search for: mdksa

...PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: kon2 Date: August 1st, 2000 Advisory ID: MDKSA-2000:028 Affected versions: 7.0, 7.1 ________________________________________________________________________ Problem Description: There is a vulnerable suid program called fld. This program accepts option input from a text file and it is possible to input arbitrary code into the stack, thus...

...N PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: dump Date: July 11th, 2000 Advisory ID: MDKSA-2000:018 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: There was the potential for a buffer overflow exploit in the restore program. This new verson fixes this possible vulnerability. _______________________...

...N PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: dhcp Date: July 21th, 2000 Advisory ID: MDKSA-2000:022 Affected versions: 7.0, 7.1 ________________________________________________________________________ Problem Description: All versions of the ISC DHCP client program, dhclient, are vulnerable to a root attack by a corrupt DHCP server. This version fixes the vulnerability. Versions...

...IN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: gpm Date: July 27th, 2000 Advisory ID: MDKSA-2000:025 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: Many security flaws existed in the gpm package, which is used to control the mouse in a terminal outside of X Windows. As well, a denial of service att...

...IN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: inn Date: July 22nd, 2000 Advisory ID: MDKSA-2000:023 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: A vulnerability exists when verifycancels is enabled in /etc/news/inn.conf. This vulnerability could be used to gain root access on any system with i...

...N PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: pam Date: August 1st, 2000 Advisory ID: MDKSA-2000:029 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: There is a problem with the pam_console module that incorrectly identifies remote X logins for displays other than :0 (for example, :1, :2, etc.) as bei...

...PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: perl Date: August 8th, 2000 Advisory ID: MDKSA-2000:031 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: There is a vulnerability that exists when using setuidperl together with the mailx program. In some cases, setuidperl will warn root that something has...

...PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: perl Date: August 8th, 2000 Advisory ID: MDKSA-2000:031 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: There is a vulnerability that exists when using setuidperl together with the mailx program. In some cases, setuidperl will warn root that something has...

...P SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: netscape Date: July 31st, 2000 Advisory ID: MDKSA-2000:027 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: Previous versions of Netscape, from version 3.0 to 4.73 contain a serious overflow flaw due to improper input verification in Netscape''s JPEG p...

..._________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: netscape Date: August 1st, 2000 Original Advisory Date: July 31st, 2000 Advisory ID: MDKSA-2000:027-1 Affected versions: 6.0, 6.1, 7.0, 7.1 ________________________________________________________________________ Problem Description: Previous versions of Netscape, from version 3.0 to 4.73 contain a serious overflow flaw due to improper input verification in Netscape''s JPEG...

...N PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Linux-Mandrake Security Update Advisory ________________________________________________________________________ Package name: Zope Date: July 28th, 2000 Advisory ID: MDKSA-2000:026 Affected versions: 7.1 ________________________________________________________________________ Problem Description: Previous versions of Zope have a serious security flaw in one of the base classes in the DocumentTemplate package that is inadequately protected. This flaw allows the...

...inux-mandrake.com> To: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com> Cc: Linux Mandrake Security <mdk-security@freezer-burn.org>, Bugtraq <bugtraq@securityfocus.com>, RedHat Linux Security <linux-security@redhat.com> Subject: MDKSA-2000:027 netscape update Message-ID: <20000801120108.A1624@mandrakesoft.com> Mail-Followup-To: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com>, Linux Mandrake Security <mdk-security@freezer-burn.org>, Bugtraq <bugtraq@securityfocus.com>, RedHa...

...ific version. The update can be found here: ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/8.0 (or any other mirror listed here:) http://www.linux-mandrake.com/en/ftp.php3 The security advisory concerning samba on 8.0 can be found here: http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-062.php3?dis=8.0 Also, there is an unsupported 2.2.X version for 8.0 here: http://people.mandrakesoft.com/~staburet/samba/RPMS/8.0/ or here: http://www.cae.co.za/~bgmilne/mandrake/samba/samba-2.2.2-mdk80/ but remember it's not officially supported on 8.0. Cheers, Sylvestre Taburet Le...