Mandriva Security

MDVSA-2008:209-1: pam_krb5

Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket
configuration option where, if enabled and using an existing credential
cache, it was possible for a local user to gain elevated privileges
by using a different, local user's credential cache (CVE-2008-3825).

The updated packages have been patched to prevent this issue.

Update:

An updated package for Mandriva Linux 2009.0 is now available.

MDVSA-2008:210: mono

CRLF injection vulnerability in Sys.Web in Mono 2.0 and earlier allows
remote attackers to inject arbitrary HTTP headers and conduct HTTP
response splitting attacks via CRLF sequences in the query string.

The updated packages have been patched to fix the issue.

MDVSA-2008:209: pam_krb5

MDVA-2008:132: mandriva-release

mandriva-release for Mandriva 2008 Spring should contain a
product_branch set to Official, and not devel, otherwise it could
lead to an error with the new mdkonline.

The updated package fixes it.

MDVA-2008:131: rpmdrake

This update fixes several minor issues in rpmdrake:
- it fixes a crash due to bad timing with the X server (#41010)
- it fix empty per importance lists of updates in rpmdrake (list
of all updates was OK, MandrivaUpdate was OK) (#41331) (regression
introduced in 3.95 on 2007-09-14)
- it makes rpmdrake only warn once per session when media XML metadata
are newer than synthesis: in that case rpmdrake complained for every
unsyncrhonized package (#42737)
- it fixes a crash when selecting all packages (#40025)
- it fixes a rare crash when canceling (#41970)

MDVA-2008:130: drakxtools

This update fixes several minor issues in drakxtools:
- it fixes management of XEN kernels in bootloader-config, when adding
a new kernel, a xen entry should not replace an existing 'linux'
(#40865)
- it fixes a crash in rpmdrake when description begins by
Gtk2::.. (#43802)

It also really enable draksnapashot to use Gtk+-2's new
FileChooserDialog in future.

MDVSA-2008:208: pam_mount

pam_mount 0.10 through 0.45, when luserconf is enabled, does not verify
mountpoint and source ownership before mounting a user-defined volume,
which allows local users to bypass intended access restrictions via
a local mount.

The updated packages have been patched to fix the issue.

MDVSA-2008:207: openafs

A race condition in OpenAFS 1.3.40 through 1.4.5 allowed remote
attackers to cause a denial of service (daemon crash) by simultaneously
acquiring and giving back file callbacks (CVE-2007-6599).

The updated packages have been patched to prevent this issue.

MDVSA-2008:206: mozilla-thunderbird

A number of security vulnerabilities have been discovered and
corrected in the latest Mozilla Thunderbird program, version 2.0.0.17
(CVE-2008-0016, CVE-2008-3835, CVE-2008-4058, CVE-2008-4059,
CVE-2008-4060, CVE-2008-4061, CVE-2008-4062, CVE-2008-4065,
CVE-2008-4066, CVE-2008-4067, CVE-2008-4068, CVE-2008-4070).

This update provides the latest Thunderbird to correct these issues.

MDVSA-2008:205: mozilla-firefox

Security vulnerabilities have been discovered and corrected in the
latest Mozilla Firefox program, version 2.0.0.17 (CVE-2008-0016,
CVE-2008-3835, CVE-2008-3836, CVE-2008-3837, CVE-2008-4058,
CVE-2008-4059, CVE-2008-4060, CVE-2008-4061, CVE-2008-4062,
CVE-2008-4065, CVE-2008-4066, CVE-2008-4067, CVE-2008-4068,
CVE-2008-4069).

This update provides the latest Firefox to correct these issues.