Advisories
Mandriva Advisories
Updates for both security and non-functional packages are essential for a smooth-running system. Mandriva recommends that all users upgrade to the packages issued by any advisory to prevent problems with your system and unauthorized intrusion or denial of service attacks.
A graphical update utility called MandrivaUpdate is installed on your Mandriva Linux desktop. All you have to do is launch MandrivaUpdate to update your system through the GUI utility. The program lets you choose your FTP server within a list of server mirror. Then it fetches each update you have to make and lets you choose those you really need. In Mandrakelinux 8.x+, MandrakeUpdate has been replaced by the Software Manager.
Security update advisories are sent to the security mailing lists.
All security announcements and updated RPMs are signed with the GPG key of the Mandriva Security Team which is available for download.
| Legend/Filters: |  Security Update |
 Bugfix Update |
 General Update |
| Date | Advisory | Synopsis | |
|
2001-04-18 | MDKSA-2001:039 | Future support for Linux-Mandrake 6.0, 6.1, and 7.0 will be unavailable |
|
2001-04-17 | MDKSA-2001:037 | Updated kernel packages fix a number of serious security flaws |
|
2001-04-06 | MDKSA-2001:036 | Updated ntp and xntp3 packages fix buffer overflows that can lead to remote root compromise |
|
2001-03-27 | MDKSA-2001:035 | Updated vim packages fix parsing of malicious VIM codes embedded in documents |
|
2001-03-22 | MDKSA-2001:034 | Updated timed packages fix remote Denial of Service vulnerability |
|
2001-03-19 | MDKSA-2001:031 | Updated mutt packages fix format string vulnerability |
|
2001-03-15 | MDKSA-2001:030 | Updated sgml-tools packages fix insecure handling of temporary files |
|
2001-03-09 | MDKSA-2001:028 | Updated slrn packages fix buffer overflows |
|
2001-03-06 | MDKSA-2001:026 | Updated joe packages fix vulnerability with .joerc files in CWD |
|
2001-02-20 | MDKSA-2001:022 | Updated vixie-cron packages fix buffer overflow problem with crontabs |
|
2001-01-31 | MDKSA-2001:019 | Updated xemacs packages fix buffer overflow issues |
|
2001-01-29 | MDKSA-2001:017 | Updated bind packages fix multiple vulnerabilities |
|
2001-01-26 | MDKSA-2001:015 | Updated exmh packages fix temporary file insecurities |
|
2001-01-18 | MDKSA-2001:012 | Updated glibc packages fix security problems with LD_PRELOAD variable and SUID/SGID applications |
|
2001-01-15 | MDKSA-2001:001-2 | Updated wu-ftpd packages fix incorrect pam support file |
|
2001-01-12 | MDKSA-2001:011 | Updated linuxconf packages fix potential temp file race |
|
2001-01-12 | MDKSA-2001:001-1 | Updated wu-ftpd packages fix incorrect dependency on xinetd |
|
2001-01-10 | MDKSA-2001:010 | Updated inn packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:009 | Updated mgetty packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008-1 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:007 | Updated shadow-utils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:006 | Updated gpm packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:005 | Updated rdist packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:004 | Updated getty_ps packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:003 | Updated squid packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:002 | Updated arpwatch packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:001 | Updated wu-ftpd packages fix temp file creation bug |
|
2000-12-31 | MDKSA-2000:088 | Updated emacs packages fix improper security on slave PTY devices |
|
2000-12-18 | MDKSA-2000:085 | Updated slocate packages fix vulnerability in database reading code |
|
2000-12-16 | MDKSA-2000:082 | Updated pam packages fix buffer overflow in pam_localuser module |
|
2000-12-14 | MDKSA-2000:080 | Updated netscape packages fix a buffer overflow in HTML parsing code |
|
2000-12-12 | MDKSA-2000:078 | Updated mc packages fix security problems with cons.saver program |
|
2000-12-09 | MDKSA-2000:076 | Updated ed packages fix insecure creation of temporary files |
|
2000-11-28 | MDKSA-2000:075 | Updated bash1 packages fix insecure creation of temporary files |
|
2000-11-27 | MDKSA-2000:073-1 | Updated description of pine vulnerabilities |
|
2000-11-22 | MDKSA-2000:074 | Updated ghostscript packages fix usage of mktemp and improper LD_RUN_PATH |
|
2000-11-20 | MDKSA-2000:073 | Updated pine packages fix security problems |
|
2000-11-20 | MDKSA-2000:072 | Updated joe packages fix unsafe creation of DEADJOE files |
|
2000-11-13 | MDKSA-2000:069 | Updated tcsh packages fix insecure creation of temporary files |
|
2000-11-10 | MDKSA-2000:067 | Updated bind packages fix improper handling of compressed zone transfers |
|
2000-11-02 | MDKSA-2000:065 | Linux-Mandrake is not vulnerable to insecure environment variables with dump |
|
2000-10-23 | MDKSA-2000:064 | Updated ybpind and ypserv packages fix string parsing problems and buffer overflow vulnerabilities |
|
2000-10-18 | MDKSA-2000:060-2 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-18 | MDKSA-2000:060-1 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-11 | MDKSA-2000:060 | Updated apache packages fix vulnerability with mod_rewrite module |
|
2000-10-11 | MDKSA-2000:059 | Linux-Mandrake is not vulnerable to usermode potential format string vulnerabilities |
|
2000-10-11 | MDKSA-2000:058 | Linux-Mandrake is not vulnerable to boa insecure file access vulnerabilities |
|
2000-10-07 | MDKSA-2000:056 | Updated tmpwatch packages fix local denial of service and root vulnerabilities |
|
2000-10-04 | MDKSA-2000:054 | Updated lpr packages fix a format string bug |
|
2000-10-02 | MDKSA-2000:053 | Updated traceroute packages fix segfault problem |
|
2000-09-27 | MDKSA-2000:051 | Updated esound packages fix insecure permissions of temporary directory |
|
2000-09-25 | MDKSA-2000:050-1 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-25 | MDKSA-2000:041-1 | Updated xpdf packages fix incorrect dependencies |
|
2000-09-18 | MDKSA-2000:050 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-14 | MDKSA-2000:049 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in eject |
|
2000-09-12 | MDKSA-2000:047 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in either pam module |
|
2000-09-07 | MDKSA-2000:045-1 | Updated glibc packages fix potential local root exploits |
|
2000-09-05 | MDKSA-2000:044 | Linux-Mandrake is not vulnerable to local root compromise in screen |
|
2000-08-31 | MDKSA-2000:042 | Updated mgetty packages fix temporary file vulnerabilities |
|
2000-08-29 | MDKSA-2000:041 | Updated xpdf packages fix temporary file vulnerabilities and problems with URL-links |
|
2000-08-22 | MDKSA-2000:037 | Linux-Mandrake is not vulnerable to insecure configurations generated by gnome-lokkit |
|
2000-08-21 | MDKSA-2000:036 | Updated netscape packages fix serious problems with Java |
|
2000-08-12 | MDKSA-2000:034 | Updated MandrakeUpdate packages fix potential race condition |
|
2000-08-11 | MDKSA-2000:033-1 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-10 | MDKSA-2000:033 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-09 | MDKSA-2000:032 | Linux-Mandrake is not vulnerable |
|
2000-08-08 | MDKSA-2000:031 | Updated perl packages fix security problems with setuidperl |
|
2000-08-02 | MDKSA-2000:030 | Linux-Mandrake is not vulnerable to mailman format bugs |
|
2000-08-01 | MDKSA-2000:029 | Updated pam packages fix potential remote exploit with the pam_console module |
|
2000-08-01 | MDKSA-2000:027-1 | Correction to md5sums published in previous advisory |
|
2000-07-31 | MDKSA-2000:027 | Updated netscape packages fix overflow flaw in improper JPEG verification code |
|
2000-07-27 | MDKSA-2000:025 | Updated gpm packages fix a number of security issues |
|
2000-07-27 | MDKSA-2000:024 | Linux-Mandrake is not vulnerable to OpenLDAP insecure file permissions |
|
2000-07-22 | MDKSA-2000:023 | Updated inn packages fix vulnerability with verifycancels and other security problems |
|
2000-07-11 | MDKSA-2000:018 | Updated dump packages fix potential buffer overflow exploit |
|
2000-07-07 | MDKSA-2000:016 | Updated inn packages fix vulnerability with verifycancels |
|
2000-07-07 | MDKSA-2000:015 | Updated man packages fix temporary file insecurities |
|
2000-07-02 | MDKSA-2000:014 | Updated wu-ftpd packages fix format string vulnerabilities |
|
2000-07-02 | MDKSA-2000:013 | Updated dhcp packages fix potential remote root compromise |
|
2000-04-13 | MDKSA-2000:002 | Updated gpm packages fix local root compromise |
|
2000-03-21 | MDKSA-2000:00x | Updated usermode packages fix local root vulnerability |
|
2000-03-20 | MDKSA-2000:000 | Updated nmh packages fix insecure MIME header handling |
|
1999-10-29 | MDKSA-1999:016 | Updated am-utils packages fix potential remote exploit |
|
1999-09-28 | MDKSA-1999:011 | Updated gnomehack packages fix buffer overflow |
|
1999-09-02 | MDKSA-1999:009 | Updated vixie-cron packages fix MAILTO -C command vulnerability |
|
1999-08-25 | MDKSA-1999:008 | Updated BeroFTPD packages fix a security problem |
|
1999-08-25 | MDKSA-1999:007 | Updated lynx packages fix a security problem |
|
1999-08-25 | MDKSA-1999:006 | Updated wu-ftpd packages fix a security problem |
|
1999-08-17 | MDKSA-1999:005 | Updated isdn4k-utils packages fix a security problem |
|
1999-07-27 | MDKSA-1999:004 | Updated squid packages fix insecure CGI permissions |
|
1999-07-23 | MDKSA-1999:003 | Updated samba packages fix several security problems |
|
1999-06-25 | MDKSA-1999:002 | Updated kdebase packages fix a security problem with screensavers |
|
1999-06-25 | MDKSA-1999:001 | Updated net-tools packages fix a few potential buffer overruns |