This is a multi-part message in MIME format...
------------=_1257861987-24326-81
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Advisory MDVA-2009:192
http://www.mandriva.com/security/
_______________________________________________________________________
Package : mmc-wizard
Date : November 10, 2009
Affected: Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
The /etc/dhcpd.conf file contains the root password in a clear text
and all users can read this file. This update corrects this issue
making only the root user able to read the file.
The extension of domain name in MDS stack's configuration is too
restrictive, actually beetween 2 and 4 characters, this update removes
this restriction.
Additionally the perl-NetAddr-IP package has been rebuilt and being
provided with this update to fullfill new dependancies for mmc-wizard.
_______________________________________________________________________
References:
https://qa.mandriva.com/52372
https://qa.mandriva.com/51982
_______________________________________________________________________
Updated Packages:
Mandriva Enterprise Server 5:
7fa7bbfcf2bd4e51a4c0c2a6209f1d44 mes5/i586/mmc-wizard-1.0-12.2mdvmes5.noarch.rpm
a6535a99158b09ab4af201d165842637 mes5/i586/perl-NetAddr-IP-4.007-3.1mdvmes5.i586.rpm
e70a61539ed6c5b15db46f2a5703675e mes5/SRPMS/mmc-wizard-1.0-12.2mdvmes5.src.rpm
e744e00013d0e80d377475cc6f220cf1 mes5/SRPMS/perl-NetAddr-IP-4.007-3.1mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64:
4188f12bd20dba5b159868f82f27a327 mes5/x86_64/mmc-wizard-1.0-12.2mdvmes5.noarch.rpm
c2b610b7c190826962bbd0fdeb4e8e52 mes5/x86_64/perl-NetAddr-IP-4.007-3.1mdvmes5.x86_64.rpm
e70a61539ed6c5b15db46f2a5703675e mes5/SRPMS/mmc-wizard-1.0-12.2mdvmes5.src.rpm
e744e00013d0e80d377475cc6f220cf1 mes5/SRPMS/perl-NetAddr-IP-4.007-3.1mdvmes5.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFK+Uh2mqjQ0CJFipgRAtzpAKDUygIDayfCVO8PCcbxTuq/DO/v+wCggVFL
L7qQgq/eJsGPHgTD/moPU5w=
=Q0hq
-----END PGP SIGNATURE-----
------------=_1257861987-24326-81
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to
http://www.mandrivastore.com
Join the Club :
http://www.mandrivaclub.com
_______________________________________________________
------------=_1257861987-24326-81--
Logitech Squeezbox Boom @ TechwareLabs
Index