[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 652/05 - Mandriva - Four Security Update Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 652/05 dated 19.08.05  Time: 16:10 
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Mandriva - Four Security Update Advisories:
     1.  Updated evolution packages fixes format string vulnerabilities  [MDKSA-2005:141]
     2.  Updated libtiff packages fixes vulnerability                    [MDKSA-2005:142]
     3.  Updated kdegraphics packages fix kfax vulnerability             [MDKSA-2005:143]
     4.  Updated wxPythonGTK packages several vulnerabilities            [MDKSA-2005:144]


Detail
====== 

Security update advisory summaries:

     1.  Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1
         allow remote attackers to cause a denial of service (crash) and possibly 
         execute arbitrary code via (1) full vCard data, (2) contact data from 
         remote LDAP servers, or (3) task list data from remote servers. (CAN-2005-2549)

     2.  Wouter Hanegraaff discovered that the TIFF library did not sufficiently
         validate the "YCbCr subsampling" value in TIFF image headers. Decoding 
         a malicious image with a zero value resulted in an arithmetic exception, 
         which can cause a program that uses the TIFF library to crash.

     3.  Kdegraphics < 3.3 uses an embedded libtiff source tree for kfax, and  
         as such has the same vulnerability as the above.

     4.  wxPythonGTK uses an embedded libtiff source tree, and as such has the
         same vulnerability as the above.


Security update advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           evolution
 Advisory ID:            MDKSA-2005:141
 Date:                   August 17th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1
 allow remote attackers to cause a denial of service (crash) and possibly 
 execute arbitrary code via (1) full vCard data, (2) contact data from 
 remote LDAP servers, or (3) task list data from remote servers.
 (CAN-2005-2549)
 
 A format string vulnerability in Evolution 1.4 through 2.3.6.1 allows 
 remote attackers to cause a denial of service (crash) and possibly
 execute arbitrary code via the calendar entries such as task lists,
 which are not properly handled when the user selects the Calendars tab.
 (CAN-2005-2550)
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2549
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2550
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 c86139b16f34105eb0fb2bfb3ecc4bdf  10.1/RPMS/evolution-2.0.3-1.4.101mdk.i586.rpm
 3f7164577e567be0f7ee93ed12d3de13  10.1/RPMS/evolution-devel-2.0.3-1.4.101mdk.i586.rpm
 7005876e3443b028a65258b25b1eeadf  10.1/RPMS/evolution-pilot-2.0.3-1.4.101mdk.i586.rpm
 29601b950c1fb806f48275da174a0721  10.1/SRPMS/evolution-2.0.3-1.4.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 7fbb271d2c863d2ae1623c434157bed2  x86_64/10.1/RPMS/evolution-2.0.3-1.4.101mdk.x86_64.rpm
 99d8f4c56967e45c2d5e6a8ed11c5f0c  x86_64/10.1/RPMS/evolution-devel-2.0.3-1.4.101mdk.x86_64.rpm
 52bfc378433fe224a0aa8ac4784a5ab1  x86_64/10.1/RPMS/evolution-pilot-2.0.3-1.4.101mdk.x86_64.rpm
 29601b950c1fb806f48275da174a0721  x86_64/10.1/SRPMS/evolution-2.0.3-1.4.101mdk.src.rpm

 Mandrakelinux 10.2:
 5a37a9c724ff1d5eae934f6f45aaf607  10.2/RPMS/evolution-2.0.4-3.1.102mdk.i586.rpm
 a6822e000c563fb6c025b3aa5cf24a76  10.2/RPMS/evolution-devel-2.0.4-3.1.102mdk.i586.rpm
 9476496c8d82bb59be375b93315fd1be  10.2/RPMS/evolution-pilot-2.0.4-3.1.102mdk.i586.rpm
 b306dba4c9525c4be261903f5bca83e0  10.2/SRPMS/evolution-2.0.4-3.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 a6072f366802d6e983312850d3048579  x86_64/10.2/RPMS/evolution-2.0.4-3.1.102mdk.x86_64.rpm
 90fb55af1fc3a40cac030a63156b2a31  x86_64/10.2/RPMS/evolution-devel-2.0.4-3.1.102mdk.x86_64.rpm
 a07bade72ae8bc6c82d46680937f0bf5  x86_64/10.2/RPMS/evolution-pilot-2.0.4-3.1.102mdk.x86_64.rpm
 b306dba4c9525c4be261903f5bca83e0  x86_64/10.2/SRPMS/evolution-2.0.4-3.1.102mdk.src.rpm

 Corporate 3.0:
 b4fe8df7fe51f54129606ed4e81a2a33  corporate/3.0/RPMS/evolution-1.4.6-5.2.C30mdk.i586.rpm
 b1596ec712f2f3bde7b0e7c4a9e1409f  corporate/3.0/RPMS/evolution-devel-1.4.6-5.2.C30mdk.i586.rpm
 60068cc6987dccb19f6586cbd5e74949  corporate/3.0/RPMS/evolution-pilot-1.4.6-5.2.C30mdk.i586.rpm
 736e517b243c4a3b9d57970b7e6a2e71  corporate/3.0/SRPMS/evolution-1.4.6-5.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 cd590782c6bba4a33fb55ed231ec940b  x86_64/corporate/3.0/RPMS/evolution-1.4.6-5.2.C30mdk.x86_64.rpm
 197aca690c2e893732ed72d6298a46b0  x86_64/corporate/3.0/RPMS/evolution-devel-1.4.6-5.2.C30mdk.x86_64.rpm
 4c734a5c04be55664fb086fa6a56a5d2  x86_64/corporate/3.0/RPMS/evolution-pilot-1.4.6-5.2.C30mdk.x86_64.rpm
 736e517b243c4a3b9d57970b7e6a2e71  x86_64/corporate/3.0/SRPMS/evolution-1.4.6-5.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBAXZmqjQ0CJFipgRAobfAJ0cdWHj65EXJ5LacGvHgVfZyPRKOwCeNrsr
i92EJnRTyl8UmcKSntPrgqU=
=eD6K
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           libtiff
 Advisory ID:            MDKSA-2005:142
 Date:                   August 17th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1,
			 Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 Wouter Hanegraaff discovered that the TIFF library did not sufficiently
 validate the "YCbCr subsampling" value in TIFF image headers. Decoding 
 a malicious image with a zero value resulted in an arithmetic exception, 
 which can cause a program that uses the TIFF library to crash. 
 
 The updated packages are patched to protect against this vulnerability.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 cc0fa1b1b5fd12c4083cc9eb98a5458f  10.0/RPMS/libtiff-progs-3.5.7-11.7.100mdk.i586.rpm
 8fb0219e7d642d2fdc241d8927421d48  10.0/RPMS/libtiff3-3.5.7-11.7.100mdk.i586.rpm
 cbfd4d23c8ac8562c92e55a035d80a67  10.0/RPMS/libtiff3-devel-3.5.7-11.7.100mdk.i586.rpm
 e74038d540e7d00a1b050f7b26cd56a9  10.0/RPMS/libtiff3-static-devel-3.5.7-11.7.100mdk.i586.rpm
 f7d3fce17d5e63a28f9438a29e640aa4  10.0/SRPMS/libtiff-3.5.7-11.7.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 a3b989bdce7af31d4886466ff1441526  amd64/10.0/RPMS/lib64tiff3-3.5.7-11.7.100mdk.amd64.rpm
 97d58685556a85cb2ab884f7ebadb536  amd64/10.0/RPMS/lib64tiff3-devel-3.5.7-11.7.100mdk.amd64.rpm
 8b8ddac45016f59118a7779ff6d027c6  amd64/10.0/RPMS/lib64tiff3-static-devel-3.5.7-11.7.100mdk.amd64.rpm
 30c99b6bb385cd3dfc98d50c8a3c9196  amd64/10.0/RPMS/libtiff-progs-3.5.7-11.7.100mdk.amd64.rpm
 f7d3fce17d5e63a28f9438a29e640aa4  amd64/10.0/SRPMS/libtiff-3.5.7-11.7.100mdk.src.rpm

 Mandrakelinux 10.1:
 c76c200a605c1f0584782fb49518e29d  10.1/RPMS/libtiff-progs-3.6.1-4.4.101mdk.i586.rpm
 773afaac9d2ed45b124216a7b8059f55  10.1/RPMS/libtiff3-3.6.1-4.4.101mdk.i586.rpm
 bcc744f04a6a8b772fa3c63ad5e5bda3  10.1/RPMS/libtiff3-devel-3.6.1-4.4.101mdk.i586.rpm
 c2f0a831fc371041221c54f288e99bb2  10.1/RPMS/libtiff3-static-devel-3.6.1-4.4.101mdk.i586.rpm
 835e5009fabee9050f055d951a3d0f8a  10.1/SRPMS/libtiff-3.6.1-4.4.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 d2cec129a11f6c1181c486eed8a024ab  x86_64/10.1/RPMS/lib64tiff3-3.6.1-4.4.101mdk.x86_64.rpm
 73321d2e2a109f6993c8e44879284139  x86_64/10.1/RPMS/lib64tiff3-devel-3.6.1-4.4.101mdk.x86_64.rpm
 28f7ea7a0ee1954a64e0c9d1ca17f224  x86_64/10.1/RPMS/lib64tiff3-static-devel-3.6.1-4.4.101mdk.x86_64.rpm
 f2c2b82c083d035f32e105437c00ef40  x86_64/10.1/RPMS/libtiff-progs-3.6.1-4.4.101mdk.x86_64.rpm
 835e5009fabee9050f055d951a3d0f8a  x86_64/10.1/SRPMS/libtiff-3.6.1-4.4.101mdk.src.rpm

 Mandrakelinux 10.2:
 ddfec22eb079ad3e3c3e181581a32515  10.2/RPMS/libtiff-progs-3.6.1-11.1.102mdk.i586.rpm
 85002ad26c89bd5f00f49aa7848914ed  10.2/RPMS/libtiff3-3.6.1-11.1.102mdk.i586.rpm
 1680f0094d4a1f4d7783a63536992342  10.2/RPMS/libtiff3-devel-3.6.1-11.1.102mdk.i586.rpm
 ab5d56da0e46e583d7d5559b460c015b  10.2/RPMS/libtiff3-static-devel-3.6.1-11.1.102mdk.i586.rpm
 60bd2c3885e06f49e97ed114ea22c260  10.2/SRPMS/libtiff-3.6.1-11.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 b19a75b4230c1a67febfbbd1d7e3bd0b  x86_64/10.2/RPMS/lib64tiff3-3.6.1-11.1.102mdk.x86_64.rpm
 dd11b518706b082c138aa4a7a427235d  x86_64/10.2/RPMS/lib64tiff3-devel-3.6.1-11.1.102mdk.x86_64.rpm
 78da0140db6312a7813e21da700cc129  x86_64/10.2/RPMS/lib64tiff3-static-devel-3.6.1-11.1.102mdk.x86_64.rpm
 1a3d856456e521653f3f94b29b561b1d  x86_64/10.2/RPMS/libtiff-progs-3.6.1-11.1.102mdk.x86_64.rpm
 60bd2c3885e06f49e97ed114ea22c260  x86_64/10.2/SRPMS/libtiff-3.6.1-11.1.102mdk.src.rpm

 Multi Network Firewall 2.0:
 29096b79d63f19c6e6602b6fe8859bae  mnf/2.0/RPMS/libtiff3-3.5.7-11.7.M20mdk.i586.rpm
 6983f0e032014df1ffeeb14306e5d410  mnf/2.0/SRPMS/libtiff-3.5.7-11.7.M20mdk.src.rpm

 Corporate Server 2.1:
 e17fd0f6fdf37c67d7cc94223806b652  corporate/2.1/RPMS/libtiff3-3.5.7-6.2.C21mdk.i586.rpm
 ae1dee85cddb636fa9126fd14e5c9384  corporate/2.1/RPMS/libtiff3-devel-3.5.7-6.2.C21mdk.i586.rpm
 659cc8d21c830f379ebf92d45fe92b0c  corporate/2.1/RPMS/libtiff3-progs-3.5.7-6.2.C21mdk.i586.rpm
 473e992205374da87b91cb8fdd9b6d65  corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-6.2.C21mdk.i586.rpm
 261d009314678a8e54d903234e53f2d5  corporate/2.1/SRPMS/libtiff-3.5.7-6.2.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 b9a3c705853bfc458adbbe7b9b35292c  x86_64/corporate/2.1/RPMS/libtiff3-3.5.7-6.2.C21mdk.x86_64.rpm
 ccb61469627ec442bbb1606e2c5493fe  x86_64/corporate/2.1/RPMS/libtiff3-devel-3.5.7-6.2.C21mdk.x86_64.rpm
 ed0414cff8b668737b401b3874295fb0  x86_64/corporate/2.1/RPMS/libtiff3-progs-3.5.7-6.2.C21mdk.x86_64.rpm
 2cb106b7e639a4adbf866fcf0bcb95a2  x86_64/corporate/2.1/RPMS/libtiff3-static-devel-3.5.7-6.2.C21mdk.x86_64.rpm
 261d009314678a8e54d903234e53f2d5  x86_64/corporate/2.1/SRPMS/libtiff-3.5.7-6.2.C21mdk.src.rpm

 Corporate 3.0:
 5d467dc33e472e58f78111bef860b052  corporate/3.0/RPMS/libtiff-progs-3.5.7-11.7.C30mdk.i586.rpm
 c6e92b32bb20db8d058299b3da175a55  corporate/3.0/RPMS/libtiff3-3.5.7-11.7.C30mdk.i586.rpm
 e104fdfdfc2e3df51e459a5e56169c41  corporate/3.0/RPMS/libtiff3-devel-3.5.7-11.7.C30mdk.i586.rpm
 e725905e66036c32093aaa4b478e5c6a  corporate/3.0/RPMS/libtiff3-static-devel-3.5.7-11.7.C30mdk.i586.rpm
 6bd7338ff5198c5f9edd77b31ecf7190  corporate/3.0/SRPMS/libtiff-3.5.7-11.7.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 3c87ea4b94f226decf5a8e751ec9ad17  x86_64/corporate/3.0/RPMS/lib64tiff3-3.5.7-11.7.C30mdk.x86_64.rpm
 5b5663889c26d6c52de85dc300bcab18  x86_64/corporate/3.0/RPMS/lib64tiff3-devel-3.5.7-11.7.C30mdk.x86_64.rpm
 aa63bf920d4c74f6ce6cabc896846241  x86_64/corporate/3.0/RPMS/lib64tiff3-static-devel-3.5.7-11.7.C30mdk.x86_64.rpm
 022ac2f20e0c349d7dcce42e6cbe7a6c  x86_64/corporate/3.0/RPMS/libtiff-progs-3.5.7-11.7.C30mdk.x86_64.rpm
 6bd7338ff5198c5f9edd77b31ecf7190  x86_64/corporate/3.0/SRPMS/libtiff-3.5.7-11.7.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBAZEmqjQ0CJFipgRAmp9AJkBTO4Jn7u56BUqf/sIe1zuaQTBggCfdb/8
To/G8qtCJOu5vcXbCtCA68w=
=8pu+
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           kdegraphics
 Advisory ID:            MDKSA-2005:143
 Date:                   August 17th, 2005

 Affected versions:	 10.1, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Wouter Hanegraaff discovered that the TIFF library did not sufficiently
 validate the "YCbCr subsampling" value in TIFF image headers. Decoding 
 a malicious image with a zero value resulted in an arithmetic exception, 
 which can cause a program that uses the TIFF library to crash. 
 
 Kdegraphics < 3.3 uses an embedded libtiff source tree for kfax, and 
 as such has the same vulnerability.
 
 The updated packages are patched to protect against this vulnerability.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 0850bfa59d9b425a426dbbfa7c10aea9  10.1/RPMS/kdegraphics-3.2.3-17.7.101mdk.i586.rpm
 82e3aa0f7be63a61c5348b4fe9de4974  10.1/RPMS/kdegraphics-common-3.2.3-17.7.101mdk.i586.rpm
 ded0d09d3df21b41962e0345a90123c6  10.1/RPMS/kdegraphics-kdvi-3.2.3-17.7.101mdk.i586.rpm
 f6220dcfa73e1b4e90d4e8515a6f9d6b  10.1/RPMS/kdegraphics-kfax-3.2.3-17.7.101mdk.i586.rpm
 f994ba55e98a1b9d674a68a92b459af4  10.1/RPMS/kdegraphics-kghostview-3.2.3-17.7.101mdk.i586.rpm
 235ad8b039ac3a9a6d592e719e84df96  10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.7.101mdk.i586.rpm
 ec254712e8752f47305ccbd51a6bf395  10.1/RPMS/kdegraphics-kooka-3.2.3-17.7.101mdk.i586.rpm
 7061f9804f43a5c40ff6fee08f33bab6  10.1/RPMS/kdegraphics-kpaint-3.2.3-17.7.101mdk.i586.rpm
 de9ab6f1dd0606e29e54673819423996  10.1/RPMS/kdegraphics-kpdf-3.2.3-17.7.101mdk.i586.rpm
 52fd4c3a9a5d0e388672f8eff75db2e0  10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm
 76dd522b0af559c1c7523ddbb1620675  10.1/RPMS/kdegraphics-kruler-3.2.3-17.7.101mdk.i586.rpm
 1a8685e1b62a6fe144ad9758fe6368bc  10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.7.101mdk.i586.rpm
 5d97c623ff9ae968212e092c333bf54b  10.1/RPMS/kdegraphics-ksvg-3.2.3-17.7.101mdk.i586.rpm
 de2644bbbbec4555aaf4eacf074327e4  10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.7.101mdk.i586.rpm
 ae96efd29a5678212601733d956e16f4  10.1/RPMS/kdegraphics-kview-3.2.3-17.7.101mdk.i586.rpm
 59cc7110bcefb6958f172f42e446865f  10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm
 5a418834ff6fbb4f931d17de36414b67  10.1/RPMS/libkdegraphics0-common-3.2.3-17.7.101mdk.i586.rpm
 c01f67d93db43c5afdddb257e6ce4821  10.1/RPMS/libkdegraphics0-common-devel-3.2.3-17.7.101mdk.i586.rpm
 d66f05c391671c93ec76d90db2a93603  10.1/RPMS/libkdegraphics0-kghostview-3.2.3-17.7.101mdk.i586.rpm
 33b87413d96b0fbc422b475e3228fefb  10.1/RPMS/libkdegraphics0-kghostview-devel-3.2.3-17.7.101mdk.i586.rpm
 ad5396358769c63743f172c5a0239bee  10.1/RPMS/libkdegraphics0-kooka-3.2.3-17.7.101mdk.i586.rpm
 4fb4d7d4da80d219b85d480b45bc19c1  10.1/RPMS/libkdegraphics0-kooka-devel-3.2.3-17.7.101mdk.i586.rpm
 09a96310e8facb018fec10a100d9ae6c  10.1/RPMS/libkdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm
 22eae16ec3a4e12aa851896e7e8e1cc1  10.1/RPMS/libkdegraphics0-kpovmodeler-devel-3.2.3-17.7.101mdk.i586.rpm
 04fc3af9ba6408d1d8d8f5b0764f4ac9  10.1/RPMS/libkdegraphics0-ksvg-3.2.3-17.7.101mdk.i586.rpm
 4692c9605404fb145263bc102d64a06d  10.1/RPMS/libkdegraphics0-ksvg-devel-3.2.3-17.7.101mdk.i586.rpm
 4108c77923931946d307a7131dd2508a  10.1/RPMS/libkdegraphics0-kuickshow-3.2.3-17.7.101mdk.i586.rpm
 99fdb4a5f62fb3040c151742f279d7c1  10.1/RPMS/libkdegraphics0-kview-3.2.3-17.7.101mdk.i586.rpm
 c094b92f775e50f2f7b28a97b57bc5c9  10.1/RPMS/libkdegraphics0-kview-devel-3.2.3-17.7.101mdk.i586.rpm
 3a198ce8fa7ac425434e6f77af326651  10.1/RPMS/libkdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm
 0d46d0c06d8d7a4da2c314c221f93af8  10.1/SRPMS/kdegraphics-3.2.3-17.7.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 84574d9f8c7e9eebe97527cf34977bb0  x86_64/10.1/RPMS/kdegraphics-3.2.3-17.7.101mdk.x86_64.rpm
 94a1a9754e31c6b049f6b02cde039829  x86_64/10.1/RPMS/kdegraphics-common-3.2.3-17.7.101mdk.x86_64.rpm
 9260ea1b515833a64bd9bfb65860de6a  x86_64/10.1/RPMS/kdegraphics-kdvi-3.2.3-17.7.101mdk.x86_64.rpm
 91b3b2ea85d8d44a03cb6db209754ab7  x86_64/10.1/RPMS/kdegraphics-kfax-3.2.3-17.7.101mdk.x86_64.rpm
 b3be4aabf6740cc50aad3718fb18174c  x86_64/10.1/RPMS/kdegraphics-kghostview-3.2.3-17.7.101mdk.x86_64.rpm
 dfa9cbe05ea54befcb1f3728f9fc09f6  x86_64/10.1/RPMS/kdegraphics-kiconedit-3.2.3-17.7.101mdk.x86_64.rpm
 d154c85c3bc548c99743747907ae4e9e  x86_64/10.1/RPMS/kdegraphics-kooka-3.2.3-17.7.101mdk.x86_64.rpm
 a2f5e201da86e32196d316d1ba81ec89  x86_64/10.1/RPMS/kdegraphics-kpaint-3.2.3-17.7.101mdk.x86_64.rpm
 e96e85bef409684900ee61b2a60fa614  x86_64/10.1/RPMS/kdegraphics-kpdf-3.2.3-17.7.101mdk.x86_64.rpm
 8c94ab2aaf6fd5edda8a5d9c0353c707  x86_64/10.1/RPMS/kdegraphics-kpovmodeler-3.2.3-17.7.101mdk.x86_64.rpm
 ae68b58ea2359e626c578aebd33e63df  x86_64/10.1/RPMS/kdegraphics-kruler-3.2.3-17.7.101mdk.x86_64.rpm
 1a19e163584345a0fee7db21271ed56d  x86_64/10.1/RPMS/kdegraphics-ksnapshot-3.2.3-17.7.101mdk.x86_64.rpm
 b3c614b3cf8d2e28fcbc4437ac7eedb0  x86_64/10.1/RPMS/kdegraphics-ksvg-3.2.3-17.7.101mdk.x86_64.rpm
 6c3b1f8a5575e1db8d2f1bf6167d2e76  x86_64/10.1/RPMS/kdegraphics-kuickshow-3.2.3-17.7.101mdk.x86_64.rpm
 a98c4171cdc3857f545b454206fea60f  x86_64/10.1/RPMS/kdegraphics-kview-3.2.3-17.7.101mdk.x86_64.rpm
 9ddfb247c1ac9b571e042607af438d2e  x86_64/10.1/RPMS/kdegraphics-mrmlsearch-3.2.3-17.7.101mdk.x86_64.rpm
 2daf7814f31ea861af1adf6d6958f619  x86_64/10.1/RPMS/lib64kdegraphics0-common-3.2.3-17.7.101mdk.x86_64.rpm
 1aa254cb176543f2386e7987b5854b86  x86_64/10.1/RPMS/lib64kdegraphics0-common-devel-3.2.3-17.7.101mdk.x86_64.rpm
 24995ac257c8e1e7d34288a1503af153  x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-3.2.3-17.7.101mdk.x86_64.rpm
 3a11f2fc88a7bb271e787c12e11ed85b  x86_64/10.1/RPMS/lib64kdegraphics0-kghostview-devel-3.2.3-17.7.101mdk.x86_64.rpm
 ced64b650693e51ab53dbbbbbdd837de  x86_64/10.1/RPMS/lib64kdegraphics0-kooka-3.2.3-17.7.101mdk.x86_64.rpm
 10785e95b782da9da52262506526dbd0  x86_64/10.1/RPMS/lib64kdegraphics0-kooka-devel-3.2.3-17.7.101mdk.x86_64.rpm
 1a8a8339cc85cef90c54e0c467eff94c  x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.x86_64.rpm
 498116650efb396f2f38dc8c1c3b677c  x86_64/10.1/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2.3-17.7.101mdk.x86_64.rpm
 0f80fd46eea48815eab39170a0f2583d  x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-3.2.3-17.7.101mdk.x86_64.rpm
 04dff57a88777fb2f0258611989889b0  x86_64/10.1/RPMS/lib64kdegraphics0-ksvg-devel-3.2.3-17.7.101mdk.x86_64.rpm
 e18c8a96af23b872e53e613fc09559d9  x86_64/10.1/RPMS/lib64kdegraphics0-kuickshow-3.2.3-17.7.101mdk.x86_64.rpm
 d4811a449e5db4cc23b720076d02be31  x86_64/10.1/RPMS/lib64kdegraphics0-kview-3.2.3-17.7.101mdk.x86_64.rpm
 0432fec2093827d74334b64c004a7dc0  x86_64/10.1/RPMS/lib64kdegraphics0-kview-devel-3.2.3-17.7.101mdk.x86_64.rpm
 cf427e9c6f75bc83e2366f2ddf7c10b8  x86_64/10.1/RPMS/lib64kdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.x86_64.rpm
 5a418834ff6fbb4f931d17de36414b67  x86_64/10.1/RPMS/libkdegraphics0-common-3.2.3-17.7.101mdk.i586.rpm
 d66f05c391671c93ec76d90db2a93603  x86_64/10.1/RPMS/libkdegraphics0-kghostview-3.2.3-17.7.101mdk.i586.rpm
 ad5396358769c63743f172c5a0239bee  x86_64/10.1/RPMS/libkdegraphics0-kooka-3.2.3-17.7.101mdk.i586.rpm
 09a96310e8facb018fec10a100d9ae6c  x86_64/10.1/RPMS/libkdegraphics0-kpovmodeler-3.2.3-17.7.101mdk.i586.rpm
 04fc3af9ba6408d1d8d8f5b0764f4ac9  x86_64/10.1/RPMS/libkdegraphics0-ksvg-3.2.3-17.7.101mdk.i586.rpm
 4108c77923931946d307a7131dd2508a  x86_64/10.1/RPMS/libkdegraphics0-kuickshow-3.2.3-17.7.101mdk.i586.rpm
 99fdb4a5f62fb3040c151742f279d7c1  x86_64/10.1/RPMS/libkdegraphics0-kview-3.2.3-17.7.101mdk.i586.rpm
 3a198ce8fa7ac425434e6f77af326651  x86_64/10.1/RPMS/libkdegraphics0-mrmlsearch-3.2.3-17.7.101mdk.i586.rpm
 0d46d0c06d8d7a4da2c314c221f93af8  x86_64/10.1/SRPMS/kdegraphics-3.2.3-17.7.101mdk.src.rpm

 Corporate 3.0:
 8fb89b5d573b2f0e18960c2c57d88049  corporate/3.0/RPMS/kdegraphics-3.2-15.8.C30mdk.i586.rpm
 74ade0ef32148e47c97e437fdbe31c55  corporate/3.0/RPMS/kdegraphics-common-3.2-15.8.C30mdk.i586.rpm
 f7a1c996410e6f8240fce3df69662ee7  corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.8.C30mdk.i586.rpm
 498fcc2706f13a37151d26d795cb8af5  corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.8.C30mdk.i586.rpm
 968f93bacc172e8bf750e61f55ad6c2d  corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.8.C30mdk.i586.rpm
 ebc0351557377d13d6e6d6e04b727d35  corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.8.C30mdk.i586.rpm
 f78738e6cbe3a828ed8ba99af929afbb  corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.8.C30mdk.i586.rpm
 515a6a3bc02d351e072a3c1661236970  corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.8.C30mdk.i586.rpm
 a8f6098bc65955510f05d52aea3016b3  corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.8.C30mdk.i586.rpm
 c2eb7c48b3a38357a3f3d37986717f09  corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.8.C30mdk.i586.rpm
 0806d05001e5fc2dddbd7bb8a5f8c67b  corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.8.C30mdk.i586.rpm
 3120cf1cad9f5e2b9e96d27ce9b93b57  corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.8.C30mdk.i586.rpm
 ca5c6a6a167fff2ba75e545379198b25  corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.8.C30mdk.i586.rpm
 0b4972ab74f2b0c95cd8a5bd2b489552  corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.8.C30mdk.i586.rpm
 542cb3c43077d50445f4c40bd2de560e  corporate/3.0/RPMS/kdegraphics-kview-3.2-15.8.C30mdk.i586.rpm
 aa9cf4d1aada39adc8b78a3f2ccbf666  corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.8.C30mdk.i586.rpm
 6d469c11e303ecd30c245a93635acd54  corporate/3.0/RPMS/libkdegraphics0-common-3.2-15.8.C30mdk.i586.rpm
 7956586a648f4c7fd84d211e04e03cba  corporate/3.0/RPMS/libkdegraphics0-common-devel-3.2-15.8.C30mdk.i586.rpm
 3acb74778ef80840f40d4ccca953bd71  corporate/3.0/RPMS/libkdegraphics0-kooka-3.2-15.8.C30mdk.i586.rpm
 8878ff3d6852fd7305062c687de8ba5d  corporate/3.0/RPMS/libkdegraphics0-kooka-devel-3.2-15.8.C30mdk.i586.rpm
 31580d68bf2c35d02b77317bb3343122  corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-3.2-15.8.C30mdk.i586.rpm
 8f258b355815e2e81e2f23021c3f97b0  corporate/3.0/RPMS/libkdegraphics0-kpovmodeler-devel-3.2-15.8.C30mdk.i586.rpm
 441dd9fd4991501bb5f576affdcef69a  corporate/3.0/RPMS/libkdegraphics0-ksvg-3.2-15.8.C30mdk.i586.rpm
 6539132604ac8215b8fa39e1610b61a2  corporate/3.0/RPMS/libkdegraphics0-ksvg-devel-3.2-15.8.C30mdk.i586.rpm
 e6886553c073befbfb1fdfbfa25bc63e  corporate/3.0/RPMS/libkdegraphics0-kuickshow-3.2-15.8.C30mdk.i586.rpm
 d9155b7767bf9be9a58210759496823c  corporate/3.0/RPMS/libkdegraphics0-kview-3.2-15.8.C30mdk.i586.rpm
 a312b9c911fc787699fc39af5a40c79a  corporate/3.0/RPMS/libkdegraphics0-kview-devel-3.2-15.8.C30mdk.i586.rpm
 c2f40fe2b48b35fed2dbc4c7d19882b9  corporate/3.0/RPMS/libkdegraphics0-mrmlsearch-3.2-15.8.C30mdk.i586.rpm
 c94be1d83e8c46ae7c15891aa4205848  corporate/3.0/SRPMS/kdegraphics-3.2-15.8.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 b024b0c6a79b417692112bf348cd95fc  x86_64/corporate/3.0/RPMS/kdegraphics-3.2-15.8.C30mdk.x86_64.rpm
 e6276cf1aa395686bd7b91249011aa38  x86_64/corporate/3.0/RPMS/kdegraphics-common-3.2-15.8.C30mdk.x86_64.rpm
 81a8878ced363c5b99d083a6514e6e96  x86_64/corporate/3.0/RPMS/kdegraphics-kdvi-3.2-15.8.C30mdk.x86_64.rpm
 0b1d51fcb1e04376bdc098c4e2f171d7  x86_64/corporate/3.0/RPMS/kdegraphics-kfax-3.2-15.8.C30mdk.x86_64.rpm
 4744070e1a0396e7179ccf53fe2d85c2  x86_64/corporate/3.0/RPMS/kdegraphics-kghostview-3.2-15.8.C30mdk.x86_64.rpm
 774d87525915ceebeab373db882d2366  x86_64/corporate/3.0/RPMS/kdegraphics-kiconedit-3.2-15.8.C30mdk.x86_64.rpm
 ccead5ed0b52b61c7e0345d1ce73a915  x86_64/corporate/3.0/RPMS/kdegraphics-kooka-3.2-15.8.C30mdk.x86_64.rpm
 ce557d2ec486433984f573ed5b80de33  x86_64/corporate/3.0/RPMS/kdegraphics-kpaint-3.2-15.8.C30mdk.x86_64.rpm
 a6ffb9c6ab2d9c0b5f0f19457791b4ba  x86_64/corporate/3.0/RPMS/kdegraphics-kpdf-3.2-15.8.C30mdk.x86_64.rpm
 bec4700cc12ae61ff2cb7314ae5a0ddb  x86_64/corporate/3.0/RPMS/kdegraphics-kpovmodeler-3.2-15.8.C30mdk.x86_64.rpm
 fec0575377007aa825ac15e13e576b99  x86_64/corporate/3.0/RPMS/kdegraphics-kruler-3.2-15.8.C30mdk.x86_64.rpm
 530a5ac17809959f2445478ea7adab50  x86_64/corporate/3.0/RPMS/kdegraphics-ksnapshot-3.2-15.8.C30mdk.x86_64.rpm
 ea55b0e94fbcf6c53a56f4b83ff97eb6  x86_64/corporate/3.0/RPMS/kdegraphics-ksvg-3.2-15.8.C30mdk.x86_64.rpm
 12b743469cdf6cd8350fa58a7c3a36c3  x86_64/corporate/3.0/RPMS/kdegraphics-kuickshow-3.2-15.8.C30mdk.x86_64.rpm
 224f5a552036aa61542990c69710bb6a  x86_64/corporate/3.0/RPMS/kdegraphics-kview-3.2-15.8.C30mdk.x86_64.rpm
 b1be434f8e14b274507b1ae4044099c8  x86_64/corporate/3.0/RPMS/kdegraphics-mrmlsearch-3.2-15.8.C30mdk.x86_64.rpm
 acfd72cf7010e702def1ed4a178b8d2c  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-3.2-15.8.C30mdk.x86_64.rpm
 dc64e7bb63705ba72cd4f483c404561b  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-common-devel-3.2-15.8.C30mdk.x86_64.rpm
 2a4bb857f31aa164f4c8d8f258187aa7  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-3.2-15.8.C30mdk.x86_64.rpm
 9156bfefed30fd5253b4c499242aa7a0  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kooka-devel-3.2-15.8.C30mdk.x86_64.rpm
 36a5e60f7c4677f47aff7701850ea0d7  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-3.2-15.8.C30mdk.x86_64.rpm
 03f94e3422b4c384b047dbf560e1d05d  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kpovmodeler-devel-3.2-15.8.C30mdk.x86_64.rpm
 07bf10276d704a430713b651df3b2169  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-3.2-15.8.C30mdk.x86_64.rpm
 65d07b28c3bb6de94a87958683f083b0  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-ksvg-devel-3.2-15.8.C30mdk.x86_64.rpm
 ae2bed52c58fb043d19bb336e18d0dad  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kuickshow-3.2-15.8.C30mdk.x86_64.rpm
 d54929663a71f898299f2784af91face  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-3.2-15.8.C30mdk.x86_64.rpm
 6cb1d6616411007e5368b3193f6481bf  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-kview-devel-3.2-15.8.C30mdk.x86_64.rpm
 68df49480edbbe07a1068eb686e1ab4c  x86_64/corporate/3.0/RPMS/lib64kdegraphics0-mrmlsearch-3.2-15.8.C30mdk.x86_64.rpm
 c94be1d83e8c46ae7c15891aa4205848  x86_64/corporate/3.0/SRPMS/kdegraphics-3.2-15.8.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBAakmqjQ0CJFipgRAhavAKCaTdeoeoW8kPv9IeIDM0RohcKkqgCfYPqf
ru2zgRvhBrXOeNpFP8ppG9M=
=kLMi
- -----END PGP SIGNATURE-----




4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           wxPythonGTK
 Advisory ID:            MDKSA-2005:144
 Date:                   August 18th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Wouter Hanegraaff discovered that the TIFF library did not sufficiently
 validate the "YCbCr subsampling" value in TIFF image headers. Decoding 
 a malicious image with a zero value resulted in an arithmetic exception, 
 which can cause a program that uses the TIFF library to crash. 
 
 wxPythonGTK uses an embedded libtiff source tree, and as such has the
 same vulnerability.
 
 The updated packages have been rebuilt using the system libraries and
 should now incorporate all the updates to libjpeg, libpng, libtiff and
 zlib.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2452
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 1792bef2b7c38d434f5c580885918fa9  10.1/RPMS/libwxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.i586.rpm
 e74ecbc67fb44bc41c211c9c48d99bf2  10.1/RPMS/libwxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.i586.rpm
 cbc0ab1e5ff4890e6ca773bc106a22ba  10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.i586.rpm
 b9a21a161373a223927041bfb59e9daa  10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 58a22e1baf7b89f5cba1904cc385a62d  x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-2.5.2.7-3.1.101mdk.x86_64.rpm
 3416e43ec121b43dd0fa320ced1a1692  x86_64/10.1/RPMS/lib64wxPythonGTK2.5_2-devel-2.5.2.7-3.1.101mdk.x86_64.rpm
 04420e8c6fa31ae8266bf1646442665b  x86_64/10.1/RPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.x86_64.rpm
 b9a21a161373a223927041bfb59e9daa  x86_64/10.1/SRPMS/wxPythonGTK-2.5.2.7-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 8deaae175c40b0b2aae1c0a9260e6c5e  10.2/RPMS/libwxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.i586.rpm
 b240df592e137d2b429118a51561475f  10.2/RPMS/libwxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.i586.rpm
 142a95ae853496fa62488898a8e22a5c  10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.i586.rpm
 8a04fcd0d0d70bc22549b20374aa2fc4  10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 3641fdd53027c69755b2026f9868bcd4  x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-2.5.3.1-3.1.102mdk.x86_64.rpm
 a84597c3db0f2f38f493693d0cfbf0d6  x86_64/10.2/RPMS/lib64wxPythonGTK2.5_3-devel-2.5.3.1-3.1.102mdk.x86_64.rpm
 f453d626b50c9f8e5fd7b801f06a53c6  x86_64/10.2/RPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.x86_64.rpm
 8a04fcd0d0d70bc22549b20374aa2fc4  x86_64/10.2/SRPMS/wxPythonGTK-2.5.3.1-3.1.102mdk.src.rpm

 Corporate 3.0:
 30310777699ba2bc43269fea791785a6  corporate/3.0/RPMS/libwxPythonGTK2.4-2.4.2.4-2.1.C30mdk.i586.rpm
 2ab1c06543b33f2304caa2f75c234a74  corporate/3.0/RPMS/libwxPythonGTK2.4-devel-2.4.2.4-2.1.C30mdk.i586.rpm
 1ff251baed6af07e5604521ae8390f06  corporate/3.0/RPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.i586.rpm
 fbf97259f8e496bf20af99c1cacb08b1  corporate/3.0/SRPMS/wxPythonGTK-2.4.2.4-2.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDBOsjmqjQ0CJFipgRAi91AJwOyfuUHD4/Zr5KsndSbEJqAzI7MgCfRb2r
wUXPRILQAr0ZQlQMXBFxZT4=
=6Vnf
- -----END PGP SIGNATURE-----


- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQwX3BYpao72zK539AQGGigP5ARlEY+ocCGE7SykvUloCMVr14wzUYoxT
vouRADiER38OOIkKlw79prOA386ux7OpoY/gzS9n6cpMJUNUr3qex8qMG554MEbL
XrqPSoTKsrTwah8QOE/BOlMZeA1x+mdMr34KtvYSwkrUkssAhQe0ZCaWBUUFKXhf
B7F7s22+yS8=
=6pa4
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________