rpm
4608ff87dc4de7b0686ceb3a0a67b8dc ppc/8.0/SRPMS/xli-1.17.0-1.1mdk.src.rpm
Corporate Server 1.0.1:
994bc689c7ab60fac976816abfa71a8e 1.0.1/RPMS/xli-1.16-4.1mdk.i586.rpm
32eebf37c2562a088409a31b363555c4 1.0.1/SRPMS/xli-1.16-4.1mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".
You can download the updates directly from one of the mirror sites
listed at:
http://www.linux-mandrake.com/en/ftp.php3.
Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source
RPMs are available as well, but you generally do not need to download
them.
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other security advisories for Mandrake Linux at:
http://www.linux-mandrake.com/en/security/
If you want to report vulnerabilities, please contact
security@linux-mandrake.com
______________________________________________________________________
Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:
security-announce@linux-mandrake.com
Mandrake Linux's security announcements mailing list. Only
announcements are sent to this list and it is read-only.
security-discuss@linux-mandrake.com
Mandrake Linux's security discussion mailing list. This list is open
to anyone to discuss Mandrake Linux security specifically and Linux
security in general.
To subscribe to either list, send a message to
sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.
To remove yourself from either list, send a message to
sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.
To get more information on either list, send a message to
sympa@linux-mandrake.com
with "info [listname]" in the body of the message.
Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:
http://www.linux-mandrake.com/en/flists.php3#security
______________________________________________________________________
From: Linux Mandrake Security Team <security@linux-mandrake.com>
Subject: MDKSA-2001:074 - WindowMaker update
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: WindowMaker
Date: August 31st, 2001
Advisory ID: MDKSA-2001:074
Affected versions: 7.1, 7.2, 8.0, Corporate Server 1.0.1
______________________________________________________________________
Problem Description:
A buffer overflow exists in the WindowMaker window manager's window
title handling code, as discovered by Alban Hertroys. Many programs,
such as web browsers, set the window title to something obtained from
the network, such as the title of the currently-viewed web page. As
such, this buffer overflow could be exploited remotely. WindowMaker
versions above and including 0.65.1 are fixed upstream; these packages
have been patched to correct the problem.
______________________________________________________________________
References:
http://www.windowmaker.org/src/ChangeLog
______________________________________________________________________
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.
Linux-Mandrake 7.1:
48c5d3cfa2f9071830344918c429b76f 7.1/RPMS/WindowMaker-0.62.1-13.1mdk.i586.rpm
af2162d3ce9a508ea373d36eb7637f8f 7.1/RPMS/WindowMaker-devel-0.62.1-13.1mdk.i586.rpm
d80f24e05c3ce958b68632b26ca07c47 7.1/SRPMS/WindowMaker-0.62.1-13.1mdk.src.rpm
Linux-Mandrake 7.2:
8f048b675c7220d622e83afca5676b00 7.2/RPMS/WindowMaker-0.62.1-18.1mdk.i586.rpm
c3dc24f5d24e8df7e820a39a767676c7 7.2/RPMS/WindowMaker-devel-0.62.1-18.1mdk.i586.rpm
e0e95d2ce199d33da6614ca9b99747fc 7.2/SRPMS/WindowMaker-0.62.1-18.1mdk.src.rpm
Mandrake Linux 8.0:
10d20d21c895a09172fa0f32f6b7363b 8.0/RPMS/WindowMaker-0.64.0-8.1mdk.i586.rpm
da9ffdad57c2dd4362e383a79ebf5951 8.0/RPMS/WindowMaker-devel-0.64.0-8.1mdk.i586.rpm
644f90bf9a1fa1efb9a34599b761a449 8.0/RPMS/libwraster2-0.64.0-8.1mdk.i586.rpm
9ec21851b8e98f4a4a633addac5b81ba 8.0/RPMS/libwraster2-devel-0.64.0-8.1mdk.i586.rpm
94e59837aa43db7e221083169e07ca67 8.0/SRPMS/WindowMaker-0.64.0-8.1mdk.src.rpm
Mandrake Linux 8.0 (PPC):
3da4b475a9a67307b9f9afcdccf3cf14 ppc/8.0/RPMS/WindowMaker-0.64.0-8.1mdk.ppc.rpm
f7319c563da54ae7e0ab360af4e90f92 ppc/8.0/RPMS/WindowMaker-devel-0.64.0-8.1mdk.ppc.rpm
3dfca8bb681c1b2f82ad16a601df8688 ppc/8.0/RPMS/libwraster2-0.64.0-8.1mdk.ppc.rpm
03e3a82570ca4a63639732807de97014 ppc/8.0/RPMS/libwraster2-devel-0.64.0-8.1mdk.ppc.rpm
48424cbef2369db5b64be0607ff51db6 ppc/8.0/SRPMS/WindowMaker-0.64.0-8.1mdk.src.rpm
Corporate Server 1.0.1:
48c5d3cfa2f9071830344918c429b76f 1.0.1/RPMS/WindowMaker-0.62.1-13.1mdk.i586.rpm
af2162d3ce9a508ea373d36eb7637f8f 1.0.1/RPMS/WindowMaker-devel-0.62.1-13.1mdk.i586.rpm
d80f24e05c3ce958b68632b26ca07c47 1.0.1/SRPMS/WindowMaker-0.62.1-13.1mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".
You can download the updates directly from one of the mirror sites
listed at:
http://www.linux-mandrake.com/en/ftp.php3.
Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source
RPMs are available as well, but you generally do not need to download
them.
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other security advisories for Mandrake Linux at:
http://www.linux-mandrake.com/en/security/
If you want to report vulnerabilities, please contact
security@linux-mandrake.com
______________________________________________________________________
Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:
security-announce@linux-mandrake.com
Mandrake Linux's security announcements mailing list. Only
announcements are sent to this list and it is read-only.
security-discuss@linux-mandrake.com
Mandrake Linux's security discussion mailing list. This list is open
to anyone to discuss Mandrake Linux security specifically and Linux
security in general.
To subscribe to either list, send a message to
sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.
To remove yourself from either list, send a message to
sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.
To get more information on either list, send a message to
sympa@linux-mandrake.com
with "info [listname]" in the body of the message.
Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:
http://www.linux-mandrake.com/en/flists.php3#security
Date: Fri, 31 Aug 2001 15:06:01 -0600
From: Linux Mandrake Security Team
Subject: MDKSA-2001:075 - sendmail update
______________________________________________________________________
Mandrake Linux Security Update Advisory
______________________________________________________________________
Package name: sendmail
Date: August 31st, 2001
Advisory ID: MDKSA-2001:075
Affected versions: 7.2, 8.0
______________________________________________________________________
Problem Description:
An input validation error exists in sendmail that may allow local users
to write arbitrary data to process memory. This could possibly allow
the execute of code or commands with elevated privileges and may also
allow a local attacker to gain access to the root account.
______________________________________________________________________
References:
http://www.securityfocus.com/bid/3163
______________________________________________________________________
Please verify the update prior to upgrading to ensure the integrity of
the downloaded package. You can do this with the command:
rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.
Linux-Mandrake 7.2:
2c2ebc4afbe6efc4096d3794ae96ba63 7.2/RPMS/sendmail-8.11.0-3.1mdk.i586.rpm
ce746300c402f37cf0d03271a7e55a41 7.2/RPMS/sendmail-cf-8.11.0-3.1mdk.i586.rpm
2137a5294aa63f20e9ff03e97c84bd01 7.2/RPMS/sendmail-doc-8.11.0-3.1mdk.i586.rpm
e63563290213bdfc2e1396ba6fb52aec 7.2/SRPMS/sendmail-8.11.0-3.1mdk.src.rpm
Mandrake Linux 8.0:
9ff57477c98a364588fa7a5ed95750b5 8.0/RPMS/sendmail-8.11.6-1.1mdk.i586.rpm
7c53b2aa7fc6105892ddededf4e31898 8.0/RPMS/sendmail-cf-8.11.6-1.1mdk.i586.rpm
e3d814078cacf5e2cc2c40c2b104100e 8.0/RPMS/sendmail-doc-8.11.6-1.1mdk.i586.rpm
68c2ea65734dd84c67cb3941213e6fb4 8.0/SRPMS/sendmail-8.11.6-1.1mdk.src.rpm
Mandrake Linux 8.0 (PPC):
5eba1e225c9a3e88cca42f1b9488cfbe ppc/8.0/RPMS/sendmail-8.11.6-1.1mdk.ppc.rpm
c05cb59430bff005ecdbfdf944fa8a38 ppc/8.0/RPMS/sendmail-cf-8.11.6-1.1mdk.ppc.rpm
c81fd2d494ef6f9c0f957ae186b08f7e ppc/8.0/RPMS/sendmail-doc-8.11.6-1.1mdk.ppc.rpm
c10d3fae9f2d3b2ee0cf579baf22d89e ppc/8.0/SRPMS/sendmail-8.11.6-1.1mdk.src.rpm
______________________________________________________________________
Bug IDs fixed (see https://qa.mandrakesoft.com for more information):
______________________________________________________________________
To upgrade automatically, use MandrakeUpdate.
If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".
You can download the updates directly from one of the mirror sites
listed at:
http://www.linux-mandrake.com/en/ftp.php3.
Updated packages are available in the "updates/[ver]/RPMS/" directory.
For example, if you are looking for an updated RPM package for
Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source
RPMs are available as well, but you generally do not need to download
them.
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other security advisories for Mandrake Linux at:
http://www.linux-mandrake.com/en/security/
If you want to report vulnerabilities, please contact
security@linux-mandrake.com
______________________________________________________________________
Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:
security-announce@linux-mandrake.com
Mandrake Linux's security announcements mailing list. Only
announcements are sent to this list and it is read-only.
security-discuss@linux-mandrake.com
Mandrake Linux's security discussion mailing list. This list is open
to anyone to discuss Mandrake Linux security specifically and Linux
security in general.
To subscribe to either list, send a message to
sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.
To remove yourself from either list, send a message to
sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.
To get more information on either list, send a message to
sympa@linux-mandrake.com
with "info [listname]" in the body of the message.
Optionally, you can use the web interface to subscribe to or unsubscribe
from either list:
http://www.linux-mandrake.com/en/flists.php3#security