news 28 Posted February 16, 2010 This is a multi-part message in MIME format... ------------=_1266324685-24326-4680 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Advisory MDVA-2010:066 http://www.mandriva.com/security/ _______________________________________________________________________ Package : drakxtools Date : February 16, 2010 Affected: 2008.0, 2009.0, 2009.1 _______________________________________________________________________ Problem Description: Some bugs were found in drakxtools code dropping privileges to display help or other web pages. This updates make it more reliable on 2009.0 and 2009.1, and make it actually drop privileges on 2008.0. Additionally it fixes drakbug on 2008.0 to actually open the bug when launching the browser. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. _______________________________________________________________________ References: https://qa.mandriva.com/57657 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 07a80bf6e778659bd30756558ed96c56 2008.0/i586/drakx-finish-install-10.4.239.6-1.1mdv2008.0.i586.rpm 8490f2a1de1697290a492a07611d9986 2008.0/i586/drakxtools-10.4.239.6-1.1mdv2008.0.i586.rpm 4fbfbb95c2282fef87290c216c0bf23b 2008.0/i586/drakxtools-backend-10.4.239.6-1.1mdv2008.0.i586.rpm ee5c55d57fb0ff228f054916c60d50e3 2008.0/i586/drakxtools-curses-10.4.239.6-1.1mdv2008.0.i586.rpm eacb8c7308596dfdd9d4b2a3118bc4e5 2008.0/i586/drakxtools-http-10.4.239.6-1.1mdv2008.0.i586.rpm c2774579c6b89f9ebe32a064ff0b6ae2 2008.0/i586/harddrake-10.4.239.6-1.1mdv2008.0.i586.rpm 3aa2f10b9186a07098763a4494e7377f 2008.0/i586/harddrake-ui-10.4.239.6-1.1mdv2008.0.i586.rpm c1416f909306cd7b973123577722671d 2008.0/SRPMS/drakxtools-10.4.239.6-1.1mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 33d00feb234acb6a6f3d3ee77e6372d5 2008.0/x86_64/drakx-finish-install-10.4.239.6-1.1mdv2008.0.x86_64.rpm c802ec4f72c7218f15740d2e51587966 2008.0/x86_64/drakxtools-10.4.239.6-1.1mdv2008.0.x86_64.rpm 9a15d6d14a92c89e68ff0899163f2c34 2008.0/x86_64/drakxtools-backend-10.4.239.6-1.1mdv2008.0.x86_64.rpm 1346cd39165a48a2a358458db5389be4 2008.0/x86_64/drakxtools-curses-10.4.239.6-1.1mdv2008.0.x86_64.rpm 4d8f4af226602e2082bd229f2eb29418 2008.0/x86_64/drakxtools-http-10.4.239.6-1.1mdv2008.0.x86_64.rpm 399e2228c143833f4016edc6fc3353a9 2008.0/x86_64/harddrake-10.4.239.6-1.1mdv2008.0.x86_64.rpm 56eac85ff5c5474f1c454510db1b3af1 2008.0/x86_64/harddrake-ui-10.4.239.6-1.1mdv2008.0.x86_64.rpm c1416f909306cd7b973123577722671d 2008.0/SRPMS/drakxtools-10.4.239.6-1.1mdv2008.0.src.rpm Mandriva Linux 2009.0: b102461bbae71508f01107b3794db128 2009.0/i586/drakx-finish-install-11.71.11-1.1mdv2009.0.i586.rpm b547493ffd4da56dd9019a8a9160154c 2009.0/i586/drakxtools-11.71.11-1.1mdv2009.0.i586.rpm 640358c1884cbc3c97cc303c5b3e12b2 2009.0/i586/drakxtools-backend-11.71.11-1.1mdv2009.0.i586.rpm b89f7ede1313a52052aee836f4520f5c 2009.0/i586/drakxtools-curses-11.71.11-1.1mdv2009.0.i586.rpm 925679bbd6e0f4cab556078f9fcdbe4b 2009.0/i586/drakxtools-http-11.71.11-1.1mdv2009.0.i586.rpm 26fbb3437017c7a2f6c328599afd46dc 2009.0/i586/harddrake-11.71.11-1.1mdv2009.0.i586.rpm 12a0a7b48dd4bf28926b87ea4f2368dc 2009.0/i586/harddrake-ui-11.71.11-1.1mdv2009.0.i586.rpm 4bcce11b9102c4824906581ad21c5e14 2009.0/SRPMS/drakxtools-11.71.11-1.1mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 145ed312298aaa8ae62e46921ff1356f 2009.0/x86_64/drakx-finish-install-11.71.11-1.1mdv2009.0.x86_64.rpm a3ff747ed5e2c39e0c50ec6a597d8177 2009.0/x86_64/drakxtools-11.71.11-1.1mdv2009.0.x86_64.rpm 125368e20984b42313398eb5cb4dca9d 2009.0/x86_64/drakxtools-backend-11.71.11-1.1mdv2009.0.x86_64.rpm b893432afa6ae4a69ea6c6a9b9e01746 2009.0/x86_64/drakxtools-curses-11.71.11-1.1mdv2009.0.x86_64.rpm 2ab4be16080a2d81feb1384558ba3296 2009.0/x86_64/drakxtools-http-11.71.11-1.1mdv2009.0.x86_64.rpm 6e82492ba4063b6db0ae53647c1507d1 2009.0/x86_64/harddrake-11.71.11-1.1mdv2009.0.x86_64.rpm 28a3ea752893d82d79e88a82b588f53c 2009.0/x86_64/harddrake-ui-11.71.11-1.1mdv2009.0.x86_64.rpm 4bcce11b9102c4824906581ad21c5e14 2009.0/SRPMS/drakxtools-11.71.11-1.1mdv2009.0.src.rpm Mandriva Linux 2009.1: e4825d4b665f02b3f5a8d8fd894119b5 2009.1/i586/drakx-finish-install-12.35.3-1.1mdv2009.1.i586.rpm aaae0f11a8c0e9eb57a72c8e7a82a757 2009.1/i586/drakxtools-12.35.3-1.1mdv2009.1.i586.rpm 47b2ce583171b137592fb4d719ef5f57 2009.1/i586/drakxtools-backend-12.35.3-1.1mdv2009.1.i586.rpm ea6aac4f22787cec6825ff917a346e6d 2009.1/i586/drakxtools-curses-12.35.3-1.1mdv2009.1.i586.rpm 8c5e4795490895be54707e531db4cd79 2009.1/i586/drakxtools-http-12.35.3-1.1mdv2009.1.i586.rpm 2b7fe52e6536932950a7100d8fb2430b 2009.1/i586/harddrake-12.35.3-1.1mdv2009.1.i586.rpm b8ce01377336a52d44e6253cf84e7b15 2009.1/i586/harddrake-ui-12.35.3-1.1mdv2009.1.i586.rpm 959e53f76232a2cd1580573e14e7e839 2009.1/SRPMS/drakxtools-12.35.3-1.1mdv2009.1.src.rpm Mandriva Linux 2009.1/X86_64: 8e8c946ea3490e4b64cc314433ba8fd6 2009.1/x86_64/drakx-finish-install-12.35.3-1.1mdv2009.1.x86_64.rpm 659d7db4b860e94d257e903e1c14d627 2009.1/x86_64/drakxtools-12.35.3-1.1mdv2009.1.x86_64.rpm 5bf9709fc924334e1963c37d4127efc0 2009.1/x86_64/drakxtools-backend-12.35.3-1.1mdv2009.1.x86_64.rpm 34e163d5a543450897a58bc20d4146e2 2009.1/x86_64/drakxtools-curses-12.35.3-1.1mdv2009.1.x86_64.rpm d2e5ed8e1b00cece5c1d838572261a5f 2009.1/x86_64/drakxtools-http-12.35.3-1.1mdv2009.1.x86_64.rpm b9b2b48796f0b645b80901134764119b 2009.1/x86_64/harddrake-12.35.3-1.1mdv2009.1.x86_64.rpm c6b857933ba7a3a91de3f975123d34d9 2009.1/x86_64/harddrake-ui-12.35.3-1.1mdv2009.1.x86_64.rpm 959e53f76232a2cd1580573e14e7e839 2009.1/SRPMS/drakxtools-12.35.3-1.1mdv2009.1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFLemYtmqjQ0CJFipgRAmeFAKCEuwpubQaVXys6OfwkKBHPOaWzFACg82MP IIxZX3J0i8w4lzsjTMUJbwU= =9tYz -----END PGP SIGNATURE----- ------------=_1266324685-24326-4680 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1266324685-24326-4680-- Share this post Link to post