[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 801/06 - Three Mandriva Security Advisories:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------------------------
       UNIRAS (UK Government CERT) Briefing - 801/06 Dated 04.12.06 Time 11:30  

UNIRAS is part of NISCC (the UK National Infrastructure Security  Co-ordination Centre)
---------------------------------------------------------------------------------------
 	UNIRAS material is available from the NISCC website at www.niscc.gov.uk
---------------------------------------------------------------------------------------

Title
=====

Three Mandriva Security Advisories:

1. MDKSA-2006:222 - Updated koffice packages fixes integer overflow vulnerability

2. MDKSA-2006:223 - Updated ImageMagick packages fixes vulnerability

3. MDKA-2006:057 - Updated clamav packages to sync with upstream release

Detail
======

1.  An integer overflow was discovered in KOffice's filtering code.  By  tricking a user into opening a specially crafted PPT file,
attackers  could crash KOffice or possibly execute arbitrary code with the user's  privileges.

2.  Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2  before 6.2.4.5, has unknown impact and user-assisted
attack vectors via  a crafted SGI image.

3.  There are no known security issues with clamav-0.88.5, which was  included in the last update (MDKSA-2006:184). Upstream has
released a  new stable 0.88.6, with some bugfixes. This update is to address user  reports with regards to clamav's behavior of
producing output such as:

 WARNING: Your ClamAV installation is OUTDATED! WARNING: Current  functionality level = 9, recommended = 10 DON'T PANIC! Read
http://www.clamav.net/faq.html




1.




- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:222
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : koffice
 Date    : December 1, 2006
 Affected: 2007.0
 _______________________________________________________________________
 
 Problem Description:
 
 An integer overflow was discovered in KOffice's filtering code.  By  tricking a user into opening a specially crafted PPT file,
attackers  could crash KOffice or possibly execute arbitrary code with the user's  privileges.

 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6120
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 97ad85cf8411c6ff5de87a62aab94a35  2007.0/i586/koffice-1.5.91-3.2mdv2007.0.i586.rpm
 db50d5559832bbb2dbb2c411184d134f  2007.0/i586/koffice-karbon-1.5.91-3.2mdv2007.0.i586.rpm
 7c748642ea280486ccc9ad1164924ec6  2007.0/i586/koffice-kexi-1.5.91-3.2mdv2007.0.i586.rpm
 6c5a63dc9354f8b1215adc7512c08685  2007.0/i586/koffice-kformula-1.5.91-3.2mdv2007.0.i586.rpm
 78f0e4824c86b6c3f43c4d1e9a5b792a  2007.0/i586/koffice-kivio-1.5.91-3.2mdv2007.0.i586.rpm
 8c9a702ef82928900043eef81702df35  2007.0/i586/koffice-koshell-1.5.91-3.2mdv2007.0.i586.rpm
 20556ba10c0a5e67da7577077df62312  2007.0/i586/koffice-kplato-1.5.91-3.2mdv2007.0.i586.rpm
 b3319fcc35d5a7d370698196ec75ff92  2007.0/i586/koffice-kpresenter-1.5.91-3.2mdv2007.0.i586.rpm
 be36984a365fc1e4fbc7b28b931b1bf3  2007.0/i586/koffice-krita-1.5.91-3.2mdv2007.0.i586.rpm
 5af60bc6e42cd6489ad018dba76b06a2  2007.0/i586/koffice-kspread-1.5.91-3.2mdv2007.0.i586.rpm
 24d4813bee6f2b5814972554d1e6d5ca  2007.0/i586/koffice-kugar-1.5.91-3.2mdv2007.0.i586.rpm
 6fae99addb4c1093aa04de1c0e59c97e  2007.0/i586/koffice-kword-1.5.91-3.2mdv2007.0.i586.rpm
 7ae26f275efedce5d44d79f392f0bb58  2007.0/i586/koffice-progs-1.5.91-3.2mdv2007.0.i586.rpm
 3483943311cd9d80368fe3d08f58c371  2007.0/i586/libkoffice2-karbon-1.5.91-3.2mdv2007.0.i586.rpm
 597101df425c25e7dd98c9fe9bf17e07  2007.0/i586/libkoffice2-karbon-devel-1.5.91-3.2mdv2007.0.i586.rpm
 57e233c194e554e8704d4c32b788a76c  2007.0/i586/libkoffice2-kexi-1.5.91-3.2mdv2007.0.i586.rpm
 2c4c98f62b419e63c0ef65979321deda  2007.0/i586/libkoffice2-kexi-devel-1.5.91-3.2mdv2007.0.i586.rpm
 a71985bc483afedf378415adce427a06  2007.0/i586/libkoffice2-kformula-1.5.91-3.2mdv2007.0.i586.rpm
 994e26bb97eac10fdd2e09cca64b87a9  2007.0/i586/libkoffice2-kformula-devel-1.5.91-3.2mdv2007.0.i586.rpm
 4c41e347712800078a820306a98a26c8  2007.0/i586/libkoffice2-kivio-1.5.91-3.2mdv2007.0.i586.rpm
 000ae5e267e281e764b95dccb9c4b84e  2007.0/i586/libkoffice2-kivio-devel-1.5.91-3.2mdv2007.0.i586.rpm
 f23734cbd98541eecdeb258c0732fc1a  2007.0/i586/libkoffice2-koshell-1.5.91-3.2mdv2007.0.i586.rpm
 dc638d9155717c2c4091b9da2e55144c  2007.0/i586/libkoffice2-kplato-1.5.91-3.2mdv2007.0.i586.rpm
 f6d05ae189da6de29cc0c69afab5027b  2007.0/i586/libkoffice2-kpresenter-1.5.91-3.2mdv2007.0.i586.rpm
 87d31c59a56729a2f4e9bddc36ea8c32  2007.0/i586/libkoffice2-kpresenter-devel-1.5.91-3.2mdv2007.0.i586.rpm
 2fd250793b43f2bb2255d97859f886d2  2007.0/i586/libkoffice2-krita-1.5.91-3.2mdv2007.0.i586.rpm
 6c383e3918558aded1e61ddfdadb7273  2007.0/i586/libkoffice2-krita-devel-1.5.91-3.2mdv2007.0.i586.rpm
 51ed465cb0c6ee89975aec7f1262ab66  2007.0/i586/libkoffice2-kspread-1.5.91-3.2mdv2007.0.i586.rpm
 0663f72f3a1bdce3672899a469d6972b  2007.0/i586/libkoffice2-kspread-devel-1.5.91-3.2mdv2007.0.i586.rpm
 04dce49f0d17bdd14716d53ea8e1da0f  2007.0/i586/libkoffice2-kugar-1.5.91-3.2mdv2007.0.i586.rpm
 70816b062ed237a79478e3c248922cdd  2007.0/i586/libkoffice2-kugar-devel-1.5.91-3.2mdv2007.0.i586.rpm
 a8e1d9c67a02b6910defc0e09b4716f7  2007.0/i586/libkoffice2-kword-1.5.91-3.2mdv2007.0.i586.rpm
 dd88904044b5103407fda7c1a2e53fde  2007.0/i586/libkoffice2-kword-devel-1.5.91-3.2mdv2007.0.i586.rpm
 8619b90e23e355b545230c6a9fbf5cd2  2007.0/i586/libkoffice2-progs-1.5.91-3.2mdv2007.0.i586.rpm
 8c4e1ccdfe2b69d66739aa04c09b4eae  2007.0/i586/libkoffice2-progs-devel-1.5.91-3.2mdv2007.0.i586.rpm
 18f79118122cdc73e54dfec4d9365091  2007.0/SRPMS/koffice-1.5.91-3.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 0d4734623788de46f16fb9866362fb60  2007.0/x86_64/koffice-1.5.91-3.2mdv2007.0.x86_64.rpm
 6e9294e503e496542c867c9f62298731  2007.0/x86_64/koffice-karbon-1.5.91-3.2mdv2007.0.x86_64.rpm
 65907aa84ed619962aa87599ea5c922c  2007.0/x86_64/koffice-kexi-1.5.91-3.2mdv2007.0.x86_64.rpm
 db489203dc559d631df6cfc7fafe93cd  2007.0/x86_64/koffice-kformula-1.5.91-3.2mdv2007.0.x86_64.rpm
 1500fb9ee551eaee484254cb2424e57a  2007.0/x86_64/koffice-kivio-1.5.91-3.2mdv2007.0.x86_64.rpm
 9555a5d61aa1132196ab53474d86e3b5  2007.0/x86_64/koffice-koshell-1.5.91-3.2mdv2007.0.x86_64.rpm
 b2315a4e783d8482d56ee0723e5a9b0e  2007.0/x86_64/koffice-kplato-1.5.91-3.2mdv2007.0.x86_64.rpm
 c742e5bbef3f868d538cfd65ee581623  2007.0/x86_64/koffice-kpresenter-1.5.91-3.2mdv2007.0.x86_64.rpm
 9bb89a8140594af37cb5533039f8b8b1  2007.0/x86_64/koffice-krita-1.5.91-3.2mdv2007.0.x86_64.rpm
 20702a2f45aa65bf5fd71034c379d877  2007.0/x86_64/koffice-kspread-1.5.91-3.2mdv2007.0.x86_64.rpm
 ba4d9249380cb17d86f1cc20b15a6da0  2007.0/x86_64/koffice-kugar-1.5.91-3.2mdv2007.0.x86_64.rpm
 96a772d36130780a92a0d14a51b82173  2007.0/x86_64/koffice-kword-1.5.91-3.2mdv2007.0.x86_64.rpm
 3ef642a955a0de9f4440a9b7f5ed112d  2007.0/x86_64/koffice-progs-1.5.91-3.2mdv2007.0.x86_64.rpm
 90aefb67aefcc6c70e3f0acafdf2d20a  2007.0/x86_64/lib64koffice2-karbon-1.5.91-3.2mdv2007.0.x86_64.rpm
 d99922c80f817fe39778f6711cc48a24  2007.0/x86_64/lib64koffice2-karbon-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 d1ce54c1da5baf6e5d78f6dbb9df2e88  2007.0/x86_64/lib64koffice2-kexi-1.5.91-3.2mdv2007.0.x86_64.rpm
 5b5ab70a073c52d1866f8f0504d696d8  2007.0/x86_64/lib64koffice2-kexi-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 b27623062be6e6c56afab8d64215eda4  2007.0/x86_64/lib64koffice2-kformula-1.5.91-3.2mdv2007.0.x86_64.rpm
 c9d45dfb4c71793c6a04772da52a4c27  2007.0/x86_64/lib64koffice2-kformula-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 c541021dfc624c5b01a2994d3e62354b  2007.0/x86_64/lib64koffice2-kivio-1.5.91-3.2mdv2007.0.x86_64.rpm
 78fbf699ce7bd245f7ffcce694488bd8  2007.0/x86_64/lib64koffice2-kivio-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 bc14a92c9079f26509110d8dcfef4234  2007.0/x86_64/lib64koffice2-koshell-1.5.91-3.2mdv2007.0.x86_64.rpm
 04df83ce95051488ba0165e02a647438  2007.0/x86_64/lib64koffice2-kplato-1.5.91-3.2mdv2007.0.x86_64.rpm
 8bcc5137ccf41bba147986de8d8b95e4  2007.0/x86_64/lib64koffice2-kpresenter-1.5.91-3.2mdv2007.0.x86_64.rpm
 9157afe6ed8b9f4745cd7f0333ac484f  2007.0/x86_64/lib64koffice2-kpresenter-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 9edddd073414539f674939a95412ea9e  2007.0/x86_64/lib64koffice2-krita-1.5.91-3.2mdv2007.0.x86_64.rpm
 4e54205509fe323caaaecab61acb2e20  2007.0/x86_64/lib64koffice2-krita-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 8149704298a9bfe1edcd903b73536654  2007.0/x86_64/lib64koffice2-kspread-1.5.91-3.2mdv2007.0.x86_64.rpm
 ed82f407c7be218dba128252b4de09f3  2007.0/x86_64/lib64koffice2-kspread-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 62a023ac8bb89806a0080797f6f9a03f  2007.0/x86_64/lib64koffice2-kugar-1.5.91-3.2mdv2007.0.x86_64.rpm
 0479922c3466a2f4ba2c5079d55fe634  2007.0/x86_64/lib64koffice2-kugar-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 7039997ba59f0e670e8f1352c0c82711  2007.0/x86_64/lib64koffice2-kword-1.5.91-3.2mdv2007.0.x86_64.rpm
 aed8cd41144d076f9ee51b6cd0966a51  2007.0/x86_64/lib64koffice2-kword-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 aacf502f62097c102dc44be1387763d7  2007.0/x86_64/lib64koffice2-progs-1.5.91-3.2mdv2007.0.x86_64.rpm
 d30e35e35d4e4832f78a61e116114a33  2007.0/x86_64/lib64koffice2-progs-devel-1.5.91-3.2mdv2007.0.x86_64.rpm
 18f79118122cdc73e54dfec4d9365091  2007.0/SRPMS/koffice-1.5.91-3.2mdv2007.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFcHEwmqjQ0CJFipgRAmRsAJ9maSoEYLobFpNgiMarEgFpcFVQwgCdETbx
BpC/9xb5tzUEDiL6MwB8IXQ=
=Popd
- -----END PGP SIGNATURE-----



2.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2006:223
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : ImageMagick
 Date    : December 1, 2006
 Affected: 2006.0, Corporate 3.0, Corporate 4.0  _______________________________________________________________________
 
 Problem Description:
 
 Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2  before 6.2.4.5, has unknown impact and user-assisted attack
vectors via  a crafted SGI image.

 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 df62dd8449b08426a4188d5959b3f823  2006.0/i586/ImageMagick-6.2.4.3-1.4.20060mdk.i586.rpm
 e87bbddff33171aae89d1d08400907a7  2006.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mdk.i586.rpm
 8755d8beabe9a85f3e7a07b73d071c59  2006.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mdk.i586.rpm
 2b6ae5e3b4c8e187e095442e7dcd5c24  2006.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mdk.i586.rpm
 d7e61aa5943b52eb374b0a2e44232e93  2006.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mdk.i586.rpm
 e5875ef8dd63237d5c7c74a441b123fc  2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 973d1bb7026248e93c9f1a16eba0cfaf  2006.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mdk.x86_64.rpm
 ca759633ecf8ef52b1c34f55d5a3af6d  2006.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mdk.x86_64.rpm
 f65de07d50364a3c861f50ce6f11fee4  2006.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mdk.x86_64.rpm
 c9e86c379bdfeb36e25bfd34e094b921  2006.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mdk.x86_64.rpm
 9d58fe1606d8f1f0f6a225df3ac58b48  2006.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mdk.x86_64.rpm
 e5875ef8dd63237d5c7c74a441b123fc  2006.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mdk.src.rpm

 Corporate 3.0:
 fc15d48d236f0d1f738c795190081ddd  corporate/3.0/i586/ImageMagick-5.5.7.15-6.9.C30mdk.i586.rpm
 3ba801afddeb42759aebd891971b5fce  corporate/3.0/i586/ImageMagick-doc-5.5.7.15-6.9.C30mdk.i586.rpm
 35c8a337172b91501486381be4e0aa7d  corporate/3.0/i586/libMagick5.5.7-5.5.7.15-6.9.C30mdk.i586.rpm
 3273f233005c79adf0602ade443de675  corporate/3.0/i586/libMagick5.5.7-devel-5.5.7.15-6.9.C30mdk.i586.rpm
 8dfce9d9e00005e990c1203c1144ac34  corporate/3.0/i586/perl-Magick-5.5.7.15-6.9.C30mdk.i586.rpm
 3cf9bff07102ada97373a66c5f4c6e05  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 0f8193fed5ac7b344398b9e99fe5bccb  corporate/3.0/x86_64/ImageMagick-5.5.7.15-6.9.C30mdk.x86_64.rpm
 bdae28be1bcacf4f5bc6d9bdfa589cbd  corporate/3.0/x86_64/ImageMagick-doc-5.5.7.15-6.9.C30mdk.x86_64.rpm
 fa4a5fe3e447770c33ef0596da8570fb  corporate/3.0/x86_64/lib64Magick5.5.7-5.5.7.15-6.9.C30mdk.x86_64.rpm
 8af081adcd750d5edec44bf1e85e5c7d  corporate/3.0/x86_64/lib64Magick5.5.7-devel-5.5.7.15-6.9.C30mdk.x86_64.rpm
 e238642447217ade5a772c4b12b492b3  corporate/3.0/x86_64/perl-Magick-5.5.7.15-6.9.C30mdk.x86_64.rpm
 3cf9bff07102ada97373a66c5f4c6e05  corporate/3.0/SRPMS/ImageMagick-5.5.7.15-6.9.C30mdk.src.rpm

 Corporate 4.0:
 dde2f028a95732f3d5fd5bfd48ede727  corporate/4.0/i586/ImageMagick-6.2.4.3-1.4.20060mlcs4.i586.rpm
 6affed772cabdc8e8eb6e6ed96efb178  corporate/4.0/i586/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.i586.rpm
 426d44c76834a660ea48c09719048de2  corporate/4.0/i586/libMagick8.4.2-6.2.4.3-1.4.20060mlcs4.i586.rpm
 4cc0f80f0bbfdbc1c26a497f14e2dd0d  corporate/4.0/i586/libMagick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.i586.rpm
 9deab133788e00cf6487a057042c3ae0  corporate/4.0/i586/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.i586.rpm
 0b75266159c73fcb8a0f7027d208bee2  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 283a0751148b3468bd3e2281d819f08d  corporate/4.0/x86_64/ImageMagick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 48ee2e7835b97a89e27342c3a27db913  corporate/4.0/x86_64/ImageMagick-doc-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 fad038ed56f886f4656302721a616578  corporate/4.0/x86_64/lib64Magick8.4.2-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 17b7841d6459f0a52662f43d16f09771  corporate/4.0/x86_64/lib64Magick8.4.2-devel-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 dbcfd793204ead891cbf779c1075287e  corporate/4.0/x86_64/perl-Image-Magick-6.2.4.3-1.4.20060mlcs4.x86_64.rpm
 0b75266159c73fcb8a0f7027d208bee2  corporate/4.0/SRPMS/ImageMagick-6.2.4.3-1.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFcJi1mqjQ0CJFipgRAoCvAJ9sJwsy6KmxvLwFtEyFiCoLvVHIaACgj+2v
kI0mULDMWX7ydgtZ+bArC40=
=m55O
- -----END PGP SIGNATURE-----



3.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Advisory                                   MDKA-2006:057
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : clamav
 Date    : December 1, 2006
 Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0  _______________________________________________________________________
 
 Problem Description:
 
 There are no known security issues with clamav-0.88.5, which was  included in the last update (MDKSA-2006:184). Upstream has
released a  new stable 0.88.6, with some bugfixes. This update is to address user  reports with regards to clamav's behavior of
producing output such as:

 WARNING: Your ClamAV installation is OUTDATED! WARNING: Current  functionality level = 9, recommended = 10 DON'T PANIC! Read
http://www.clamav.net/faq.html

 If one is not running the latest release.
 _______________________________________________________________________

 References:
 
 http://sourceforge.net/project/shownotes.php?release_id=461171
 http://qa.mandriva.com/show_bug.cgi?id=27373
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2006.0:
 2fda0e0342cdae985856803134ec21aa  2006.0/i586/clamav-0.88.6-0.1.20060mdk.i586.rpm
 62de9207bb5847aaa7c6f847f2baf337  2006.0/i586/clamav-db-0.88.6-0.1.20060mdk.i586.rpm
 6a98cd059786d412283edf53c8ca8a4c  2006.0/i586/clamav-milter-0.88.6-0.1.20060mdk.i586.rpm
 8094d091e1d0269bfc4f0bab18d44e39  2006.0/i586/clamd-0.88.6-0.1.20060mdk.i586.rpm
 bbf47f02885a46eba4f168cc94f17715  2006.0/i586/libclamav1-0.88.6-0.1.20060mdk.i586.rpm
 23a1a16f6e9dada0d98c2c6d8195e8c0  2006.0/i586/libclamav1-devel-0.88.6-0.1.20060mdk.i586.rpm
 4bb9f2a0d3b09aac2998829e40d5d0b0  2006.0/SRPMS/clamav-0.88.6-0.1.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 38b6353b5af037171c1a4c250c3c21db  2006.0/x86_64/clamav-0.88.6-0.1.20060mdk.x86_64.rpm
 a4463b9073813e4f8fe0c21b4bbe3529  2006.0/x86_64/clamav-db-0.88.6-0.1.20060mdk.x86_64.rpm
 2ce7d7422d238290ae47d05cf5d92866  2006.0/x86_64/clamav-milter-0.88.6-0.1.20060mdk.x86_64.rpm
 63dd0c324ecc3c5217117d143f5e00d5  2006.0/x86_64/clamd-0.88.6-0.1.20060mdk.x86_64.rpm
 e0e4c658897479ed8a38713d55525dd5  2006.0/x86_64/lib64clamav1-0.88.6-0.1.20060mdk.x86_64.rpm
 49e3b1e9fc806f92867aa16d88e4605a  2006.0/x86_64/lib64clamav1-devel-0.88.6-0.1.20060mdk.x86_64.rpm
 4bb9f2a0d3b09aac2998829e40d5d0b0  2006.0/SRPMS/clamav-0.88.6-0.1.20060mdk.src.rpm

 Mandriva Linux 2007.0:
 fac9377272e254dba298f51c9dae8f91  2007.0/i586/clamav-0.88.6-1.1mdv2007.0.i586.rpm
 7549af952f9a13bc0e5f1bdd5b47a251  2007.0/i586/clamav-db-0.88.6-1.1mdv2007.0.i586.rpm
 373ba8daebdbd42bf8da1f158771a393  2007.0/i586/clamav-milter-0.88.6-1.1mdv2007.0.i586.rpm
 de93cd9bc46ff3e3e540dfbd4dc4e519  2007.0/i586/clamd-0.88.6-1.1mdv2007.0.i586.rpm
 2672c9c1c46cb3901bc48989b4b09d48  2007.0/i586/libclamav1-0.88.6-1.1mdv2007.0.i586.rpm
 e4baa6fb06a6e8fbc90ead67b6b96384  2007.0/i586/libclamav1-devel-0.88.6-1.1mdv2007.0.i586.rpm
 3ea0030577cf5020585eec57e1267da2  2007.0/SRPMS/clamav-0.88.6-1.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 bbb293b47eb51b8dca18648daa0c4200  2007.0/x86_64/clamav-0.88.6-1.1mdv2007.0.x86_64.rpm
 a73eb4399bb1af12c76a2508d3355062  2007.0/x86_64/clamav-db-0.88.6-1.1mdv2007.0.x86_64.rpm
 3c5cb17b52d656c8e8fb0158a2ae6d4d  2007.0/x86_64/clamav-milter-0.88.6-1.1mdv2007.0.x86_64.rpm
 3caf410d0d7d49e00610ae71ebda19b9  2007.0/x86_64/clamd-0.88.6-1.1mdv2007.0.x86_64.rpm
 76067ae30321557af81fe9ab2b5b7d8a  2007.0/x86_64/lib64clamav1-0.88.6-1.1mdv2007.0.x86_64.rpm
 ea02cc87297d4442bdc08b61f6495431  2007.0/x86_64/lib64clamav1-devel-0.88.6-1.1mdv2007.0.x86_64.rpm
 3ea0030577cf5020585eec57e1267da2  2007.0/SRPMS/clamav-0.88.6-1.1mdv2007.0.src.rpm

 Corporate 3.0:
 ce5b2e8d973b14630e38eaeddc1a162b  corporate/3.0/i586/clamav-0.88.6-0.1.C30mdk.i586.rpm
 f857febbe91add28e68d5a8ccf600746  corporate/3.0/i586/clamav-db-0.88.6-0.1.C30mdk.i586.rpm
 e878e6e0065cb327def8c251f62f9848  corporate/3.0/i586/clamav-milter-0.88.6-0.1.C30mdk.i586.rpm
 83281afba2ac4e864c2465c54ea972a7  corporate/3.0/i586/clamd-0.88.6-0.1.C30mdk.i586.rpm
 542bf79bb572901eb01371483a8cca19  corporate/3.0/i586/libclamav1-0.88.6-0.1.C30mdk.i586.rpm
 c5872284bd37cbcb126a4436a5c85980  corporate/3.0/i586/libclamav1-devel-0.88.6-0.1.C30mdk.i586.rpm
 233c42a9e3fdc414ee5ef4fcecd3aa38  corporate/3.0/SRPMS/clamav-0.88.6-0.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 8f55596e44687656eb3f99d8f64e9471  corporate/3.0/x86_64/clamav-0.88.6-0.1.C30mdk.x86_64.rpm
 2dd06aa01ea26cf9b1e34872c09bdd93  corporate/3.0/x86_64/clamav-db-0.88.6-0.1.C30mdk.x86_64.rpm
 97911216d0b4605bd9d3ea20fe2afea6  corporate/3.0/x86_64/clamav-milter-0.88.6-0.1.C30mdk.x86_64.rpm
 eaaab43f34ff52d574501a45c5f9eced  corporate/3.0/x86_64/clamd-0.88.6-0.1.C30mdk.x86_64.rpm
 69442248d92acf1c35ce7c2bbbccb5eb  corporate/3.0/x86_64/lib64clamav1-0.88.6-0.1.C30mdk.x86_64.rpm
 554b05b075b4fa39ee229cc416359c37  corporate/3.0/x86_64/lib64clamav1-devel-0.88.6-0.1.C30mdk.x86_64.rpm
 233c42a9e3fdc414ee5ef4fcecd3aa38  corporate/3.0/SRPMS/clamav-0.88.6-0.1.C30mdk.src.rpm

 Corporate 4.0:
 ec3469788093dc869e6d4cc525881cd5  corporate/4.0/i586/clamav-0.88.6-0.1.20060mlcs4.i586.rpm
 cca55e7504ca60f921adfe5661b00f6e  corporate/4.0/i586/clamav-db-0.88.6-0.1.20060mlcs4.i586.rpm
 baa239471098a85d1fb2c95bfa8a803c  corporate/4.0/i586/clamav-milter-0.88.6-0.1.20060mlcs4.i586.rpm
 0a00b61f8f5928c6320dbe4f523b31e2  corporate/4.0/i586/clamd-0.88.6-0.1.20060mlcs4.i586.rpm
 1f0a1b2d2d8154c2a1f5aaa33ab30ddd  corporate/4.0/i586/libclamav1-0.88.6-0.1.20060mlcs4.i586.rpm
 413d38174e4d1032b3d57cb3bd8b4c71  corporate/4.0/i586/libclamav1-devel-0.88.6-0.1.20060mlcs4.i586.rpm
 f7a018bfe3dbe95ef9392f778ce9c84c  corporate/4.0/SRPMS/clamav-0.88.6-0.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 6e38bbd0c28ceb7b6fda34cc9e977b10  corporate/4.0/x86_64/clamav-0.88.6-0.1.20060mlcs4.x86_64.rpm
 0376f30b5fad303237b9a43440e6a4e6  corporate/4.0/x86_64/clamav-db-0.88.6-0.1.20060mlcs4.x86_64.rpm
 4c095ac1307b24e1a979974c8e9123dd  corporate/4.0/x86_64/clamav-milter-0.88.6-0.1.20060mlcs4.x86_64.rpm
 3613745ec556a4dc163e84accaa1d9f7  corporate/4.0/x86_64/clamd-0.88.6-0.1.20060mlcs4.x86_64.rpm
 531a6b23a8271cccded5755d9950054a  corporate/4.0/x86_64/lib64clamav1-0.88.6-0.1.20060mlcs4.x86_64.rpm
 1d74fc8cdc81397c00c4a9dd9b746e9a  corporate/4.0/x86_64/lib64clamav1-devel-0.88.6-0.1.20060mlcs4.x86_64.rpm
 f7a018bfe3dbe95ef9392f778ce9c84c  corporate/4.0/SRPMS/clamav-0.88.6-0.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification  of md5 checksums and GPG signatures is performed
automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the  GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFcJ9KmqjQ0CJFipgRArR6AJ9o/l2G0dxhyAYdGm8bOOju0U5YLwCdE+JE
6cnwE/A4AaGwYQwYhdW0BBo=
=LnES
- -----END PGP SIGNATURE-----



- ---------------------------------------------------------------------------------------
NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
   (Place an 'X' next to your choice)

	Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
- ---------------------------------------------------------------------------------------

For additional information or assistance, please contact our help desk by telephone.  
You may send Not Protectively Marked information via e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

- ---------------------------------------------------------------------------------------
UNIRAS wishes to acknowledge the contributions of Mandriva for the information contained 

in this briefing.
- ---------------------------------------------------------------------------------------

This notice contains information released by the original author. Some of the 
information may have changed since it was released. If the vulnerability affects you, 
it may be prudent to retrieve the advisory from the site of the original source to 
ensure that you receive the most current information concerning that problem.

Reference to any specific commercial product, process, or service by trade name, 
trademark manufacturer, or otherwise, does not constitute or imply its endorsement, 
recommendation, or favouring by UNIRAS or NISCC. The views and opinions of authors 
expressed within this notice shall not be used for advertising or product endorsement 
purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors or omissions 
contained within this briefing notice. In particular, they shall not be liable for 
any loss or damage whatsoever, arising from or in connection with the usage of 
information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) and has 
contacts with other international Incident Response Teams (IRTs) in order to foster 
cooperation and coordination in incident prevention, to prompt rapid reaction to 
incidents, and to promote information sharing amongst its members and the community at 
large.
- ---------------------------------------------------------------------------------------
<End of UNIRAS Briefing>



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRXQGO2l7oeQsXfKvEQKC/ACdFlyxOocsXJMb97ZiADvdl2QwMhkAnAiH
8uNHPvjn1+mC1ZW+E1qtKxNL
=6Ezl
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________