lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1NGYbh-0006Xo-2p@titan.mandriva.com>
Date: Fri, 04 Dec 2009 14:54:01 +0100
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2009:213-1 ] wxgtk


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                       MDVSA-2009:213-1
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : wxgtk
 Date    : December 4, 2009
 Affected: 2008.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability was found in xmltok_impl.c (expat) that with
 specially crafted XML could be exploited and lead to a denial of
 service attack. Related to CVE-2009-2625 (CVE-2009-3720).
 
 This update fixes this vulnerability.

 Update:

 Packages for 2008.0 are being provided due to extended support for
 Corporate products.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720
 https://bugs.gentoo.org/show_bug.cgi?id=280615
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 c9debad43de2a2c609d5a3c9ad4aaf34  2008.0/i586/libwxgtk2.6-2.6.4-13.1mdv2008.0.i586.rpm
 491857bb1aad3f767ae0a35a520042b5  2008.0/i586/libwxgtk2.6-devel-2.6.4-13.1mdv2008.0.i586.rpm
 690203005f06910fdfc31c574a17995e  2008.0/i586/libwxgtk2.8-2.8.4-3.1mdv2008.0.i586.rpm
 0c8f966ccc7acc4b273be05638f2c9dd  2008.0/i586/libwxgtk2.8-devel-2.8.4-3.1mdv2008.0.i586.rpm
 dda489d2d549b7060cbc141933d09366  2008.0/i586/libwxgtkgl2.6-2.6.4-13.1mdv2008.0.i586.rpm
 b1d340906398d68456781d021a05b119  2008.0/i586/libwxgtkgl2.8-2.8.4-3.1mdv2008.0.i586.rpm
 7386ef8e1b19838621bc268e80bf2abf  2008.0/i586/libwxgtkglu2.6-2.6.4-13.1mdv2008.0.i586.rpm
 9b4af47cb5dc5e4a10a3ca3cdfbfc084  2008.0/i586/libwxgtkglu2.8-2.8.4-3.1mdv2008.0.i586.rpm
 54bdfb189c7ab70e1629958030ba8d34  2008.0/i586/libwxgtku2.6-2.6.4-13.1mdv2008.0.i586.rpm
 bf2b2694cd8c99dd213c08f06dd923ce  2008.0/i586/libwxgtku2.6-devel-2.6.4-13.1mdv2008.0.i586.rpm
 b4416dee9d8bfa5e1d65771843f4e9e7  2008.0/i586/libwxgtku2.8-2.8.4-3.1mdv2008.0.i586.rpm
 b715314accdddc8c012ac3b2ced2e7b7  2008.0/i586/libwxgtku2.8-devel-2.8.4-3.1mdv2008.0.i586.rpm
 d95938c1c8dbd4ff1e08587c4a75dc38  2008.0/i586/wxGTK2.6-2.6.4-13.1mdv2008.0.i586.rpm
 9a351f86e1706c23445fcff5231abb8e  2008.0/i586/wxgtk2.8-2.8.4-3.1mdv2008.0.i586.rpm 
 f2947e0187a27f7c570d313ec4fb2411  2008.0/SRPMS/wxGTK2.6-2.6.4-13.1mdv2008.0.src.rpm
 8a65fa3754ca2129eeae76231cc562b0  2008.0/SRPMS/wxgtk2.8-2.8.4-3.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 412be44c2d4376c1b1296e976d3aa688  2008.0/x86_64/lib64wxgtk2.6-2.6.4-13.1mdv2008.0.x86_64.rpm
 f1c13be1aefcb16711252b373ccf48b0  2008.0/x86_64/lib64wxgtk2.6-devel-2.6.4-13.1mdv2008.0.x86_64.rpm
 b0ddb173a329771c54e7fc7c9b6b6743  2008.0/x86_64/lib64wxgtk2.8-2.8.4-3.1mdv2008.0.x86_64.rpm
 af4405937400de5419440c74dac5c5b9  2008.0/x86_64/lib64wxgtk2.8-devel-2.8.4-3.1mdv2008.0.x86_64.rpm
 8d57420c4a5490ad9d9d35eb808b9979  2008.0/x86_64/lib64wxgtkgl2.6-2.6.4-13.1mdv2008.0.x86_64.rpm
 d37432dc3d9c812a7db68e321e08e5d6  2008.0/x86_64/lib64wxgtkgl2.8-2.8.4-3.1mdv2008.0.x86_64.rpm
 c8cfba5e929c3aa0961063ba4b7adf83  2008.0/x86_64/lib64wxgtkglu2.6-2.6.4-13.1mdv2008.0.x86_64.rpm
 e8738253d90108918ea44b386a590782  2008.0/x86_64/lib64wxgtkglu2.8-2.8.4-3.1mdv2008.0.x86_64.rpm
 0c1971f51c8de5eee74584cc91da9c9d  2008.0/x86_64/lib64wxgtku2.6-2.6.4-13.1mdv2008.0.x86_64.rpm
 39e4a8eb50a0bfad249492b9bc1b3ef9  2008.0/x86_64/lib64wxgtku2.6-devel-2.6.4-13.1mdv2008.0.x86_64.rpm
 b71011075bf441c0d09fca612376dd28  2008.0/x86_64/lib64wxgtku2.8-2.8.4-3.1mdv2008.0.x86_64.rpm
 e3ef0474af6e94653b1291fbedd50ef5  2008.0/x86_64/lib64wxgtku2.8-devel-2.8.4-3.1mdv2008.0.x86_64.rpm
 e37ac1c0f99af42ac9641d786ffc30f8  2008.0/x86_64/wxGTK2.6-2.6.4-13.1mdv2008.0.x86_64.rpm
 42dbbaef3787bd36c087cdb67deca94b  2008.0/x86_64/wxgtk2.8-2.8.4-3.1mdv2008.0.x86_64.rpm 
 f2947e0187a27f7c570d313ec4fb2411  2008.0/SRPMS/wxGTK2.6-2.6.4-13.1mdv2008.0.src.rpm
 8a65fa3754ca2129eeae76231cc562b0  2008.0/SRPMS/wxgtk2.8-2.8.4-3.1mdv2008.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLGOkvmqjQ0CJFipgRAql9AJ0cNi0pwAEKmSh3C95G6A4sVfwWpgCg5yii
zkLvSyTr5e+d1LO84/F9sq4=
=gj94
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ