7133781 2001-09-18 11:45 -0600  /329 rader/ Linux Mandrake Security Team <security@linux-mandrake.com>
Sänt av: joel@lysator.liu.se
Importerad: 2001-09-19  04:05  av Brevbäraren
Extern mottagare: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com>
Extern kopiemottagare: Linux Mandrake Security <mdk-security@lists.freezer-burn.org>
Extern kopiemottagare: Bugtraq <bugtraq@securityfocus.com>
Mottagare: Bugtraq (import) <19231>
Ärende: MDKSA-2001:077 - apache update
------------------------------------------------------------
From: Linux Mandrake Security Team <security@linux-mandrake.com>
To: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com>
Cc: Linux Mandrake Security <mdk-security@lists.freezer-burn.org>,
 Bugtraq <bugtraq@securityfocus.com>
Message-ID: <20010918114536.M17296@mandrakesoft.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

                Mandrake Linux Security Update Advisory
________________________________________________________________________

Package name:           apache
Date:                   September 18th, 2001
Advisory ID:            MDKSA-2001:077

Affected versions:      7.1, 7.2, 8.0, Corporate Server 1.0.1
________________________________________________________________________

Problem Description:

 A problem exists with all Apache servers prior to version 1.3.19.
 The vulnerablity could allow directory indexing and path discovery
 on the vulnerable servers with a custom crafted request consisting
 of a long path name created artificially by using numerous slashes.
 This can cause modules to misbehave and return a listing of the
 directory contents by avoiding the error page.

 Because of the number of add-on packages Mandrake Linux provides for
 Apache that are compiled for a specific version of Apache, and due
 to the complexity of the upgrade, we recommend that users upgrade
 Apache and all associated packages by hand, invoking RPM directly.
 The updates provide updated Apache, PHP, mod_perl, and mod_ssl
 packages for all relevant versions, and all should be upgraded at the
 same time to avoid dependency issues.  You can do this by using the
 "rpm -Fvh *.rpm" command from a temporary directory containing the
 relevant update packages.

 Due to a packaging error in previous versions of mod_php3 for Linux-
 Mandrake 7.1, you will need to manually edit /etc/httpd.conf to re-
 enable PHP support.  You can do this by issuing, as root:

 echo "Include conf/addon-modules/php.conf"
>>/etc/httpd/conf/httpd.conf

 Additionally, we have updated PHP to version 4.0.6 for Mandrake Linux
 8.0.
________________________________________________________________________

References:

  http://www.securityfocus.com/vdb/bottom.html?vid=2503
________________________________________________________________________

Please verify the update prior to upgrading to ensure the integrity of
the downloaded package.  You can do this with the command:
  rpm --checksig package.rpm
You can get the GPG public key of the Mandrake Linux Security Team at
  http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS
If you use MandrakeUpdate, the verification of md5 checksum and GPG
signature is performed automatically for you.

Linux-Mandrake 7.1: 66be24cb54d0b81a275bc55deb7fc46f
7.1/RPMS/apache-1.3.20-1.3mdk.i586.rpm
29e0d16940f032fbd96576327a119ec1
7.1/RPMS/apache-devel-1.3.20-1.3mdk.i586.rpm
cc6a0aaf4d6b10b20686ddf7fa2f925e
7.1/RPMS/apache-suexec-1.3.20-1.3mdk.i586.rpm
79ec84f3720d65ebd6003f77e19b1d23
7.1/RPMS/mod_perl-1.22-29.3mdk.i586.rpm
21f1638d0dd29d31286a0cf45f44cafc
7.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm
0b8cf6dee144d9b5c4d8dbf6186aa86b
7.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm
7b73ea1ca66ff3e71749c6305551a77d
7.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm
d2114ac796e2438f9af1dff9c7ac8a7b
7.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm
8645d02caa74d3a3bf3c9dcb381e8bd9
7.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm
4e14c192d8e9e3771131cdc90d999aac
7.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm
21f1638d0dd29d31286a0cf45f44cafc
7.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm
0b8cf6dee144d9b5c4d8dbf6186aa86b
7.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm
7b73ea1ca66ff3e71749c6305551a77d
7.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm
d2114ac796e2438f9af1dff9c7ac8a7b
7.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm
8645d02caa74d3a3bf3c9dcb381e8bd9
7.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm
4e14c192d8e9e3771131cdc90d999aac
7.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm
61d0a2633355d0e5a936803023c9c406
7.1/SRPMS/apache-1.3.20-1.3mdk.src.rpm
7aa8082bad63d0f56ba7ef96337e654a
7.1/SRPMS/mod_perl-1.22-29.3mdk.src.rpm
b315b402fc8de3c315d1d2c515e74342
7.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm
b315b402fc8de3c315d1d2c515e74342
7.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm

Linux-Mandrake 7.2: 14ecd4a55701a9e01cb9f402492007df
7.2/RPMS/HTML-Embperl-1.3b6-3.1mdk.i586.rpm
9d9bace3d742354e6dfbfa3c8cfb60f8
7.2/RPMS/apache-1.3.20-3.1mdk.i586.rpm
5114bcc5f1a277aa9331124d766bc097
7.2/RPMS/apache-common-1.3.20-3.1mdk.i586.rpm
719daaccf0b11cc24c69cb73b4bc6a71
7.2/RPMS/apache-devel-1.3.20-3.1mdk.i586.rpm
0f7819a64e087c860a0caf99b2b48819
7.2/RPMS/apache-manual-1.3.20-3.1mdk.i586.rpm
14c0b768186dffb037306d1651dc851d
7.2/RPMS/apache-mod_perl-1.3.20_1.24-3.1mdk.i586.rpm
f48a5e44b0e679d4bfa3aef1c40a9af9
7.2/RPMS/apache-mod_perl-devel-1.3.20_1.24-3.1mdk.i586.rpm
50b8bb0d3b3b1452ff867953fa051222
7.2/RPMS/apache-suexec-1.3.20-3.1mdk.i586.rpm
8f22e1643f6c1adfac71149b3283ac39
7.2/RPMS/mod_php-4.0.4pl1-2.1mdk.i586.rpm
1b45a62c1015d74695f655d94b064347
7.2/RPMS/mod_ssl-2.8.4-1.1mdk.i586.rpm
8f22e1643f6c1adfac71149b3283ac39
7.2/RPMS/mod_php-4.0.4pl1-2.1mdk.i586.rpm
8b5c3ec86fcf6b8462f4940c20504654
7.2/RPMS/php-4.0.4pl1-2.1mdk.i586.rpm
0ab8b1e3924f72d96356484d7cb00df2
7.2/RPMS/php-dba_gdbm_db2-4.0.4pl1-2.1mdk.i586.rpm
ce4811a78c8457f95e665d8bd89a4ba9
7.2/RPMS/php-devel-4.0.4pl1-2.1mdk.i586.rpm
93ec99f78ac53e6f356db9034fe5af49
7.2/RPMS/php-gd-4.0.4pl1-2.1mdk.i586.rpm
4009c23dba38dba27fec2809e796cc24
7.2/RPMS/php-imap-4.0.4pl1-2.1mdk.i586.rpm
37f7f9d073f3520343fb3bd5c07fac60
7.2/RPMS/php-ldap-4.0.4pl1-2.1mdk.i586.rpm
43275b23bcb6db3bba490ff970bc0e16
7.2/RPMS/php-manual-4.0.4pl1-2.1mdk.i586.rpm
3321ed48c52f0ad91db87196e07924fc
7.2/RPMS/php-mysql-4.0.4pl1-2.1mdk.i586.rpm
bb2debffd4e7ab4d73e4f52cbdcbc7e0
7.2/RPMS/php-pgsql-4.0.4pl1-2.1mdk.i586.rpm
17b2010fecce8013beb0acc578ca5b5d
7.2/RPMS/php-readline-4.0.4pl1-2.1mdk.i586.rpm
7cd3faa0624118cfefade2633a185be7
7.2/SRPMS/apache-1.3.20-3.1mdk.src.rpm
4a15671a5a30b8399318275782fc4617
7.2/SRPMS/mod_ssl-2.8.4-1.1mdk.src.rpm
3c69dd72fbc771c914a6ae0140192d9f
7.2/SRPMS/php-4.0.4pl1-2.1mdk.src.rpm

Mandrake Linux 8.0: d379d29a6acc539a94f2c5c261762df1
8.0/RPMS/HTML-Embperl-1.3.20_1.3.3-2.2mdk.i586.rpm
7cebcaca4383a19ac05556b2e5b85bc1
8.0/RPMS/apache-1.3.20-1.2mdk.i586.rpm
2552b620e877728a260396f1281e877a
8.0/RPMS/apache-common-1.3.20-1.2mdk.i586.rpm
d491a1e3fc86432665c76b075b3d9d10
8.0/RPMS/apache-conf-1.3.20-1.2mdk.i586.rpm
d59540396fcd71493bf370ef4228b942
8.0/RPMS/apache-devel-1.3.20-1.2mdk.i586.rpm
993281ba4b86c71e513a4e29024e3887
8.0/RPMS/apache-manual-1.3.20-1.2mdk.i586.rpm
f404d71383212971a4ab59a6c8611698
8.0/RPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.i586.rpm
8e9b60fb2411fb8da35c318599928049
8.0/RPMS/apache-modules-1.3.20-1.2mdk.i586.rpm
657ac31e93d26ca07ebe7c5754f4adb9
8.0/RPMS/apache-source-1.3.20-1.2mdk.i586.rpm
af04df9d3816498daf60bf9734e14ba4
8.0/RPMS/apache-suexec-1.3.20-1.2mdk.i586.rpm
83196921efbbe31c69ae1b458e9b32f0
8.0/RPMS/mod_perl-common-1.3.20_1.25_01-2.2mdk.i586.rpm
ba32408642e6ed62b9946f127bb78f93
8.0/RPMS/mod_perl-devel-1.3.20_1.25_01-2.2mdk.i586.rpm
e93945de74a775497cc1f29c3116fe34
8.0/RPMS/mod_php-4.0.6-3mdk.i586.rpm 0d477d3cbb78e28950ef9fb637e64532
8.0/RPMS/mod_ssl-2.8.4-1.2mdk.i586.rpm
e93945de74a775497cc1f29c3116fe34
8.0/RPMS/mod_php-4.0.6-3mdk.i586.rpm 93ecb0381be916dff31720c1f8ccd7af
8.0/RPMS/php-4.0.6-3.2mdk.i586.rpm 9334c69cc9109861740cefdcbbca3f0f
8.0/RPMS/php-common-4.0.6-3.2mdk.i586.rpm
b3f706b65c0afd2c5a54f52ba908db61
8.0/RPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.i586.rpm
500e5efbeb2b71a2d39f19e99f9480e3
8.0/RPMS/php-devel-4.0.6-3.2mdk.i586.rpm
bdcad46aaad5ab194f7c2e396af07116
8.0/RPMS/php-gd-4.0.6-1.2mdk.i586.rpm
45edeaeb2021ce1f92bd43ad416a0cf9
8.0/RPMS/php-imap-4.0.6-1.2mdk.i586.rpm
a25e6ffb9a91cce7c5f7f863439c1c70
8.0/RPMS/php-ldap-4.0.6-2.2mdk.i586.rpm
10e7de7e4c61cc925f01ab045595c9e9
8.0/RPMS/php-manual_en-4.0.6-3.2mdk.i586.rpm
416f7bd764e0d631cc7bf2bc17d93581
8.0/RPMS/php-mysql-4.0.6-2.2mdk.i586.rpm
dc06c8672a789e3fa9080dfa65a835c5
8.0/RPMS/php-pgsql-4.0.6-1.2mdk.i586.rpm
3a940b91dea80c3ff183f9bd6e9b0084
8.0/RPMS/php-readline-4.0.6-1.2mdk.i586.rpm
0188e8a2f26355cc7af2221a7dc83a40
8.0/SRPMS/apache-1.3.20-1.2mdk.src.rpm
a68a308b902e36662f99c18f5e024dd0
8.0/SRPMS/apache-conf-1.3.20-1.2mdk.src.rpm
1162877d96ccfcaa21208d1a2a321d5f
8.0/SRPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.src.rpm
5df10c7d419b67c5ee0d271059309d12
8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 4fca49ba15b24be37a7ff9e42152d75b
8.0/SRPMS/mod_ssl-2.8.4-1.2mdk.src.rpm
5df10c7d419b67c5ee0d271059309d12
8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 84e096b785c0b2514d0e51cfb55dfed4
8.0/SRPMS/php-4.0.6-3.2mdk.src.rpm 69e797bf4c7d006753023a25d0dc1666
8.0/SRPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.src.rpm
8d45763afa776c37f61a82f761645d3a
8.0/SRPMS/php-gd-4.0.6-1.2mdk.src.rpm
1e1f6740af95e63a74b06d406621a7e2
8.0/SRPMS/php-imap-4.0.6-1.2mdk.src.rpm
c29bd84488ddf88732f06f9efd5e6cec
8.0/SRPMS/php-ldap-4.0.6-2.2mdk.src.rpm
b2e2d9dcfe96cace5f13ad8c7a8f7743
8.0/SRPMS/php-manual_en-4.0.6-3.2mdk.src.rpm
92c9efa68df863357ecf9f30e29a9c7c
8.0/SRPMS/php-mysql-4.0.6-2.2mdk.src.rpm
b60116ea069ab5c93a129816019a67c6
8.0/SRPMS/php-pgsql-4.0.6-1.2mdk.src.rpm
48c494f09afc05c4bc41e62f1d9b0711
8.0/SRPMS/php-readline-4.0.6-1.2mdk.src.rpm

Mandrake Linux 8.0 (PPC): 1a052077e612411d31a476adee51e02d
ppc/8.0/RPMS/HTML-Embperl-1.3.20_1.3.3-2.2mdk.ppc.rpm
e60a5a0e06a0a52edd3facc8897f7893
ppc/8.0/RPMS/apache-1.3.20-1.2mdk.ppc.rpm
d45a6f586619e1fcbb7dc1b001e19710
ppc/8.0/RPMS/apache-common-1.3.20-1.2mdk.ppc.rpm
bcdd65060a13aa91e68af6d8112d3838
ppc/8.0/RPMS/apache-conf-1.3.20-1.2mdk.ppc.rpm
aaa32339e5825b0a03fda19c19d57b45
ppc/8.0/RPMS/apache-devel-1.3.20-1.2mdk.ppc.rpm
18213d6227c56c6967022950f5170dc5
ppc/8.0/RPMS/apache-manual-1.3.20-1.2mdk.ppc.rpm
d6d6c693047a798cbf6dfc27c1726e9e
ppc/8.0/RPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.ppc.rpm
43373e633698bb78bf4125dfb97ac0dd
ppc/8.0/RPMS/apache-modules-1.3.20-1.2mdk.ppc.rpm
f7c0fb4a1a02d848bd27a28b2a3b1b80
ppc/8.0/RPMS/apache-source-1.3.20-1.2mdk.ppc.rpm
6c92d1ed9d6634115ef87d0707116036
ppc/8.0/RPMS/apache-suexec-1.3.20-1.2mdk.ppc.rpm
905c871d496a1fb3d308953d84548966
ppc/8.0/RPMS/mod_perl-common-1.3.20_1.25_01-2.2mdk.ppc.rpm
8e459c8ff93dfdd2eb010956bc090916
ppc/8.0/RPMS/mod_perl-devel-1.3.20_1.25_01-2.2mdk.ppc.rpm
fc4ba413a5dc4f59903d5e1705ef9343
ppc/8.0/RPMS/mod_php-4.0.6-3mdk.ppc.rpm
aa6f190d1d963ee7208edc38e8ce11d1
ppc/8.0/RPMS/mod_ssl-2.8.4-1.2mdk.ppc.rpm
fc4ba413a5dc4f59903d5e1705ef9343
ppc/8.0/RPMS/mod_php-4.0.6-3mdk.ppc.rpm
fbd7e60c636e6804e30ad2675efcaf9e
ppc/8.0/RPMS/php-4.0.6-3.2mdk.ppc.rpm
12153f5cad9dc118615876079fb73a15
ppc/8.0/RPMS/php-common-4.0.6-3.2mdk.ppc.rpm
910b8891a49eb9669649b94b6de2fe7f
ppc/8.0/RPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.ppc.rpm
ee132fc7c09af818c1bba7666d970ea1
ppc/8.0/RPMS/php-devel-4.0.6-3.2mdk.ppc.rpm
c9856136eb2e6ddd3618aa8bf926be14
ppc/8.0/RPMS/php-gd-4.0.6-1.2mdk.ppc.rpm
a59aa52c14fa5cff90fec4c387f78bb6
ppc/8.0/RPMS/php-imap-4.0.6-1.2mdk.ppc.rpm
821765055cf3e744d34a78464ba94808
ppc/8.0/RPMS/php-ldap-4.0.6-2.2mdk.ppc.rpm
c7cf3c787d79e8f0773084ff98b59102
ppc/8.0/RPMS/php-manual_en-4.0.6-3.2mdk.ppc.rpm
e353a0fe0d07a81ccc99336fb6379997
ppc/8.0/RPMS/php-mysql-4.0.6-2.2mdk.ppc.rpm
b85f241a43267281954bd2e82768ce12
ppc/8.0/RPMS/php-pgsql-4.0.6-1.2mdk.ppc.rpm
82324d8ffa3660ddace4c7da1e65db41
ppc/8.0/RPMS/php-readline-4.0.6-1.2mdk.ppc.rpm
8ffaa4ca1317e9b77b4179297a20ebd5
ppc/8.0/SRPMS/apache-1.3.20-1.2mdk.src.rpm
cc90f72e056be1502ca1db4dc71a4a1e
ppc/8.0/SRPMS/apache-conf-1.3.20-1.2mdk.src.rpm
01adb4f69c71c2a6bc82cfa5d0d8a86e
ppc/8.0/SRPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.src.rpm
8ea62a0630d383894a6d457c8709c3a9
ppc/8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm
11a08dd58ca5ca3e02919cd603db8170
ppc/8.0/SRPMS/mod_ssl-2.8.4-1.2mdk.src.rpm
8ea62a0630d383894a6d457c8709c3a9
ppc/8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm
25ddfc429c63dc881605db7df16774a9
ppc/8.0/SRPMS/php-4.0.6-3.2mdk.src.rpm
38870b0fa8de215df7c94632b058e4ce
ppc/8.0/SRPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.src.rpm
8201bd1c5fb42691564b8ba9bdd7db36
ppc/8.0/SRPMS/php-gd-4.0.6-1.2mdk.src.rpm
4efa1524c597add37740e8c0fee434b3
ppc/8.0/SRPMS/php-imap-4.0.6-1.2mdk.src.rpm
09c15928dd9568a765930d6d03bcc30a
ppc/8.0/SRPMS/php-ldap-4.0.6-2.2mdk.src.rpm
f4dceddc5e6b1f7d161b585cc6ee8b87
ppc/8.0/SRPMS/php-manual_en-4.0.6-3.2mdk.src.rpm
cfc99904da9bdaf6f9972237da00c8ff
ppc/8.0/SRPMS/php-mysql-4.0.6-2.2mdk.src.rpm
467d82deca0c50208a86b54054123ba0
ppc/8.0/SRPMS/php-pgsql-4.0.6-1.2mdk.src.rpm
de858c72849ea7388cce4270a3bbfa6d
ppc/8.0/SRPMS/php-readline-4.0.6-1.2mdk.src.rpm

Corporate Server 1.0.1: 66be24cb54d0b81a275bc55deb7fc46f
1.0.1/RPMS/apache-1.3.20-1.3mdk.i586.rpm
29e0d16940f032fbd96576327a119ec1
1.0.1/RPMS/apache-devel-1.3.20-1.3mdk.i586.rpm
cc6a0aaf4d6b10b20686ddf7fa2f925e
1.0.1/RPMS/apache-suexec-1.3.20-1.3mdk.i586.rpm
79ec84f3720d65ebd6003f77e19b1d23
1.0.1/RPMS/mod_perl-1.22-29.3mdk.i586.rpm
21f1638d0dd29d31286a0cf45f44cafc
1.0.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm
0b8cf6dee144d9b5c4d8dbf6186aa86b
1.0.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm
7b73ea1ca66ff3e71749c6305551a77d
1.0.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm
d2114ac796e2438f9af1dff9c7ac8a7b
1.0.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm
8645d02caa74d3a3bf3c9dcb381e8bd9
1.0.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm
4e14c192d8e9e3771131cdc90d999aac
1.0.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm
21f1638d0dd29d31286a0cf45f44cafc
1.0.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm
0b8cf6dee144d9b5c4d8dbf6186aa86b
1.0.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm
7b73ea1ca66ff3e71749c6305551a77d
1.0.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm
d2114ac796e2438f9af1dff9c7ac8a7b
1.0.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm
8645d02caa74d3a3bf3c9dcb381e8bd9
1.0.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm
4e14c192d8e9e3771131cdc90d999aac
1.0.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm
61d0a2633355d0e5a936803023c9c406
1.0.1/SRPMS/apache-1.3.20-1.3mdk.src.rpm
7aa8082bad63d0f56ba7ef96337e654a
1.0.1/SRPMS/mod_perl-1.22-29.3mdk.src.rpm
b315b402fc8de3c315d1d2c515e74342
1.0.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm
b315b402fc8de3c315d1d2c515e74342
1.0.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm
________________________________________________________________________

Bug IDs fixed (see https://qa.mandrakesoft.com for more information):

________________________________________________________________________

To upgrade automatically, use MandrakeUpdate.

If you want to upgrade manually, download the updated package from one
of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm".

You can download the updates directly from one of the mirror sites
listed at:

  http://www.linux-mandrake.com/en/ftp.php3.

Updated packages are available in the "updates/[ver]/RPMS/"
directory.  For example, if you are looking for an updated RPM
package for Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/".
Updated source RPMs are available as well, but you generally do not
need to download them.

Please be aware that sometimes it takes the mirrors a few hours to
update.

You can view other security advisories for Mandrake Linux at:

  http://www.linux-mandrake.com/en/security/

If you want to report vulnerabilities, please contact

  security@linux-mandrake.com
________________________________________________________________________

Mandrake Linux has two security-related mailing list services that
anyone can subscribe to:

security-announce@linux-mandrake.com

  Mandrake Linux's security announcements mailing list.  Only
  announcements are sent to this list and it is read-only.

security-discuss@linux-mandrake.com

  Mandrake Linux's security discussion mailing list.  This list is
  open to anyone to discuss Mandrake Linux security specifically and
  Linux security in general.

To subscribe to either list, send a message to
  sympa@linux-mandrake.com
with "subscribe [listname]" in the body of the message.

To remove yourself from either list, send a message to
  sympa@linux-mandrake.com
with "unsubscribe [listname]" in the body of the message.

To get more information on either list, send a message to
  sympa@linux-mandrake.com
with "info [listname]" in the body of the message.

Optionally, you can use the web interface to subscribe to or
unsubscribe from either list:

  http://www.linux-mandrake.com/en/flists.php3#security
________________________________________________________________________

Type Bits/KeyID     Date       User ID
pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  <security@linux-mandrake.com>


- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org

mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday
L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7
WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo
P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl
hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx
PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg
2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs
iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD
LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu
ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t
PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy
/NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA
BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP
WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w
Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPa5AQ0EOWnn
7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ9F77
9FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzRxBXV
Jb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z269s
+A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN6SCX
Vl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZjTcl
3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo0NAi
RYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJEJGX
lA==
=0ahQ
- -----END PGP PUBLIC KEY BLOCK-----

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE7p4gCmqjQ0CJFipgRAhFmAJ0aeFceWZZn7+cGJ7KAGtv7m1xu5wCfZ+az
kuaXUqoxmh3/nOoaRtzdpM4=
=WRNl
-----END PGP SIGNATURE-----
(7133781) /Linux Mandrake Security Team <security@linux-mandrake.com>/(Ombruten)