7133781 2001-09-18 11:45 -0600 /329 rader/ Linux Mandrake Security Team <security@linux-mandrake.com> Sänt av: joel@lysator.liu.se Importerad: 2001-09-19 04:05 av Brevbäraren Extern mottagare: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com> Extern kopiemottagare: Linux Mandrake Security <mdk-security@lists.freezer-burn.org> Extern kopiemottagare: Bugtraq <bugtraq@securityfocus.com> Mottagare: Bugtraq (import) <19231> Ärende: MDKSA-2001:077 - apache update ------------------------------------------------------------ From: Linux Mandrake Security Team <security@linux-mandrake.com> To: Linux Mandrake Security Announcements <security-announce@linux-mandrake.com> Cc: Linux Mandrake Security <mdk-security@lists.freezer-burn.org>, Bugtraq <bugtraq@securityfocus.com> Message-ID: <20010918114536.M17296@mandrakesoft.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ Mandrake Linux Security Update Advisory ________________________________________________________________________ Package name: apache Date: September 18th, 2001 Advisory ID: MDKSA-2001:077 Affected versions: 7.1, 7.2, 8.0, Corporate Server 1.0.1 ________________________________________________________________________ Problem Description: A problem exists with all Apache servers prior to version 1.3.19. The vulnerablity could allow directory indexing and path discovery on the vulnerable servers with a custom crafted request consisting of a long path name created artificially by using numerous slashes. This can cause modules to misbehave and return a listing of the directory contents by avoiding the error page. Because of the number of add-on packages Mandrake Linux provides for Apache that are compiled for a specific version of Apache, and due to the complexity of the upgrade, we recommend that users upgrade Apache and all associated packages by hand, invoking RPM directly. The updates provide updated Apache, PHP, mod_perl, and mod_ssl packages for all relevant versions, and all should be upgraded at the same time to avoid dependency issues. You can do this by using the "rpm -Fvh *.rpm" command from a temporary directory containing the relevant update packages. Due to a packaging error in previous versions of mod_php3 for Linux- Mandrake 7.1, you will need to manually edit /etc/httpd.conf to re- enable PHP support. You can do this by issuing, as root: echo "Include conf/addon-modules/php.conf" >>/etc/httpd/conf/httpd.conf Additionally, we have updated PHP to version 4.0.6 for Mandrake Linux 8.0. ________________________________________________________________________ References: http://www.securityfocus.com/vdb/bottom.html?vid=2503 ________________________________________________________________________ Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command: rpm --checksig package.rpm You can get the GPG public key of the Mandrake Linux Security Team at http://www.linux-mandrake.com/en/security/RPM-GPG-KEYS If you use MandrakeUpdate, the verification of md5 checksum and GPG signature is performed automatically for you. Linux-Mandrake 7.1: 66be24cb54d0b81a275bc55deb7fc46f 7.1/RPMS/apache-1.3.20-1.3mdk.i586.rpm 29e0d16940f032fbd96576327a119ec1 7.1/RPMS/apache-devel-1.3.20-1.3mdk.i586.rpm cc6a0aaf4d6b10b20686ddf7fa2f925e 7.1/RPMS/apache-suexec-1.3.20-1.3mdk.i586.rpm 79ec84f3720d65ebd6003f77e19b1d23 7.1/RPMS/mod_perl-1.22-29.3mdk.i586.rpm 21f1638d0dd29d31286a0cf45f44cafc 7.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm 0b8cf6dee144d9b5c4d8dbf6186aa86b 7.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm 7b73ea1ca66ff3e71749c6305551a77d 7.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm d2114ac796e2438f9af1dff9c7ac8a7b 7.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm 8645d02caa74d3a3bf3c9dcb381e8bd9 7.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm 4e14c192d8e9e3771131cdc90d999aac 7.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm 21f1638d0dd29d31286a0cf45f44cafc 7.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm 0b8cf6dee144d9b5c4d8dbf6186aa86b 7.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm 7b73ea1ca66ff3e71749c6305551a77d 7.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm d2114ac796e2438f9af1dff9c7ac8a7b 7.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm 8645d02caa74d3a3bf3c9dcb381e8bd9 7.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm 4e14c192d8e9e3771131cdc90d999aac 7.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm 61d0a2633355d0e5a936803023c9c406 7.1/SRPMS/apache-1.3.20-1.3mdk.src.rpm 7aa8082bad63d0f56ba7ef96337e654a 7.1/SRPMS/mod_perl-1.22-29.3mdk.src.rpm b315b402fc8de3c315d1d2c515e74342 7.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm b315b402fc8de3c315d1d2c515e74342 7.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm Linux-Mandrake 7.2: 14ecd4a55701a9e01cb9f402492007df 7.2/RPMS/HTML-Embperl-1.3b6-3.1mdk.i586.rpm 9d9bace3d742354e6dfbfa3c8cfb60f8 7.2/RPMS/apache-1.3.20-3.1mdk.i586.rpm 5114bcc5f1a277aa9331124d766bc097 7.2/RPMS/apache-common-1.3.20-3.1mdk.i586.rpm 719daaccf0b11cc24c69cb73b4bc6a71 7.2/RPMS/apache-devel-1.3.20-3.1mdk.i586.rpm 0f7819a64e087c860a0caf99b2b48819 7.2/RPMS/apache-manual-1.3.20-3.1mdk.i586.rpm 14c0b768186dffb037306d1651dc851d 7.2/RPMS/apache-mod_perl-1.3.20_1.24-3.1mdk.i586.rpm f48a5e44b0e679d4bfa3aef1c40a9af9 7.2/RPMS/apache-mod_perl-devel-1.3.20_1.24-3.1mdk.i586.rpm 50b8bb0d3b3b1452ff867953fa051222 7.2/RPMS/apache-suexec-1.3.20-3.1mdk.i586.rpm 8f22e1643f6c1adfac71149b3283ac39 7.2/RPMS/mod_php-4.0.4pl1-2.1mdk.i586.rpm 1b45a62c1015d74695f655d94b064347 7.2/RPMS/mod_ssl-2.8.4-1.1mdk.i586.rpm 8f22e1643f6c1adfac71149b3283ac39 7.2/RPMS/mod_php-4.0.4pl1-2.1mdk.i586.rpm 8b5c3ec86fcf6b8462f4940c20504654 7.2/RPMS/php-4.0.4pl1-2.1mdk.i586.rpm 0ab8b1e3924f72d96356484d7cb00df2 7.2/RPMS/php-dba_gdbm_db2-4.0.4pl1-2.1mdk.i586.rpm ce4811a78c8457f95e665d8bd89a4ba9 7.2/RPMS/php-devel-4.0.4pl1-2.1mdk.i586.rpm 93ec99f78ac53e6f356db9034fe5af49 7.2/RPMS/php-gd-4.0.4pl1-2.1mdk.i586.rpm 4009c23dba38dba27fec2809e796cc24 7.2/RPMS/php-imap-4.0.4pl1-2.1mdk.i586.rpm 37f7f9d073f3520343fb3bd5c07fac60 7.2/RPMS/php-ldap-4.0.4pl1-2.1mdk.i586.rpm 43275b23bcb6db3bba490ff970bc0e16 7.2/RPMS/php-manual-4.0.4pl1-2.1mdk.i586.rpm 3321ed48c52f0ad91db87196e07924fc 7.2/RPMS/php-mysql-4.0.4pl1-2.1mdk.i586.rpm bb2debffd4e7ab4d73e4f52cbdcbc7e0 7.2/RPMS/php-pgsql-4.0.4pl1-2.1mdk.i586.rpm 17b2010fecce8013beb0acc578ca5b5d 7.2/RPMS/php-readline-4.0.4pl1-2.1mdk.i586.rpm 7cd3faa0624118cfefade2633a185be7 7.2/SRPMS/apache-1.3.20-3.1mdk.src.rpm 4a15671a5a30b8399318275782fc4617 7.2/SRPMS/mod_ssl-2.8.4-1.1mdk.src.rpm 3c69dd72fbc771c914a6ae0140192d9f 7.2/SRPMS/php-4.0.4pl1-2.1mdk.src.rpm Mandrake Linux 8.0: d379d29a6acc539a94f2c5c261762df1 8.0/RPMS/HTML-Embperl-1.3.20_1.3.3-2.2mdk.i586.rpm 7cebcaca4383a19ac05556b2e5b85bc1 8.0/RPMS/apache-1.3.20-1.2mdk.i586.rpm 2552b620e877728a260396f1281e877a 8.0/RPMS/apache-common-1.3.20-1.2mdk.i586.rpm d491a1e3fc86432665c76b075b3d9d10 8.0/RPMS/apache-conf-1.3.20-1.2mdk.i586.rpm d59540396fcd71493bf370ef4228b942 8.0/RPMS/apache-devel-1.3.20-1.2mdk.i586.rpm 993281ba4b86c71e513a4e29024e3887 8.0/RPMS/apache-manual-1.3.20-1.2mdk.i586.rpm f404d71383212971a4ab59a6c8611698 8.0/RPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.i586.rpm 8e9b60fb2411fb8da35c318599928049 8.0/RPMS/apache-modules-1.3.20-1.2mdk.i586.rpm 657ac31e93d26ca07ebe7c5754f4adb9 8.0/RPMS/apache-source-1.3.20-1.2mdk.i586.rpm af04df9d3816498daf60bf9734e14ba4 8.0/RPMS/apache-suexec-1.3.20-1.2mdk.i586.rpm 83196921efbbe31c69ae1b458e9b32f0 8.0/RPMS/mod_perl-common-1.3.20_1.25_01-2.2mdk.i586.rpm ba32408642e6ed62b9946f127bb78f93 8.0/RPMS/mod_perl-devel-1.3.20_1.25_01-2.2mdk.i586.rpm e93945de74a775497cc1f29c3116fe34 8.0/RPMS/mod_php-4.0.6-3mdk.i586.rpm 0d477d3cbb78e28950ef9fb637e64532 8.0/RPMS/mod_ssl-2.8.4-1.2mdk.i586.rpm e93945de74a775497cc1f29c3116fe34 8.0/RPMS/mod_php-4.0.6-3mdk.i586.rpm 93ecb0381be916dff31720c1f8ccd7af 8.0/RPMS/php-4.0.6-3.2mdk.i586.rpm 9334c69cc9109861740cefdcbbca3f0f 8.0/RPMS/php-common-4.0.6-3.2mdk.i586.rpm b3f706b65c0afd2c5a54f52ba908db61 8.0/RPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.i586.rpm 500e5efbeb2b71a2d39f19e99f9480e3 8.0/RPMS/php-devel-4.0.6-3.2mdk.i586.rpm bdcad46aaad5ab194f7c2e396af07116 8.0/RPMS/php-gd-4.0.6-1.2mdk.i586.rpm 45edeaeb2021ce1f92bd43ad416a0cf9 8.0/RPMS/php-imap-4.0.6-1.2mdk.i586.rpm a25e6ffb9a91cce7c5f7f863439c1c70 8.0/RPMS/php-ldap-4.0.6-2.2mdk.i586.rpm 10e7de7e4c61cc925f01ab045595c9e9 8.0/RPMS/php-manual_en-4.0.6-3.2mdk.i586.rpm 416f7bd764e0d631cc7bf2bc17d93581 8.0/RPMS/php-mysql-4.0.6-2.2mdk.i586.rpm dc06c8672a789e3fa9080dfa65a835c5 8.0/RPMS/php-pgsql-4.0.6-1.2mdk.i586.rpm 3a940b91dea80c3ff183f9bd6e9b0084 8.0/RPMS/php-readline-4.0.6-1.2mdk.i586.rpm 0188e8a2f26355cc7af2221a7dc83a40 8.0/SRPMS/apache-1.3.20-1.2mdk.src.rpm a68a308b902e36662f99c18f5e024dd0 8.0/SRPMS/apache-conf-1.3.20-1.2mdk.src.rpm 1162877d96ccfcaa21208d1a2a321d5f 8.0/SRPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.src.rpm 5df10c7d419b67c5ee0d271059309d12 8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 4fca49ba15b24be37a7ff9e42152d75b 8.0/SRPMS/mod_ssl-2.8.4-1.2mdk.src.rpm 5df10c7d419b67c5ee0d271059309d12 8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 84e096b785c0b2514d0e51cfb55dfed4 8.0/SRPMS/php-4.0.6-3.2mdk.src.rpm 69e797bf4c7d006753023a25d0dc1666 8.0/SRPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.src.rpm 8d45763afa776c37f61a82f761645d3a 8.0/SRPMS/php-gd-4.0.6-1.2mdk.src.rpm 1e1f6740af95e63a74b06d406621a7e2 8.0/SRPMS/php-imap-4.0.6-1.2mdk.src.rpm c29bd84488ddf88732f06f9efd5e6cec 8.0/SRPMS/php-ldap-4.0.6-2.2mdk.src.rpm b2e2d9dcfe96cace5f13ad8c7a8f7743 8.0/SRPMS/php-manual_en-4.0.6-3.2mdk.src.rpm 92c9efa68df863357ecf9f30e29a9c7c 8.0/SRPMS/php-mysql-4.0.6-2.2mdk.src.rpm b60116ea069ab5c93a129816019a67c6 8.0/SRPMS/php-pgsql-4.0.6-1.2mdk.src.rpm 48c494f09afc05c4bc41e62f1d9b0711 8.0/SRPMS/php-readline-4.0.6-1.2mdk.src.rpm Mandrake Linux 8.0 (PPC): 1a052077e612411d31a476adee51e02d ppc/8.0/RPMS/HTML-Embperl-1.3.20_1.3.3-2.2mdk.ppc.rpm e60a5a0e06a0a52edd3facc8897f7893 ppc/8.0/RPMS/apache-1.3.20-1.2mdk.ppc.rpm d45a6f586619e1fcbb7dc1b001e19710 ppc/8.0/RPMS/apache-common-1.3.20-1.2mdk.ppc.rpm bcdd65060a13aa91e68af6d8112d3838 ppc/8.0/RPMS/apache-conf-1.3.20-1.2mdk.ppc.rpm aaa32339e5825b0a03fda19c19d57b45 ppc/8.0/RPMS/apache-devel-1.3.20-1.2mdk.ppc.rpm 18213d6227c56c6967022950f5170dc5 ppc/8.0/RPMS/apache-manual-1.3.20-1.2mdk.ppc.rpm d6d6c693047a798cbf6dfc27c1726e9e ppc/8.0/RPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.ppc.rpm 43373e633698bb78bf4125dfb97ac0dd ppc/8.0/RPMS/apache-modules-1.3.20-1.2mdk.ppc.rpm f7c0fb4a1a02d848bd27a28b2a3b1b80 ppc/8.0/RPMS/apache-source-1.3.20-1.2mdk.ppc.rpm 6c92d1ed9d6634115ef87d0707116036 ppc/8.0/RPMS/apache-suexec-1.3.20-1.2mdk.ppc.rpm 905c871d496a1fb3d308953d84548966 ppc/8.0/RPMS/mod_perl-common-1.3.20_1.25_01-2.2mdk.ppc.rpm 8e459c8ff93dfdd2eb010956bc090916 ppc/8.0/RPMS/mod_perl-devel-1.3.20_1.25_01-2.2mdk.ppc.rpm fc4ba413a5dc4f59903d5e1705ef9343 ppc/8.0/RPMS/mod_php-4.0.6-3mdk.ppc.rpm aa6f190d1d963ee7208edc38e8ce11d1 ppc/8.0/RPMS/mod_ssl-2.8.4-1.2mdk.ppc.rpm fc4ba413a5dc4f59903d5e1705ef9343 ppc/8.0/RPMS/mod_php-4.0.6-3mdk.ppc.rpm fbd7e60c636e6804e30ad2675efcaf9e ppc/8.0/RPMS/php-4.0.6-3.2mdk.ppc.rpm 12153f5cad9dc118615876079fb73a15 ppc/8.0/RPMS/php-common-4.0.6-3.2mdk.ppc.rpm 910b8891a49eb9669649b94b6de2fe7f ppc/8.0/RPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.ppc.rpm ee132fc7c09af818c1bba7666d970ea1 ppc/8.0/RPMS/php-devel-4.0.6-3.2mdk.ppc.rpm c9856136eb2e6ddd3618aa8bf926be14 ppc/8.0/RPMS/php-gd-4.0.6-1.2mdk.ppc.rpm a59aa52c14fa5cff90fec4c387f78bb6 ppc/8.0/RPMS/php-imap-4.0.6-1.2mdk.ppc.rpm 821765055cf3e744d34a78464ba94808 ppc/8.0/RPMS/php-ldap-4.0.6-2.2mdk.ppc.rpm c7cf3c787d79e8f0773084ff98b59102 ppc/8.0/RPMS/php-manual_en-4.0.6-3.2mdk.ppc.rpm e353a0fe0d07a81ccc99336fb6379997 ppc/8.0/RPMS/php-mysql-4.0.6-2.2mdk.ppc.rpm b85f241a43267281954bd2e82768ce12 ppc/8.0/RPMS/php-pgsql-4.0.6-1.2mdk.ppc.rpm 82324d8ffa3660ddace4c7da1e65db41 ppc/8.0/RPMS/php-readline-4.0.6-1.2mdk.ppc.rpm 8ffaa4ca1317e9b77b4179297a20ebd5 ppc/8.0/SRPMS/apache-1.3.20-1.2mdk.src.rpm cc90f72e056be1502ca1db4dc71a4a1e ppc/8.0/SRPMS/apache-conf-1.3.20-1.2mdk.src.rpm 01adb4f69c71c2a6bc82cfa5d0d8a86e ppc/8.0/SRPMS/apache-mod_perl-1.3.20_1.25_01-2.2mdk.src.rpm 8ea62a0630d383894a6d457c8709c3a9 ppc/8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 11a08dd58ca5ca3e02919cd603db8170 ppc/8.0/SRPMS/mod_ssl-2.8.4-1.2mdk.src.rpm 8ea62a0630d383894a6d457c8709c3a9 ppc/8.0/SRPMS/mod_php-4.0.6-3mdk.src.rpm 25ddfc429c63dc881605db7df16774a9 ppc/8.0/SRPMS/php-4.0.6-3.2mdk.src.rpm 38870b0fa8de215df7c94632b058e4ce ppc/8.0/SRPMS/php-dba_gdbm_db3-4.0.6-2.2mdk.src.rpm 8201bd1c5fb42691564b8ba9bdd7db36 ppc/8.0/SRPMS/php-gd-4.0.6-1.2mdk.src.rpm 4efa1524c597add37740e8c0fee434b3 ppc/8.0/SRPMS/php-imap-4.0.6-1.2mdk.src.rpm 09c15928dd9568a765930d6d03bcc30a ppc/8.0/SRPMS/php-ldap-4.0.6-2.2mdk.src.rpm f4dceddc5e6b1f7d161b585cc6ee8b87 ppc/8.0/SRPMS/php-manual_en-4.0.6-3.2mdk.src.rpm cfc99904da9bdaf6f9972237da00c8ff ppc/8.0/SRPMS/php-mysql-4.0.6-2.2mdk.src.rpm 467d82deca0c50208a86b54054123ba0 ppc/8.0/SRPMS/php-pgsql-4.0.6-1.2mdk.src.rpm de858c72849ea7388cce4270a3bbfa6d ppc/8.0/SRPMS/php-readline-4.0.6-1.2mdk.src.rpm Corporate Server 1.0.1: 66be24cb54d0b81a275bc55deb7fc46f 1.0.1/RPMS/apache-1.3.20-1.3mdk.i586.rpm 29e0d16940f032fbd96576327a119ec1 1.0.1/RPMS/apache-devel-1.3.20-1.3mdk.i586.rpm cc6a0aaf4d6b10b20686ddf7fa2f925e 1.0.1/RPMS/apache-suexec-1.3.20-1.3mdk.i586.rpm 79ec84f3720d65ebd6003f77e19b1d23 1.0.1/RPMS/mod_perl-1.22-29.3mdk.i586.rpm 21f1638d0dd29d31286a0cf45f44cafc 1.0.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm 0b8cf6dee144d9b5c4d8dbf6186aa86b 1.0.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm 7b73ea1ca66ff3e71749c6305551a77d 1.0.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm d2114ac796e2438f9af1dff9c7ac8a7b 1.0.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm 8645d02caa74d3a3bf3c9dcb381e8bd9 1.0.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm 4e14c192d8e9e3771131cdc90d999aac 1.0.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm 21f1638d0dd29d31286a0cf45f44cafc 1.0.1/RPMS/mod_php3-3.0.17-2.3mdk.i586.rpm 0b8cf6dee144d9b5c4d8dbf6186aa86b 1.0.1/RPMS/mod_php3-imap-3.0.17-2.3mdk.i586.rpm 7b73ea1ca66ff3e71749c6305551a77d 1.0.1/RPMS/mod_php3-ldap-3.0.17-2.3mdk.i586.rpm d2114ac796e2438f9af1dff9c7ac8a7b 1.0.1/RPMS/mod_php3-manual-3.0.17-2.3mdk.i586.rpm 8645d02caa74d3a3bf3c9dcb381e8bd9 1.0.1/RPMS/mod_php3-mysql-3.0.17-2.3mdk.i586.rpm 4e14c192d8e9e3771131cdc90d999aac 1.0.1/RPMS/mod_php3-pgsql-3.0.17-2.3mdk.i586.rpm 61d0a2633355d0e5a936803023c9c406 1.0.1/SRPMS/apache-1.3.20-1.3mdk.src.rpm 7aa8082bad63d0f56ba7ef96337e654a 1.0.1/SRPMS/mod_perl-1.22-29.3mdk.src.rpm b315b402fc8de3c315d1d2c515e74342 1.0.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm b315b402fc8de3c315d1d2c515e74342 1.0.1/SRPMS/mod_php3-3.0.17-2.3mdk.src.rpm ________________________________________________________________________ Bug IDs fixed (see https://qa.mandrakesoft.com for more information): ________________________________________________________________________ To upgrade automatically, use MandrakeUpdate. If you want to upgrade manually, download the updated package from one of our FTP server mirrors and upgrade with "rpm -Fvh *.rpm". You can download the updates directly from one of the mirror sites listed at: http://www.linux-mandrake.com/en/ftp.php3. Updated packages are available in the "updates/[ver]/RPMS/" directory. For example, if you are looking for an updated RPM package for Mandrake Linux 8.0, look for it in "updates/8.0/RPMS/". Updated source RPMs are available as well, but you generally do not need to download them. Please be aware that sometimes it takes the mirrors a few hours to update. You can view other security advisories for Mandrake Linux at: http://www.linux-mandrake.com/en/security/ If you want to report vulnerabilities, please contact security@linux-mandrake.com ________________________________________________________________________ Mandrake Linux has two security-related mailing list services that anyone can subscribe to: security-announce@linux-mandrake.com Mandrake Linux's security announcements mailing list. Only announcements are sent to this list and it is read-only. security-discuss@linux-mandrake.com Mandrake Linux's security discussion mailing list. This list is open to anyone to discuss Mandrake Linux security specifically and Linux security in general. To subscribe to either list, send a message to sympa@linux-mandrake.com with "subscribe [listname]" in the body of the message. To remove yourself from either list, send a message to sympa@linux-mandrake.com with "unsubscribe [listname]" in the body of the message. To get more information on either list, send a message to sympa@linux-mandrake.com with "info [listname]" in the body of the message. Optionally, you can use the web interface to subscribe to or unsubscribe from either list: http://www.linux-mandrake.com/en/flists.php3#security ________________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security@linux-mandrake.com> - -----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.5 (GNU/Linux) Comment: For info see http://www.gnupg.org mQGiBDlp594RBAC2tDozI3ZgQsE7XwxurJCJrX0L5vx7SDByR5GHDdWekGhdiday L4nfUax+SeR9SCoCgTgPW1xB8vtQc8/sinJlMjp9197a2iKM0FOcPlkpa3HcOdt7 WKJqQhlMrHvRcsivzcgqjH44GBBJIT6sygUF8k0lU6YnMHj5MPc/NGWt8wCg9vKo P0l5QVAFSsHtqcU9W8cc7wMEAJzQsAlnvPXDBfBLEH6u7ptWFdp0GvbSuG2wRaPl hynHvRiE01ZvwbJZXsPsKm1z7uVoW+NknKLunWKB5axrNXDHxCYJBzY3jTeFjsqx PFZkIEAQphLTkeXXelAjQ5u9tEshPswEtMvJvUgNiAfbzHfPYmq8D6x5xOw1IySg 2e/LBACxr2UJYCCB2BZ3p508mAB0RpuLGukq+7UWiOizy+kSskIBg2O7sQkVY/Cs iyGEo4XvXqZFMY39RBdfm2GY+WB/5NFiTOYJRKjfprP6K1YbtsmctsX8dG+foKsD LLFs7OuVfaydLQYp1iiN6D+LJDSMPM8/LCWzZsgr9EKJ8NXiyrQ6TGludXggTWFu ZHJha2UgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAbGludXgtbWFuZHJha2UuY29t PohWBBMRAgAWBQI5aefeBAsKBAMDFQMCAxYCAQIXgAAKCRCaqNDQIkWKmK6LAKCy /NInDsaMSI+WHwrquwC5PZrcnQCeI+v3gUDsNfQfiKBvQSANu1hdulqIRgQQEQIA BgUCOtNVGQAKCRBZ5w3um0pAJJWQAKDUoL5He+mKbfrMaTuyU5lmRyJ0fwCgoFAP WdvQlu/kFjphF740XeOwtOqIRgQQEQIABgUCOu8A6QAKCRBynDnb9lq3CnpjAJ4w Pk0SEE9U4r40IxWpwLU+wrWVugCdFfSPllPpZRCiaC7HwbFcfExRmPa5AQ0EOWnn 7xAEAOQlTVY4TiNo5V/iP0J1xnqjqlqZsU7yEBKo/gZz6/+hx75RURe1ebiJ9F77 9FQbpJ9Epz1KLSXvq974rnVb813zuGdmgFyk+ryA/rTR2RQ8h+EoNkwmATzRxBXV Jb57fFQjxOu4eNjZAtfII/YXb0uyXXrdr5dlJ/3eXrcO4p0XAAMFBACCxo6Z269s +A4v8C6Ui12aarOQcCDlV8cVG9LkyatU3FNTlnasqwo6EkaP572448weJWwN6SCX Vl+xOYLiK0hL/6Jb/O9Agw75yUVdk+RMM2I4fNEi+y4hmfMh2siBv8yEkEvZjTcl 3TpkTfzYky85tu433wmKaLFOv0WjBFSikohGBBgRAgAGBQI5aefvAAoJEJqo0NAi RYqYid0AoJgeWzXrEdIClBOSW5Q6FzqJJyaqAKC0Y9YI3UFlE4zSIGjcFlLJEJGX lA== =0ahQ - -----END PGP PUBLIC KEY BLOCK----- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7p4gCmqjQ0CJFipgRAhFmAJ0aeFceWZZn7+cGJ7KAGtv7m1xu5wCfZ+az kuaXUqoxmh3/nOoaRtzdpM4= =WRNl -----END PGP SIGNATURE----- (7133781) /Linux Mandrake Security Team <security@linux-mandrake.com>/(Ombruten)