-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:213 http://www.mandriva.com/security/ _______________________________________________________________________ Package : wxgtk Date : August 23, 2009 Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability was found in xmltok_impl.c (expat) that with specially crafted XML could be exploited and lead to a denial of service attack. Related to CVE-2009-2625. This update fixes this vulnerability. _______________________________________________________________________ References: https://bugs.gentoo.org/show_bug.cgi?id=280615 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.1: cd70e3562fc1453a74c54dc415114e8e 2008.1/i586/libwxgtk2.6-2.6.4-14.2mdv2008.1.i586.rpm 929cd8179308b93a22fccf0dc9e7a165 2008.1/i586/libwxgtk2.6-devel-2.6.4-14.2mdv2008.1.i586.rpm e2d54a94aa52556beffd39a5e1eec746 2008.1/i586/libwxgtk2.8-2.8.7-1.2mdv2008.1.i586.rpm 7d6091f404680c2cc44234e39a4f38f1 2008.1/i586/libwxgtk2.8-devel-2.8.7-1.2mdv2008.1.i586.rpm 2c8afbdafabdfef2a45199a4a0910257 2008.1/i586/libwxgtkgl2.6-2.6.4-14.2mdv2008.1.i586.rpm c11d5d57234dda587b701a9198f04d97 2008.1/i586/libwxgtkgl2.8-2.8.7-1.2mdv2008.1.i586.rpm 98c318c51c6815b4a99ccf1ddade2d63 2008.1/i586/libwxgtkglu2.6-2.6.4-14.2mdv2008.1.i586.rpm 79289de2fc580931d6a412ecbf9eed9f 2008.1/i586/libwxgtkglu2.8-2.8.7-1.2mdv2008.1.i586.rpm 5fbbee5ab35cf40fca02c7bef63465b4 2008.1/i586/libwxgtku2.6-2.6.4-14.2mdv2008.1.i586.rpm 5f29f2f96b6d09e7496e9e26a977a805 2008.1/i586/libwxgtku2.6-devel-2.6.4-14.2mdv2008.1.i586.rpm 21a1d192865f1fb0912ef0f1c19e3ed2 2008.1/i586/libwxgtku2.8-2.8.7-1.2mdv2008.1.i586.rpm 3c6cffdab1aeac2fba5d4c745ca0c659 2008.1/i586/libwxgtku2.8-devel-2.8.7-1.2mdv2008.1.i586.rpm 0af9291dc96e85b2a24636867a6d7f87 2008.1/i586/wxGTK2.6-2.6.4-14.2mdv2008.1.i586.rpm 4cdff1f1e072ab4b66345fbcf5fd3138 2008.1/i586/wxgtk2.8-2.8.7-1.2mdv2008.1.i586.rpm 4f328c77ce7320887c20503eb56784da 2008.1/SRPMS/wxGTK2.6-2.6.4-14.2mdv2008.1.src.rpm 81d27b0eba2bf081d733ebd595487e8f 2008.1/SRPMS/wxgtk2.8-2.8.7-1.2mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: 4d37af6a7dcaf17724f780fbf1e6be13 2008.1/x86_64/lib64wxgtk2.6-2.6.4-14.2mdv2008.1.x86_64.rpm f81b14d13dfeaafa61cb8d247511b92e 2008.1/x86_64/lib64wxgtk2.6-devel-2.6.4-14.2mdv2008.1.x86_64.rpm 5d3c2a73da6d4d622d86010428936525 2008.1/x86_64/lib64wxgtk2.8-2.8.7-1.2mdv2008.1.x86_64.rpm 7445fb0d80960c4d131b6c8bd1d16d35 2008.1/x86_64/lib64wxgtk2.8-devel-2.8.7-1.2mdv2008.1.x86_64.rpm 6a86cf73d4696f754db04259ff2c1d76 2008.1/x86_64/lib64wxgtkgl2.6-2.6.4-14.2mdv2008.1.x86_64.rpm 2e4c629defe2937ac0180366aca712d4 2008.1/x86_64/lib64wxgtkgl2.8-2.8.7-1.2mdv2008.1.x86_64.rpm 4dc7e4999156755b4f2e89559806cf99 2008.1/x86_64/lib64wxgtkglu2.6-2.6.4-14.2mdv2008.1.x86_64.rpm 59687cd7cdc0f3b58b71cc1d2e54ba5c 2008.1/x86_64/lib64wxgtkglu2.8-2.8.7-1.2mdv2008.1.x86_64.rpm 97b9a8435468a5c009872f9fdc2cbf7e 2008.1/x86_64/lib64wxgtku2.6-2.6.4-14.2mdv2008.1.x86_64.rpm 51c597e2e38dc2b34c18cc0f7d22c97f 2008.1/x86_64/lib64wxgtku2.6-devel-2.6.4-14.2mdv2008.1.x86_64.rpm 9898f7270a828c710e5460a35bb21821 2008.1/x86_64/lib64wxgtku2.8-2.8.7-1.2mdv2008.1.x86_64.rpm cdd1df7c2187055b0106249e24215c7b 2008.1/x86_64/lib64wxgtku2.8-devel-2.8.7-1.2mdv2008.1.x86_64.rpm 426e8b21972258328e031636f7cfe446 2008.1/x86_64/wxGTK2.6-2.6.4-14.2mdv2008.1.x86_64.rpm f392c01131bd4cf9552d68f16a212793 2008.1/x86_64/wxgtk2.8-2.8.7-1.2mdv2008.1.x86_64.rpm 4f328c77ce7320887c20503eb56784da 2008.1/SRPMS/wxGTK2.6-2.6.4-14.2mdv2008.1.src.rpm 81d27b0eba2bf081d733ebd595487e8f 2008.1/SRPMS/wxgtk2.8-2.8.7-1.2mdv2008.1.src.rpm Mandriva Linux 2009.0: 4cf2dbe5b3283544c95b3f9172be9928 2009.0/i586/libwxgtk2.6-2.6.4-16.2mdv2009.0.i586.rpm b7a6e601e393d3e84b4e1a54a443d0e3 2009.0/i586/libwxgtk2.6-devel-2.6.4-16.2mdv2009.0.i586.rpm f8c478d7815a9460941ed40326700637 2009.0/i586/libwxgtk2.8-2.8.8-1.2mdv2009.0.i586.rpm b58541a2bec74311256b4b02d8600ae1 2009.0/i586/libwxgtk2.8-devel-2.8.8-1.2mdv2009.0.i586.rpm 62b8fe6d504b92393fd5aaf4f7fb3804 2009.0/i586/libwxgtkgl2.6-2.6.4-16.2mdv2009.0.i586.rpm ebcd1c2d4afd78d5c37d3d10a09f60d4 2009.0/i586/libwxgtkgl2.8-2.8.8-1.2mdv2009.0.i586.rpm b5eb342dd3cab8b4b0993460bbe76e71 2009.0/i586/libwxgtkglu2.6-2.6.4-16.2mdv2009.0.i586.rpm 09db176ab00ba052a3c100df997fa92b 2009.0/i586/libwxgtkglu2.8-2.8.8-1.2mdv2009.0.i586.rpm 4e01c277b21cb70f69df4a60f6743615 2009.0/i586/libwxgtku2.6-2.6.4-16.2mdv2009.0.i586.rpm d0e907ba8f0899dce210ab75febd1752 2009.0/i586/libwxgtku2.6-devel-2.6.4-16.2mdv2009.0.i586.rpm c3cc2825a22c1726572dab17abe2912a 2009.0/i586/libwxgtku2.8-2.8.8-1.2mdv2009.0.i586.rpm 5465dfb9c65aee011271f2e8a44c1e97 2009.0/i586/libwxgtku2.8-devel-2.8.8-1.2mdv2009.0.i586.rpm dd2cd45b3cffd10ab513c7c13a2c64f6 2009.0/i586/wxGTK2.6-2.6.4-16.2mdv2009.0.i586.rpm cde351a4e621edd56a02fecc6ca4218b 2009.0/i586/wxgtk2.8-2.8.8-1.2mdv2009.0.i586.rpm c7f45d86f2fb00554b7cfd2ca2317a5a 2009.0/SRPMS/wxGTK2.6-2.6.4-16.2mdv2009.0.src.rpm f84d8987d04c154bf38886694129740d 2009.0/SRPMS/wxgtk2.8-2.8.8-1.2mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 17d159c7780d3cfd94ed603b42225848 2009.0/x86_64/lib64wxgtk2.6-2.6.4-16.2mdv2009.0.x86_64.rpm 191b3039a96bd1da2fc00aabb43c3586 2009.0/x86_64/lib64wxgtk2.6-devel-2.6.4-16.2mdv2009.0.x86_64.rpm a2b06c2fd514ab04a3679a198c3f6634 2009.0/x86_64/lib64wxgtk2.8-2.8.8-1.2mdv2009.0.x86_64.rpm 16f9b9b7f3d2629dcec4b74b1df548b7 2009.0/x86_64/lib64wxgtk2.8-devel-2.8.8-1.2mdv2009.0.x86_64.rpm 719d052ce367c2f1e8881e276c06ea07 2009.0/x86_64/lib64wxgtkgl2.6-2.6.4-16.2mdv2009.0.x86_64.rpm f23b3b9bf38c39fa07f599aa37d0dd27 2009.0/x86_64/lib64wxgtkgl2.8-2.8.8-1.2mdv2009.0.x86_64.rpm 17254e8fbbadbe60a729d3420d28c72a 2009.0/x86_64/lib64wxgtkglu2.6-2.6.4-16.2mdv2009.0.x86_64.rpm 22c2c38c18050b78ffc329d14aa9aafa 2009.0/x86_64/lib64wxgtkglu2.8-2.8.8-1.2mdv2009.0.x86_64.rpm d62de16e883aac25e5e90c34e9049d36 2009.0/x86_64/lib64wxgtku2.6-2.6.4-16.2mdv2009.0.x86_64.rpm 816d0b5fca6cce0b86fc58a978dba430 2009.0/x86_64/lib64wxgtku2.6-devel-2.6.4-16.2mdv2009.0.x86_64.rpm 6126c791fd81fe2dd82cd3bb7cf0562f 2009.0/x86_64/lib64wxgtku2.8-2.8.8-1.2mdv2009.0.x86_64.rpm f003ff7a13e168bd35160e0a0892c99c 2009.0/x86_64/lib64wxgtku2.8-devel-2.8.8-1.2mdv2009.0.x86_64.rpm 73ec2b1c0708a9c53e199687f5a54aa7 2009.0/x86_64/wxGTK2.6-2.6.4-16.2mdv2009.0.x86_64.rpm f606c5aefd87760e8af36993bde1f317 2009.0/x86_64/wxgtk2.8-2.8.8-1.2mdv2009.0.x86_64.rpm c7f45d86f2fb00554b7cfd2ca2317a5a 2009.0/SRPMS/wxGTK2.6-2.6.4-16.2mdv2009.0.src.rpm f84d8987d04c154bf38886694129740d 2009.0/SRPMS/wxgtk2.8-2.8.8-1.2mdv2009.0.src.rpm Mandriva Linux 2009.1: 4449edb724c68f5bc539666d3f1c367a 2009.1/i586/libwxgtk2.8-2.8.9-3.2mdv2009.1.i586.rpm 387ce28024773d4cd071c290e3055245 2009.1/i586/libwxgtk2.8-devel-2.8.9-3.2mdv2009.1.i586.rpm 4cd7e75f99c6e1ffe4107eee7578cde6 2009.1/i586/libwxgtkgl2.8-2.8.9-3.2mdv2009.1.i586.rpm ac8090da2f03cc7db40bb1f67ef69860 2009.1/i586/libwxgtkglu2.8-2.8.9-3.2mdv2009.1.i586.rpm 3cbcd989ec0061a27ee3968a52b7c895 2009.1/i586/libwxgtku2.8-2.8.9-3.2mdv2009.1.i586.rpm 2c7f7f8996b224d209db79c3a78254d9 2009.1/i586/libwxgtku2.8-devel-2.8.9-3.2mdv2009.1.i586.rpm ae88f0037f8e2b3076e0c62f634dd61a 2009.1/i586/wxgtk2.8-2.8.9-3.2mdv2009.1.i586.rpm 627ab9b7be0ebbd48a81580a59a12fe6 2009.1/SRPMS/wxgtk2.8-2.8.9-3.2mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: f7502d45467f5324836bf6c9455290b7 2009.1/x86_64/lib64wxgtk2.8-2.8.9-3.2mdv2009.1.x86_64.rpm 84b0fa969460c387d3bb8047e779fca9 2009.1/x86_64/lib64wxgtk2.8-devel-2.8.9-3.2mdv2009.1.x86_64.rpm 942afb22e94d59602acf744686e7ade7 2009.1/x86_64/lib64wxgtkgl2.8-2.8.9-3.2mdv2009.1.x86_64.rpm e3262874ac99f87d4c6835c9ffde71f5 2009.1/x86_64/lib64wxgtkglu2.8-2.8.9-3.2mdv2009.1.x86_64.rpm 23373d69fa8cb2ae0a5df8078a1ce347 2009.1/x86_64/lib64wxgtku2.8-2.8.9-3.2mdv2009.1.x86_64.rpm 975bddaa2c762a22c8f2d413006e91bd 2009.1/x86_64/lib64wxgtku2.8-devel-2.8.9-3.2mdv2009.1.x86_64.rpm 8fdbb107941a8befdf34d5268fbc9f9c 2009.1/x86_64/wxgtk2.8-2.8.9-3.2mdv2009.1.x86_64.rpm 627ab9b7be0ebbd48a81580a59a12fe6 2009.1/SRPMS/wxgtk2.8-2.8.9-3.2mdv2009.1.src.rpm Mandriva Enterprise Server 5: 65d7e0cce48cc45b7046e9d9e173a2f2 mes5/i586/libwxgtk2.8-2.8.8-1.2mdvmes5.i586.rpm 54ca498e0636a85ecd3b9416bd3dc6fe mes5/i586/libwxgtk2.8-devel-2.8.8-1.2mdvmes5.i586.rpm e0048e0b59d95f1373e7ad937d4b721a mes5/i586/libwxgtkgl2.8-2.8.8-1.2mdvmes5.i586.rpm 15b4f5681fde5acf46a8901ff1ece2a8 mes5/i586/libwxgtkglu2.8-2.8.8-1.2mdvmes5.i586.rpm 2797cc0b40f59730512fad3eac14c9cb mes5/i586/libwxgtku2.8-2.8.8-1.2mdvmes5.i586.rpm 6a072bac4f4327627f7778ed2728a38d mes5/i586/libwxgtku2.8-devel-2.8.8-1.2mdvmes5.i586.rpm 210571d5c6ef86b6bacf55bdbcb66af1 mes5/i586/wxgtk2.8-2.8.8-1.2mdvmes5.i586.rpm 13b367791194a6af3b1f761885e7f828 mes5/SRPMS/wxgtk2.8-2.8.8-1.2mdvmes5.src.rpm Mandriva Enterprise Server 5/X86_64: 91f09f1194e3265c099f14d970e14367 mes5/x86_64/lib64wxgtk2.8-2.8.8-1.2mdvmes5.x86_64.rpm d204cf4b4bca378c601512c31658bc8a mes5/x86_64/lib64wxgtk2.8-devel-2.8.8-1.2mdvmes5.x86_64.rpm 3b4edd03ea2814cd1d7b642615d91dc9 mes5/x86_64/lib64wxgtkgl2.8-2.8.8-1.2mdvmes5.x86_64.rpm a32d8c8a715a302901e477cc65b9c201 mes5/x86_64/lib64wxgtkglu2.8-2.8.8-1.2mdvmes5.x86_64.rpm d5d645073971ae85c61d0b4ba8da6ec7 mes5/x86_64/lib64wxgtku2.8-2.8.8-1.2mdvmes5.x86_64.rpm decb215e2fc6ece2254d9b6627ecf8e7 mes5/x86_64/lib64wxgtku2.8-devel-2.8.8-1.2mdvmes5.x86_64.rpm 864f28c4fd0093f083386b5399deb288 mes5/x86_64/wxgtk2.8-2.8.8-1.2mdvmes5.x86_64.rpm 13b367791194a6af3b1f761885e7f828 mes5/SRPMS/wxgtk2.8-2.8.8-1.2mdvmes5.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFKkXPzmqjQ0CJFipgRAkOMAKDX0Eyuw2PFnn1LyrNpCPRiRA6uKgCgnTg3 ffzAJHsI8ZG+TeyhmJ5GyIY= =GNVV -----END PGP SIGNATURE-----