Mandriva Linux Security Advisory 2009-314 - Multiple security vulnerabilities has been identified and fixed in apr and apr-util.
5a55dc7a21bb7948a31b389923144cacd08f07e3b91a30ff0c39089032a635bf
Mandriva Linux Security Advisory 2009-313 - Unspecified vulnerability in ISC BIND 9.4 before 9.4.3-P4, 9.5 before 9.5.2-P1, 9.6 before 9.6.1-P2, 9.7 beta before 9.7.0b3, and 9.0.x through 9.3.x with DNSSEC validation enabled and checking disabled (CD), allows remote attackers to conduct DNS cache poisoning attacks via additional sections in a response sent for resolution of a recursive client query, which is not properly handled when the response is processed at the same time as requesting DNSSEC records (DO). Additionally BIND has been upgraded to the latest point release or closest supported version by ISC. Packages for 2008.0 are being provided due to extended support for Corporate products.
d7ad2cc76267cfb9d712d5148f88b28b73179ea7c7156e229d5686f02da206fb
Mandriva Linux Security Advisory 2009-158 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue. Packages for 2008.0 are being provided due to extended support for Corporate products.
9de6e25dec3c77462b3e0ae0683adc8dbccca4b96ea7d7314e5f75365c601e66
Mandriva Linux Security Advisory 2009-157 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability. Packages for 2008.0 are being provided due to extended support for Corporate products.
079d3dc68cac8c8d64168379476a422880f7edd3d2a7f9651ae97c837c635d74
Mandriva Linux Security Advisory 2009-312 - Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet-mask option. ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides fixes for this vulnerability.
8f7faa2b9f8b97470be6e97549bff3776b3e4ccc56354a7b48c49e066c45bc19
Mandriva Linux Security Advisory 2009-169 - Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. Fix several places in tiff2rgba and rgb2ycbcr that were being careless about possible integer overflow in calculation of buffer sizes. This update provides fixes for these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products.
45d95127402793a3fd0da4d97ff4af68efb1a762e184604e26b562f4cf3e42a6
Mandriva Linux Security Advisory 2009-311 - Multiple security vulnerabilities has been identified and fixed in ghostscript.
7d620b4793a61a790bea974d9d2e7ae93d719f604dcaef5d8714471748e8c774
Mandriva Linux Security Advisory 2009-142 - Multiple security vulnerabilities has been identified and fixed in jasper. The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert. Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation. The jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to overwrite arbitrary files via a symlink attack on a tmp.XXXXXXXXXX temporary file. Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.
bb011ce7611d59bfda01a973ade80c606450b41a47cc876e66e2bab18cf98dc6
Mandriva Linux Security Advisory 2009-132 - Heap-based buffer overflow in voc_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a VOC file with an invalid header value. Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an AIFF file with an invalid header value. This update provides fixes for these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products.
373bc4fde1925688be5b32f52c6b129904ce70800de475273c5d04c6e667f83a
Mandriva Linux Security Advisory 2009-130 - Multiple integer overflows in the (1) user_info_callback, (2) user_endrow_callback, and (3) gst_pngdec_task functions (ext/libpng/gstpngdec.c) in GStreamer Good Plug-ins (aka gst-plugins-good or gstreamer-plugins-good) 0.10.15 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PNG file, which triggers a buffer overflow. Packages for 2008.0 are being provided due to extended support for Corporate products.
0ea637ba76035912f6dbea4e133425a0b65757122e17e31703ce528aa16380a7
Mandriva Linux Security Advisory 2009-128 - Multiple security vulnerabilities has been identified and fixed in libmodplug. Integer overflow in the CSoundFile::ReadMed function (src/load_med.cpp) in libmodplug before 0.8.6, as used in gstreamer-plugins and other products, allows context-dependent attackers to execute arbitrary code via a MED file with a crafted (1) song comment or (2) song name, which triggers a heap-based buffer overflow. Buffer overflow in the PATinst function in src/load_pat.cpp in libmodplug before 0.8.7 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long instrument name. The updated packages have been patched to prevent this. Packages for 2008.0 are being provided due to extended support for Corporate products.
b70b0d9b7a04a44ef2a85cacf20ee9fe2b6ef96fedb09babb3464393ad527867
Mandriva Linux Security Advisory 2009-292 - Vulnerabilities have been discovered and corrected in wireshark, affecting DCERPC/NT dissector, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace and in wiretap/erf.c which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file. The wireshark package has been updated to fix these vulnerabilities. Packages for 2008.0 are being provided due to extended support for Corporate products.
e22e58d1084ccd1c1837e86b98e23eb6354dc05dbf78234535dd4dce558995f9
Mandriva Linux Security Advisory 2009-290 - Security issues were identified and fixed in firefox 3.0.x.
d427b7335ca3b2bd0e78ec0908a1797eb3e8671e91a8ae002fc03da4802fb66b