Mandrake Linux Update Advisory
Package name: | OpenDX |
Advisory ID: | MDKA-2003:024 |
Date: | November 12th, 2003 |
Affected versions: | 9.2 |
Problem Description:
A bug in OpenDX was fixed that prevented dx from starting
properly due to an improper path for the dxexec executable.
Updated Packages:
Mandrake Linux 9.2:
2ae36a3d57b60eb20f6e94773bcb44a3
9.2/RPMS/OpenDX-4.3.0-3.1.92mdk.i586.rpm
019731703d9fe99cdf18155e250c8fbb
9.2/RPMS/OpenDX-devel-4.3.0-3.1.92mdk.i586.rpm
9c226ef369a5c0f3c34d42851428f183
9.2/SRPMS/OpenDX-4.3.0-3.1.92mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by MandrakeSoft for security. You can
obtain the GPG public key of the Mandrake Linux Security Team by
executing:
gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98
Please be aware that sometimes it takes the mirrors a few hours
to update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type | Bits/KeyID | Date | User ID |
pub | 1024D/22458A98 | 2000-07-10 | Linux Mandrake Security Team <security linux-mandrake.com> |
Mandrake Linux Update Advisory
Package name: | totem |
Advisory ID: | MDKA-2003:025 |
Date: | November 12th, 2003 |
Affected versions: | 9.2 |
Problem Description:
A bug was found in totem that would cause it to crash when
attempting to retrieve CDDB information when playing an audio CD
and the network blocks CDDB access. This problem has been fixed
with these updated packages.
Updated Packages:
Mandrake Linux 9.2:
87fa7a1a2ae8f89fa33c1d295ff44fe6
9.2/RPMS/totem-0.99.4-4.1.92mdk.i586.rpm
01df09905892a7fa6f95241467150547
9.2/SRPMS/totem-0.99.4-4.1.92mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by MandrakeSoft for security. You can
obtain the GPG public key of the Mandrake Linux Security Team by
executing:
gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98
Please be aware that sometimes it takes the mirrors a few hours
to update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type | Bits/KeyID | Date | User ID |
pub | 1024D/22458A98 | 2000-07-10 | Linux Mandrake Security Team <security linux-mandrake.com> |
Mandrake Linux Update Advisory
Package name: | SnortSnarf |
Advisory ID: | MDKA-2003:026 |
Date: | November 12th, 2003 |
Affected versions: | 9.2 |
Problem Description:
Problems with the dependencies of the SnortSnarf package
prevented it from being installable. This update fixes those
dependency issues so that you can now install the package.
Updated Packages:
Mandrake Linux 9.2:
451eaa7affe7406029ac972453867f5a
9.2/RPMS/SnortSnarf-020516.1-3.1.92mdk.noarch.rpm
fe9efd7f9f435edf800cb4ed48b98573
9.2/SRPMS/SnortSnarf-020516.1-3.1.92mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by MandrakeSoft for security. You can
obtain the GPG public key of the Mandrake Linux Security Team by
executing:
gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98
Please be aware that sometimes it takes the mirrors a few hours
to update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type | Bits/KeyID | Date | User ID |
pub | 1024D/22458A98 | 2000-07-10 | Linux Mandrake Security Team <security linux-mandrake.com> |
Mandrake Linux Security Update Advisory
Package name: | fileutils/coreutils |
Advisory ID: | MDKSA-2003:106 |
Date: | November 12th, 2003 |
Affected versions: | 9.0, 9.1, 9.2, Corporate Server 2.1, Multi Network Firewall 8.2 |
Problem Description:
A memory starvation denial of service vulnerability in the ls
program was discovered by Georgi Guninski. It is possible to
allocate a huge amount of memory by specifying certain command-line
arguments. It is also possible to exploit this remotely via
programs that call ls such as wu-ftpd (although wu-ftpd is no
longer shipped with Mandrake Linux).
Likewise, a non-exploitable integer overflow problem was
discovered in ls, which can be used to crash ls by specifying
certain command-line arguments. This can also be triggered via
remotely accessible services such as wu-ftpd.
The provided packages include a patched ls to fix these
problems.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0853
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0854
Updated Packages:
Corporate Server 2.1:
be970695fbd846472dd40b008f0b5274
corporate/2.1/RPMS/fileutils-4.1.11-6.1.C21mdk.i586.rpm
755655b2a0d372db45ef572c94c50cea
corporate/2.1/SRPMS/fileutils-4.1.11-6.1.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
5f0423cafb85f403e452bcbb07b97939
x86_64/corporate/2.1/RPMS/fileutils-4.1.11-6.1.C21mdk.x86_64.rpm
755655b2a0d372db45ef572c94c50cea
x86_64/corporate/2.1/SRPMS/fileutils-4.1.11-6.1.C21mdk.src.rpm
Mandrake Linux 9.0:
4430a81aede9dd918a9a96e1a4af0b1b
9.0/RPMS/fileutils-4.1.11-6.1.90mdk.i586.rpm
a736eb75b14966d35195b6d5196c1be3
9.0/SRPMS/fileutils-4.1.11-6.1.90mdk.src.rpm
Mandrake Linux 9.1:
05770c5811e1004eb6f66b3bf4d1b7f2
9.1/RPMS/coreutils-4.5.7-1.1.91mdk.i586.rpm
36465c666100e890d721d44e4fc858a1
9.1/RPMS/coreutils-doc-4.5.7-1.1.91mdk.i586.rpm
da9f5e3a516440e5e0cebc013025b625
9.1/SRPMS/coreutils-4.5.7-1.1.91mdk.src.rpm
Mandrake Linux 9.1/PPC:
d47798f3066dff738cd24497b2c10981
ppc/9.1/RPMS/coreutils-4.5.7-1.1.91mdk.ppc.rpm
b363a38d0c1b3497bdc275b52704e51b
ppc/9.1/RPMS/coreutils-doc-4.5.7-1.1.91mdk.ppc.rpm
da9f5e3a516440e5e0cebc013025b625
ppc/9.1/SRPMS/coreutils-4.5.7-1.1.91mdk.src.rpm
Mandrake Linux 9.2:
587ee8916dd706159b5493efab81d42c
9.2/RPMS/coreutils-5.0-6.1.92mdk.i586.rpm
43d4d0f6a4d23ccd46185463dd9b81f8
9.2/RPMS/coreutils-doc-5.0-6.1.92mdk.i586.rpm
29080c00ef5c478f4d544de55d60c486
9.2/SRPMS/coreutils-5.0-6.1.92mdk.src.rpm
Multi Network Firewall 8.2:
b117277bbd61ad6d9a87d3c8fc675811
mnf8.2/RPMS/fileutils-4.1.5-4.2.M82mdk.i586.rpm
ba3dea1c45822fa314e0c23be2474ee9
mnf8.2/SRPMS/fileutils-4.1.5-4.2.M82mdk.src.rpm
To upgrade automatically use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by MandrakeSoft for security. You can
obtain the GPG public key of the Mandrake Linux Security Team by
executing:
gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98
Please be aware that sometimes it takes the mirrors a few hours
to update.
You can view other update advisories for Mandrake Linux at:
http://www.mandrakesecure.net/en/advisories/
MandrakeSoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type | Bits/KeyID | Date | User ID |
pub | 1024D/22458A98 | 2000-07-10 | Linux Mandrake Security Team <security linux-mandrake.com> |