---

Home Security

Advisories: August 18, 2005

By

Mandriva Linux Security Update Advisory

Package name: evolution
Advisory ID: MDKSA-2005:141
Date: August 17th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0

Problem Description:

Multiple format string vulnerabilities in Evolution 1.5 through
2.3.6.1 allow remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via (1) full vCard data, (2)
contact data from remote LDAP servers, or (3) task list data from
remote servers. (CAN-2005-2549)

A format string vulnerability in Evolution 1.4 through 2.3.6.1
allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via the calendar entries such as
task lists, which are not properly handled when the user selects
the Calendars tab. (CAN-2005-2550)

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2549

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2550

Updated Packages:

Mandrakelinux 10.1:
c86139b16f34105eb0fb2bfb3ecc4bdf
10.1/RPMS/evolution-2.0.3-1.4.101mdk.i586.rpm
3f7164577e567be0f7ee93ed12d3de13
10.1/RPMS/evolution-devel-2.0.3-1.4.101mdk.i586.rpm
7005876e3443b028a65258b25b1eeadf
10.1/RPMS/evolution-pilot-2.0.3-1.4.101mdk.i586.rpm
29601b950c1fb806f48275da174a0721
10.1/SRPMS/evolution-2.0.3-1.4.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
7fbb271d2c863d2ae1623c434157bed2
x86_64/10.1/RPMS/evolution-2.0.3-1.4.101mdk.x86_64.rpm
99d8f4c56967e45c2d5e6a8ed11c5f0c
x86_64/10.1/RPMS/evolution-devel-2.0.3-1.4.101mdk.x86_64.rpm
52bfc378433fe224a0aa8ac4784a5ab1
x86_64/10.1/RPMS/evolution-pilot-2.0.3-1.4.101mdk.x86_64.rpm
29601b950c1fb806f48275da174a0721
x86_64/10.1/SRPMS/evolution-2.0.3-1.4.101mdk.src.rpm

Mandrakelinux 10.2:
5a37a9c724ff1d5eae934f6f45aaf607
10.2/RPMS/evolution-2.0.4-3.1.102mdk.i586.rpm
a6822e000c563fb6c025b3aa5cf24a76
10.2/RPMS/evolution-devel-2.0.4-3.1.102mdk.i586.rpm
9476496c8d82bb59be375b93315fd1be
10.2/RPMS/evolution-pilot-2.0.4-3.1.102mdk.i586.rpm
b306dba4c9525c4be261903f5bca83e0
10.2/SRPMS/evolution-2.0.4-3.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
a6072f366802d6e983312850d3048579
x86_64/10.2/RPMS/evolution-2.0.4-3.1.102mdk.x86_64.rpm
90fb55af1fc3a40cac030a63156b2a31
x86_64/10.2/RPMS/evolution-devel-2.0.4-3.1.102mdk.x86_64.rpm
a07bade72ae8bc6c82d46680937f0bf5
x86_64/10.2/RPMS/evolution-pilot-2.0.4-3.1.102mdk.x86_64.rpm
b306dba4c9525c4be261903f5bca83e0
x86_64/10.2/SRPMS/evolution-2.0.4-3.1.102mdk.src.rpm

Corporate 3.0:
b4fe8df7fe51f54129606ed4e81a2a33
corporate/3.0/RPMS/evolution-1.4.6-5.2.C30mdk.i586.rpm
b1596ec712f2f3bde7b0e7c4a9e1409f
corporate/3.0/RPMS/evolution-devel-1.4.6-5.2.C30mdk.i586.rpm
60068cc6987dccb19f6586cbd5e74949
corporate/3.0/RPMS/evolution-pilot-1.4.6-5.2.C30mdk.i586.rpm
736e517b243c4a3b9d57970b7e6a2e71
corporate/3.0/SRPMS/evolution-1.4.6-5.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
cd590782c6bba4a33fb55ed231ec940b
x86_64/corporate/3.0/RPMS/evolution-1.4.6-5.2.C30mdk.x86_64.rpm
197aca690c2e893732ed72d6298a46b0
x86_64/corporate/3.0/RPMS/evolution-devel-1.4.6-5.2.C30mdk.x86_64.rpm

4c734a5c04be55664fb086fa6a56a5d2
x86_64/corporate/3.0/RPMS/evolution-pilot-1.4.6-5.2.C30mdk.x86_64.rpm

736e517b243c4a3b9d57970b7e6a2e71
x86_64/corporate/3.0/SRPMS/evolution-1.4.6-5.2.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: libtiff
Advisory ID: MDKSA-2005:142
Date: August 17th, 2005
Affected versions: 10.0, 10.1, 10.2, Corporate 3.0, Corporate
Server 2.1, Multi Network Firewall 2.0

Problem Description:

Wouter Hanegraaff discovered that the TIFF library did not
sufficiently validate the “YCbCr subsampling” value in TIFF image
headers. Decoding a malicious image with a zero value resulted in
an arithmetic exception, which can cause a program that uses the
TIFF library to crash.

The updated packages are patched to protect against this
vulnerability.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452

Updated Packages:

Mandrakelinux 10.0:
cc0fa1b1b5fd12c4083cc9eb98a5458f
10.0/RPMS/libtiff-progs-3.5.7-11.7.100mdk.i586.rpm
8fb0219e7d642d2fdc241d8927421d48
10.0/RPMS/libtiff3-3.5.7-11.7.100mdk.i586.rpm
cbfd4d23c8ac8562c92e55a035d80a67
10.0/RPMS/libtiff3-devel-3.5.7-11.7.100mdk.i586.rpm
e74038d540e7d00a1b050f7b26cd56a9
10.0/RPMS/libtiff3-static-devel-3.5.7-11.7.100mdk.i586.rpm
f7d3fce17d5e63a28f9438a29e640aa4
10.0/SRPMS/libtiff-3.5.7-11.7.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
a3b989bdce7af31d4886466ff1441526
amd64/10.0/RPMS/lib64tiff3-3.5.7-11.7.100mdk.amd64.rpm
97d58685556a85cb2ab884f7ebadb536
amd64/10.0/RPMS/lib64tiff3-devel-3.5.7-11.7.100mdk.amd64.rpm
8b8ddac45016f59118a7779ff6d027c6
amd64/10.0/RPMS/lib64tiff3-static-devel-3.5.7-11.7.100mdk.amd64.rpm

30c99b6bb385cd3dfc98d50c8a3c9196
amd64/10.0/RPMS/libtiff-progs-3.5.7-11.7.100mdk.amd64.rpm
f7d3fce17d5e63a28f9438a29e640aa4
amd64/10.0/SRPMS/libtiff-3.5.7-11.7.100mdk.src.rpm

Mandrakelinux 10.1:
c76c200a605c1f0584782fb49518e29d
10.1/RPMS/libtiff-progs-3.6.1-4.4.101mdk.i586.rpm
773afaac9d2ed45b124216a7b8059f55
10.1/RPMS/libtiff3-3.6.1-4.4.101mdk.i586.rpm
bcc744f04a6a8b772fa3c63ad5e5bda3
10.1/RPMS/libtiff3-devel-3.6.1-4.4.101mdk.i586.rpm
c2f0a831fc371041221c54f288e99bb2
10.1/RPMS/libtiff3-static-devel-3.6.1-4.4.101mdk.i586.rpm
835e5009fabee9050f055d951a3d0f8a
10.1/SRPMS/libtiff-3.6.1-4.4.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
d2cec129a11f6c1181c486eed8a024ab
x86_64/10.1/RPMS/lib64tiff3-3.6.1-4.4.101mdk.x86_64.rpm
73321d2e2a109f6993c8e44879284139
x86_64/10.1/RPMS/lib64tiff3-devel-3.6.1-4.4.101mdk.x86_64.rpm
28f7ea7a0ee1954a64e0c9d1ca17f224
x86_64/10.1/RPMS/lib64tiff3-static-devel-3.6.1-4.4.101mdk.x86_64.rpm

f2c2b82c083d035f32e105437c00ef40
x86_64/10.1/RPMS/libtiff-progs-3.6.1-4.4.101mdk.x86_64.rpm
835e5009fabee9050f055d951a3d0f8a
x86_64/10.1/SRPMS/libtiff-3.6.1-4.4.101mdk.src.rpm

Mandrakelinux 10.2:
ddfec22eb079ad3e3c3e181581a32515
10.2/RPMS/libtiff-progs-3.6.1-11.1.102mdk.i586.rpm
85002ad26c89bd5f00f49aa7848914ed
10.2/RPMS/libtiff3-3.6.1-11.1.102mdk.i586.rpm
1680f0094d4a1f4d7783a63536992342
10.2/RPMS/libtiff3-devel-3.6.1-11.1.102mdk.i586.rpm
ab5d56da0e46e583d7d5559b460c015b
10.2/RPMS/libtiff3-static-devel-3.6.1-11.1.102mdk.i586.rpm
60bd2c3885e06f49e97ed114ea22c260
10.2/SRPMS/libtiff-3.6.1-11.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
b19a75b4230c1a67febfbbd1d7e3bd0b
x86_64/10.2/RPMS/lib64tiff3-3.6.1-11.1.102mdk.x86_64.rpm
dd11b518706b082c138aa4a7a427235d
x86_64/10.2/RPMS/lib64tiff3-devel-3.6.1-11.1.102mdk.x86_64.rpm
78da0140db6312a7813e21da700cc129
x86_64/10.2/RPMS/lib64tiff3-static-devel-3.6.1-11.1.102mdk.x86_64.rpm

1a3d856456e521653f3f94b29b561b1d
x86_64/10.2/RPMS/libtiff-progs-3.6.1-11.1.102mdk.x86_64.rpm
60bd2c3885e06f49e97ed114ea22c260
x86_64/10.2/SRPMS/libtiff-3.6.1-11.1.102mdk.src.rpm

Multi Network Firewall 2.0:
29096b79d63f19c6e6602b6fe8859bae
mnf/2.0/RPMS/libtiff3-3.5.7-11.7.M20mdk.i586.rpm
6983f0e032014df1ffeeb14306e5d410
mnf/2.0/SRPMS/libtiff-3.5.7-11.7.M20mdk.src.rpm

Corporate Server 2.1:
e17fd0f6fdf37c67d7cc94223806b652
corporate/2.1/RPMS/libtiff3-3.5.7-6.2.C21mdk.i586.rpm
ae1dee85cddb636fa9126fd14e5c9384
corporate/2.1/RPMS/libtiff3-devel-3.5.7-6.2.C21mdk.i586.rpm
659cc8d21c830f379ebf92d45fe92b0c
corporate/2.1/RPMS/libtiff3-progs-3.5.7-6.2.C21mdk.i586.rpm
473e992205374da87b91cb8fdd9b6d65
corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-6.2.C21mdk.i586.rpm

261d009314678a8e54d903234e53f2d5
corporate/2.1/SRPMS/libtiff-3.5.7-6.2.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
b9a3c705853bfc458adbbe7b9b35292c
x86_64/corporate/2.1/RPMS/libtiff3-3.5.7-6.2.C21mdk.x86_64.rpm
ccb61469627ec442bbb1606e2c5493fe
x86_64/corporate/2.1/RPMS/libtiff3-devel-3.5.7-6.2.C21mdk.x86_64.rpm

ed0414cff8b668737b401b3874295fb0
x86_64/corporate/2.1/RPMS/libtiff3-progs-3.5.7-6.2.C21mdk.x86_64.rpm

2cb106b7e639a4adbf866fcf0bcb95a2
x86_64/corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-6.2.C21mdk.x86_64.rpm

261d009314678a8e54d903234e53f2d5
x86_64/corporate/2.1/SRPMS/libtiff-3.5.7-6.2.C21mdk.src.rpm

Corporate 3.0:
5d467dc33e472e58f78111bef860b052
corporate/3.0/RPMS/libtiff-progs-3.5.7-11.7.C30mdk.i586.rpm
c6e92b32bb20db8d058299b3da175a55
corporate/3.0/RPMS/libtiff3-3.5.7-11.7.C30mdk.i586.rpm
e104fdfdfc2e3df51e459a5e56169c41
corporate/3.0/RPMS/libtiff3-devel-3.5.7-11.7.C30mdk.i586.rpm
e725905e66036c32093aaa4b478e5c6a
corporate/3.0/RPMS/libtiff3-static-devel-3.5.7-11.7.C30mdk.i586.rpm

6bd7338ff5198c5f9edd77b31ecf7190
corporate/3.0/SRPMS/libtiff-3.5.7-11.7.C30mdk.src.rpm

Corporate 3.0/X86_64:
3c87ea4b94f226decf5a8e751ec9ad17
x86_64/corporate/3.0/RPMS/lib64tiff3-3.5.7-11.7.C30mdk.x86_64.rpm

5b5663889c26d6c52de85dc300bcab18
x86_64/corporate/3.0/RPMS/lib64tiff3-devel-3.5.7-11.7.C30mdk.x86_64.rpm

aa63bf920d4c74f6ce6cabc896846241
x86_64/corporate/3.0/RPMS/lib64tiff3-static-devel-3.5.7-11.7.C30mdk.x86_64.rpm

022ac2f20e0c349d7dcce42e6cbe7a6c
x86_64/corporate/3.0/RPMS/libtiff-progs-3.5.7-11.7.C30mdk.x86_64.rpm

6bd7338ff5198c5f9edd77b31ecf7190
x86_64/corporate/3.0/SRPMS/libtiff-3.5.7-11.7.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: kdegraphics
Advisory ID: MDKSA-2005:143
Date: August 17th, 2005
Affected versions: 10.1, Corporate 3.0

Problem Description:

Wouter Hanegraaff discovered that the TIFF library did not
sufficiently validate the “YCbCr subsampling” value in TIFF image
headers. Decoding a malicious image with a zero value resulted in
an arithmetic exception, which can cause a program that uses the
TIFF library to crash.

Kdegraphics < 3.3 uses an embedded libtiff source tree for
kfax, and as such has the same vulnerability.

The updated packages are patched to protect against this
vulnerability.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452

Updated Packages:

Mandrakelinux 10.1:
0850bfa59d9b425a426dbbfa7c10aea9
10.1/RPMS/kdegraphics-3.2.3-17.7.101mdk.i586.rpm
82e3aa0f7be63a61c5348b4fe9de4974
10.1/RPMS/kdegraphics-common-3.2.3-17.7.101mdk.i586.rpm
ded0d09d3df21b41962e0345a90123c6
10.1/RPMS/kdegraphics-kdvi-3.2.3-17.7.101mdk.i586.rpm
f6220dcfa73e1b4e90d4e8515a6f9d6b
10.1/RPMS/kdegraphics-kfax-3.2.3-17.7.101mdk.i586.rpm
f994ba55e98a1b9d674a68a92b459af4
10.1/RPMS/kdegraphics-kghostview-3.2.3-17.7.101mdk.i586.rpm
235ad8b039ac3a9a6d592e719e84df96
10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.7.101mdk.i586.rpm
ec254712e8752f47305ccbd51a6bf395
10.1/RPMS/kdegraphics-kooka-3.2.3-17.7.101mdk.i586.rpm
7061f9804f43a5c40ff6fee08f33bab6
10.1/RPMS/kdegraphics-kpaint-3.2.3-17.7.101mdk.i586.rpm
de9ab6f1dd0606e29e54673819423996
10.1/RPMS/kdegraphics-kpdf-3.2.3-17.7.101mdk.i586.rpm
52fd4c3a9a5d0e388672f8eff75db2e0
10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm
76dd522b0af559c1c7523ddbb1620675
10.1/RPMS/kdegraphics-kruler-3.2.3-17.7.101mdk.i586.rpm
1a8685e1b62a6fe144ad9758fe6368bc
10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.7.101mdk.i586.rpm
5d97c623ff9ae968212e092c333bf54b
10.1/RPMS/kdegraphics-ksvg-3.2.3-17.7.101mdk.i586.rpm
de2644bbbbec4555aaf4eacf074327e4
10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.7.101mdk.i586.rpm
ae96efd29a5678212601733d956e16f4
10.1/RPMS/kdegraphics-kview-3.2.3-17.7.101mdk.i586.rpm
59cc7110bcefb6958f172f42e446865f
10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm
5a418834ff6fbb4f931d17de36414b67
10.1/RPMS/libkdegraphics0-common-3.2.3-17.7.101mdk.i586.rpm
c01f67d93db43c5afdddb257e6ce4821
10.1/RPMS/libkdegraphics0-common-devel-3.2.3-17.7.101mdk.i586.rpm

d66f05c391671c93ec76d90db2a93603
10.1/RPMS/libkdegraphics0-kghostview-3.2.3-17.7.101mdk.i586.rpm
33b87413d96b0fbc422b475e3228fefb
10.1/RPMS/libkdegraphics0-kghostview-devel-3.2.3-17.7.101mdk.i586.rpm

ad5396358769c63743f172c5a0239bee
10.1/RPMS/libkdegraphics0-kooka-3.2.3-17.7.101mdk.i586.rpm
4fb4d7d4da80d219b85d480b45bc19c1
10.1/RPMS/libkdegraphics0-kooka-devel-3.2.3-17.7.101mdk.i586.rpm

09a96310e8facb018fec10a100d9ae6c
10.1/RPMS/libkdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm

22eae16ec3a4e12aa851896e7e8e1cc1
10.1/RPMS/libkdegraphics0-kpovmodeler-devel-3.2.3-17.7.101mdk.i586.rpm

04fc3af9ba6408d1d8d8f5b0764f4ac9
10.1/RPMS/libkdegraphics0-ksvg-3.2.3-17.7.101mdk.i586.rpm
4692c9605404fb145263bc102d64a06d
10.1/RPMS/libkdegraphics0-ksvg-devel-3.2.3-17.7.101mdk.i586.rpm
4108c77923931946d307a7131dd2508a
10.1/RPMS/libkdegraphics0-kuickshow-3.2.3-17.7.101mdk.i586.rpm
99fdb4a5f62fb3040c151742f279d7c1
10.1/RPMS/libkdegraphics0-kview-3.2.3-17.7.101mdk.i586.rpm
c094b92f775e50f2f7b28a97b57bc5c9
10.1/RPMS/libkdegraphics0-kview-devel-3.2.3-17.7.101mdk.i586.rpm

3a198ce8fa7ac425434e6f77af326651
10.1/RPMS/libkdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm
0d46d0c06d8d7a4da2c314c221f93af8
10.1/SRPMS/kdegraphics-3.2.3-17.7.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
84574d9f8c7e9eebe97527cf34977bb0
x86_64/10.1/RPMS/kdegraphics-3.2.3-17.7.101mdk.x86_64.rpm
94a1a9754e31c6b049f6b02cde039829
x86_64/10.1/RPMS/kdegraphics-common-3.2.3-17.7.101mdk.x86_64.rpm

9260ea1b515833a64bd9bfb65860de6a
x86_64/10.1/RPMS/kdegraphics-kdvi-3.2.3-17.7.101mdk.x86_64.rpm
91b3b2ea85d8d44a03cb6db209754ab7
x86_64/10.1/RPMS/kdegraphics-kfax-3.2.3-17.7.101mdk.x86_64.rpm
b3be4aabf6740cc50aad3718fb18174c
x86_64/10.1/RPMS/kdegraphics-kghostview-3.2.3-17.7.101mdk.x86_64.rpm

dfa9cbe05ea54befcb1f3728f9fc09f6
x86_64/10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.7.101mdk.x86_64.rpm

d154c85c3bc548c99743747907ae4e9e
x86_64/10.1/RPMS/kdegraphics-kooka-3.2.3-17.7.101mdk.x86_64.rpm
a2f5e201da86e32196d316d1ba81ec89
x86_64/10.1/RPMS/kdegraphics-kpaint-3.2.3-17.7.101mdk.x86_64.rpm

e96e85bef409684900ee61b2a60fa614
x86_64/10.1/RPMS/kdegraphics-kpdf-3.2.3-17.7.101mdk.x86_64.rpm
8c94ab2aaf6fd5edda8a5d9c0353c707
x86_64/10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.7.101mdk.x86_64.rpm

ae68b58ea2359e626c578aebd33e63df
x86_64/10.1/RPMS/kdegraphics-kruler-3.2.3-17.7.101mdk.x86_64.rpm

1a19e163584345a0fee7db21271ed56d
x86_64/10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.7.101mdk.x86_64.rpm

b3c614b3cf8d2e28fcbc4437ac7eedb0
x86_64/10.1/RPMS/kdegraphics-ksvg-3.2.3-17.7.101mdk.x86_64.rpm
6c3b1f8a5575e1db8d2f1bf6167d2e76
x86_64/10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.7.101mdk.x86_64.rpm

a98c4171cdc3857f545b454206fea60f
x86_64/10.1/RPMS/kdegraphics-kview-3.2.3-17.7.101mdk.x86_64.rpm
9ddfb247c1ac9b571e042607af438d2e
x86_64/10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.7.101mdk.x86_64.rpm

2daf7814f31ea861af1adf6d6958f619
x86_64/10.1/RPMS/lib64kdegraphics0-common-3.2.3-17.7.101mdk.x86_64.rpm

1aa254cb176543f2386e7987b5854b86
x86_64/10.1/RPMS/lib64kdegraphics0-common-devel-3.2.3-17.7.101mdk.x86_64.rpm

24995ac257c8e1e7d34288a1503af153
x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-3.2.3-17.7.101mdk.x86_64.rpm

3a11f2fc88a7bb271e787c12e11ed85b
x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-devel-3.2.3-17.7.101mdk.x86_64.rpm

ced64b650693e51ab53dbbbbbdd837de
x86_64/10.1/RPMS/lib64kdegraphics0-kooka-3.2.3-17.7.101mdk.x86_64.rpm

10785e95b782da9da52262506526dbd0
x86_64/10.1/RPMS/lib64kdegraphics0-kooka-devel-3.2.3-17.7.101mdk.x86_64.rpm

1a8a8339cc85cef90c54e0c467eff94c
x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.x86_64.rpm

498116650efb396f2f38dc8c1c3b677c
x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2.3-17.7.101mdk.x86_64.rpm

0f80fd46eea48815eab39170a0f2583d
x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-3.2.3-17.7.101mdk.x86_64.rpm

04dff57a88777fb2f0258611989889b0
x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-devel-3.2.3-17.7.101mdk.x86_64.rpm

e18c8a96af23b872e53e613fc09559d9
x86_64/10.1/RPMS/lib64kdegraphics0-kuickshow-3.2.3-17.7.101mdk.x86_64.rpm

d4811a449e5db4cc23b720076d02be31
x86_64/10.1/RPMS/lib64kdegraphics0-kview-3.2.3-17.7.101mdk.x86_64.rpm

0432fec2093827d74334b64c004a7dc0
x86_64/10.1/RPMS/lib64kdegraphics0-kview-devel-3.2.3-17.7.101mdk.x86_64.rpm

cf427e9c6f75bc83e2366f2ddf7c10b8
x86_64/10.1/RPMS/lib64kdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.x86_64.rpm

5a418834ff6fbb4f931d17de36414b67
x86_64/10.1/RPMS/libkdegraphics0-common-3.2.3-17.7.101mdk.i586.rpm

d66f05c391671c93ec76d90db2a93603
x86_64/10.1/RPMS/libkdegraphics0-kghostview-3.2.3-17.7.101mdk.i586.rpm

ad5396358769c63743f172c5a0239bee
x86_64/10.1/RPMS/libkdegraphics0-kooka-3.2.3-17.7.101mdk.i586.rpm

09a96310e8facb018fec10a100d9ae6c
x86_64/10.1/RPMS/libkdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm

04fc3af9ba6408d1d8d8f5b0764f4ac9
x86_64/10.1/RPMS/libkdegraphics0-ksvg-3.2.3-17.7.101mdk.i586.rpm

4108c77923931946d307a7131dd2508a
x86_64/10.1/RPMS/libkdegraphics0-kuickshow-3.2.3-17.7.101mdk.i586.rpm

99fdb4a5f62fb3040c151742f279d7c1
x86_64/10.1/RPMS/libkdegraphics0-kview-3.2.3-17.7.101mdk.i586.rpm

3a198ce8fa7ac425434e6f77af326651
x86_64/10.1/RPMS/libkdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm

0d46d0c06d8d7a4da2c314c221f93af8
x86_64/10.1/SRPMS/kdegraphics-3.2.3-17.7.101mdk.src.rpm

Corporate 3.0:
8fb89b5d573b2f0e18960c2c57d88049
corporate/3.0/RPMS/kdegraphics-3.2-15.8.C30mdk.i586.rpm
74ade0ef32148e47c97e437fdbe31c55
corporate/3.0/RPMS/kdegraphics-common-3.2-15.8.C30mdk.i586.rpm
f7a1c996410e6f8240fce3df69662ee7
corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.8.C30mdk.i586.rpm
498fcc2706f13a37151d26d795cb8af5
corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.8.C30mdk.i586.rpm
968f93bacc172e8bf750e61f55ad6c2d
corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.8.C30mdk.i586.rpm

ebc0351557377d13d6e6d6e04b727d35
corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.8.C30mdk.i586.rpm

f78738e6cbe3a828ed8ba99af929afbb
corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.8.C30mdk.i586.rpm
515a6a3bc02d351e072a3c1661236970
corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.8.C30mdk.i586.rpm
a8f6098bc65955510f05d52aea3016b3
corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.8.C30mdk.i586.rpm
c2eb7c48b3a38357a3f3d37986717f09
corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.8.C30mdk.i586.rpm

0806d05001e5fc2dddbd7bb8a5f8c67b
corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.8.C30mdk.i586.rpm
3120cf1cad9f5e2b9e96d27ce9b93b57
corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.8.C30mdk.i586.rpm

ca5c6a6a167fff2ba75e545379198b25
corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.8.C30mdk.i586.rpm
0b4972ab74f2b0c95cd8a5bd2b489552
corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.8.C30mdk.i586.rpm

542cb3c43077d50445f4c40bd2de560e
corporate/3.0/RPMS/kdegraphics-kview-3.2-15.8.C30mdk.i586.rpm
aa9cf4d1aada39adc8b78a3f2ccbf666
corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.8.C30mdk.i586.rpm

6d469c11e303ecd30c245a93635acd54
corporate/3.0/RPMS/libkdegraphics0-common-3.2-15.8.C30mdk.i586.rpm

7956586a648f4c7fd84d211e04e03cba
corporate/3.0/RPMS/libkdegraphics0-common-devel-3.2-15.8.C30mdk.i586.rpm

3acb74778ef80840f40d4ccca953bd71
corporate/3.0/RPMS/libkdegraphics0-kooka-3.2-15.8.C30mdk.i586.rpm

8878ff3d6852fd7305062c687de8ba5d
corporate/3.0/RPMS/libkdegraphics0-kooka-devel-3.2-15.8.C30mdk.i586.rpm

31580d68bf2c35d02b77317bb3343122
corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-3.2-15.8.C30mdk.i586.rpm

8f258b355815e2e81e2f23021c3f97b0
corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.2-15.8.C30mdk.i586.rpm

441dd9fd4991501bb5f576affdcef69a
corporate/3.0/RPMS/libkdegraphics0-ksvg-3.2-15.8.C30mdk.i586.rpm

6539132604ac8215b8fa39e1610b61a2
corporate/3.0/RPMS/libkdegraphics0-ksvg-devel-3.2-15.8.C30mdk.i586.rpm

e6886553c073befbfb1fdfbfa25bc63e
corporate/3.0/RPMS/libkdegraphics0-kuickshow-3.2-15.8.C30mdk.i586.rpm

d9155b7767bf9be9a58210759496823c
corporate/3.0/RPMS/libkdegraphics0-kview-3.2-15.8.C30mdk.i586.rpm

a312b9c911fc787699fc39af5a40c79a
corporate/3.0/RPMS/libkdegraphics0-kview-devel-3.2-15.8.C30mdk.i586.rpm

c2f40fe2b48b35fed2dbc4c7d19882b9
corporate/3.0/RPMS/libkdegraphics0-mrmlsearch-3.2-15.8.C30mdk.i586.rpm

c94be1d83e8c46ae7c15891aa4205848
corporate/3.0/SRPMS/kdegraphics-3.2-15.8.C30mdk.src.rpm

Corporate 3.0/X86_64:
b024b0c6a79b417692112bf348cd95fc
x86_64/corporate/3.0/RPMS/kdegraphics-3.2-15.8.C30mdk.x86_64.rpm

e6276cf1aa395686bd7b91249011aa38
x86_64/corporate/3.0/RPMS/kdegraphics-common-3.2-15.8.C30mdk.x86_64.rpm

81a8878ced363c5b99d083a6514e6e96
x86_64/corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.8.C30mdk.x86_64.rpm

0b1d51fcb1e04376bdc098c4e2f171d7
x86_64/corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.8.C30mdk.x86_64.rpm

4744070e1a0396e7179ccf53fe2d85c2
x86_64/corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.8.C30mdk.x86_64.rpm

774d87525915ceebeab373db882d2366
x86_64/corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.8.C30mdk.x86_64.rpm

ccead5ed0b52b61c7e0345d1ce73a915
x86_64/corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.8.C30mdk.x86_64.rpm

ce557d2ec486433984f573ed5b80de33
x86_64/corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.8.C30mdk.x86_64.rpm

a6ffb9c6ab2d9c0b5f0f19457791b4ba
x86_64/corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.8.C30mdk.x86_64.rpm

bec4700cc12ae61ff2cb7314ae5a0ddb
x86_64/corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.8.C30mdk.x86_64.rpm

fec0575377007aa825ac15e13e576b99
x86_64/corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.8.C30mdk.x86_64.rpm

530a5ac17809959f2445478ea7adab50
x86_64/corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.8.C30mdk.x86_64.rpm

ea55b0e94fbcf6c53a56f4b83ff97eb6
x86_64/corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.8.C30mdk.x86_64.rpm

12b743469cdf6cd8350fa58a7c3a36c3
x86_64/corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.8.C30mdk.x86_64.rpm

224f5a552036aa61542990c69710bb6a
x86_64/corporate/3.0/RPMS/kdegraphics-kview-3.2-15.8.C30mdk.x86_64.rpm

b1be434f8e14b274507b1ae4044099c8
x86_64/corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.8.C30mdk.x86_64.rpm

acfd72cf7010e702def1ed4a178b8d2c
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-3.2-15.8.C30mdk.x86_64.rpm

dc64e7bb63705ba72cd4f483c404561b
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-devel-3.2-15.8.C30mdk.x86_64.rpm

2a4bb857f31aa164f4c8d8f258187aa7
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-3.2-15.8.C30mdk.x86_64.rpm

9156bfefed30fd5253b4c499242aa7a0
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-devel-3.2-15.8.C30mdk.x86_64.rpm

36a5e60f7c4677f47aff7701850ea0d7
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-3.2-15.8.C30mdk.x86_64.rpm

03f94e3422b4c384b047dbf560e1d05d
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2-15.8.C30mdk.x86_64.rpm

07bf10276d704a430713b651df3b2169
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-3.2-15.8.C30mdk.x86_64.rpm

65d07b28c3bb6de94a87958683f083b0
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-devel-3.2-15.8.C30mdk.x86_64.rpm

ae2bed52c58fb043d19bb336e18d0dad
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kuickshow-3.2-15.8.C30mdk.x86_64.rpm

d54929663a71f898299f2784af91face
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-3.2-15.8.C30mdk.x86_64.rpm

6cb1d6616411007e5368b3193f6481bf
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-devel-3.2-15.8.C30mdk.x86_64.rpm

68df49480edbbe07a1068eb686e1ab4c
x86_64/corporate/3.0/RPMS/lib64kdegraphics0-mrmlsearch-3.2-15.8.C30mdk.x86_64.rpm

c94be1d83e8c46ae7c15891aa4205848
x86_64/corporate/3.0/SRPMS/kdegraphics-3.2-15.8.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Update Advisory

Package name: wxPythonGTK
Advisory ID: MDKSA-2005:144
Date: August 18th, 2005
Affected versions: 10.1, 10.2, Corporate 3.0

Problem Description:

Wouter Hanegraaff discovered that the TIFF library did not
sufficiently validate the “YCbCr subsampling” value in TIFF image
headers. Decoding a malicious image with a zero value resulted in
an arithmetic exception, which can cause a program that uses the
TIFF library to crash.

wxPythonGTK uses an embedded libtiff source tree, and as such
has the same vulnerability.

The updated packages have been rebuilt using the system
libraries and should now incorporate all the updates to libjpeg,
libpng, libtiff and zlib.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452

Updated Packages:

Mandrakelinux 10.1:
1792bef2b7c38d434f5c580885918fa9
10.1/RPMS/libwxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.i586.rpm
e74ecbc67fb44bc41c211c9c48d99bf2
10.1/RPMS/libwxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.i586.rpm
cbc0ab1e5ff4890e6ca773bc106a22ba
10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.i586.rpm
b9a21a161373a223927041bfb59e9daa
10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
58a22e1baf7b89f5cba1904cc385a62d
x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.x86_64.rpm

3416e43ec121b43dd0fa320ced1a1692
x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.x86_64.rpm

04420e8c6fa31ae8266bf1646442665b
x86_64/10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.x86_64.rpm
b9a21a161373a223927041bfb59e9daa
x86_64/10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

Mandrakelinux 10.2:
8deaae175c40b0b2aae1c0a9260e6c5e
10.2/RPMS/libwxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.i586.rpm
b240df592e137d2b429118a51561475f
10.2/RPMS/libwxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.i586.rpm
142a95ae853496fa62488898a8e22a5c
10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.i586.rpm
8a04fcd0d0d70bc22549b20374aa2fc4
10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
3641fdd53027c69755b2026f9868bcd4
x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.x86_64.rpm

a84597c3db0f2f38f493693d0cfbf0d6
x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.x86_64.rpm

f453d626b50c9f8e5fd7b801f06a53c6
x86_64/10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.x86_64.rpm
8a04fcd0d0d70bc22549b20374aa2fc4
x86_64/10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

Corporate 3.0:
30310777699ba2bc43269fea791785a6
corporate/3.0/RPMS/libwxPythonGTK2.4-2.4.2.4-2.1.C30mdk.i586.rpm

2ab1c06543b33f2304caa2f75c234a74
corporate/3.0/RPMS/libwxPythonGTK2.4-devel-2.4.2.4-2.1.C30mdk.i586.rpm

1ff251baed6af07e5604521ae8390f06
corporate/3.0/RPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.i586.rpm
fbf97259f8e496bf20af99c1cacb08b1
corporate/3.0/SRPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.src.rpm

To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.