-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2006:109 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wv2 Date : June 20, 2006 Affected: 2006.0, Corporate 3.0 _______________________________________________________________________ Problem Description: A boundary checking error was discovered in the wv2 library, used for accessing Microsoft Word documents. This error can lead to an integer overflow induced by processing certain Word files. The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197 _______________________________________________________________________ Updated Packages: Mandriva Linux 2006.0: de94c8e865cf5c1b1a018d9e99be1a2f 2006.0/RPMS/libwv2_1-0.2.2-3.1.20060mdk.i586.rpm 25a43e0933dc84a8328db4c29bfab8f2 2006.0/RPMS/libwv2_1-devel-0.2.2-3.1.20060mdk.i586.rpm 2a6d2bf2a9d22f208ec24aa1f447606b 2006.0/SRPMS/wv2-0.2.2-3.1.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: fa5f63d79ee02b7f35ca0c0c9e959817 x86_64/2006.0/RPMS/lib64wv2_1-0.2.2-3.1.20060mdk.x86_64.rpm 3aeae3be8616d1ab888a26e8d0e5fbf8 x86_64/2006.0/RPMS/lib64wv2_1-devel-0.2.2-3.1.20060mdk.x86_64.rpm 2a6d2bf2a9d22f208ec24aa1f447606b x86_64/2006.0/SRPMS/wv2-0.2.2-3.1.20060mdk.src.rpm Corporate 3.0: 145d276e1cb06b5ffe6bc9a79666e64b corporate/3.0/RPMS/libwv2_1-0.2.1-1.1.C30mdk.i586.rpm 148f83cdc9b06a767b47419193a21800 corporate/3.0/RPMS/libwv2_1-devel-0.2.1-1.1.C30mdk.i586.rpm 1ab35d6fc18115a6a3c2cdf1a81fd7dc corporate/3.0/SRPMS/wv2-0.2.1-1.1.C30mdk.src.rpm Corporate 3.0/X86_64: 15fcfb9ca05c8e319d6357c4a05d8899 x86_64/corporate/3.0/RPMS/lib64wv2_1-0.2.1-1.1.C30mdk.x86_64.rpm d717c6ba6190d0f1ce5c92432a7b97f5 x86_64/corporate/3.0/RPMS/lib64wv2_1-devel-0.2.1-1.1.C30mdk.x86_64.rpm 1ab35d6fc18115a6a3c2cdf1a81fd7dc x86_64/corporate/3.0/SRPMS/wv2-0.2.1-1.1.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEmHDWmqjQ0CJFipgRAos2AJ4ru9DFXgaIKCuhEAmpzU81Xe9tIQCgq/75 BnaT3jkudnBRQOyvNfkFfk4= =9nFU -----END PGP SIGNATURE-----