197 matches found
Mandriva Linux Security Advisory : silc-toolkit (MDVSA-2009:235)
Multiple vulnerabilities was discovered and corrected in silc-toolkit : Multiple format string vulnerabilities in lib/silcclient/cliententry.c in Secure Internet Live Conferencing SILC Toolkit before 1.1.10, and SILC Client before 1.1.8, allow remote attackers to execute arbitrary code via format...
MDVA-2010:016 : firefox
It was dicovered that the kde4ff theme for firefox 3.5 firefox-theme-kde4ff did not work, to address this problem the kfirefox theme firefox-theme-kfirefox is provided as a drop in replacement. It was discovered that the beagle extension for firefox firefox-ext-beagle had the wrong release number...
MDVA-2010:143 : xine-ui
The LIRC infrared support in xine-ui program didn't work. This update fixes the issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was automatically...
MDVA-2010:108 : kde4
In mandriva 2010.0, we provided KDE 4.3.2, this update brings KDE to version 4.3.5, overall, it provides many bug fixes and enhancements. For a complete list with changes, access the official announcement at http://www.kde.org/announcements/announce-4.3.5.php In addiction we are providing new...
MDVA-2009:202 : java-1.6.0-openjdk
Correct issues with scaled bitmap fonts by properly installing fontconfig.properties and requires a default font bug 55005. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security,...
Mandriva Linux Security Advisory : dovecot (MDVSA-2009:306)
A vulnerability was discovered and corrected in dovecot : Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the...
Mandriva Linux Security Advisory : pidgin (MDVSA-2010:002)
A security vulnerability has been identified and fixed in pidgin : Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. dot dot in an application/x-msnmsgrp2p MSN emoticon aka...
MDVA-2010:073 : dhcp
The DHCP client ignores the interface-mtu option set by server. This update fixes the issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...
[ MDVSA-2010:030 ] kernel
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2010:030 http://www.mandriva.com/security/ Package : kernel Date : January 1, 2009 Affected: 2010.0 Problem Description: Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Array index err...
MDVA-2009:253 : mpg123
A regression was found and fixed for mpg123 while attempting to load the mpg123 modules. This regression stems from MDVSA-2009:307 libtool ltdl. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C...
MDVA-2009:239 : imagemagick
The package was accidently linked against the wrong libjasper version. This update addresses that problem. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script...
MDVA-2009:235 : freeradius
The cron files included in freeradius-web package were syntactically invalid, by lacking mention of the user expected to run the task. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Networ...
MDVA-2009:183 : nvidia
This update provides the kernel modules which were not distributed with the last kernel update. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...
Mandriva Linux Security Advisory : dbus (MDVSA-2009:256-1)
A vulnerability was discovered and corrected in dbus : The dbusvalidatesignaturewithreason function dbus-marshal-validate.c in D-Bus aka DBus uses incorrect logic to validate a basic type, which allows remote attackers to spoof a signature via a crafted key. NOTE: this is due to an incorrect fix...
MDVA-2009:170 : ldetect
This update fixes a very trivial issue with lspcidrake displaying warnings about some USB devices. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security, Inc. This script was...
MDVA-2009:168 : rrdtool
This update addresses a problem where rrdtool-1.3.x required a font installed like for example the DejaVuSansMono.ttf font. A dependency was added on fonts-ttf-dejavu to address this problem. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently...
Mandriva Linux Security Advisory : python (MDVSA-2009:212-1)
A vulnerability was found in xmltokimpl.c expat that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625 CVE-2009-3720. This update fixes this vulnerability. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers...
Mandriva Linux Security Advisory : libsndfile (MDVSA-2009:132-1)
Multiple vulnerabilities has been found and corrected in libsndfile : Heap-based buffer overflow in vocreadheader in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service application crash and possibly...
MDVA-2009:061 : portreserve
In some cases, CUPS in Mandriva Linux 2009 would start but be unavailable, due to the possibility that 'portreserve' service was started at the wrong time, thus being unable to do its job. This update fixes that, by making sure portreserve start at the right time during system initialization...
MDVA-2008:024 : rpmdrake
This update fixes a crash when reading packages with an empty backport media 36720. This is a rare bug since DVD media did not include backport media, and network media provides a non-empty backport media. It also makes sure that a wait dialog always got destroyed 36921. Due to a bug, in some err...