Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > August 2005 > Mandriva - Four Security Update Advisories

August 2005

Mandriva - Four Security Update Advisories

ID: 00737
Ref: 684/05
Date: 30 August 2005:14:54:22
Version: 1
Title: Mandriva - Four Security Update Advisories
Abstract:
Vendors affected: Mandriva
Operating systems affected: Mandriva
Applications affected: Mandriva

Title
=====

Mandriva - Four Security Update Advisories:
1. Updated mozilla-thunderbird packages fix multiple vulnerabilities [MDKSA-2005:127-1]
2. Updated gnumeric packages fix integer overflow vulnerability [MDKSA-2005:153]
3. Updated python packages fix integer overflow vulnerability [MDKSA-2005:154]
4. Updated apache2 packages fix integer overflow vulnerability [MDKSA-2005:155]


Detail
======

Security update advisory summaries:

1. There was a slight regression in the handling of "right-click" menus in
the packages previously released that is corrected with this new
update.

2. Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow. The gnumeric
packages use a private copy of pcre code.

3. Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow. The python
packages use a private copy of pcre code.

4. Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow. The apache2
packages, as shipped, were built using a private copy of pcre.


Security update advisory content follows:


1.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: mozilla-thunderbird
Advisory ID: MDKSA-2005:127-1
Date: August 26th, 2005
Original Advisory Date: July 28th, 2005
Affected versions: 10.2
______________________________________________________________________

Problem Description:

A number of vulnerabilities were reported and fixed in Thunderbird 1.0.5
and Mozilla 1.7.9. The following vulnerabilities have been backported
and patched for this update:

The native implementations of InstallTrigger and other XPInstall-
related javascript objects did not properly validate that they were
called on instances of the correct type. By passing other objects,
even raw numbers, the javascript interpreter would jump to the wrong
place in memory. Although no proof of concept has been developed we
believe this could be exploited (MFSA 2005-40).

moz_bug_r_a4 reported several exploits giving an attacker the ability
to install malicious code or steal data, requiring only that the user
do commonplace actions like clicking on a link or open the context
menu. The common cause in each case was privileged UI code ("chrome")
being overly trusting of DOM nodes from the content window. Scripts in
the web page can override properties and methods of DOM nodes and
shadow the native values, unless steps are taken to get the true
underlying values (MFSA 2005-41).

Additional checks were added to make sure Javascript eval and Script
objects are run with the privileges of the context that created them,
not the potentially elevated privilege of the context calling them in
order to protect against an additional variant of MFSA 2005-41
(MFSA 2005-44).

In several places the browser UI did not correctly distinguish between
true user events, such as mouse clicks or keystrokes, and synthetic
events genenerated by web content. The problems ranged from minor
annoyances like switching tabs or entering full-screen mode, to a
variant on MFSA 2005-34 Synthetic events are now prevented from
reaching the browser UI entirely rather than depend on each potentially
spoofed function to protect itself from untrusted events
(MFSA 2005-45).

Scripts in XBL controls from web content continued to be run even when
Javascript was disabled. By itself this causes no harm, but it could be
combined with most script-based exploits to attack people running
vulnerable versions who thought disabling javascript would protect
them. In the Thunderbird and Mozilla Suite mail clients Javascript is
disabled by default for protection against denial-of-service attacks
and worms; this vulnerability could be used to bypass that protection
(MFSA 2005-46).

When InstallVersion.compareTo() is passed an object rather than a
string it assumed the object was another InstallVersion without
verifying it. When passed a different kind of object the browser would
generally crash with an access violation. shutdown has demonstrated
that different javascript objects can be passed on some OS versions to
get control over the instruction pointer. We assume this could be
developed further to run arbitrary machine code if the attacker can get
exploit code loaded at a predictable address (MFSA 2005-50).

A child frame can call top.focus() even if the framing page comes from
a different origin and has overridden the focus() routine. The call is
made in the context of the child frame. The attacker would look for a
target site with a framed page that makes this call but doesn't verify
that its parent comes from the same site. The attacker could steal
cookies and passwords from the framed page, or take actions on behalf
of a signed-in user. This attack would work only against sites that use
frames in this manner (MFSA 2005-52).

Parts of the browser UI relied too much on DOM node names without
taking different namespaces into account and verifying that nodes
really were of the expected type. An XHTML document could be used to
create fake elements, for example, with content-defined
properties that the browser would access as if they were the trusted
built-in properties of the expected HTML elements. The severity of the
vulnerability would depend on what the attacker could convince the
victim to do, but could result in executing user-supplied script with
elevated "chrome" privileges. This could be used to install malicious
software on the victim's machine (MFSA 2005-55).

Improper cloning of base objects allowed web content scripts to walk up
the prototype chain to get to a privileged object. This could be used
to execute code with enhanced privileges (MFSA 2005-56).

The updated packages have been patched to address these issue.

Update:

There was a slight regression in the handling of "right-click" menus in
the packages previously released that is corrected with this new
update.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270
http://www.mozilla.org/security/announce/mfsa2005-40.html
http://www.mozilla.org/security/announce/mfsa2005-41.html
http://www.mozilla.org/security/announce/mfsa2005-44.html
http://www.mozilla.org/security/announce/mfsa2005-45.html
http://www.mozilla.org/security/announce/mfsa2005-46.html
http://www.mozilla.org/security/announce/mfsa2005-50.html
http://www.mozilla.org/security/announce/mfsa2005-52.html
http://www.mozilla.org/security/announce/mfsa2005-55.html
http://www.mozilla.org/security/announce/mfsa2005-56.html
http://secunia.com/advisories/15549/
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.2:
dc5d6c3678f46e575bdc215ac7aa00e3 10.2/RPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.i586.rpm
d3a4170ba3535057621ee85712bacc8d 10.2/RPMS/mozilla-thunderbird-devel-1.0.2-3.1.102mdk.i586.rpm
76b14e777bffb3c9f6bfde915f79a2ad 10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-3.1.102mdk.i586.rpm
77717fb74315ae1bb54dfea91d053441 10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-3.1.102mdk.i586.rpm
da50dfbc83a1cb3067479eada1727d4e 10.2/SRPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
da471fbf66c976861717e0264fc46aaf x86_64/10.2/RPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.x86_64.rpm
6baf58a3cb334c6179f8d47c8255ac43 x86_64/10.2/RPMS/mozilla-thunderbird-devel-1.0.2-3.1.102mdk.x86_64.rpm
b35aaa288786860f96d4beb4b574db63 x86_64/10.2/RPMS/mozilla-thunderbird-enigmail-1.0.2-3.1.102mdk.x86_64.rpm
3728bee246d6e9aad8181e1d7529913d x86_64/10.2/RPMS/mozilla-thunderbird-enigmime-1.0.2-3.1.102mdk.x86_64.rpm
da50dfbc83a1cb3067479eada1727d4e x86_64/10.2/SRPMS/mozilla-thunderbird-1.0.2-3.1.102mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6BQmqjQ0CJFipgRAgJwAKCZCX6193rZE/XMzsMbRN22zw/AaACghZhl
d68FgQMXjMnePY/XsKwLPj4=
=by5I
- -----END PGP SIGNATURE-----




2.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: gnumeric
Advisory ID: MDKSA-2005:153
Date: August 26th, 2005

Affected versions: 10.1, 10.2, Corporate 3.0
______________________________________________________________________

Problem Description:

Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow.

The gnumeric packages use a private copy of pcre code.

The updated packages have been patched to correct this problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.1:
0886c3abe93a6f99e9c388a2057678e2 10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.i586.rpm
1f4b803c3a19763710cfb56b141fe4d2 10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
e6371dd0e84c22a47d2be3146f6efe1e x86_64/10.1/RPMS/gnumeric-1.2.13-3.1.101mdk.x86_64.rpm
1f4b803c3a19763710cfb56b141fe4d2 x86_64/10.1/SRPMS/gnumeric-1.2.13-3.1.101mdk.src.rpm

Mandrakelinux 10.2:
9ce2fee0efdaac36d6f84374da737f61 10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.i586.rpm
de0c185642dea43227c2bd8d04b05c19 10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm

Mandrakelinux 10.2/X86_64:
ebf2b9f3573524f8a956f6697f08efc9 x86_64/10.2/RPMS/gnumeric-1.4.2-1.1.102mdk.x86_64.rpm
de0c185642dea43227c2bd8d04b05c19 x86_64/10.2/SRPMS/gnumeric-1.4.2-1.1.102mdk.src.rpm

Corporate 3.0:
3510cf943ed010540a3659d23627f912 corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.i586.rpm
b296c5410c6bc28c2e5774d5024d3e43 corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm

Corporate 3.0/X86_64:
58aedcd44337210db29fa0ee7123f7e0 x86_64/corporate/3.0/RPMS/gnumeric-1.2.6-1.1.C30mdk.x86_64.rpm
b296c5410c6bc28c2e5774d5024d3e43 x86_64/corporate/3.0/SRPMS/gnumeric-1.2.6-1.1.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6C2mqjQ0CJFipgRAr9vAKDzYctBwPMZ9nNgcLoKIjCCLFyP3gCeLJsN
kWscnn6RUqLln5stErUH5io=
=8oOE
- -----END PGP SIGNATURE-----




3.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: python
Advisory ID: MDKSA-2005:154
Date: August 26th, 2005

Affected versions: 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1,
Multi Network Firewall 2.0
______________________________________________________________________

Problem Description:

Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow.

The python packages use a private copy of pcre code.

The updated packages have been patched to correct this problem.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
5254d6dd2c29d04b93742943d850d5a6 10.0/RPMS/libpython2.3-2.3.3-2.2.100mdk.i586.rpm
01e76259abbca381185552182c755ebc 10.0/RPMS/libpython2.3-devel-2.3.3-2.2.100mdk.i586.rpm
4c0842a0ae3c0d00af9f238aba27b2c6 10.0/RPMS/python-2.3.3-2.2.100mdk.i586.rpm
fb6a33cc69d04f8edd53ce8026fa1a11 10.0/RPMS/python-base-2.3.3-2.2.100mdk.i586.rpm
4775225e6c25405c162599ff27391d35 10.0/RPMS/python-docs-2.3.3-2.2.100mdk.i586.rpm
82530135e527cd8ac99193368a81c3fb 10.0/RPMS/xchat-python-2.0.7-6.1.100mdk.i586.rpm
917165c654a81f44cc974b0f6adeba35 10.0/RPMS/tkinter-2.3.3-2.2.100mdk.i586.rpm
06ab77bf8c3a95864d73018485f7a22a 10.0/SRPMS/python-2.3.3-2.2.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
36deaedf901b5c30f68ba81aef492728 amd64/10.0/RPMS/lib64python2.3-2.3.3-2.2.100mdk.amd64.rpm
4be95cd1143d2f255b334b43e410e98b amd64/10.0/RPMS/lib64python2.3-devel-2.3.3-2.2.100mdk.amd64.rpm
385fbba2bdf856e2acbb186a6977f6f0 amd64/10.0/RPMS/python-2.3.3-2.2.100mdk.amd64.rpm
bba1e1f45eaa5d557be977fdec1ef752 amd64/10.0/RPMS/python-base-2.3.3-2.2.100mdk.amd64.rpm
6f9b5d5076ba084325a108df2dd3523f amd64/10.0/RPMS/python-docs-2.3.3-2.2.100mdk.amd64.rpm
0466472b41b2fd02802bfc5a3fe5b7a9 amd64/10.0/RPMS/tkinter-2.3.3-2.2.100mdk.amd64.rpm
06ab77bf8c3a95864d73018485f7a22a amd64/10.0/SRPMS/python-2.3.3-2.2.100mdk.src.rpm

Mandrakelinux 10.1:
0c2619eb2e9864ef420ec89ae78dba12 10.1/RPMS/libpython2.3-2.3.4-6.2.101mdk.i586.rpm
ed9f6fee4ec8ab8d8e2388f9c92f66ef 10.1/RPMS/libpython2.3-devel-2.3.4-6.2.101mdk.i586.rpm
e71c5ad5f0718e61c81a93c98667deaf 10.1/RPMS/python-2.3.4-6.2.101mdk.i586.rpm
4e8831f2dab035e3c67afc53f702108f 10.1/RPMS/python-base-2.3.4-6.2.101mdk.i586.rpm
7a4822ce3f46a48ead29363f23adfcd5 10.1/RPMS/python-docs-2.3.4-6.2.101mdk.i586.rpm
6b15b0c9b116db6b38623cb15f868fe6 10.1/RPMS/tkinter-2.3.4-6.2.101mdk.i586.rpm
b965827276d1efd49fc403dda0df33e8 10.1/SRPMS/python-2.3.4-6.2.101mdk.src.rpm

Mandrakelinux 10.1/X86_64:
a19885472aaa03aad5c3dac1b8d668b4 x86_64/10.1/RPMS/lib64python2.3-2.3.4-6.2.101mdk.x86_64.rpm
79e3aaa88ec98d9007d20c37cee2cccd x86_64/10.1/RPMS/lib64python2.3-devel-2.3.4-6.2.101mdk.x86_64.rpm
2a3eee71bcd5b63fa1cc39775e3d514d x86_64/10.1/RPMS/python-2.3.4-6.2.101mdk.x86_64.rpm
318cec7614713c4410393ec50425bebb x86_64/10.1/RPMS/python-base-2.3.4-6.2.101mdk.x86_64.rpm
494b1c0a96a211dacfd4f75f803014ae x86_64/10.1/RPMS/python-docs-2.3.4-6.2.101mdk.x86_64.rpm
08bfe8c623d71cb66a5d84f5579eeac5 x86_64/10.1/RPMS/tkinter-2.3.4-6.2.101mdk.x86_64.rpm
b965827276d1efd49fc403dda0df33e8 x86_64/10.1/SRPMS/python-2.3.4-6.2.101mdk.src.rpm

Multi Network Firewall 2.0:
12396f1a0b719b02e058926dee6a62c8 mnf/2.0/RPMS/libpython2.3-2.3.3-2.2.M20mdk.i586.rpm
646799aea341177d9118e55254c2508f mnf/2.0/RPMS/python-2.3.3-2.2.M20mdk.i586.rpm
c031bc315c2a580557c5ef970cb9ff42 mnf/2.0/RPMS/python-base-2.3.3-2.2.M20mdk.i586.rpm
788f1f58cb6efbd1d44fb13df757587f mnf/2.0/SRPMS/python-2.3.3-2.2.M20mdk.src.rpm

Corporate Server 2.1:
5a0c02b33df517b05732d15e52674218 corporate/2.1/RPMS/libpython2.2-2.2.1-14.6.C21mdk.i586.rpm
d4b45fdea45bcb3997cc33464411c0c5 corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.6.C21mdk.i586.rpm
dfcd6f26c5d4a2fa9863ff385db02add corporate/2.1/RPMS/python-2.2.1-14.6.C21mdk.i586.rpm
b4f8157fd19d0d1a815dda9e46a51cbe corporate/2.1/RPMS/python-base-2.2.1-14.6.C21mdk.i586.rpm
9ae1eabfc50a8e142e4f8c71a4942650 corporate/2.1/RPMS/python-docs-2.2.1-14.6.C21mdk.i586.rpm
fb5201c0f5a7d0c961699c8a11b678a8 corporate/2.1/RPMS/tkinter-2.2.1-14.6.C21mdk.i586.rpm
4278bc8a7bccc81af2e2a5d3f2ceef75 corporate/2.1/SRPMS/python-2.2.1-14.6.C21mdk.src.rpm

Corporate Server 2.1/X86_64:
0637dd1d56b1325764fb76e7971cb8b8 x86_64/corporate/2.1/RPMS/libpython2.2-2.2.1-14.6.C21mdk.x86_64.rpm
4d58b57f2084fe45e8eb5f94165b1560 x86_64/corporate/2.1/RPMS/libpython2.2-devel-2.2.1-14.6.C21mdk.x86_64.rpm
efb6243e3d36f7efbb49d9aba35da8a7 x86_64/corporate/2.1/RPMS/python-2.2.1-14.6.C21mdk.x86_64.rpm
cf919649caf1ff241ad7b5bfe1723fcd x86_64/corporate/2.1/RPMS/python-base-2.2.1-14.6.C21mdk.x86_64.rpm
349e2813c1646a5b912d15ba9b9a6f9e x86_64/corporate/2.1/RPMS/python-docs-2.2.1-14.6.C21mdk.x86_64.rpm
87bb6b2752730ccc16d4f618a8b629e1 x86_64/corporate/2.1/RPMS/tkinter-2.2.1-14.6.C21mdk.x86_64.rpm
4278bc8a7bccc81af2e2a5d3f2ceef75 x86_64/corporate/2.1/SRPMS/python-2.2.1-14.6.C21mdk.src.rpm

Corporate 3.0:
c1f03087db68fdd46699568578f679e3 corporate/3.0/RPMS/libpython2.3-2.3.3-2.2.C30mdk.i586.rpm
d9944ec5da6e803e7196fa4ec06506c1 corporate/3.0/RPMS/libpython2.3-devel-2.3.3-2.2.C30mdk.i586.rpm
436fee80f01788313616b284c64b180e corporate/3.0/RPMS/python-2.3.3-2.2.C30mdk.i586.rpm
8cdec2971afff4e026b5336ec0a12a1f corporate/3.0/RPMS/python-base-2.3.3-2.2.C30mdk.i586.rpm
4dd58a42f994e7745edceb848e0812c6 corporate/3.0/RPMS/python-docs-2.3.3-2.2.C30mdk.i586.rpm
f0f0f952a3ed0cc942d9876ffdb9c440 corporate/3.0/RPMS/tkinter-2.3.3-2.2.C30mdk.i586.rpm
8dee233593fd7fc6ae744285b4320018 corporate/3.0/SRPMS/python-2.3.3-2.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
65efa7d72f4691c30e9fd86e6d0c0a56 x86_64/corporate/3.0/RPMS/lib64python2.3-2.3.3-2.2.C30mdk.x86_64.rpm
0fffd6cb253d54bd263faabc1548a818 x86_64/corporate/3.0/RPMS/lib64python2.3-devel-2.3.3-2.2.C30mdk.x86_64.rpm
e72ca5e5e4a2613e1c3bd4a58cc706e0 x86_64/corporate/3.0/RPMS/python-2.3.3-2.2.C30mdk.x86_64.rpm
4c77780c9584fb854820416a3ea8ab75 x86_64/corporate/3.0/RPMS/python-base-2.3.3-2.2.C30mdk.x86_64.rpm
fb724b4265cc408ec4269d4ad9ed7d91 x86_64/corporate/3.0/RPMS/python-docs-2.3.3-2.2.C30mdk.x86_64.rpm
c2cbaac05b69747906c545dfd8d88e90 x86_64/corporate/3.0/RPMS/tkinter-2.3.3-2.2.C30mdk.x86_64.rpm
8dee233593fd7fc6ae744285b4320018 x86_64/corporate/3.0/SRPMS/python-2.3.3-2.2.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDD6EbmqjQ0CJFipgRAqzZAKC8Ubn0EaxvwoeGoJrh99DQj4qvlgCgt0IM
bj9F1T6InyMbSjwiB3w7/fY=
=fL25
- -----END PGP SIGNATURE-----




4.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Update Advisory
_______________________________________________________________________

Package name: apache2
Advisory ID: MDKSA-2005:155
Date: August 29th, 2005

Affected versions: 10.0, Corporate 3.0,
Multi Network Firewall 2.0
______________________________________________________________________

Problem Description:

Integer overflow in pcre_compile.c in Perl Compatible Regular
Expressions (PCRE) before 6.2, as used in multiple products, allows
attackers to execute arbitrary code via quantifier values in regular
expressions, which leads to a heap-based buffer overflow.

The apache2 packages, as shipped, were built using a private copy of pcre.

The updated packages have been rebuilt against the system pcre libs
to correct this problem. 10.1 and 10.2/LE2005 are already built against
the system pcre.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491
______________________________________________________________________

Updated Packages:

Mandrakelinux 10.0:
943881ebaf9da5f51f8bccfbc515f641 10.0/RPMS/apache2-2.0.48-6.10.100mdk.i586.rpm
292468acb04a3760d3c075450f44348f 10.0/RPMS/apache2-common-2.0.48-6.10.100mdk.i586.rpm
f8f5ebd3f2cb2bef58d5ff57e0ab2404 10.0/RPMS/apache2-devel-2.0.48-6.10.100mdk.i586.rpm
b25bc3e1a57d0beea4723fa5219456f3 10.0/RPMS/apache2-manual-2.0.48-6.10.100mdk.i586.rpm
84177f9b193cc5e0468b409350abfbd9 10.0/RPMS/apache2-mod_cache-2.0.48-6.10.100mdk.i586.rpm
c31198b85803695ac28f3922aeb9f511 10.0/RPMS/apache2-mod_dav-2.0.48-6.10.100mdk.i586.rpm
c4091a8481f73214dffb467c36bc89d8 10.0/RPMS/apache2-mod_deflate-2.0.48-6.10.100mdk.i586.rpm
819ffb5454d55a4965eea4757baa5e3d 10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.100mdk.i586.rpm
498eed09c7a7fa948f90325e6b112d70 10.0/RPMS/apache2-mod_file_cache-2.0.48-6.10.100mdk.i586.rpm
2ac7af479cf53207a5453122dd359a06 10.0/RPMS/apache2-mod_ldap-2.0.48-6.10.100mdk.i586.rpm
6ed3ae29e63e28ec20937fcc9f900b32 10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.10.100mdk.i586.rpm
c2ecd41c3008aaab2a5fc7c3b8110e8d 10.0/RPMS/apache2-mod_proxy-2.0.48-6.10.100mdk.i586.rpm
bcf9a227556770e2a4eabcd1d6a0fa75 10.0/RPMS/apache2-mod_ssl-2.0.48-6.10.100mdk.i586.rpm
7d75dd812c46a815af24cae789298784 10.0/RPMS/apache2-modules-2.0.48-6.10.100mdk.i586.rpm
d590f67cfd17c4b59d056d8d3a3f21ec 10.0/RPMS/apache2-source-2.0.48-6.10.100mdk.i586.rpm
723c8e5b221a63d28b91691200a549a2 10.0/RPMS/libapr0-2.0.48-6.10.100mdk.i586.rpm
427b5be76093a411ed79a1b26418b4f1 10.0/SRPMS/apache2-2.0.48-6.10.100mdk.src.rpm

Mandrakelinux 10.0/AMD64:
48c6f8b3783dce36696d75c5fe063892 amd64/10.0/RPMS/apache2-2.0.48-6.10.100mdk.amd64.rpm
24a5d0d2312d241a445d6dc0873894f4 amd64/10.0/RPMS/apache2-common-2.0.48-6.10.100mdk.amd64.rpm
b4f316e8e38729d80a1cb544f6fda84d amd64/10.0/RPMS/apache2-devel-2.0.48-6.10.100mdk.amd64.rpm
ff7075e8a5027ae1fcf6a4a9d00d32a7 amd64/10.0/RPMS/apache2-manual-2.0.48-6.10.100mdk.amd64.rpm
1835dababf1adbf47fbaa856967d13ee amd64/10.0/RPMS/apache2-mod_cache-2.0.48-6.10.100mdk.amd64.rpm
f8c3af9e481b7990911e523a266b43cb amd64/10.0/RPMS/apache2-mod_dav-2.0.48-6.10.100mdk.amd64.rpm
56adf6d95827036fd9b4978ba998d19c amd64/10.0/RPMS/apache2-mod_deflate-2.0.48-6.10.100mdk.amd64.rpm
1d0c37546852ddb316ed1087ad436f45 amd64/10.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.100mdk.amd64.rpm
5484d540fe7f7a161ed0c32a9ed61127 amd64/10.0/RPMS/apache2-mod_file_cache-2.0.48-6.10.100mdk.amd64.rpm
1013ef5cdfed64f359494f01b0bbecb9 amd64/10.0/RPMS/apache2-mod_ldap-2.0.48-6.10.100mdk.amd64.rpm
74188fb21ef2d83c28fcbfbfca142e0a amd64/10.0/RPMS/apache2-mod_mem_cache-2.0.48-6.10.100mdk.amd64.rpm
32fcde1183be227e9580b653d5866538 amd64/10.0/RPMS/apache2-mod_proxy-2.0.48-6.10.100mdk.amd64.rpm
4869bd9b9add97bba229abd258dba421 amd64/10.0/RPMS/apache2-mod_ssl-2.0.48-6.10.100mdk.amd64.rpm
930c24a0258d3c4d11f1abea2544ce9d amd64/10.0/RPMS/apache2-modules-2.0.48-6.10.100mdk.amd64.rpm
45e8ee1b64fc88658332406cdd0eaf83 amd64/10.0/RPMS/apache2-source-2.0.48-6.10.100mdk.amd64.rpm
fb46e03fa056d9b63498aa66b7f254cb amd64/10.0/RPMS/lib64apr0-2.0.48-6.10.100mdk.amd64.rpm
427b5be76093a411ed79a1b26418b4f1 amd64/10.0/SRPMS/apache2-2.0.48-6.10.100mdk.src.rpm

Multi Network Firewall 2.0:
ea96befbb54a665d1cf0c11dcf1514bf mnf/2.0/RPMS/apache2-2.0.48-6.10.M20mdk.i586.rpm
afeca22641361fb5631e49f444de8ff1 mnf/2.0/RPMS/apache2-common-2.0.48-6.10.M20mdk.i586.rpm
6a50b170156421073348fb2338328f57 mnf/2.0/RPMS/apache2-mod_cache-2.0.48-6.10.M20mdk.i586.rpm
d1c01d727d5b052bfa7954f51721e330 mnf/2.0/RPMS/apache2-mod_proxy-2.0.48-6.10.M20mdk.i586.rpm
1579d72fed28c50c975ffa3a379d9e7e mnf/2.0/RPMS/apache2-mod_ssl-2.0.48-6.10.M20mdk.i586.rpm
e8497128965023773b924dd5184c117e mnf/2.0/RPMS/apache2-modules-2.0.48-6.10.M20mdk.i586.rpm
f76df0da42e2e53066dcc7e2c155efa6 mnf/2.0/RPMS/libapr0-2.0.48-6.10.M20mdk.i586.rpm
cd715c544eef0a8fcc5679e5d99bf367 mnf/2.0/SRPMS/apache2-2.0.48-6.10.M20mdk.src.rpm

Corporate 3.0:
948e7fd54b52dd426feeef80851a92a3 corporate/3.0/RPMS/apache2-2.0.48-6.10.C30mdk.i586.rpm
00035b7b4a06cd0b0eab2c9f7c77ad08 corporate/3.0/RPMS/apache2-common-2.0.48-6.10.C30mdk.i586.rpm
697959b3821dfb4269364fbfeab1fca6 corporate/3.0/RPMS/apache2-manual-2.0.48-6.10.C30mdk.i586.rpm
5117e0e63770b39125ba5d1daed9a73b corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.10.C30mdk.i586.rpm
e94b4e2d3a554c70917442aef200a492 corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.10.C30mdk.i586.rpm
88ac11a73700157d43c8997333e905a2 corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.C30mdk.i586.rpm
4192805bccf577c7358ae6635af5e534 corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.10.C30mdk.i586.rpm
bb4cf932da2eb9602e715faa934767a9 corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.10.C30mdk.i586.rpm
0079565a79878ba35b704e4276860e5a corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.10.C30mdk.i586.rpm
6b9c6a04b228369dff41e18636318202 corporate/3.0/RPMS/apache2-modules-2.0.48-6.10.C30mdk.i586.rpm
1ce5739d3bb178e57b7e2d0cfe13eb7b corporate/3.0/RPMS/libapr0-2.0.48-6.10.C30mdk.i586.rpm
eaca583e9f7ac8ac977055f72ef0ec8d corporate/3.0/SRPMS/apache2-2.0.48-6.10.C30mdk.src.rpm

Corporate 3.0/X86_64:
abdd3378c0c6637864bf17d99940a2e1 x86_64/corporate/3.0/RPMS/apache2-2.0.48-6.10.C30mdk.x86_64.rpm
7b0da940e23e91b4a2a88bdd9c49b023 x86_64/corporate/3.0/RPMS/apache2-common-2.0.48-6.10.C30mdk.x86_64.rpm
ba3ec5e6b91f34dd663454f47a063fbc x86_64/corporate/3.0/RPMS/apache2-manual-2.0.48-6.10.C30mdk.x86_64.rpm
74718f83dcae78613638098ea9228f4b x86_64/corporate/3.0/RPMS/apache2-mod_cache-2.0.48-6.10.C30mdk.x86_64.rpm
3457b4a346899d2e83aaa6b16175bdc4 x86_64/corporate/3.0/RPMS/apache2-mod_dav-2.0.48-6.10.C30mdk.x86_64.rpm
f5f35188da9a02797dff8363b1b111f5 x86_64/corporate/3.0/RPMS/apache2-mod_disk_cache-2.0.48-6.10.C30mdk.x86_64.rpm
7d0e9ce91f83cd14410634b7896d945c x86_64/corporate/3.0/RPMS/apache2-mod_ldap-2.0.48-6.10.C30mdk.x86_64.rpm
75e816d1d0d9b34f47067732ca70fd76 x86_64/corporate/3.0/RPMS/apache2-mod_proxy-2.0.48-6.10.C30mdk.x86_64.rpm
428a10d1da9e7450350987d069ab52b8 x86_64/corporate/3.0/RPMS/apache2-mod_ssl-2.0.48-6.10.C30mdk.x86_64.rpm
7da21cde4fd9e8aebde63cfb1dc58439 x86_64/corporate/3.0/RPMS/apache2-modules-2.0.48-6.10.C30mdk.x86_64.rpm
2e0f026f8d6714f68f0c46670142a1e3 x86_64/corporate/3.0/RPMS/lib64apr0-2.0.48-6.10.C30mdk.x86_64.rpm
eaca583e9f7ac8ac977055f72ef0ec8d x86_64/corporate/3.0/SRPMS/apache2-2.0.48-6.10.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team


- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDE5u5mqjQ0CJFipgRAlmrAKDU1vSR5kkH2lvkIG8sZQI9ke86hgCeKfiG
FmVlkbTXGPG1HfDEtSGSYcs=
=ECBd
- -----END PGP SIGNATURE-----




  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |