[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 575/05 - Mandriva - Three Update Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 575/05 dated 25.07.05  Time: 11:08  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Mandriva - Three Update Advisories:
     1.  Updated clamav packages provide latest version                 [MDKA-2005:035]
     2.  Updated mozilla-firefox packages fix multiple vulnerabilities  [MDKSA-2005:120-1]
     3.  Updated zlib packages fix vulnerability                        [MDKSA-2005:124]


Detail
====== 

Update advisory summaries:

     1.  Clamav is being updated to 0.86.1 for all supported versions in order
         to provide compatibility with the latest virus definitions.

     2.  A number of vulnerabilities were reported and fixed in Firefox 1.0.5
         and Mozilla 1.7.9.

     3.  A previous zlib update (MDKSA-2005:112; CAN-2005-2096) fixed an overflow
         flaw in the zlib program.  While that update did indeed fix the reported
         overflow issue, additional ways that a specially-crafted compressed stream 
         could trigger an overflow have been discovered.


Update advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                     Mandriva Linux Update Advisory
 _______________________________________________________________________

 Package name:           clamav
 Advisory ID:            MDKA-2005:035
 Date:                   July 22nd, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Clamav is being updated to 0.86.1 for all supported versions in order
 to provide compatibility with the latest virus definitions.
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 171ad4cd5104be9f5e041fdfa5e16853  10.1/RPMS/clamav-0.86.1-3.1.101mdk.i586.rpm
 be81dca1c0afbaa48696bd94ab6c8efa  10.1/RPMS/clamav-db-0.86.1-3.1.101mdk.i586.rpm
 4690b149c69344abff6a6666c4877d11  10.1/RPMS/clamav-milter-0.86.1-3.1.101mdk.i586.rpm
 3bb82aeae5014bbac0a616196baf7710  10.1/RPMS/clamd-0.86.1-3.1.101mdk.i586.rpm
 63752df1a5586243cfe665228259cc67  10.1/RPMS/libclamav1-0.86.1-3.1.101mdk.i586.rpm
 52fa48c0dea8b0d72224b2d1da937519  10.1/RPMS/libclamav1-devel-0.86.1-3.1.101mdk.i586.rpm
 fd598a5d09f584efa5506120e2713a44  10.1/SRPMS/clamav-0.86.1-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 3b739e0539417af151ebb584750eace5  x86_64/10.1/RPMS/clamav-0.86.1-3.1.101mdk.x86_64.rpm
 b5e7342dad3b0edd54a9938b474554cf  x86_64/10.1/RPMS/clamav-db-0.86.1-3.1.101mdk.x86_64.rpm
 3e209e161fa5ed220fe83c9730923f77  x86_64/10.1/RPMS/clamav-milter-0.86.1-3.1.101mdk.x86_64.rpm
 011d8bfaf70b3750b983cdfa2b10ee39  x86_64/10.1/RPMS/clamd-0.86.1-3.1.101mdk.x86_64.rpm
 9387223fb5ed6e5ba7f131888ea79be9  x86_64/10.1/RPMS/lib64clamav1-0.86.1-3.1.101mdk.x86_64.rpm
 dd48fd93240f4c8cd16f0f177f9030fa  x86_64/10.1/RPMS/lib64clamav1-devel-0.86.1-3.1.101mdk.x86_64.rpm
 fd598a5d09f584efa5506120e2713a44  x86_64/10.1/SRPMS/clamav-0.86.1-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 2a0ca448db7868de653eff0326e49356  10.2/RPMS/clamav-0.86.1-3.1.102mdk.i586.rpm
 ad7c4fb91d8bd1b174355e2bb2141918  10.2/RPMS/clamav-db-0.86.1-3.1.102mdk.i586.rpm
 d59b48028fe15f50f8c0760a51ef9f49  10.2/RPMS/clamav-milter-0.86.1-3.1.102mdk.i586.rpm
 653a0cd4e4516427c4a01b057628469f  10.2/RPMS/clamd-0.86.1-3.1.102mdk.i586.rpm
 3185c7b3d415a13d3ae220eb04286a6e  10.2/RPMS/libclamav1-0.86.1-3.1.102mdk.i586.rpm
 572274a0afe6ae009e0995ea2a9a320f  10.2/RPMS/libclamav1-devel-0.86.1-3.1.102mdk.i586.rpm
 5ae07a320052e00d599fefe85069f310  10.2/SRPMS/clamav-0.86.1-3.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 a50d1983d0ea3015bbeede75e363616d  x86_64/10.2/RPMS/clamav-0.86.1-3.1.102mdk.x86_64.rpm
 999546f9b1e72595c0c202ea692c0da4  x86_64/10.2/RPMS/clamav-db-0.86.1-3.1.102mdk.x86_64.rpm
 218517c3324eaafee26fd1db662c3c08  x86_64/10.2/RPMS/clamav-milter-0.86.1-3.1.102mdk.x86_64.rpm
 1e6b5ece6df5191c7fd592688c284c20  x86_64/10.2/RPMS/clamd-0.86.1-3.1.102mdk.x86_64.rpm
 fa01699bcb38d2e0bc312f9a856610f5  x86_64/10.2/RPMS/lib64clamav1-0.86.1-3.1.102mdk.x86_64.rpm
 5896c2e8c401d2ff7bdea524c52c44ab  x86_64/10.2/RPMS/lib64clamav1-devel-0.86.1-3.1.102mdk.x86_64.rpm
 5ae07a320052e00d599fefe85069f310  x86_64/10.2/SRPMS/clamav-0.86.1-3.1.102mdk.src.rpm

 Corporate 3.0:
 dffe4069ddffe6db9943a7fd5a5aff67  corporate/3.0/RPMS/clamav-0.86.1-3.1.C30mdk.i586.rpm
 6073d14a3f320f3cc2885a158d898075  corporate/3.0/RPMS/clamav-db-0.86.1-3.1.C30mdk.i586.rpm
 b8391df64eb91abee033615c5dbb5c2f  corporate/3.0/RPMS/clamav-milter-0.86.1-3.1.C30mdk.i586.rpm
 9deaa17b195b774bae0194aa62e5a9e3  corporate/3.0/RPMS/clamd-0.86.1-3.1.C30mdk.i586.rpm
 ed1ae19792bbfd8ad597fe3edf4fe32f  corporate/3.0/RPMS/libclamav1-0.86.1-3.1.C30mdk.i586.rpm
 07e9709e4ec4400d6761b04ec1345882  corporate/3.0/RPMS/libclamav1-devel-0.86.1-3.1.C30mdk.i586.rpm
 2d4f46af9406ae08a7f0a3b50022e5b0  corporate/3.0/SRPMS/clamav-0.86.1-3.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 a93390967feca38f24da972383e1a4d2  x86_64/corporate/3.0/RPMS/clamav-0.86.1-3.1.C30mdk.x86_64.rpm
 7b20d8f21ecf6715affd652f990e5fe5  x86_64/corporate/3.0/RPMS/clamav-db-0.86.1-3.1.C30mdk.x86_64.rpm
 9e902e9267af608d027b94b724f1a9da  x86_64/corporate/3.0/RPMS/clamav-milter-0.86.1-3.1.C30mdk.x86_64.rpm
 bf32ec1bd40a01a25ee7bcde78037bb3  x86_64/corporate/3.0/RPMS/clamd-0.86.1-3.1.C30mdk.x86_64.rpm
 bf8d2bbcd5266067ed26c25a17447082  x86_64/corporate/3.0/RPMS/lib64clamav1-0.86.1-3.1.C30mdk.x86_64.rpm
 abc348ae96aa7c7e57d510ad23085314  x86_64/corporate/3.0/RPMS/lib64clamav1-devel-0.86.1-3.1.C30mdk.x86_64.rpm
 2d4f46af9406ae08a7f0a3b50022e5b0  x86_64/corporate/3.0/SRPMS/clamav-0.86.1-3.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC4XtymqjQ0CJFipgRAkj5AKCNZSgS57u4zVjOS/aTiZWS+ogj/wCgmE2m
TEDZuddPJJjYoIgf8YtQbZI=
=cklx
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           mozilla-firefox
 Advisory ID:            MDKSA-2005:120-1
 Date:                   July 22nd, 2005
 Original Advisory Date: July 13th, 2005
 Affected versions:	 10.2
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities were reported and fixed in Firefox 1.0.5
 and Mozilla 1.7.9.  The following vulnerabilities have been backported
 and patched for this update:
 
 In several places the browser UI did not correctly distinguish between
 true user events, such as mouse clicks or keystrokes, and synthetic
 events genenerated by web content. The problems ranged from minor
 annoyances like switching tabs or entering full-screen mode, to a
 variant on MFSA 2005-34 Synthetic events are now prevented from
 reaching the browser UI entirely rather than depend on each potentially
 spoofed function to protect itself from untrusted events
 (MFSA 2005-45; CAN-2005-2260).
 
 Scripts in XBL controls from web content continued to be run even when
 Javascript was disabled. By itself this causes no harm, but it could be
 combined with most script-based exploits to attack people running
 vulnerable versions who thought disabling javascript would protect
 them.  In the Thunderbird and Mozilla Suite mail clients Javascript is
 disabled by default for protection against denial-of-service attacks
 and worms; this vulnerability could be used to bypass that protection
 (MFSA 2005-46; CAN-2005-2261).
 
 If an attacker can convince a victim to use the "Set As Wallpaper"
 context menu item on a specially crafted image then they can run
 arbitary code on the user's computer. The image "source" must be a
 javascript: url containing an eval() statement and such an image would
 get the "broken image" icon, but with CSS it could be made transparent
 and placed on top of a real image.  The attacker would have to convince
 the user to change their desktop background to the exploit image, and
 to do so by using the Firefox context menu rather than first saving the
 image locally and using the normal mechanism provided by their
 operating system.  This affects only Firefox 1.0.3 and 1.0.4; earlier
 versions are unaffected. The implementation of this feature in the
 Mozilla Suite is also unaffected (MFSA 2005-47; CAN-2005-2262).
 
 The InstallTrigger.install() method for launching an install accepts a
 callback function that will be called with the final success or error
 status. By forcing a page navigation immediately after calling the
 install method this callback function can end up running in the context
 of the new page selected by the attacker. This is true even if the user
 cancels the unwanted install dialog: cancel is an error status. This
 callback script can steal data from the new page such as cookies or
 passwords, or perform actions on the user's behalf such as make a
 purchase if the user is already logged into the target site.  In
 Firefox the default settings allow only http://addons.mozilla.org to
 bring up this install dialog. This could only be exploited if users
 have added questionable sites to the install whitelist, and if a
 malicious site can convince you to install from their site that's a
 much more powerful attack vector.  In the Mozilla Suite the whitelist
 feature is turned off by default, any site can prompt the user to
 install software and exploit this vulnerability.  The browser has been
 fixed to clear any pending callback function when switching to a new
 site (MFSA 2005-48; CAN-2005-2263).
 
 Sites can use the _search target to open links in the Firefox sidebar.
 A missing security check allows the sidebar to inject data: urls
 containing scripts into any page open in the browser. This could be
 used to steal cookies, passwords or other sensitive data
 (MFSA 2005-49; CAN-2005-2264).
 
 When InstallVersion.compareTo() is passed an object rather than a
 string it assumed the object was another InstallVersion without
 verifying it. When passed a different kind of object the browser would
 generally crash with an access violation.  shutdown has demonstrated
 that different javascript objects can be passed on some OS versions to
 get control over the instruction pointer. We assume this could be
 developed further to run arbitrary machine code if the attacker can get
 exploit code loaded at a predictable address (MFSA 2005-50;
 CAN-2005-2265).
 
 The original frame-injection spoofing bug was fixed in the Mozilla
 Suite 1.7 and Firefox 0.9 releases. This protection was accidentally
 bypassed by one of the fixes in the Firefox 1.0.3 and Mozilla Suite
 1.7.7 releases (MFSA 2005-51; CAN-2005-1937).
 
 A child frame can call top.focus() even if the framing page comes from
 a different origin and has overridden the focus() routine. The call is
 made in the context of the child frame. The attacker would look for a
 target site with a framed page that makes this call but doesn't verify
 that its parent comes from the same site. The attacker could steal
 cookies and passwords from the framed page, or take actions on behalf
 of a signed-in user. This attack would work only against sites that use
 frames in this manner (MFSA 2005-52; CAN-2005-2266).
 
 Several media players, for example Flash and QuickTime, support
 scripted content with the ability to open URLs in the default browser.
 The default behavior for Firefox was to replace the currently open
 browser window's content with the externally opened content. If the
 external URL was a javascript: url it would run as if it came from the
 site that served the previous content, which could be used to steal
 sensitive information such as login cookies or passwords. If the
 media player content first caused a privileged chrome: url to load then
 the subsequent javascript: url could execute arbitrary code.  External
 javascript: urls will now run in a blank context regardless of what
 content it's replacing, and external apps will no longer be able to
 load privileged chrome: urls in a browser window. The -chrome command
 line option to load chrome applications is still supported
 (MFSA 2005-53; CAN-2005-2267).
 
 Alerts and prompts created by scripts in web pages are presented with
 the generic title [JavaScript Application] which sometimes makes it
 difficult to know which site created them. A malicious page could
 attempt to cause a prompt to appear in front of a trusted site in an
 attempt to extract information such as passwords from the user.  In the
 fixed version these prompts will contain the hostname from the page
 which created it (MFSA 2005-54; CAN-2005-2268).
 
 Parts of the browser UI relied too much on DOM node names without
 taking different namespaces into account and verifying that nodes
 really were of the expected type. An XHTML document could be used to
 create fake <IMG> elements, for example, with content-defined
 properties that the browser would access as if they were the trusted
 built-in properties of the expected HTML elements.  The severity of the
 vulnerability would depend on what the attacker could convince the
 victim to do, but could result in executing user-supplied script with
 elevated "chrome" privileges. This could be used to install malicious
 software on the victim's machine (MFSA 2005-55; CAN-2005-2269).
 
 Improper cloning of base objects allowed web content scripts to walk up
 the prototype chain to get to a privileged object.  This could be used
 to execute code with enhanced privileges (MFSA 2005-56; CAN-2005-2270).
 
 The updated packages have been patched to address these issue.
  
Update:

 New packages are available that fix some regression errors that
 appeared in the Firefox 1.0.5 release that the patches were based on.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2262
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2263
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2264
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2268
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270
  http://www.mozilla.org/security/announce/mfsa2005-45.html
  http://www.mozilla.org/security/announce/mfsa2005-46.html
  http://www.mozilla.org/security/announce/mfsa2005-47.html
  http://www.mozilla.org/security/announce/mfsa2005-48.html
  http://www.mozilla.org/security/announce/mfsa2005-49.html
  http://www.mozilla.org/security/announce/mfsa2005-50.html
  http://www.mozilla.org/security/announce/mfsa2005-51.html
  http://www.mozilla.org/security/announce/mfsa2005-52.html
  http://www.mozilla.org/security/announce/mfsa2005-53.html
  http://www.mozilla.org/security/announce/mfsa2005-54.html
  http://www.mozilla.org/security/announce/mfsa2005-55.html
  http://www.mozilla.org/security/announce/mfsa2005-56.html
  http://secunia.com/advisories/15489/
  http://secunia.com/advisories/15549/
  http://secunia.com/advisories/15601/
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.2:
 3d0c909432d334210b62858fcd168b84  10.2/RPMS/libnspr4-1.0.2-8.1.102mdk.i586.rpm
 26eceab87ec1917421268af235d79c53  10.2/RPMS/libnspr4-devel-1.0.2-8.1.102mdk.i586.rpm
 8da370adf09aa25eee32c40ac6ce197d  10.2/RPMS/libnss3-1.0.2-8.1.102mdk.i586.rpm
 19110ad997d3bd74d71e02d88815186f  10.2/RPMS/libnss3-devel-1.0.2-8.1.102mdk.i586.rpm
 e65aec36dcbf19ae9512cc29257ff962  10.2/RPMS/mozilla-firefox-1.0.2-8.1.102mdk.i586.rpm
 ce8b763c88114ed27e64b5d779b15397  10.2/RPMS/mozilla-firefox-devel-1.0.2-8.1.102mdk.i586.rpm
 e8f1ab14ac8a6835b2436df6de495f91  10.2/SRPMS/mozilla-firefox-1.0.2-8.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 bf2971e053939aef258b93202ba7daf0  x86_64/10.2/RPMS/lib64nspr4-1.0.2-8.1.102mdk.x86_64.rpm
 959055c9a8ce7d40dfb2bad1a9334b20  x86_64/10.2/RPMS/lib64nspr4-devel-1.0.2-8.1.102mdk.x86_64.rpm
 3d0c909432d334210b62858fcd168b84  x86_64/10.2/RPMS/libnspr4-1.0.2-8.1.102mdk.i586.rpm
 26eceab87ec1917421268af235d79c53  x86_64/10.2/RPMS/libnspr4-devel-1.0.2-8.1.102mdk.i586.rpm
 5ee4652302f285f9d2d98d34a1315935  x86_64/10.2/RPMS/lib64nss3-1.0.2-8.1.102mdk.x86_64.rpm
 dec7310f3d726f19dc8540a6c0036f3e  x86_64/10.2/RPMS/lib64nss3-devel-1.0.2-8.1.102mdk.x86_64.rpm
 8da370adf09aa25eee32c40ac6ce197d  x86_64/10.2/RPMS/libnss3-1.0.2-8.1.102mdk.i586.rpm
 19110ad997d3bd74d71e02d88815186f  x86_64/10.2/RPMS/libnss3-devel-1.0.2-8.1.102mdk.i586.rpm
 abcace081b81d082a61a215a077cc147  x86_64/10.2/RPMS/mozilla-firefox-1.0.2-8.1.102mdk.x86_64.rpm
 ecdc99b4b1551f385b44ee5ab9f5efd8  x86_64/10.2/RPMS/mozilla-firefox-devel-1.0.2-8.1.102mdk.x86_64.rpm
 e8f1ab14ac8a6835b2436df6de495f91  x86_64/10.2/SRPMS/mozilla-firefox-1.0.2-8.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC4XwymqjQ0CJFipgRAheyAKCP0c5faFaZj6oPUjT+wta/6yuOagCgsSQ6
uoPscRS47FLlF3A2HQsYx4Y=
=8D2/
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           zlib
 Advisory ID:            MDKSA-2005:124
 Date:                   July 22nd, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 A previous zlib update (MDKSA-2005:112; CAN-2005-2096) fixed an overflow
 flaw in the zlib program.  While that update did indeed fix the reported
 overflow issue, Markus Oberhumber discovered additional ways that a
 specially-crafted compressed stream could trigger an overflow.  An
 attacker could create such a stream that would cause a linked
 application to crash if opened by a user.
 
 The updated packages are provided to protect against this flaw.  The
 Corporate Server 2.1 product is not affected by this vulnerability.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 860987335903c382c12e42448367676f  10.0/RPMS/zlib1-1.2.1-2.3.100mdk.i586.rpm
 e047a26f46031a57f896a1d36ccc52c3  10.0/RPMS/zlib1-devel-1.2.1-2.3.100mdk.i586.rpm
 72ea4005316839b3c31b90d524c52d42  10.0/SRPMS/zlib-1.2.1-2.3.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 e6a94df40bc740d725731036e7f3db96  amd64/10.0/RPMS/zlib1-1.2.1-2.3.100mdk.amd64.rpm
 890f9d6039a95f82365a7cb55e9017fb  amd64/10.0/RPMS/zlib1-devel-1.2.1-2.3.100mdk.amd64.rpm
 72ea4005316839b3c31b90d524c52d42  amd64/10.0/SRPMS/zlib-1.2.1-2.3.100mdk.src.rpm

 Mandrakelinux 10.1:
 58c3324f33d5586d1bcdde0aca4e5a79  10.1/RPMS/zlib1-1.2.1.1-3.2.101mdk.i586.rpm
 c0ccb2820937a05d8cc608701150f012  10.1/RPMS/zlib1-devel-1.2.1.1-3.2.101mdk.i586.rpm
 17ad74eeed07fab9c8829dd546be6890  10.1/SRPMS/zlib-1.2.1.1-3.2.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 87e7046c0c876da2c94590ad6c98dafe  x86_64/10.1/RPMS/zlib1-1.2.1.1-3.2.101mdk.x86_64.rpm
 f90e56e2ab04468abac0c08849a5260a  x86_64/10.1/RPMS/zlib1-devel-1.2.1.1-3.2.101mdk.x86_64.rpm
 17ad74eeed07fab9c8829dd546be6890  x86_64/10.1/SRPMS/zlib-1.2.1.1-3.2.101mdk.src.rpm

 Mandrakelinux 10.2:
 d30d7cfb002353a63f89ba382062a78e  10.2/RPMS/zlib1-1.2.2.2-2.2.102mdk.i586.rpm
 5c4a526d818a326fafd6c9e9672b3447  10.2/RPMS/zlib1-devel-1.2.2.2-2.2.102mdk.i586.rpm
 543c843e6691904415c4c8bc45affe7c  10.2/SRPMS/zlib-1.2.2.2-2.2.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 c7c5d4fbeb2db2ffa27e6123958280a7  x86_64/10.2/RPMS/zlib1-1.2.2.2-2.2.102mdk.x86_64.rpm
 dbc5bbd0220041e3594939e963bfb5da  x86_64/10.2/RPMS/zlib1-devel-1.2.2.2-2.2.102mdk.x86_64.rpm
 543c843e6691904415c4c8bc45affe7c  x86_64/10.2/SRPMS/zlib-1.2.2.2-2.2.102mdk.src.rpm

 Multi Network Firewall 2.0:
 631b3c1e87bbde27e99673d30c1e91c1  mnf/2.0/RPMS/zlib1-1.2.1-2.3.M20mdk.i586.rpm
 c3077bbfdaeb2c6fc1e5aed4f6b0e65b  mnf/2.0/SRPMS/zlib-1.2.1-2.3.M20mdk.src.rpm

 Corporate 3.0:
 2e66862f24760823bdaa26c20fbc7606  corporate/3.0/RPMS/zlib1-1.2.1-2.3.C30mdk.i586.rpm
 d9cab4b4ab9a04eeee1b38ac7c3e5e5a  corporate/3.0/RPMS/zlib1-devel-1.2.1-2.3.C30mdk.i586.rpm
 ae75fabf010504e1b0f84f79e50c5753  corporate/3.0/SRPMS/zlib-1.2.1-2.3.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 92ef33342acbfa125fb45e84a591cf3f  x86_64/corporate/3.0/RPMS/zlib1-1.2.1-2.3.C30mdk.x86_64.rpm
 b884c537207635c8d1ca5ac9bcfed24a  x86_64/corporate/3.0/RPMS/zlib1-devel-1.2.1-2.3.C30mdk.x86_64.rpm
 ae75fabf010504e1b0f84f79e50c5753  x86_64/corporate/3.0/SRPMS/zlib-1.2.1-2.3.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFC4XyumqjQ0CJFipgRAmhcAJ0dskt+ZAg53ZAU4tBFwZyzLfAaUACguxr1
XyvQZo/trBQf15WO1LATnmk=
=BJR3
- -----END PGP SIGNATURE-----



- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQuS594pao72zK539AQGqHQP/V0N6PW1EJQJuvZ+nQs0FTvQWSdddnDTU
32wkk3+GnIc1jY9dwZjrO3rdSdCCzPy9v8smohStIJglGKB2TR+zXLE/EKudwwmc
6wOkeyyBolSUKljGmaCrGAM/3uQg8D6ZJWcTQKilQ0U3Cy/94x8GIsuX9ldxM7GU
uz9/LerOCx0=
=ASjh
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________