<<< Date Index >>>     <<< Thread Index >>>

[ MDKSA-2007:187 ] - Updated PHP packages fix numerous vulnerabilities



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:187
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : php
 Date    : September 21, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 Numerous vulnerabilities were discovered in the PHP scripting language
 that are corrected with this update.
 
 An integer overflow in the substr_compare() function allows
 context-dependent attackers to read sensitive memory via a large
 value in the length argument.  This only affects PHP5 (CVE-2007-1375).
 
 A stack-based buffer overflow in the zip:// URI wrapper in PECL
 ZIP 1.8.3 and earlier allowes remote attackers to execute arbitrary
 code via a long zip:// URL.  This only affects Corporate Server 4.0
 (CVE-2007-1399).
 
 A CRLF injection vulnerability in the FILTER_VALIDATE_EMAIL filter
 could allow an attacker to inject arbitrary email headers via a
 special email address.  This only affects Mandriva Linux 2007.1
 (CVE-2007-1900).
 
 The mcrypt_create_iv() function calls php_rand_r() with an
 uninitialized seed variable, thus always generating the same
 initialization vector, which may allow an attacker to decrypt
 certain data more easily because of the guessable encryption keys
 (CVE-2007-2727).
 
 The soap extension calls php_rand_r() with an uninitialized seec
 variable, which has unknown impact and attack vectors; an issue
 similar to that affecting mcrypt_create_iv().  This only affects PHP5
 (CVE-2007-2728).
 
 The substr_count() function allows attackers to obtain sensitive
 information via unspecified vectors.  This only affects PHP5
 (CVE-2007-2748).
 
 An infinite loop was found in the gd extension that could be used to
 cause a denial of service if a script were forced to process certain
 PNG images from untrusted sources (CVE-2007-2756).
 
 An integer overflow flaw was found in the chunk_split() function that
 ould possibly execute arbitrary code as the apache user if a remote
 attacker was able to pass arbitrary data to the third argument of
 chunk_split() (CVE-2007-2872).
 
 A flaw in the PHP session cookie handling could allow an attacker to
 create a cross-site cookie insertion attack if a victim followed an
 untrusted carefully-crafted URL (CVE-2007-3799).
 
 Various integer overflow flaws were discovered in the PHP gd extension
 that could allow a remote attacker to execute arbitrary code as the
 apache user (CVE-2007-3996).
 
 A flaw in the wordwrap() frunction could result in a denial of ervice
 if a remote attacker was able to pass arbitrary data to the function
 (CVE-2007-3998).
 
 A flaw in the money_format() function could result in an information
 leak or denial of service if a remote attacker was able to pass
 arbitrary data to this function; this situation would be unlikely
 however (CVE-2007-4658).
 
 A bug in the PHP session cookie handling could allow an attacker to
 stop a victim from viewing a vulnerable website if the victim first
 visited a malicious website under the control of the attacker who
 was able to use that page to set a cookie for the vulnerable website
 (CVE-2007-4670).
 
 Updated packages have been patched to prevent these issues.
 In addition, PECL ZIP version 1.8.10 is being provided for Corporate
 Server 4.0.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1375
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1399
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1900
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2727
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2728
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2748
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3996
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4670
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 57a68f47fd8c691db93b9eadbbf19b40  
2007.0/i586/libphp5_common5-5.1.6-1.9mdv2007.0.i586.rpm
 f82d39f70da087f4d7f9470f81211276  
2007.0/i586/php-cgi-5.1.6-1.9mdv2007.0.i586.rpm
 a22e66bf85ab53ff1782ce331ffa60a6  
2007.0/i586/php-cli-5.1.6-1.9mdv2007.0.i586.rpm
 c3cd07dba2182b4f583794a3b240e84e  
2007.0/i586/php-devel-5.1.6-1.9mdv2007.0.i586.rpm
 265ef0003e043ad3013022b1e566fd89  
2007.0/i586/php-fcgi-5.1.6-1.9mdv2007.0.i586.rpm
 598e110d6abcc345a0b6ee1676214ee2  
2007.0/i586/php-gd-5.1.6-1.3mdv2007.0.i586.rpm
 0f9a486f5ccadd55c81aa61705ae5d81  
2007.0/i586/php-mcrypt-5.1.6-1.1mdv2007.0.i586.rpm
 6d7d80d3cdeae2e4ca286b67be659cef  
2007.0/i586/php-soap-5.1.6-1.2mdv2007.0.i586.rpm 
 06fef845a7f0eb15fbda8e01d2449759  2007.0/SRPMS/php-5.1.6-1.9mdv2007.0.src.rpm
 1c4c5379d367dd0ba8c002d2a60eb8b1  
2007.0/SRPMS/php-gd-5.1.6-1.3mdv2007.0.src.rpm
 4b4382448f9be55ea66f8b910a12a97c  
2007.0/SRPMS/php-mcrypt-5.1.6-1.1mdv2007.0.src.rpm
 c9e9b415eac3b864ffcece762c6aa6bb  
2007.0/SRPMS/php-soap-5.1.6-1.2mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 8ddfb570e663d8b61cbfaf5bc8585d54  
2007.0/x86_64/lib64php5_common5-5.1.6-1.9mdv2007.0.x86_64.rpm
 d05d20ad5c5ddd84649aaed661b83c7a  
2007.0/x86_64/php-cgi-5.1.6-1.9mdv2007.0.x86_64.rpm
 9ba45cce68ffa043cf1fb23fe765e104  
2007.0/x86_64/php-cli-5.1.6-1.9mdv2007.0.x86_64.rpm
 26ead0e8cd3bab9ba64cc39f596d6533  
2007.0/x86_64/php-devel-5.1.6-1.9mdv2007.0.x86_64.rpm
 65673d78e3e1af683d64e30ba832be63  
2007.0/x86_64/php-fcgi-5.1.6-1.9mdv2007.0.x86_64.rpm
 0d478806da998759a96cdbf8694c0324  
2007.0/x86_64/php-gd-5.1.6-1.3mdv2007.0.x86_64.rpm
 99ec9336533a6ff74b93841497a73fe1  
2007.0/x86_64/php-mcrypt-5.1.6-1.1mdv2007.0.x86_64.rpm
 1b5bdc02b561134835c729fb404b0931  
2007.0/x86_64/php-soap-5.1.6-1.2mdv2007.0.x86_64.rpm 
 06fef845a7f0eb15fbda8e01d2449759  2007.0/SRPMS/php-5.1.6-1.9mdv2007.0.src.rpm
 1c4c5379d367dd0ba8c002d2a60eb8b1  
2007.0/SRPMS/php-gd-5.1.6-1.3mdv2007.0.src.rpm
 4b4382448f9be55ea66f8b910a12a97c  
2007.0/SRPMS/php-mcrypt-5.1.6-1.1mdv2007.0.src.rpm
 c9e9b415eac3b864ffcece762c6aa6bb  
2007.0/SRPMS/php-soap-5.1.6-1.2mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 cfb5ebca225920865fd41b8d7379ec04  
2007.1/i586/libphp5_common5-5.2.1-4.3mdv2007.1.i586.rpm
 fd99e8fd1eba60464844111ba0bf658f  
2007.1/i586/php-cgi-5.2.1-4.3mdv2007.1.i586.rpm
 d2d5ef2a6eb326c85e5e4e66d5488032  
2007.1/i586/php-cli-5.2.1-4.3mdv2007.1.i586.rpm
 f8ff08caf4bf9d4b06c84dabf426ad4f  
2007.1/i586/php-devel-5.2.1-4.3mdv2007.1.i586.rpm
 0e362fc96f32b9046df73d01938f4a4f  
2007.1/i586/php-fcgi-5.2.1-4.3mdv2007.1.i586.rpm
 3796283e1a18abd35c66e9fdb7cecf84  
2007.1/i586/php-gd-5.2.1-1.2mdv2007.1.i586.rpm
 8303fdaff4f40f7025e84b9571db7557  
2007.1/i586/php-mcrypt-5.2.1-1.1mdv2007.1.i586.rpm
 765b7cff3e34bf6be0d31d5e11c6d21f  
2007.1/i586/php-openssl-5.2.1-4.3mdv2007.1.i586.rpm
 8ed091e407210049489fb70ba4f18e3f  
2007.1/i586/php-soap-5.2.1-1.2mdv2007.1.i586.rpm
 649f2efadad45640ca14f5ab644de67f  
2007.1/i586/php-zlib-5.2.1-4.3mdv2007.1.i586.rpm 
 8779e5a26aecb35eaf93a5c54f35a798  2007.1/SRPMS/php-5.2.1-4.3mdv2007.1.src.rpm
 d16710089832ae31873c0db7e6df87fd  
2007.1/SRPMS/php-gd-5.2.1-1.2mdv2007.1.src.rpm
 ec8b2d536f13c35dd2c2f1cca92c5694  
2007.1/SRPMS/php-mcrypt-5.2.1-1.1mdv2007.1.src.rpm
 90f9821184ef2fc8cca2a35e54080f44  
2007.1/SRPMS/php-soap-5.2.1-1.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 4af5b6e98feeeb88b8993768c15497ce  
2007.1/x86_64/lib64php5_common5-5.2.1-4.3mdv2007.1.x86_64.rpm
 f5e5fbb413e349ff9ae9e8e82a59dd92  
2007.1/x86_64/php-cgi-5.2.1-4.3mdv2007.1.x86_64.rpm
 c93c070b38a3c2602dbfea38e648fea1  
2007.1/x86_64/php-cli-5.2.1-4.3mdv2007.1.x86_64.rpm
 5d7fa073092e6599eddaaffab5b4df4f  
2007.1/x86_64/php-devel-5.2.1-4.3mdv2007.1.x86_64.rpm
 0d593dad6f79e0331d1a9c7544d6fe42  
2007.1/x86_64/php-fcgi-5.2.1-4.3mdv2007.1.x86_64.rpm
 8652914b9aa256724004e12621111ce3  
2007.1/x86_64/php-gd-5.2.1-1.2mdv2007.1.x86_64.rpm
 cc2993f0faf2d76eb317162162237049  
2007.1/x86_64/php-mcrypt-5.2.1-1.1mdv2007.1.x86_64.rpm
 2becb2e136e605d4b6fcbb80b8b96fdc  
2007.1/x86_64/php-openssl-5.2.1-4.3mdv2007.1.x86_64.rpm
 241a453a1007cc84f0f789b2a11bf96f  
2007.1/x86_64/php-soap-5.2.1-1.2mdv2007.1.x86_64.rpm
 58a30a4284944ed364d488338c6d4605  
2007.1/x86_64/php-zlib-5.2.1-4.3mdv2007.1.x86_64.rpm 
 8779e5a26aecb35eaf93a5c54f35a798  2007.1/SRPMS/php-5.2.1-4.3mdv2007.1.src.rpm
 d16710089832ae31873c0db7e6df87fd  
2007.1/SRPMS/php-gd-5.2.1-1.2mdv2007.1.src.rpm
 ec8b2d536f13c35dd2c2f1cca92c5694  
2007.1/SRPMS/php-mcrypt-5.2.1-1.1mdv2007.1.src.rpm
 90f9821184ef2fc8cca2a35e54080f44  
2007.1/SRPMS/php-soap-5.2.1-1.2mdv2007.1.src.rpm

 Corporate 3.0:
 247e24717edaad099d4dfac36d06da11  
corporate/3.0/i586/libphp_common432-4.3.4-4.27.C30mdk.i586.rpm
 a2fe1080b8981493b83f6bb6c08a6f83  
corporate/3.0/i586/php-cgi-4.3.4-4.27.C30mdk.i586.rpm
 0468aa254c2495b128f4ea776b7100f7  
corporate/3.0/i586/php-cli-4.3.4-4.27.C30mdk.i586.rpm
 230476bcb71774884ec17ecbef336e5c  
corporate/3.0/i586/php-gd-4.3.4-1.7.C30mdk.i586.rpm
 3cac8eecfdee304b0889fbe99958a6ca  
corporate/3.0/i586/php432-devel-4.3.4-4.27.C30mdk.i586.rpm 
 74c8bcac18b502174d270a0e2529d8e8  
corporate/3.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 7db08e02ff0b4d59c58bbef5ff25a89b  
corporate/3.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 54b38db5000d71f5f4cfe0d55ea8839d  
corporate/3.0/x86_64/lib64php_common432-4.3.4-4.27.C30mdk.x86_64.rpm
 e06d422dedbd7ff39eb86c8afdf23f8c  
corporate/3.0/x86_64/php-cgi-4.3.4-4.27.C30mdk.x86_64.rpm
 66bea84020ec6231dbc345215b6398d4  
corporate/3.0/x86_64/php-cli-4.3.4-4.27.C30mdk.x86_64.rpm
 6e47af7339e7c939133d3bbab0b54c60  
corporate/3.0/x86_64/php-gd-4.3.4-1.7.C30mdk.x86_64.rpm
 9aa27728797f8a8b7fe6932237779dc1  
corporate/3.0/x86_64/php432-devel-4.3.4-4.27.C30mdk.x86_64.rpm 
 74c8bcac18b502174d270a0e2529d8e8  
corporate/3.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 7db08e02ff0b4d59c58bbef5ff25a89b  
corporate/3.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm

 Corporate 4.0:
 6660cfe8b3e883412a9d138cb4776a17  
corporate/4.0/i586/libphp4_common4-4.4.4-1.7.20060mlcs4.i586.rpm
 0a43b956bf221f3dc6b534aed4c2c332  
corporate/4.0/i586/libphp5_common5-5.1.6-1.8.20060mlcs4.i586.rpm
 d01223da70e8e3c6c17b0bd065cf4747  
corporate/4.0/i586/php-cgi-5.1.6-1.8.20060mlcs4.i586.rpm
 9cdf4d6ba4446811b0118126b31dd80b  
corporate/4.0/i586/php-cli-5.1.6-1.8.20060mlcs4.i586.rpm
 6f486a6a19edef73ac2bc6aba2cf342a  
corporate/4.0/i586/php-devel-5.1.6-1.8.20060mlcs4.i586.rpm
 a126823de602fb9aecae42f052ab2827  
corporate/4.0/i586/php-fcgi-5.1.6-1.8.20060mlcs4.i586.rpm
 9c198b7e8a34c3e4d03f18174b2b1a84  
corporate/4.0/i586/php-gd-5.1.6-1.3.20060mlcs4.i586.rpm
 b58d0518a5a44bdb26006df7b3d0b9f4  
corporate/4.0/i586/php-mcrypt-5.1.6-1.1.20060mlcs4.i586.rpm
 c306da649d383d2ef0d4e568e8f77bd2  
corporate/4.0/i586/php-soap-5.1.6-1.2.20060mlcs4.i586.rpm
 6fbcf94c677317eaa73f2972afbece1c  
corporate/4.0/i586/php-zip-1.8.10-0.1.20060mlcs4.i586.rpm
 473813677bb2f261182b53f6175908b8  
corporate/4.0/i586/php4-cgi-4.4.4-1.7.20060mlcs4.i586.rpm
 5c53c5fd3860246341522a47712b7d18  
corporate/4.0/i586/php4-cli-4.4.4-1.7.20060mlcs4.i586.rpm
 079851b5a916b27cb16aa4bde9bcd86e  
corporate/4.0/i586/php4-devel-4.4.4-1.7.20060mlcs4.i586.rpm
 cf0a080ecd0acb5e01f7e2e41ed3c76d  
corporate/4.0/i586/php4-gd-4.4.4-1.2.20060mlcs4.i586.rpm
 c2333bbae7d3a20b90a2e174f2caf5da  
corporate/4.0/i586/php4-mcrypt-4.4.4-1.1.20060mlcs4.i586.rpm 
 b406cd54519867c9611c6c6700827457  
corporate/4.0/SRPMS/php-5.1.6-1.8.20060mlcs4.src.rpm
 491027bf3182f1f56e93e4d3a053d9e0  
corporate/4.0/SRPMS/php-gd-5.1.6-1.3.20060mlcs4.src.rpm
 dd89eef4f40af9dff068c28bd56b4d5b  
corporate/4.0/SRPMS/php-mcrypt-5.1.6-1.1.20060mlcs4.src.rpm
 d7107b5be0e7768abad9c15cc8584ded  
corporate/4.0/SRPMS/php-soap-5.1.6-1.2.20060mlcs4.src.rpm
 f39e559d753bc59816d4106cd095d0db  
corporate/4.0/SRPMS/php-zip-1.8.10-0.1.20060mlcs4.src.rpm
 1f1fd034cfd3d3f911315a34326d553e  
corporate/4.0/SRPMS/php4-4.4.4-1.7.20060mlcs4.src.rpm
 00447503df74be2f96f4ec4f93de6694  
corporate/4.0/SRPMS/php4-gd-4.4.4-1.2.20060mlcs4.src.rpm
 c005bcfb3c95e618ba5a4c928d5b75c7  
corporate/4.0/SRPMS/php4-mcrypt-4.4.4-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 d04a06f2a1d4c8d36b1ce3de6448577b  
corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.7.20060mlcs4.x86_64.rpm
 b22d1122c842de135ddf34d331641da8  
corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.8.20060mlcs4.x86_64.rpm
 9866242fb135cca7cf3e35e97f5178af  
corporate/4.0/x86_64/php-cgi-5.1.6-1.8.20060mlcs4.x86_64.rpm
 c68e05947bec3bb82e9d1d5c572f96d5  
corporate/4.0/x86_64/php-cli-5.1.6-1.8.20060mlcs4.x86_64.rpm
 cf53b9aaef91d88655f9d74e3ff2aacb  
corporate/4.0/x86_64/php-devel-5.1.6-1.8.20060mlcs4.x86_64.rpm
 f8c251520d975a4010def1750fd8346d  
corporate/4.0/x86_64/php-fcgi-5.1.6-1.8.20060mlcs4.x86_64.rpm
 5b34f8737e26d00f33c0328d763ab213  
corporate/4.0/x86_64/php-gd-5.1.6-1.3.20060mlcs4.x86_64.rpm
 758cf65ca6d0a4abebb902e0cba8a340  
corporate/4.0/x86_64/php-mcrypt-5.1.6-1.1.20060mlcs4.x86_64.rpm
 13bee1adbfe5e67c01ca731ea81dbdd9  
corporate/4.0/x86_64/php-soap-5.1.6-1.2.20060mlcs4.x86_64.rpm
 4c0b39d8927c6cb19e32befb0539680e  
corporate/4.0/x86_64/php-zip-1.8.10-0.1.20060mlcs4.x86_64.rpm
 5ada3b423910e48a26c77a8cf95cc274  
corporate/4.0/x86_64/php4-cgi-4.4.4-1.7.20060mlcs4.x86_64.rpm
 84fae5bb1c27d7c4a6dcb7c29966e2ce  
corporate/4.0/x86_64/php4-cli-4.4.4-1.7.20060mlcs4.x86_64.rpm
 ccc04f5e1301a856a4d8e24bd36342cb  
corporate/4.0/x86_64/php4-devel-4.4.4-1.7.20060mlcs4.x86_64.rpm
 0eafa187fc47d54782cba69a73d500f8  
corporate/4.0/x86_64/php4-gd-4.4.4-1.2.20060mlcs4.x86_64.rpm
 17f6a6e9ff9cb623ba5538c46571fce5  
corporate/4.0/x86_64/php4-mcrypt-4.4.4-1.1.20060mlcs4.x86_64.rpm 
 b406cd54519867c9611c6c6700827457  
corporate/4.0/SRPMS/php-5.1.6-1.8.20060mlcs4.src.rpm
 491027bf3182f1f56e93e4d3a053d9e0  
corporate/4.0/SRPMS/php-gd-5.1.6-1.3.20060mlcs4.src.rpm
 dd89eef4f40af9dff068c28bd56b4d5b  
corporate/4.0/SRPMS/php-mcrypt-5.1.6-1.1.20060mlcs4.src.rpm
 d7107b5be0e7768abad9c15cc8584ded  
corporate/4.0/SRPMS/php-soap-5.1.6-1.2.20060mlcs4.src.rpm
 f39e559d753bc59816d4106cd095d0db  
corporate/4.0/SRPMS/php-zip-1.8.10-0.1.20060mlcs4.src.rpm
 1f1fd034cfd3d3f911315a34326d553e  
corporate/4.0/SRPMS/php4-4.4.4-1.7.20060mlcs4.src.rpm
 00447503df74be2f96f4ec4f93de6694  
corporate/4.0/SRPMS/php4-gd-4.4.4-1.2.20060mlcs4.src.rpm
 c005bcfb3c95e618ba5a4c928d5b75c7  
corporate/4.0/SRPMS/php4-mcrypt-4.4.4-1.1.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 4a0e9e73f51d6118c3580b9f556c0a2d  
mnf/2.0/i586/libphp_common432-4.3.4-4.27.C30mdk.i586.rpm
 f4698dd4eb9c4c9e12528c70cf458e7f  
mnf/2.0/i586/php-cgi-4.3.4-4.27.C30mdk.i586.rpm
 91e6914a490349580511f216a8220c86  
mnf/2.0/i586/php-cli-4.3.4-4.27.C30mdk.i586.rpm
 b5655d8d54a14d9f5cdb56246ddad2e3  mnf/2.0/i586/php-gd-4.3.4-1.7.C30mdk.i586.rpm
 752e636b31d84df4b9283fc56b60ef5b  
mnf/2.0/i586/php432-devel-4.3.4-4.27.C30mdk.i586.rpm 
 dba539a2cc542b14898bea508291fb93  mnf/2.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 86dacced331afeb19a375cdcd5ade744  mnf/2.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFG9CU6mqjQ0CJFipgRAs8RAKDsqCO/QPqLczFFlIVUz3pfMnFdUwCePmkK
vvRjTT2T2agDRpYmZWKYhFs=
=4TWc
-----END PGP SIGNATURE-----