[ MDVSA-2010:123 ] libneon0.27

security@xxxxxxxxxxxx · Wed, 23 Jun 2010 19:31:01 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:123
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : libneon0.27
 Date    : June 23, 2010
 Affected: 2010.0
 _______________________________________________________________________

 Problem Description:

 This update fixes a reported buffer overflow found with ntlm
 authentication (MDV #59779).

 This advisory obsoletes MDVA-2010:172
 _______________________________________________________________________

 References:

 https://qa.mandriva.com/59779
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2010.0:
 5cdf16fe27b21b392d86c231e79063d6  2010.0/i586/libneon0.27-0.29.0-1.3mdv2010.0.i586.rpm
 89b0b46efc911af5b71bb511e828e380  2010.0/i586/libneon0.27-devel-0.29.0-1.3mdv2010.0.i586.rpm
 7b690cc55066e6e6108fa289b67a1c05  2010.0/i586/libneon0.27-static-devel-0.29.0-1.3mdv2010.0.i586.rpm 
 4827e973606dbfcda4ea705f5a170599  2010.0/SRPMS/libneon0.27-0.29.0-1.3mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 5e68608f43a857bd0010c945149f0c31  2010.0/x86_64/lib64neon0.27-0.29.0-1.3mdv2010.0.x86_64.rpm
 a24f59be804f95132e810387eb2c5e22  2010.0/x86_64/lib64neon0.27-devel-0.29.0-1.3mdv2010.0.x86_64.rpm
 6eeb40b8bb60ee6e4d173aa0fcbbd865  2010.0/x86_64/lib64neon0.27-static-devel-0.29.0-1.3mdv2010.0.x86_64.rpm 
 4827e973606dbfcda4ea705f5a170599  2010.0/SRPMS/libneon0.27-0.29.0-1.3mdv2010.0.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMIhjhmqjQ0CJFipgRAmMsAKDBFKfoLef5T+i+1vyaDLOleorAHgCeKIH4
4140VKQTr43iwgKfzW9yoEA=
=sYv3
-----END PGP SIGNATURE-----