| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 24 Sep 2014 17:08:00 +0200 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDVSA-2014:185 ] libgadu -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2014:185 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : libgadu Date : September 24, 2014 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Updated libgadu packages fix security vulnerability: Libgadu before 1.12.0 was found to not be performing SSL certificate validation (CVE-2013-4488). _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4488 http://advisories.mageia.org/MGASA-2014-0375.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: de3454fe7c663ecd08d4e1eeb2638776 mbs1/x86_64/lib64gadu3-1.12.0-1.mbs1.x86_64.rpm 787542a6699b4d7ffd4ca381151b45f8 mbs1/x86_64/lib64gadu-devel-1.12.0-1.mbs1.x86_64.rpm 90a303b5cbb0030f24d0376b8f70edfa mbs1/SRPMS/libgadu-1.12.0-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFUItBMmqjQ0CJFipgRAhNKAJ9kPScU53c3as3gX7E6olGYLdKBUgCg6okv cqW5aUvZgnKB+17vo5MG5dM= =Ql0L -----END PGP SIGNATURE-----
Powered by blists - more mailing lists