[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 684/05 - Mandriva - Four Security Update Advisories



 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------------
   UNIRAS (UK Govt CERT) Briefing Notice - 684/05 dated 30.08.05  Time: 13:50  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
- ---------------------------------------------------------------------------------- 
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk
- ----------------------------------------------------------------------------------

Title
=====

Mandriva - Four Security Update Advisories:
     1.  Updated mozilla-thunderbird packages fix multiple vulnerabilities [MDKSA-2005:127-1]
     2.  Updated gnumeric packages fix integer overflow vulnerability      [MDKSA-2005:153]
     3.  Updated python packages fix integer overflow vulnerability        [MDKSA-2005:154]
     4.  Updated apache2 packages fix integer overflow vulnerability       [MDKSA-2005:155]


Detail
====== 

Security update advisory summaries:

     1.  There was a slight regression in the handling of "right-click" menus in
         the packages previously released that is corrected with this new
         update.  

     2.  Integer overflow in pcre_compile.c in Perl Compatible Regular
         Expressions (PCRE) before 6.2, as used in multiple products, allows
         attackers to execute arbitrary code via quantifier values in regular
         expressions, which leads to a heap-based buffer overflow.  The gnumeric 
         packages use a private copy of pcre code.

     3.  Integer overflow in pcre_compile.c in Perl Compatible Regular
         Expressions (PCRE) before 6.2, as used in multiple products, allows
         attackers to execute arbitrary code via quantifier values in regular
         expressions, which leads to a heap-based buffer overflow.  The python 
         packages use a private copy of pcre code.

     4.  Integer overflow in pcre_compile.c in Perl Compatible Regular
         Expressions (PCRE) before 6.2, as used in multiple products, allows
         attackers to execute arbitrary code via quantifier values in regular
         expressions, which leads to a heap-based buffer overflow. The apache2 
         packages, as shipped, were built using a private copy of pcre.


Security update advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           mozilla-thunderbird
 Advisory ID:            MDKSA-2005:127-1
 Date:                   August 26th, 2005
 Original Advisory Date: July 28th, 2005
 Affected versions:	 10.2
 ______________________________________________________________________

 Problem Description:

 A number of vulnerabilities were reported and fixed in Thunderbird 1.0.5
 and Mozilla 1.7.9.  The following vulnerabilities have been backported
 and patched for this update:
 
 The native implementations of InstallTrigger and other XPInstall-
 related javascript objects did not properly validate that they were
 called on instances of the correct type.  By passing other objects,
 even raw numbers, the javascript interpreter would jump to the wrong
 place in memory.  Although no proof of concept has been developed we
 believe this could be exploited (MFSA 2005-40).
 
 moz_bug_r_a4 reported several exploits giving an attacker the ability
 to install malicious code or steal data, requiring only that the user
 do commonplace actions like clicking on a link or open the context
 menu.  The common cause in each case was privileged UI code ("chrome")
 being overly trusting of DOM nodes from the content window.  Scripts in
 the web page can override properties and methods of DOM nodes and
 shadow the native values, unless steps are taken to get the true
 underlying values (MFSA 2005-41).
 
 Additional checks were added to make sure Javascript eval and Script
 objects are run with the privileges of the context that created them,
 not the potentially elevated privilege of the context calling them in
 order to protect against an additional variant of MFSA 2005-41
 (MFSA 2005-44).
 
 In several places the browser UI did not correctly distinguish between
 true user events, such as mouse clicks or keystrokes, and synthetic
 events genenerated by web content. The problems ranged from minor
 annoyances like switching tabs or entering full-screen mode, to a   
 variant on MFSA 2005-34 Synthetic events are now prevented from
 reaching the browser UI entirely rather than depend on each potentially
 spoofed function to protect itself from untrusted events
 (MFSA 2005-45).
 
 Scripts in XBL controls from web content continued to be run even when
 Javascript was disabled. By itself this causes no harm, but it could be
 combined with most script-based exploits to attack people running
 vulnerable versions who thought disabling javascript would protect
 them.  In the Thunderbird and Mozilla Suite mail clients Javascript is
 disabled by default for protection against denial-of-service attacks
 and worms; this vulnerability could be used to bypass that protection
 (MFSA 2005-46).
 
 When InstallVersion.compareTo() is passed an object rather than a
 string it assumed the object was another InstallVersion without
 verifying it. When passed a different kind of object the browser would
 generally crash with an access violation.  shutdown has demonstrated
 that different javascript objects can be passed on some OS versions to
 get control over the instruction pointer. We assume this could be
 developed further to run arbitrary machine code if the attacker can get
 exploit code loaded at a predictable address (MFSA 2005-50).
 
 A child frame can call top.focus() even if the framing page comes from
 a different origin and has overridden the focus() routine. The call is
 made in the context of the child frame. The attacker would look for a
 target site with a framed page that makes this call but doesn't verify
 that its parent comes from the same site. The attacker could steal
 cookies and passwords from the framed page, or take actions on behalf
 of a signed-in user. This attack would work only against sites that use
 frames in this manner (MFSA 2005-52).
 
 Parts of the browser UI relied too much on DOM node names without
 taking different namespaces into account and verifying that nodes
 really were of the expected type. An XHTML document could be used to
 create fake <IMG> elements, for example, with content-defined
 properties that the browser would access as if they were the trusted
 built-in properties of the expected HTML elements.  The severity of the
 vulnerability would depend on what the attacker could convince the
 victim to do, but could result in executing user-supplied script with
 elevated "chrome" privileges. This could be used to install malicious
 software on the victim's machine (MFSA 2005-55).
 
 Improper cloning of base objects allowed web content scripts to walk up
 the prototype chain to get to a privileged object.  This could be used
 to execute code with enhanced privileges (MFSA 2005-56).
 
 The updated packages have been patched to address these issue.
  
Update:

 There was a slight regression in the handling of "right-click" menus in
 the packages previously released that is corrected with this new
 update.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270
  http://www.mozilla.org/security/announce/mfsa2005-40.html
  http://www.mozilla.org/security/announce/mfsa2005-41.html
  http://www.mozilla.org/security/announce/mfsa2005-44.html
  http://www.mozilla.org/security/announce/mfsa2005-45.html
  http://www.mozilla.org/security/announce/mfsa2005-46.html
  http://www.mozilla.org/security/announce/mfsa2005-50.html
  http://www.mozilla.org/security/announce/mfsa2005-52.html
  http://www.mozilla.org/security/announce/mfsa2005-55.html
  http://www.mozilla.org/security/announce/mfsa2005-56.html
  http://secunia.com/advisories/15549/
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.2:
 dc5d6c3678f46e575bdc215ac7aa00e3  10.2/RPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.i586.rpm
 d3a4170ba3535057621ee85712bacc8d  10.2/RPMS/mozilla-thunderbird-devel-1.0.2-3.1.102mdk.i586.rpm
 76b14e777bffb3c9f6bfde915f79a2ad  10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-3.1.102mdk.i586.rpm
 77717fb74315ae1bb54dfea91d053441  10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-3.1.102mdk.i586.rpm
 da50dfbc83a1cb3067479eada1727d4e  10.2/SRPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 da471fbf66c976861717e0264fc46aaf  x86_64/10.2/RPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.x86_64.rpm
 6baf58a3cb334c6179f8d47c8255ac43  x86_64/10.2/RPMS/mozilla-thunderbird-devel-1.0.2-3.1.102mdk.x86_64.rpm
 b35aaa288786860f96d4beb4b574db63  x86_64/10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-3.1.102mdk.x86_64.rpm
 3728bee246d6e9aad8181e1d7529913d  x86_64/10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-3.1.102mdk.x86_64.rpm
 da50dfbc83a1cb3067479eada1727d4e  x86_64/10.2/SRPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6BQmqjQ0CJFipgRAgJwAKCZCX6193rZE/XMzsMbRN22zw/AaACghZhl
d68FgQMXjMnePY/XsKwLPj4=
=by5I
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           gnumeric
 Advisory ID:            MDKSA-2005:153
 Date:                   August 26th, 2005

 Affected versions:	 10.1, 10.2, Corporate 3.0
 ______________________________________________________________________

 Problem Description:

 Integer overflow in pcre_compile.c in Perl Compatible Regular
 Expressions (PCRE) before 6.2, as used in multiple products, allows
 attackers to execute arbitrary code via quantifier values in regular
 expressions, which leads to a heap-based buffer overflow.
 
 The gnumeric packages use a private copy of pcre code.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.1:
 0886c3abe93a6f99e9c388a2057678e2  10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.i586.rpm
 1f4b803c3a19763710cfb56b141fe4d2  10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 e6371dd0e84c22a47d2be3146f6efe1e  x86_64/10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.x86_64.rpm
 1f4b803c3a19763710cfb56b141fe4d2  x86_64/10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm

 Mandrakelinux 10.2:
 9ce2fee0efdaac36d6f84374da737f61  10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.i586.rpm
 de0c185642dea43227c2bd8d04b05c19  10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm

 Mandrakelinux 10.2/X86_64:
 ebf2b9f3573524f8a956f6697f08efc9  x86_64/10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.x86_64.rpm
 de0c185642dea43227c2bd8d04b05c19  x86_64/10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm

 Corporate 3.0:
 3510cf943ed010540a3659d23627f912  corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.i586.rpm
 b296c5410c6bc28c2e5774d5024d3e43  corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 58aedcd44337210db29fa0ee7123f7e0  x86_64/corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.x86_64.rpm
 b296c5410c6bc28c2e5774d5024d3e43  x86_64/corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6C2mqjQ0CJFipgRAr9vAKDzYctBwPMZ9nNgcLoKIjCCLFyP3gCeLJsN
kWscnn6RUqLln5stErUH5io=
=8oOE
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           python
 Advisory ID:            MDKSA-2005:154
 Date:                   August 26th, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0,
			 Corporate Server 2.1,
			 Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 Integer overflow in pcre_compile.c in Perl Compatible Regular
 Expressions (PCRE) before 6.2, as used in multiple products, allows
 attackers to execute arbitrary code via quantifier values in regular
 expressions, which leads to a heap-based buffer overflow.
 
 The python packages use a private copy of pcre code.
 
 The updated packages have been patched to correct this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 5254d6dd2c29d04b93742943d850d5a6  10.0/RPMS/libpython2.3-2.3.3-2.2.100mdk.i586.rpm
 01e76259abbca381185552182c755ebc  10.0/RPMS/libpython2.3-devel-2.3.3-2.2.100mdk.i586.rpm
 4c0842a0ae3c0d00af9f238aba27b2c6  10.0/RPMS/python-2.3.3-2.2.100mdk.i586.rpm
 fb6a33cc69d04f8edd53ce8026fa1a11  10.0/RPMS/python-base-2.3.3-2.2.100mdk.i586.rpm
 4775225e6c25405c162599ff27391d35  10.0/RPMS/python-docs-2.3.3-2.2.100mdk.i586.rpm
 82530135e527cd8ac99193368a81c3fb  10.0/RPMS/xchat-python-2.0.7-6.1.100mdk.i586.rpm
 917165c654a81f44cc974b0f6adeba35  10.0/RPMS/tkinter-2.3.3-2.2.100mdk.i586.rpm
 06ab77bf8c3a95864d73018485f7a22a  10.0/SRPMS/python-2.3.3-2.2.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 36deaedf901b5c30f68ba81aef492728  amd64/10.0/RPMS/lib64python2.3-2.3.3-2.2.100mdk.amd64.rpm
 4be95cd1143d2f255b334b43e410e98b  amd64/10.0/RPMS/lib64python2.3-devel-2.3.3-2.2.100mdk.amd64.rpm
 385fbba2bdf856e2acbb186a6977f6f0  amd64/10.0/RPMS/python-2.3.3-2.2.100mdk.amd64.rpm
 bba1e1f45eaa5d557be977fdec1ef752  amd64/10.0/RPMS/python-base-2.3.3-2.2.100mdk.amd64.rpm
 6f9b5d5076ba084325a108df2dd3523f  amd64/10.0/RPMS/python-docs-2.3.3-2.2.100mdk.amd64.rpm
 0466472b41b2fd02802bfc5a3fe5b7a9  amd64/10.0/RPMS/tkinter-2.3.3-2.2.100mdk.amd64.rpm
 06ab77bf8c3a95864d73018485f7a22a  amd64/10.0/SRPMS/python-2.3.3-2.2.100mdk.src.rpm

 Mandrakelinux 10.1:
 0c2619eb2e9864ef420ec89ae78dba12  10.1/RPMS/libpython2.3-2.3.4-6.2.101mdk.i586.rpm
 ed9f6fee4ec8ab8d8e2388f9c92f66ef  10.1/RPMS/libpython2.3-devel-2.3.4-6.2.101mdk.i586.rpm
 e71c5ad5f0718e61c81a93c98667deaf  10.1/RPMS/python-2.3.4-6.2.101mdk.i586.rpm
 4e8831f2dab035e3c67afc53f702108f  10.1/RPMS/python-base-2.3.4-6.2.101mdk.i586.rpm
 7a4822ce3f46a48ead29363f23adfcd5  10.1/RPMS/python-docs-2.3.4-6.2.101mdk.i586.rpm
 6b15b0c9b116db6b38623cb15f868fe6  10.1/RPMS/tkinter-2.3.4-6.2.101mdk.i586.rpm
 b965827276d1efd49fc403dda0df33e8  10.1/SRPMS/python-2.3.4-6.2.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 a19885472aaa03aad5c3dac1b8d668b4  x86_64/10.1/RPMS/lib64python2.3-2.3.4-6.2.101mdk.x86_64.rpm
 79e3aaa88ec98d9007d20c37cee2cccd  x86_64/10.1/RPMS/lib64python2.3-devel-2.3.4-6.2.101mdk.x86_64.rpm
 2a3eee71bcd5b63fa1cc39775e3d514d  x86_64/10.1/RPMS/python-2.3.4-6.2.101mdk.x86_64.rpm
 318cec7614713c4410393ec50425bebb  x86_64/10.1/RPMS/python-base-2.3.4-6.2.101mdk.x86_64.rpm
 494b1c0a96a211dacfd4f75f803014ae  x86_64/10.1/RPMS/python-docs-2.3.4-6.2.101mdk.x86_64.rpm
 08bfe8c623d71cb66a5d84f5579eeac5  x86_64/10.1/RPMS/tkinter-2.3.4-6.2.101mdk.x86_64.rpm
 b965827276d1efd49fc403dda0df33e8  x86_64/10.1/SRPMS/python-2.3.4-6.2.101mdk.src.rpm

 Multi Network Firewall 2.0:
 12396f1a0b719b02e058926dee6a62c8  mnf/2.0/RPMS/libpython2.3-2.3.3-2.2.M20mdk.i586.rpm
 646799aea341177d9118e55254c2508f  mnf/2.0/RPMS/python-2.3.3-2.2.M20mdk.i586.rpm
 c031bc315c2a580557c5ef970cb9ff42  mnf/2.0/RPMS/python-base-2.3.3-2.2.M20mdk.i586.rpm
 788f1f58cb6efbd1d44fb13df757587f  mnf/2.0/SRPMS/python-2.3.3-2.2.M20mdk.src.rpm

 Corporate Server 2.1:
 5a0c02b33df517b05732d15e52674218  corporate/2.1/RPMS/libpython2.2-2.2.1-14.6.C21mdk.i586.rpm
 d4b45fdea45bcb3997cc33464411c0c5  corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.6.C21mdk.i586.rpm
 dfcd6f26c5d4a2fa9863ff385db02add  corporate/2.1/RPMS/python-2.2.1-14.6.C21mdk.i586.rpm
 b4f8157fd19d0d1a815dda9e46a51cbe  corporate/2.1/RPMS/python-base-2.2.1-14.6.C21mdk.i586.rpm
 9ae1eabfc50a8e142e4f8c71a4942650  corporate/2.1/RPMS/python-docs-2.2.1-14.6.C21mdk.i586.rpm
 fb5201c0f5a7d0c961699c8a11b678a8  corporate/2.1/RPMS/tkinter-2.2.1-14.6.C21mdk.i586.rpm
 4278bc8a7bccc81af2e2a5d3f2ceef75  corporate/2.1/SRPMS/python-2.2.1-14.6.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 0637dd1d56b1325764fb76e7971cb8b8  x86_64/corporate/2.1/RPMS/libpython2.2-2.2.1-14.6.C21mdk.x86_64.rpm
 4d58b57f2084fe45e8eb5f94165b1560  x86_64/corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.6.C21mdk.x86_64.rpm
 efb6243e3d36f7efbb49d9aba35da8a7  x86_64/corporate/2.1/RPMS/python-2.2.1-14.6.C21mdk.x86_64.rpm
 cf919649caf1ff241ad7b5bfe1723fcd  x86_64/corporate/2.1/RPMS/python-base-2.2.1-14.6.C21mdk.x86_64.rpm
 349e2813c1646a5b912d15ba9b9a6f9e  x86_64/corporate/2.1/RPMS/python-docs-2.2.1-14.6.C21mdk.x86_64.rpm
 87bb6b2752730ccc16d4f618a8b629e1  x86_64/corporate/2.1/RPMS/tkinter-2.2.1-14.6.C21mdk.x86_64.rpm
 4278bc8a7bccc81af2e2a5d3f2ceef75  x86_64/corporate/2.1/SRPMS/python-2.2.1-14.6.C21mdk.src.rpm

 Corporate 3.0:
 c1f03087db68fdd46699568578f679e3  corporate/3.0/RPMS/libpython2.3-2.3.3-2.2.C30mdk.i586.rpm
 d9944ec5da6e803e7196fa4ec06506c1  corporate/3.0/RPMS/libpython2.3-devel-2.3.3-2.2.C30mdk.i586.rpm
 436fee80f01788313616b284c64b180e  corporate/3.0/RPMS/python-2.3.3-2.2.C30mdk.i586.rpm
 8cdec2971afff4e026b5336ec0a12a1f  corporate/3.0/RPMS/python-base-2.3.3-2.2.C30mdk.i586.rpm
 4dd58a42f994e7745edceb848e0812c6  corporate/3.0/RPMS/python-docs-2.3.3-2.2.C30mdk.i586.rpm
 f0f0f952a3ed0cc942d9876ffdb9c440  corporate/3.0/RPMS/tkinter-2.3.3-2.2.C30mdk.i586.rpm
 8dee233593fd7fc6ae744285b4320018  corporate/3.0/SRPMS/python-2.3.3-2.2.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 65efa7d72f4691c30e9fd86e6d0c0a56  x86_64/corporate/3.0/RPMS/lib64python2.3-2.3.3-2.2.C30mdk.x86_64.rpm
 0fffd6cb253d54bd263faabc1548a818  x86_64/corporate/3.0/RPMS/lib64python2.3-devel-2.3.3-2.2.C30mdk.x86_64.rpm
 e72ca5e5e4a2613e1c3bd4a58cc706e0  x86_64/corporate/3.0/RPMS/python-2.3.3-2.2.C30mdk.x86_64.rpm
 4c77780c9584fb854820416a3ea8ab75  x86_64/corporate/3.0/RPMS/python-base-2.3.3-2.2.C30mdk.x86_64.rpm
 fb724b4265cc408ec4269d4ad9ed7d91  x86_64/corporate/3.0/RPMS/python-docs-2.3.3-2.2.C30mdk.x86_64.rpm
 c2cbaac05b69747906c545dfd8d88e90  x86_64/corporate/3.0/RPMS/tkinter-2.3.3-2.2.C30mdk.x86_64.rpm
 8dee233593fd7fc6ae744285b4320018  x86_64/corporate/3.0/SRPMS/python-2.3.3-2.2.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6EbmqjQ0CJFipgRAqzZAKC8Ubn0EaxvwoeGoJrh99DQj4qvlgCgt0IM
bj9F1T6InyMbSjwiB3w7/fY=
=fL25
- -----END PGP SIGNATURE-----




4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           apache2
 Advisory ID:            MDKSA-2005:155
 Date:                   August 29th, 2005

 Affected versions:	 10.0, Corporate 3.0,
			 Multi Network Firewall 2.0
 ______________________________________________________________________

 Problem Description:

 Integer overflow in pcre_compile.c in Perl Compatible Regular
 Expressions (PCRE) before 6.2, as used in multiple products, allows
 attackers to execute arbitrary code via quantifier values in regular
 expressions, which leads to a heap-based buffer overflow.
 
 The apache2 packages, as shipped, were built using a private copy of pcre.
 
 The updated packages have been rebuilt against the system pcre libs
 to correct this problem. 10.1 and 10.2/LE2005 are already built against 
 the system pcre.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 943881ebaf9da5f51f8bccfbc515f641  10.0/RPMS/apache2-2.0.48-6.10.100mdk.i586.rpm
 292468acb04a3760d3c075450f44348f  10.0/RPMS/apache2-common-2.0.48-6.10.100mdk.i586.rpm
 f8f5ebd3f2cb2bef58d5ff57e0ab2404  10.0/RPMS/apache2-devel-2.0.48-6.10.100mdk.i586.rpm
 b25bc3e1a57d0beea4723fa5219456f3  10.0/RPMS/apache2-manual-2.0.48-6.10.100mdk.i586.rpm
 84177f9b193cc5e0468b409350abfbd9  10.0/RPMS/apache2-mod_cache-2.0.48-6.10.100mdk.i586.rpm
 c31198b85803695ac28f3922aeb9f511  10.0/RPMS/apache2-mod_dav-2.0.48-6.10.100mdk.i586.rpm
 c4091a8481f73214dffb467c36bc89d8  10.0/RPMS/apache2-mod_deflate-2.0.48-6.10.100mdk.i586.rpm
 819ffb5454d55a4965eea4757baa5e3d  10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.100mdk.i586.rpm
 498eed09c7a7fa948f90325e6b112d70  10.0/RPMS/apache2-mod_file_cache-2.0.48-6.10.100mdk.i586.rpm
 2ac7af479cf53207a5453122dd359a06  10.0/RPMS/apache2-mod_ldap-2.0.48-6.10.100mdk.i586.rpm
 6ed3ae29e63e28ec20937fcc9f900b32  10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.10.100mdk.i586.rpm
 c2ecd41c3008aaab2a5fc7c3b8110e8d  10.0/RPMS/apache2-mod_proxy-2.0.48-6.10.100mdk.i586.rpm
 bcf9a227556770e2a4eabcd1d6a0fa75  10.0/RPMS/apache2-mod_ssl-2.0.48-6.10.100mdk.i586.rpm
 7d75dd812c46a815af24cae789298784  10.0/RPMS/apache2-modules-2.0.48-6.10.100mdk.i586.rpm
 d590f67cfd17c4b59d056d8d3a3f21ec  10.0/RPMS/apache2-source-2.0.48-6.10.100mdk.i586.rpm
 723c8e5b221a63d28b91691200a549a2  10.0/RPMS/libapr0-2.0.48-6.10.100mdk.i586.rpm
 427b5be76093a411ed79a1b26418b4f1  10.0/SRPMS/apache2-2.0.48-6.10.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 48c6f8b3783dce36696d75c5fe063892  amd64/10.0/RPMS/apache2-2.0.48-6.10.100mdk.amd64.rpm
 24a5d0d2312d241a445d6dc0873894f4  amd64/10.0/RPMS/apache2-common-2.0.48-6.10.100mdk.amd64.rpm
 b4f316e8e38729d80a1cb544f6fda84d  amd64/10.0/RPMS/apache2-devel-2.0.48-6.10.100mdk.amd64.rpm
 ff7075e8a5027ae1fcf6a4a9d00d32a7  amd64/10.0/RPMS/apache2-manual-2.0.48-6.10.100mdk.amd64.rpm
 1835dababf1adbf47fbaa856967d13ee  amd64/10.0/RPMS/apache2-mod_cache-2.0.48-6.10.100mdk.amd64.rpm
 f8c3af9e481b7990911e523a266b43cb  amd64/10.0/RPMS/apache2-mod_dav-2.0.48-6.10.100mdk.amd64.rpm
 56adf6d95827036fd9b4978ba998d19c  amd64/10.0/RPMS/apache2-mod_deflate-2.0.48-6.10.100mdk.amd64.rpm
 1d0c37546852ddb316ed1087ad436f45  amd64/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.100mdk.amd64.rpm
 5484d540fe7f7a161ed0c32a9ed61127  amd64/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.10.100mdk.amd64.rpm
 1013ef5cdfed64f359494f01b0bbecb9  amd64/10.0/RPMS/apache2-mod_ldap-2.0.48-6.10.100mdk.amd64.rpm
 74188fb21ef2d83c28fcbfbfca142e0a  amd64/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.10.100mdk.amd64.rpm
 32fcde1183be227e9580b653d5866538  amd64/10.0/RPMS/apache2-mod_proxy-2.0.48-6.10.100mdk.amd64.rpm
 4869bd9b9add97bba229abd258dba421  amd64/10.0/RPMS/apache2-mod_ssl-2.0.48-6.10.100mdk.amd64.rpm
 930c24a0258d3c4d11f1abea2544ce9d  amd64/10.0/RPMS/apache2-modules-2.0.48-6.10.100mdk.amd64.rpm
 45e8ee1b64fc88658332406cdd0eaf83  amd64/10.0/RPMS/apache2-source-2.0.48-6.10.100mdk.amd64.rpm
 fb46e03fa056d9b63498aa66b7f254cb  amd64/10.0/RPMS/lib64apr0-2.0.48-6.10.100mdk.amd64.rpm
 427b5be76093a411ed79a1b26418b4f1  amd64/10.0/SRPMS/apache2-2.0.48-6.10.100mdk.src.rpm

 Multi Network Firewall 2.0:
 ea96befbb54a665d1cf0c11dcf1514bf  mnf/2.0/RPMS/apache2-2.0.48-6.10.M20mdk.i586.rpm
 afeca22641361fb5631e49f444de8ff1  mnf/2.0/RPMS/apache2-common-2.0.48-6.10.M20mdk.i586.rpm
 6a50b170156421073348fb2338328f57  mnf/2.0/RPMS/apache2-mod_cache-2.0.48-6.10.M20mdk.i586.rpm
 d1c01d727d5b052bfa7954f51721e330  mnf/2.0/RPMS/apache2-mod_proxy-2.0.48-6.10.M20mdk.i586.rpm
 1579d72fed28c50c975ffa3a379d9e7e  mnf/2.0/RPMS/apache2-mod_ssl-2.0.48-6.10.M20mdk.i586.rpm
 e8497128965023773b924dd5184c117e  mnf/2.0/RPMS/apache2-modules-2.0.48-6.10.M20mdk.i586.rpm
 f76df0da42e2e53066dcc7e2c155efa6  mnf/2.0/RPMS/libapr0-2.0.48-6.10.M20mdk.i586.rpm
 cd715c544eef0a8fcc5679e5d99bf367  mnf/2.0/SRPMS/apache2-2.0.48-6.10.M20mdk.src.rpm

 Corporate 3.0:
 948e7fd54b52dd426feeef80851a92a3  corporate/3.0/RPMS/apache2-2.0.48-6.10.C30mdk.i586.rpm
 00035b7b4a06cd0b0eab2c9f7c77ad08  corporate/3.0/RPMS/apache2-common-2.0.48-6.10.C30mdk.i586.rpm
 697959b3821dfb4269364fbfeab1fca6  corporate/3.0/RPMS/apache2-manual-2.0.48-6.10.C30mdk.i586.rpm
 5117e0e63770b39125ba5d1daed9a73b  corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.10.C30mdk.i586.rpm
 e94b4e2d3a554c70917442aef200a492  corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.10.C30mdk.i586.rpm
 88ac11a73700157d43c8997333e905a2  corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.C30mdk.i586.rpm
 4192805bccf577c7358ae6635af5e534  corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.10.C30mdk.i586.rpm
 bb4cf932da2eb9602e715faa934767a9  corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.10.C30mdk.i586.rpm
 0079565a79878ba35b704e4276860e5a  corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.10.C30mdk.i586.rpm
 6b9c6a04b228369dff41e18636318202  corporate/3.0/RPMS/apache2-modules-2.0.48-6.10.C30mdk.i586.rpm
 1ce5739d3bb178e57b7e2d0cfe13eb7b  corporate/3.0/RPMS/libapr0-2.0.48-6.10.C30mdk.i586.rpm
 eaca583e9f7ac8ac977055f72ef0ec8d  corporate/3.0/SRPMS/apache2-2.0.48-6.10.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 abdd3378c0c6637864bf17d99940a2e1  x86_64/corporate/3.0/RPMS/apache2-2.0.48-6.10.C30mdk.x86_64.rpm
 7b0da940e23e91b4a2a88bdd9c49b023  x86_64/corporate/3.0/RPMS/apache2-common-2.0.48-6.10.C30mdk.x86_64.rpm
 ba3ec5e6b91f34dd663454f47a063fbc  x86_64/corporate/3.0/RPMS/apache2-manual-2.0.48-6.10.C30mdk.x86_64.rpm
 74718f83dcae78613638098ea9228f4b  x86_64/corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.10.C30mdk.x86_64.rpm
 3457b4a346899d2e83aaa6b16175bdc4  x86_64/corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.10.C30mdk.x86_64.rpm
 f5f35188da9a02797dff8363b1b111f5  x86_64/corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.C30mdk.x86_64.rpm
 7d0e9ce91f83cd14410634b7896d945c  x86_64/corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.10.C30mdk.x86_64.rpm
 75e816d1d0d9b34f47067732ca70fd76  x86_64/corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.10.C30mdk.x86_64.rpm
 428a10d1da9e7450350987d069ab52b8  x86_64/corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.10.C30mdk.x86_64.rpm
 7da21cde4fd9e8aebde63cfb1dc58439  x86_64/corporate/3.0/RPMS/apache2-modules-2.0.48-6.10.C30mdk.x86_64.rpm
 2e0f026f8d6714f68f0c46670142a1e3  x86_64/corporate/3.0/RPMS/lib64apr0-2.0.48-6.10.C30mdk.x86_64.rpm
 eaca583e9f7ac8ac977055f72ef0ec8d  x86_64/corporate/3.0/SRPMS/apache2-2.0.48-6.10.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDE5u5mqjQ0CJFipgRAlmrAKDU1vSR5kkH2lvkIG8sZQI9ke86hgCeKfiG
FmVlkbTXGPG1HfDEtSGSYcs=
=ECBd
- -----END PGP SIGNATURE-----
 

- ----------------------------------------------------------------------------------

For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

- ----------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information 
contained in this Briefing. 
- ----------------------------------------------------------------------------------
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the canonical site 
to ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
- ----------------------------------------------------------------------------------
<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQCVAwUBQxRWeIpao72zK539AQH7BwP/U/7cTOi/TqroymSe4tjd7hOxIa5Dx1dq
WEFLgxaPYSaMQjuaqkqp7AzMY+tepa/TfKh95f8e8ozv6MUcgf7/WCifM4n7eu+O
/FBDC2mcqWQjbf9dlEn+K6p2GVX2SpQZc70ODo+Q+RQ7j5mUvQJQ4NdYIJPZ9CEH
Mt4bnAsUgic=
=5uxt
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________