[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ MDVSA-2015:174 ] erlang



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:174
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : erlang
 Date    : March 30, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated erlang packages fixes security vulnerability:
 
 An FTP command injection flaw was found in Erlang's FTP module. Several
 functions in the FTP module do not properly sanitize the input before
 passing it into a control socket. A local attacker can use this flaw
 to execute arbitrary FTP commands on a system that uses this module
 (CVE-2014-1693).
 
 This update also disables SSLv3 by default to mitigate the POODLE
 issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1693
 http://advisories.mageia.org/MGASA-2014-0553.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 2/X86_64:
 c3782d8e70c2560d22368c5cf191c2de  mbs2/x86_64/erlang-appmon-R16B02-3.1.mbs2.x86_64.rpm
 aecdc45f5a81807249581c7244e37569  mbs2/x86_64/erlang-asn1-R16B02-3.1.mbs2.x86_64.rpm
 477308c25e90cd9518e3b5518dd4f794  mbs2/x86_64/erlang-base-R16B02-3.1.mbs2.x86_64.rpm
 5f3d6f1d15ba896c28487190328395b0  mbs2/x86_64/erlang-common_test-R16B02-3.1.mbs2.x86_64.rpm
 6f28db799e6740f3a34ce1a1f7a2966f  mbs2/x86_64/erlang-compiler-R16B02-3.1.mbs2.x86_64.rpm
 36e6b99c911c5416725e1d849329a438  mbs2/x86_64/erlang-cosEventDomain-R16B02-3.1.mbs2.x86_64.rpm
 ba146d18f9759ce77027c3ff65025bc4  mbs2/x86_64/erlang-cosEvent-R16B02-3.1.mbs2.x86_64.rpm
 c62b33ca7302a1e25da1b118844fd257  mbs2/x86_64/erlang-cosFileTransfer-R16B02-3.1.mbs2.x86_64.rpm
 bb9160c5dfcccc5b506fce6bc6dce5b3  mbs2/x86_64/erlang-cosNotification-R16B02-3.1.mbs2.x86_64.rpm
 e514be216077fae803723a972df68ddc  mbs2/x86_64/erlang-cosProperty-R16B02-3.1.mbs2.x86_64.rpm
 999b7f423e8ad3a4ec9789c1b0228f44  mbs2/x86_64/erlang-cosTime-R16B02-3.1.mbs2.x86_64.rpm
 31459904189e725bc21e894b0479ce0a  mbs2/x86_64/erlang-cosTransactions-R16B02-3.1.mbs2.x86_64.rpm
 b5c015e8d8b30ae7809e08c3551985d8  mbs2/x86_64/erlang-crypto-R16B02-3.1.mbs2.x86_64.rpm
 c807878d781f028af448cc2b7bcb988b  mbs2/x86_64/erlang-debugger-R16B02-3.1.mbs2.x86_64.rpm
 a97e3c12ae0325d78bf6001ce23428a3  mbs2/x86_64/erlang-devel-R16B02-3.1.mbs2.x86_64.rpm
 21362da5ce27a71bcc9d4aa4465cabc5  mbs2/x86_64/erlang-dialyzer-R16B02-3.1.mbs2.x86_64.rpm
 2adab55b7e7389bc5400ef4fef7c027a  mbs2/x86_64/erlang-diameter-R16B02-3.1.mbs2.x86_64.rpm
 e4b575315ec1423361711503fd160145  mbs2/x86_64/erlang-docbuilder-R16B02-3.1.mbs2.x86_64.rpm
 7d556a1077b9ab6ceec582831be37905  mbs2/x86_64/erlang-edoc-R16B02-3.1.mbs2.x86_64.rpm
 4be0a333cef6fb9956fceaf89d715468  mbs2/x86_64/erlang-eldap-R16B02-3.1.mbs2.x86_64.rpm
 53c53de3b5efc19e193d7c56001a8a07  mbs2/x86_64/erlang-emacs-R16B02-3.1.mbs2.x86_64.rpm
 7eac22f0cc244076781ca2803c662768  mbs2/x86_64/erlang-erl_docgen-R16B02-3.1.mbs2.x86_64.rpm
 80249961f16f82dbc66f7de771e98735  mbs2/x86_64/erlang-erl_interface-R16B02-3.1.mbs2.x86_64.rpm
 fbf5c957d14e3c09a43eafd03cb19ab2  mbs2/x86_64/erlang-et-R16B02-3.1.mbs2.x86_64.rpm
 73cfce1e58cdb676a470ee16d84b52a2  mbs2/x86_64/erlang-eunit-R16B02-3.1.mbs2.x86_64.rpm
 76553169fa04132330658a8b6dfc21af  mbs2/x86_64/erlang-gs-R16B02-3.1.mbs2.x86_64.rpm
 ef9e5fe8657eea48de2d5b7c1a230587  mbs2/x86_64/erlang-hipe-R16B02-3.1.mbs2.x86_64.rpm
 1fbbab73409ab496bf65acfef0159b12  mbs2/x86_64/erlang-ic-R16B02-3.1.mbs2.x86_64.rpm
 13029c97b65202f4246267568a08665d  mbs2/x86_64/erlang-inets-R16B02-3.1.mbs2.x86_64.rpm
 82769f0678e9653e60f34b8e1204022c  mbs2/x86_64/erlang-jinterface-R16B02-3.1.mbs2.x86_64.rpm
 164e49370da7c102a102e3d7938692fd  mbs2/x86_64/erlang-manpages-R16B02-3.1.mbs2.x86_64.rpm
 ea23fe6568707738a77744047b1784af  mbs2/x86_64/erlang-megaco-R16B02-3.1.mbs2.x86_64.rpm
 6ccadf1b58574ffe626ff7b11e96294e  mbs2/x86_64/erlang-mnesia-R16B02-3.1.mbs2.x86_64.rpm
 ddfc6f940edc76a2c96776f632a0359b  mbs2/x86_64/erlang-observer-R16B02-3.1.mbs2.x86_64.rpm
 236ccf95ce563e21883810dec7aec43f  mbs2/x86_64/erlang-odbc-R16B02-3.1.mbs2.x86_64.rpm
 9ad313bfab1ba9c8efcbc0e65b179ddf  mbs2/x86_64/erlang-orber-R16B02-3.1.mbs2.x86_64.rpm
 227fee7ff295d10ff377cd5e85bc260d  mbs2/x86_64/erlang-os_mon-R16B02-3.1.mbs2.x86_64.rpm
 f9466de44e540cfc315d6d187c73933e  mbs2/x86_64/erlang-otp_mibs-R16B02-3.1.mbs2.x86_64.rpm
 ea1ded7ffbf11aebeefa69d5ed4e46ed  mbs2/x86_64/erlang-parsetools-R16B02-3.1.mbs2.x86_64.rpm
 79401ec3c2a53510b5c18fa5ec9c48cd  mbs2/x86_64/erlang-percept-R16B02-3.1.mbs2.x86_64.rpm
 71bc4854a1521759767da77f6dbafd95  mbs2/x86_64/erlang-pman-R16B02-3.1.mbs2.x86_64.rpm
 a029b242eedb3b776c2a0a514c276ba8  mbs2/x86_64/erlang-public_key-R16B02-3.1.mbs2.x86_64.rpm
 abb2e8ca95dc45ce97e73f24db27456a  mbs2/x86_64/erlang-reltool-R16B02-3.1.mbs2.x86_64.rpm
 3a4517790ca1f36a78efaf2c64d11de1  mbs2/x86_64/erlang-runtime_tools-R16B02-3.1.mbs2.x86_64.rpm
 166a784fcc6045fbb9efbef6290641d7  mbs2/x86_64/erlang-snmp-R16B02-3.1.mbs2.x86_64.rpm
 827213abaec61dcde9e8f779e7a8d331  mbs2/x86_64/erlang-ssh-R16B02-3.1.mbs2.x86_64.rpm
 093a3ccdd934156cb434c0b795d8d982  mbs2/x86_64/erlang-ssl-R16B02-3.1.mbs2.x86_64.rpm
 72e9c7fb38a3116b1a00d2c4fccbf88e  mbs2/x86_64/erlang-stack-R16B02-3.1.mbs2.x86_64.rpm
 8b77c2ca0438ec1c1adbc99280291f8c  mbs2/x86_64/erlang-syntax_tools-R16B02-3.1.mbs2.x86_64.rpm
 03bae9355926cd7ecc29476eabac629e  mbs2/x86_64/erlang-test_server-R16B02-3.1.mbs2.x86_64.rpm
 1f23126813a9f02705174b9f243ac8be  mbs2/x86_64/erlang-toolbar-R16B02-3.1.mbs2.x86_64.rpm
 df9f88f56c816780d093c5d8426779ce  mbs2/x86_64/erlang-tools-R16B02-3.1.mbs2.x86_64.rpm
 b65670938b9d8c22226e7189349eb5c4  mbs2/x86_64/erlang-tv-R16B02-3.1.mbs2.x86_64.rpm
 d5bc3f1de4e19b43f26f35a05b133f23  mbs2/x86_64/erlang-typer-R16B02-3.1.mbs2.x86_64.rpm
 1d9ca7574b5fea1a3730c5db14357387  mbs2/x86_64/erlang-webtool-R16B02-3.1.mbs2.x86_64.rpm
 95f2dba7a7a8ec8150eae75f2a4a1a1d  mbs2/x86_64/erlang-wx-R16B02-3.1.mbs2.x86_64.rpm
 2ea9cb729265b4eb387367b154d1d5aa  mbs2/x86_64/erlang-xmerl-R16B02-3.1.mbs2.x86_64.rpm 
 5426c5858d7b207f8cdcd5ad4beb3ed3  mbs2/SRPMS/erlang-R16B02-3.1.mbs2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVGQBGmqjQ0CJFipgRAlMOAJ4+XKgZ2ajTf/2V3nFSk3g0aRxWbgCbBX3D
V03y7WmjZTY0C9ZyD13tQfg=
=GBGW
-----END PGP SIGNATURE-----