-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:090
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : libpng
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated libpng package fixes security vulnerabilities:
The png_push_read_chunk function in pngpread.c in the progressive
decoder in libpng 1.6.x through 1.6.9 allows remote attackers to cause
a denial of service (infinite loop and CPU consumption) via an IDAT
chunk with a length of zero (CVE-2014-0333).
libpng versions 1.6.9 through 1.6.15 have an integer-overflow
vulnerability in png_combine_row() when decoding very wide interlaced
images, which can allow an attacker to overwrite an arbitrary amount
of memory with arb
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:089
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : freetype2
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated freetype2 packages fix security vulnerabilities:
It was reported that Freetype before 2.5.3 suffers from an
out-of-bounds stack-based read/write flaw in cf2_hintmap_build()
in the CFF rasterizing code, which could lead to a buffer overflow
(CVE-2014-2240).
It was also reported that Freetype before 2.5.3 has a denial-of-service
vulnerability in the CFF rasterizing code, due to a reachable assertion
(CVE-2014-2241).
It was reported that Freetype before 2.5.4 suffers from an
out-of-bounds stack-based read/wr
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:088
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : udisks2
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated udisks2 packages fixes security vulnerability:
A flaw was found in the way udisks and udisks2 handled long path
names. A malicious, local user could use this flaw to create a
specially-crafted directory structure that could lead to arbitrary
code execution with the privileges of the udisks daemon (root)
(CVE-2014-0004).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0004
http://advisories.mageia.org/MGASA-2014-0129.htm
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:087
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : egroupware
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated egroupware packages fix security vulnerabilities:
eGroupware prior to 1.8.006.20140217 is vulnerable to remote file
deletion and possible remote code execution due to user input being
passed to PHP's unserialize() method (CVE-2014-2027).
eGroupWare before 1.8.007 allows logged in users with administrative
priviledges to remotely execute arbitrary commands on the server.
It is also vulnerable to a cross site request forgery vulnerability
that allows creating new administrative users.
___________________
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:086
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : libssh
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated libssh packages fix security vulnerabilities:
When using libssh before 0.6.3, a libssh-based server, when accepting
a new connection, forks and the child process handles the request. The
RAND_bytes() function of openssl doesn't reset its state after the
fork, but simply adds the current process id (getpid) to the PRNG
state, which is not guaranteed to be unique. The most important
consequence is that servers using EC (ECDSA) or DSA certificates may
under certain conditions leak their private key (CVE-2014-001
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:085
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : subversion
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated subversion packages fix security vulnerabilities:
The mod_dav_svn module in Apache Subversion before 1.8.8, when
SVNListParentPath is enabled, allows remote attackers to cause a
denial of service (crash) via an OPTIONS request (CVE-2014-0032).
Ben Reser discovered that Subversion did not correctly validate SSL
certificates containing wildcards. A remote attacker could exploit this
to perform a man in the middle attack to view sensitive information
or alter encrypted communications (CVE-2014-3522).
Bert Hu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:084
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : tomcat
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated tomcat package fixes security vulnerabilities:
It was discovered that the Apache Commons FileUpload package for Java
could enter an infinite loop while processing a multipart request with
a crafted Content-Type, resulting in a denial-of-service condition
(CVE-2014-0050).
Apache Tomcat 7.x before 7.0.50 processes chunked transfer coding
without properly handling (1) a large total amount of chunked data or
(2) whitespace characters in an HTTP header value within a trailer
field, which allows remote attackers to c
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:083
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : samba4
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in samba4:
Samba 4.0.x before 4.0.24, 4.1.x before 4.1.16, and 4.2.x before
4.2rc4, when an Active Directory Domain Controller (AD DC)
is configured, allows remote authenticated users to set the LDB
userAccountControl UF_SERVER_TRUST_ACCOUNT bit, and consequently gain
privileges, by leveraging delegation of authority for user-account
or computer-account creation (CVE-2014-8143).
An uninitialized pointer use flaw was found in the Samba daemon
(smbd). A malicious
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:082
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : samba
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Updated samba packages fix security vulnerabilities:
In Samba before 3.6.23, the SAMR server neglects to ensure that
attempted password changes will update the bad password count, and does
not set the lockout flags. This would allow a user unlimited attempts
against the password by simply calling ChangePasswordUser2 repeatedly.
This is available without any other authentication (CVE-2013-4496).
Information leak vulnerability in the VFS code, allowing an
authenticated user to retrieve eight bytes of uninitialized memory
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:081
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : samba
Date : March 28, 2015
Affected: Business Server 1.0
_______________________________________________________________________
Problem Description:
Updated samba packages fix security vulnerabilities:
An uninitialized pointer use flaw was found in the Samba daemon
(smbd). A malicious Samba client could send specially crafted netlogon
packets that, when processed by smbd, could potentially lead to
arbitrary code execution with the privileges of the user running smbd
(by default, the root user) (CVE-2015-0240).
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0240
http://adviso