MDKSA-2004:044 - Updated libuser packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: libuser
Advisory ID: MDKSA-2004:044
Date: May 17th, 2004
Affected versions: 10.0, 9.1, 9.2, Corporate Server 2.1
______________________________________________________________________
Problem Description:
Steve Grubb discovered a number of problems in the libuser library that
can lead to a crash in applications linked to it, or possibly write 4GB
of garbage to the disk.
The updated packages provide a patched libuser to correct these
problems.
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
8b1052f6566345fa9f9ec1f3ac9e1d7f 10.0/RPMS/libuser-0.51.7-9.1.100mdk.i586.rpm
85e478c659a9989d9a766ea4318bac7c
10.0/RPMS/libuser-python-0.51.7-9.1.100mdk.i586.rpm
7ce35b806081b64defe7665d7ae68a1c 10.0/RPMS/libuser1-0.51.7-9.1.100mdk.i586.rpm
ac64c3ce5b4cbfe2f80841af6dfb5e67
10.0/RPMS/libuser1-devel-0.51.7-9.1.100mdk.i586.rpm
d7a7d5c43980af14ff1c4fb21905eca1 10.0/SRPMS/libuser-0.51.7-9.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
9557b2cbdb46786c792babb4fa02d33a
amd64/10.0/RPMS/libuser-0.51.7-9.1.100mdk.amd64.rpm
bd658edd9366db56a4fb2a1af984d332
amd64/10.0/RPMS/libuser-python-0.51.7-9.1.100mdk.amd64.rpm
387f940a770a8e1eb5c189fa6a6d2512
amd64/10.0/RPMS/libuser1-0.51.7-9.1.100mdk.amd64.rpm
41ae8a0f4fb9d322cfb3b181cbabe4a0
amd64/10.0/RPMS/libuser1-devel-0.51.7-9.1.100mdk.amd64.rpm
d7a7d5c43980af14ff1c4fb21905eca1
amd64/10.0/SRPMS/libuser-0.51.7-9.1.100mdk.src.rpm
Corporate Server 2.1:
5e808ded69e5d965537c4e2ea133c98e
corporate/2.1/RPMS/libuser-0.51-4.1.C21mdk.i586.rpm
7e5f1ecabb9e80e0b0b55f0ee541730f
corporate/2.1/RPMS/libuser1-0.51-4.1.C21mdk.i586.rpm
9e3980e106425e52a9ca7d780a9d7f87
corporate/2.1/RPMS/libuser1-devel-0.51-4.1.C21mdk.i586.rpm
275b478ed0e000f3362168db23e55164
corporate/2.1/SRPMS/libuser-0.51-4.1.C21mdk.src.rpm
Corporate Server 2.1/x86_64:
aee3697ed61122c6dca84073f3737cb9
x86_64/corporate/2.1/RPMS/libuser-0.51-4.1.C21mdk.x86_64.rpm
66a9069f2e1bf93d8d4cb9483031ce57
x86_64/corporate/2.1/RPMS/libuser1-0.51-4.1.C21mdk.x86_64.rpm
be873bdd2aa84e410dfc7921e4eebbd3
x86_64/corporate/2.1/RPMS/libuser1-devel-0.51-4.1.C21mdk.x86_64.rpm
275b478ed0e000f3362168db23e55164
x86_64/corporate/2.1/SRPMS/libuser-0.51-4.1.C21mdk.src.rpm
Mandrakelinux 9.1:
079807611894e0256c78c30a3f5c6312 9.1/RPMS/libuser-0.51-6.1.91mdk.i586.rpm
b85b62434cd712c817b0b32942a816db 9.1/RPMS/libuser1-0.51-6.1.91mdk.i586.rpm
e4756b87c61aecdcf6b0333a8bd65d79
9.1/RPMS/libuser1-devel-0.51-6.1.91mdk.i586.rpm
636c10df3bbdb865f86b6edda72b6b89 9.1/SRPMS/libuser-0.51-6.1.91mdk.src.rpm
Mandrakelinux 9.1/PPC:
a406fc70b29d5ef091d35e9b9b1b5297 ppc/9.1/RPMS/libuser-0.51-6.1.91mdk.ppc.rpm
1660ea14a3a4ab99814253f350bc5044 ppc/9.1/RPMS/libuser1-0.51-6.1.91mdk.ppc.rpm
fe58e3131693f632f9a539f34d6b58b6
ppc/9.1/RPMS/libuser1-devel-0.51-6.1.91mdk.ppc.rpm
636c10df3bbdb865f86b6edda72b6b89 ppc/9.1/SRPMS/libuser-0.51-6.1.91mdk.src.rpm
Mandrakelinux 9.2:
05809041080c9b839351a17bf32844e4 9.2/RPMS/libuser-0.51.7-8.1.92mdk.i586.rpm
547ec4105ab690c8ae3871a758c6364e
9.2/RPMS/libuser-python-0.51.7-8.1.92mdk.i586.rpm
97ed7324b001f36e9122609ca067e590 9.2/RPMS/libuser1-0.51.7-8.1.92mdk.i586.rpm
48938167eb941fa4f85a8627294581c0
9.2/RPMS/libuser1-devel-0.51.7-8.1.92mdk.i586.rpm
bbd3f4eaa4f913b568d0b64430ba5de6 9.2/SRPMS/libuser-0.51.7-8.1.92mdk.src.rpm
Mandrakelinux 9.2/AMD64:
dc7bd5a3aee747beb9030922ace0fc54
amd64/9.2/RPMS/libuser-0.51.7-8.1.92mdk.amd64.rpm
0ea25b434d32b0c6f80d8af2bdd8c5be
amd64/9.2/RPMS/libuser-python-0.51.7-8.1.92mdk.amd64.rpm
b7223a4c92ab91fd102c23138422fdbd
amd64/9.2/RPMS/libuser1-0.51.7-8.1.92mdk.amd64.rpm
dab4abf5431b2fa6269d62fb65d60a0f
amd64/9.2/RPMS/libuser1-devel-0.51.7-8.1.92mdk.amd64.rpm
bbd3f4eaa4f913b568d0b64430ba5de6
amd64/9.2/SRPMS/libuser-0.51.7-8.1.92mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
A list of FTP mirrors can be obtained from:
http://www.mandrakesecure.net/en/ftp.php
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98
Please be aware that sometimes it takes the mirrors a few hours to
update.
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesecure.net/en/advisories/
Mandrakesoft has several security-related mailing list services that
anyone can subscribe to. Information on these lists can be obtained by
visiting:
http://www.mandrakesecure.net/en/mlist.php
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQFAqTAimqjQ0CJFipgRAsn4AKDXCYmI7zXt3VeHrZ7zPjHm9WVE2wCgu5w+
/gXd+hxW5byuCxFSpbrIDeY=
=7jbJ
-----END PGP SIGNATURE-----