Advisories, February 7, 2006

Fedora Core

Fedora Update Notification
FEDORA-2006-102
2006-02-07

Product : Fedora Core 4
Name : kernel
Version : 2.6.15
Release : 1.1831_FC4
Summary : The Linux kernel (the core of the Linux operating
system)

Description :
The kernel package contains the Linux kernel (vmlinuz), the core of
any Linux operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation,
device input and output, etc.

Update Information:

This update fixes a remotely exploitable denial of service
attack in the icmp networking code (CVE-2006-0454). An information
leak has also been fixed (CVE-2006-0095), and some debugging
patches that had accidentally been left applied in the previous
update have been removed, restoring the functionality of the
‘quiet’ argument.

Tue Feb 7 2006 Dave Jones <davej@redhat.com>
- 2.6.15.3 Fixes remotely exploitable bug in ICMP
  (CVE-2006-0454)
Fri Feb 3 2006 Dave Jones <davej@redhat.com>
- Make ‘quiet’ work again.
- dm-crypt: zero key before freeing it

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

b1f9d6a89e638edeeacecfd7495eb4e6450e279b
SRPMS/kernel-2.6.15-1.1831_FC4.src.rpm
188b62f36e7e600c588715536d96e32606640abf
ppc/kernel-2.6.15-1.1831_FC4.ppc.rpm
e286cb0385c3fdf49aef3d42fd43420a51ebcea8
ppc/kernel-devel-2.6.15-1.1831_FC4.ppc.rpm
8e3d18db547e94f750c022111c94f7d56943180f
ppc/kernel-smp-2.6.15-1.1831_FC4.ppc.rpm
3be387fa5fb7c3cd095c329ce71b9f94190e83df
ppc/kernel-smp-devel-2.6.15-1.1831_FC4.ppc.rpm
3c8b1004b5e9e64677dbf6b457db55f68ecd2e77
ppc/debug/kernel-debuginfo-2.6.15-1.1831_FC4.ppc.rpm
62af3a7baffdbb17904985289fa16437fb5a950e
ppc/kernel-doc-2.6.15-1.1831_FC4.noarch.rpm
1392789f2ede26c037f9715012d8452e6d0e4590
x86_64/kernel-2.6.15-1.1831_FC4.x86_64.rpm
09054fea4b6dbb75ccfdaafb9bb2ca0572b13b6a
x86_64/kernel-devel-2.6.15-1.1831_FC4.x86_64.rpm
058d2e9feb887f4e1947f6c67cd0e3e7d1b41d7e
x86_64/kernel-smp-2.6.15-1.1831_FC4.x86_64.rpm
e776cc09a16f83e7bb63b1f297b39cbc15924684
x86_64/kernel-smp-devel-2.6.15-1.1831_FC4.x86_64.rpm
f0b33070f10c2c7451658e8ad63472e3b7647446
x86_64/debug/kernel-debuginfo-2.6.15-1.1831_FC4.x86_64.rpm
62af3a7baffdbb17904985289fa16437fb5a950e
x86_64/kernel-doc-2.6.15-1.1831_FC4.noarch.rpm
a65c2356bf30f818f23476aa2944171f2e8e58ed
i386/kernel-2.6.15-1.1831_FC4.i586.rpm
4c2d91f66fee74f748a596ebfc2f16e61ec66bb2
i386/kernel-devel-2.6.15-1.1831_FC4.i586.rpm
b64db9db09db127809d5a426ca14faaeefef9161
i386/debug/kernel-debuginfo-2.6.15-1.1831_FC4.i586.rpm
743357e7d11966a6218cfd251404d2e670b12847
i386/kernel-2.6.15-1.1831_FC4.i686.rpm
6a61118b549d1252f3944838ff574bed4c244ef7
i386/kernel-devel-2.6.15-1.1831_FC4.i686.rpm
77e82a0a4458567d74ee6817c84f77bca85640d6
i386/kernel-smp-2.6.15-1.1831_FC4.i686.rpm
579e825578ff22d44ebb3a50e3728ee6a1fcbb9d
i386/kernel-smp-devel-2.6.15-1.1831_FC4.i686.rpm
a42a5afe3689b3812a9fe781a9f8922a33be811e
i386/debug/kernel-debuginfo-2.6.15-1.1831_FC4.i686.rpm
62af3a7baffdbb17904985289fa16437fb5a950e
i386/kernel-doc-2.6.15-1.1831_FC4.noarch.rpm

This update can be installed with the ‘yum’ update program. Use
‘yum update package-name’ at the command line. For more
information, refer to ‘Managing Software with yum,’ available at
http://fedora.redhat.com/docs/yum/.

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2006:035
http://www.mandriva.com/security/

Package : php
Date : February 7, 2006
Affected: 10.1, 10.2, Corporate 3.0, Multi Network Firewall 2.0

Problem Description:

A flaw in the PHP gd extension in versions prior to 4.4.1 could
allow a remote attacker to bypass safe_mode and open_basedir
restrictions via unknown attack vectors.

The updated packages have been patched to correct this
issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3391

Updated Packages:

Mandriva Linux 10.1:
73fb60b80de60eac15425466e59dca39
10.1/RPMS/libphp_common432-4.3.8-3.8.101mdk.i586.rpm
b28919e0310bf29bf5866dae1ee16d98
10.1/RPMS/php432-devel-4.3.8-3.8.101mdk.i586.rpm
d83eaac3668f09924156f177cd15f201
10.1/RPMS/php-cgi-4.3.8-3.8.101mdk.i586.rpm
143fc214304a1c289fca9706a2a1c3a8
10.1/RPMS/php-cli-4.3.8-3.8.101mdk.i586.rpm
78c983eccc5b8423c97ef382438b2e65
10.1/RPMS/php-gd-4.3.8-2.1.101mdk.i586.rpm
677522c6ed558432f3dbf15616083610
10.1/SRPMS/php-4.3.8-3.8.101mdk.src.rpm
aac1a54955e947f6c15c8b8059ae4181
10.1/SRPMS/php-gd-4.3.8-2.1.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
106d6d5ca6b8f39c392bd13ec1dc42d4
x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.8.101mdk.x86_64.rpm
b4c808eec06082b85642bb130f8415dc
x86_64/10.1/RPMS/php432-devel-4.3.8-3.8.101mdk.x86_64.rpm
471cb69b308907e438d462c99980dea0
x86_64/10.1/RPMS/php-cgi-4.3.8-3.8.101mdk.x86_64.rpm
553db3e91f87e7a515ac135e8d7f15f0
x86_64/10.1/RPMS/php-cli-4.3.8-3.8.101mdk.x86_64.rpm
ec747cf48a3dad42141f27e44325033e
x86_64/10.1/RPMS/php-gd-4.3.8-2.1.101mdk.x86_64.rpm
677522c6ed558432f3dbf15616083610
x86_64/10.1/SRPMS/php-4.3.8-3.8.101mdk.src.rpm
aac1a54955e947f6c15c8b8059ae4181
x86_64/10.1/SRPMS/php-gd-4.3.8-2.1.101mdk.src.rpm

Mandriva Linux 10.2:
13cf3adeda0a0cd1d0ccde575cbe63ec
10.2/RPMS/libphp_common432-4.3.10-7.6.102mdk.i586.rpm
18302ef915b8f1b2245b9c0f79d574aa
10.2/RPMS/php432-devel-4.3.10-7.6.102mdk.i586.rpm
c58efdb3973bb63914463628936cf2db
10.2/RPMS/php-cgi-4.3.10-7.6.102mdk.i586.rpm
401059a0058df93d7b8567813b082b7e
10.2/RPMS/php-cli-4.3.10-7.6.102mdk.i586.rpm
887e86064d91d133d3c98245b39335b3
10.2/RPMS/php-gd-4.3.10-5.1.102mdk.i586.rpm
b677b123040f0279e39a047aa706a853
10.2/SRPMS/php-4.3.10-7.6.102mdk.src.rpm
393e9bde7b571bc6aee17cf48929e0d5
10.2/SRPMS/php-gd-4.3.10-5.1.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
b457eff82dcedc940afda2b137dc9058
x86_64/10.2/RPMS/lib64php_common432-4.3.10-7.6.102mdk.x86_64.rpm

6075916423066e4a026814cd38332528
x86_64/10.2/RPMS/php432-devel-4.3.10-7.6.102mdk.x86_64.rpm
4e1c918a571c85e3e4ce065edd249576
x86_64/10.2/RPMS/php-cgi-4.3.10-7.6.102mdk.x86_64.rpm
a222ddab3ffff21bcd82420fce7951da
x86_64/10.2/RPMS/php-cli-4.3.10-7.6.102mdk.x86_64.rpm
ccf2d23979006f1f7bbc9d2a1efd6043
x86_64/10.2/RPMS/php-gd-4.3.10-5.1.102mdk.x86_64.rpm
b677b123040f0279e39a047aa706a853
x86_64/10.2/SRPMS/php-4.3.10-7.6.102mdk.src.rpm
393e9bde7b571bc6aee17cf48929e0d5
x86_64/10.2/SRPMS/php-gd-4.3.10-5.1.102mdk.src.rpm

Corporate 3.0:
1980e0259fe7747380a824f8d22e6547
corporate/3.0/RPMS/libphp_common432-4.3.4-4.10.C30mdk.i586.rpm
390c85972981566b353b594fe22197dc
corporate/3.0/RPMS/php432-devel-4.3.4-4.10.C30mdk.i586.rpm
d9a49155ce3a80cdbc277f2412a13518
corporate/3.0/RPMS/php-cgi-4.3.4-4.10.C30mdk.i586.rpm
d0cbbd7fb891a7541929c67aa0343df6
corporate/3.0/RPMS/php-cli-4.3.4-4.10.C30mdk.i586.rpm
238811f03e72ceecb0b91be525380cb9
corporate/3.0/RPMS/php-gd-4.3.4-1.1.C30mdk.i586.rpm
d54f4e12d35cedbef0f718170620ace4
corporate/3.0/SRPMS/php-4.3.4-4.10.C30mdk.src.rpm
c1a3d05a9501024102944e6820bc5501
corporate/3.0/SRPMS/php-gd-4.3.4-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
a8dce337033e676378664c0db6b469f7
x86_64/corporate/3.0/RPMS/lib64php_common432-4.3.4-4.10.C30mdk.x86_64.rpm

c7b1cfd80cd506eff43f22b80aa75de6
x86_64/corporate/3.0/RPMS/php432-devel-4.3.4-4.10.C30mdk.x86_64.rpm

1c5e085cb86ad4f7af6a0da6d05a1d62
x86_64/corporate/3.0/RPMS/php-cgi-4.3.4-4.10.C30mdk.x86_64.rpm
9eec60e7a700c07da18b4f787ad3f58c
x86_64/corporate/3.0/RPMS/php-cli-4.3.4-4.10.C30mdk.x86_64.rpm
500eedf63f7cbccb7920a94e7959e7ac
x86_64/corporate/3.0/RPMS/php-gd-4.3.4-1.1.C30mdk.x86_64.rpm
d54f4e12d35cedbef0f718170620ace4
x86_64/corporate/3.0/SRPMS/php-4.3.4-4.10.C30mdk.src.rpm
c1a3d05a9501024102944e6820bc5501
x86_64/corporate/3.0/SRPMS/php-gd-4.3.4-1.1.C30mdk.src.rpm

Multi Network Firewall 2.0:
505744d67c4a0d9d438eb59635a1b854
mnf/2.0/RPMS/libphp_common432-4.3.4-4.10.M20mdk.i586.rpm
415fb09281493e6b5e262b8a919b2eb9
mnf/2.0/RPMS/php432-devel-4.3.4-4.10.M20mdk.i586.rpm
71f1a80d1bf23652a8001a7e48fe139c
mnf/2.0/RPMS/php-cgi-4.3.4-4.10.M20mdk.i586.rpm
5ad32b1fb9e6b12be629ea44168d5138
mnf/2.0/RPMS/php-cli-4.3.4-4.10.M20mdk.i586.rpm
0b23cfbdff6ccd70f06cd3ab13813cb5
mnf/2.0/RPMS/php-gd-4.3.4-1.1.M20mdk.i586.rpm
27c29e02d28e0aea1dadd7d149636b83
mnf/2.0/SRPMS/php-4.3.4-4.10.M20mdk.src.rpm
ca1601d0a1fa257c8916715582a1df41
mnf/2.0/SRPMS/php-gd-4.3.4-1.1.M20mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Advisories, February 7, 2006

Fedora Core

Mandriva Linux

Get the Free Newsletter!

Must Read

Redo Rescue: A Free and Easy Backup & Recovery Solution

JDownloader: An Open-Source Alternative to IDM (Install + Usage)

9to5Linux Weekly Roundup: March 16th, 2025

Linuxiac Weekly Wrap-Up: Week 11 (Mar 10 – 16, 2025)

Best Free and Open Source Alternatives to Progress ShareFile

Our Brands