Advisories
Mandriva Advisories
Updates for both security and non-functional packages are essential for a smooth-running system. Mandriva recommends that all users upgrade to the packages issued by any advisory to prevent problems with your system and unauthorized intrusion or denial of service attacks.
A graphical update utility called MandrivaUpdate is installed on your Mandriva Linux desktop. All you have to do is launch MandrivaUpdate to update your system through the GUI utility. The program lets you choose your FTP server within a list of server mirror. Then it fetches each update you have to make and lets you choose those you really need. In Mandrakelinux 8.x+, MandrakeUpdate has been replaced by the Software Manager.
Security update advisories are sent to the security mailing lists.
All security announcements and updated RPMs are signed with the GPG key of the Mandriva Security Team which is available for download.
| Legend/Filters: |  Security Update |
 Bugfix Update |
 General Update |
| Date | Advisory | Synopsis | |
|
2001-04-18 | MDKSA-2001:039 | Future support for Linux-Mandrake 6.0, 6.1, and 7.0 will be unavailable |
|
2001-04-17 | MDKSA-2001:037 | Updated kernel packages fix a number of serious security flaws |
|
2001-04-06 | MDKSA-2001:036 | Updated ntp and xntp3 packages fix buffer overflows that can lead to remote root compromise |
|
2001-03-27 | MDKSA-2001:035 | Updated vim packages fix parsing of malicious VIM codes embedded in documents |
|
2001-03-23 | MDKSA-2001:033-1 | Updated openssh packages for 7.0/7.1 fix potential inability to login |
|
2001-03-22 | MDKSA-2001:034 | Updated timed packages fix remote Denial of Service vulnerability |
|
2001-03-22 | MDKSA-2001:033 | Updated openssh packages enhance prevention of passive analysis of ssh traffic |
|
2001-03-19 | MDKSA-2001:031 | Updated mutt packages fix format string vulnerability |
|
2001-03-09 | MDKSA-2001:028 | Updated slrn packages fix buffer overflows |
|
2001-03-06 | MDKSA-2001:026 | Updated joe packages fix vulnerability with .joerc files in CWD |
|
2001-02-20 | MDKSA-2001:022 | Updated vixie-cron packages fix buffer overflow problem with crontabs |
|
2001-01-31 | MDKSA-2001:019 | Updated xemacs packages fix buffer overflow issues |
|
2001-01-31 | MDKSA-2001:018 | Updated kdesu packages fix potential local root compromise |
|
2001-01-29 | MDKSA-2001:017 | Updated bind packages fix multiple vulnerabilities |
|
2001-01-26 | MDKSA-2001:015 | Updated exmh packages fix temporary file insecurities |
|
2001-01-18 | MDKSA-2001:012 | Updated glibc packages fix security problems with LD_PRELOAD variable and SUID/SGID applications |
|
2001-01-15 | MDKSA-2001:001-2 | Updated wu-ftpd packages fix incorrect pam support file |
|
2001-01-12 | MDKSA-2001:011 | Updated linuxconf packages fix potential temp file race |
|
2001-01-12 | MDKSA-2001:001-1 | Updated wu-ftpd packages fix incorrect dependency on xinetd |
|
2001-01-10 | MDKSA-2001:010 | Updated inn packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:009 | Updated mgetty packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008-1 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:007 | Updated shadow-utils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:006 | Updated gpm packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:005 | Updated rdist packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:004 | Updated getty_ps packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:003 | Updated squid packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:002 | Updated arpwatch packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:001 | Updated wu-ftpd packages fix temp file creation bug |
|
2000-12-31 | MDKSA-2000:088 | Updated emacs packages fix improper security on slave PTY devices |
|
2000-12-20 | MDKSA-2000:087 | Updated gnupg packages fix problem importing private keys along with public keys |
|
2000-12-18 | MDKSA-2000:085 | Updated slocate packages fix vulnerability in database reading code |
|
2000-12-16 | MDKSA-2000:082 | Updated pam packages fix buffer overflow in pam_localuser module |
|
2000-12-14 | MDKSA-2000:080 | Updated netscape packages fix a buffer overflow in HTML parsing code |
|
2000-12-14 | MDKSA-2000:079 | Updated BitchX packages fix insecure handling of DNS information |
|
2000-12-12 | MDKSA-2000:078 | Updated mc packages fix security problems with cons.saver program |
|
2000-12-09 | MDKSA-2000:076 | Updated ed packages fix insecure creation of temporary files |
|
2000-11-28 | MDKSA-2000:075 | Updated bash1 packages fix insecure creation of temporary files |
|
2000-11-27 | MDKSA-2000:073-1 | Updated description of pine vulnerabilities |
|
2000-11-22 | MDKSA-2000:074 | Updated ghostscript packages fix usage of mktemp and improper LD_RUN_PATH |
|
2000-11-20 | MDKSA-2000:073 | Updated pine packages fix security problems |
|
2000-11-20 | MDKSA-2000:072 | Updated joe packages fix unsafe creation of DEADJOE files |
|
2000-11-14 | MDKSA-2000:068-1 | Updated openssh packages fix broken PAM support |
|
2000-11-13 | MDKSA-2000:069 | Updated tcsh packages fix insecure creation of temporary files |
|
2000-11-13 | MDKSA-2000:068 | Updated openssh packages fix improper checking of X11 forwarding permissions |
|
2000-11-10 | MDKSA-2000:067 | Updated bind packages fix improper handling of compressed zone transfers |
|
2000-11-10 | MDKSA-2000:066-1 | Updated nss_ldap packages are available under the new packaging scheme |
|
2000-11-10 | MDKA-2000:013 | Updated MandrakeUpdate packages are available which recognize updates with the new packaging scheme |
|
2000-11-03 | MDKSA-2000:066 | Updated nss_ldap packages fix a race condition |
|
2000-11-02 | MDKSA-2000:065 | Linux-Mandrake is not vulnerable to insecure environment variables with dump |
|
2000-10-23 | MDKSA-2000:064 | Updated ybpind and ypserv packages fix string parsing problems and buffer overflow vulnerabilities |
|
2000-10-21 | MDKSA-2000:063-1 | Updated gnupg packages are properly built for i586 |
|
2000-10-20 | MDKSA-2000:063 | Updated gnupg packages fix vulnerability aith files signed with multiple keys |
|
2000-10-18 | MDKSA-2000:060-2 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-18 | MDKSA-2000:060-1 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-12 | MDKSA-2000:062 | Updated mod_php3 packages fix format string attack vulnerability |
|
2000-10-12 | MDKSA-2000:057-1 | Updated openssh packages not required |
|
2000-10-11 | MDKSA-2000:060 | Updated apache packages fix vulnerability with mod_rewrite module |
|
2000-10-11 | MDKSA-2000:059 | Linux-Mandrake is not vulnerable to usermode potential format string vulnerabilities |
|
2000-10-11 | MDKSA-2000:058 | Linux-Mandrake is not vulnerable to boa insecure file access vulnerabilities |
|
2000-10-10 | MDKSA-2000:057 | Updated openssh packages are available |
|
2000-10-07 | MDKSA-2000:056 | Updated tmpwatch packages fix local denial of service and root vulnerabilities |
|
2000-10-06 | MDKSA-2000:055 | Updated gnorpm packages fix temporary file vulnerabilities |
|
2000-10-04 | MDKSA-2000:054 | Updated lpr packages fix a format string bug |
|
2000-10-02 | MDKSA-2000:053 | Updated traceroute packages fix segfault problem |
|
2000-10-02 | MDKSA-2000:052 | Updated xinitrc packages fix disabling of Xauthority mechanism of the localhost |
|
2000-10-02 | MDKA-2000:007-1 | Updated locales packages fix broken settings after glibc upgrade |
|
2000-09-27 | MDKSA-2000:051 | Updated esound packages fix insecure permissions of temporary directory |
|
2000-09-25 | MDKSA-2000:050-1 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-25 | MDKSA-2000:041-1 | Updated xpdf packages fix incorrect dependencies |
|
2000-09-25 | MDKA-2000:008 | Updated zsh packages fix segfaults after glibc upgrade |
|
2000-09-22 | MDKA-2000:007 | Updated locales packages fix broken settings after glibc upgrade |
|
2000-09-22 | MDKA-2000:006 | Updated MandrakeUpdate packages fix problem creating temporary directory |
|
2000-09-18 | MDKSA-2000:050 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-18 | MDKA-2000:005-1 | Updated kdenetwork packages fix locale problem with previous upgrade |
|
2000-09-16 | MDKA-2000:005 | Updated kdenetwork packages fix date bug in KMail that causes index file corruption |
|
2000-09-14 | MDKSA-2000:049 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in eject |
|
2000-09-13 | MDKSA-2000:048 | Updated mod_php3 packages fix vulnerability with file uploads |
|
2000-09-12 | MDKSA-2000:047 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in either pam module |
|
2000-09-11 | MDKSA-2000:046 | Updated mod_perl packages fix insecure Options directive |
|
2000-09-06 | MDKSA-2000:045 | Updated glibc packages fix potential local root exploits |
|
2000-09-05 | MDKSA-2000:044 | Linux-Mandrake is not vulnerable to local root compromise in screen |
|
2000-08-31 | MDKSA-2000:042 | Updated mgetty packages fix temporary file vulnerabilities |
|
2000-08-29 | MDKSA-2000:041 | Updated xpdf packages fix temporary file vulnerabilities and problems with URL-links |
|
2000-08-29 | MDKSA-2000:040 | Updated glibc packages fix potential local root exploits |
|
2000-08-28 | MDKSA-2000:039-1 | Updated xchat packages fix malicious URL vulnerabilities |
|
2000-08-25 | MDKSA-2000:022-1 | Updated dhcp packages fix potential remote root compromise by a corrupt DHCP server |
|
2000-08-23 | MDKSA-2000:038 | Updated xlockmore packages fix improper passing of display name |
|
2000-08-22 | MDKSA-2000:037 | Linux-Mandrake is not vulnerable to insecure configurations generated by gnome-lokkit |
|
2000-08-21 | MDKSA-2000:036 | Updated netscape packages fix serious problems with Java |
|
2000-08-12 | MDKSA-2000:034 | Updated MandrakeUpdate packages fix potential race condition |
|
2000-08-11 | MDKSA-2000:033-1 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-10 | MDKSA-2000:033 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-09 | MDKSA-2000:032 | Linux-Mandrake is not vulnerable |
|
2000-08-08 | MDKSA-2000:031 | Updated perl packages fix security problems with setuidperl |
|
2000-08-02 | MDKSA-2000:030 | Linux-Mandrake is not vulnerable to mailman format bugs |
|
2000-08-01 | MDKSA-2000:029 | Updated pam packages fix potential remote exploit with the pam_console module |
|
2000-08-01 | MDKSA-2000:028 | Updated kon2 packages fix potential local root compromise |
|
2000-08-01 | MDKSA-2000:027-1 | Correction to md5sums published in previous advisory |
|
2000-07-31 | MDKSA-2000:027 | Updated netscape packages fix overflow flaw in improper JPEG verification code |
|
2000-07-27 | MDKSA-2000:025 | Updated gpm packages fix a number of security issues |
|
2000-07-27 | MDKSA-2000:024 | Linux-Mandrake is not vulnerable to OpenLDAP insecure file permissions |
|
2000-07-22 | MDKSA-2000:023 | Updated inn packages fix vulnerability with verifycancels and other security problems |
|
2000-07-21 | MDKSA-2000:022 | Updated dhcp packages fix potential remote root compromise by a corrupt DHCP server |
|
2000-07-18 | MDKSA-2000:021 | Updated nfs-utils packages possible remote root compromise |
|
2000-07-11 | MDKSA-2000:018 | Updated dump packages fix potential buffer overflow exploit |
|
2000-07-07 | MDKSA-2000:017 | Updated BitchX packages fix denial of service vulnerability |
|
2000-07-07 | MDKSA-2000:016 | Updated inn packages fix vulnerability with verifycancels |
|
2000-07-07 | MDKSA-2000:015 | Updated man packages fix temporary file insecurities |
|
2000-07-02 | MDKSA-2000:014 | Updated wu-ftpd packages fix format string vulnerabilities |
|
2000-07-02 | MDKSA-2000:013 | Updated dhcp packages fix potential remote root compromise |
|
2000-06-04 | MDKSA-2000:011 | Updated xlockmore packages fix insecure viewing of shadow passwords |
|
2000-06-04 | MDKSA-2000:010 | Updated bind packages fix remotely exploitable vulnerabilities |
|
2000-06-03 | MDKSA-2000:009 | Updated cdrecord packages fix locally exploitable buffer overflow |
|
2000-05-29 | MDKSA-2000:008 | Updated kdesu packages fix local root compromise |
|
2000-05-24 | MDKSA-2000:007 | Updated dump packages remove setgid bit from the dump binary |
|
2000-05-24 | MDKSA-2000:006 | Updated xemacs packages fix snooping on other users keystrokes |
|
2000-05-23 | MDKSA-2000:005 | Updated fdutils packages fix local root compromise |
|
2000-05-17 | MDKSA-2000:004 | Updated xsoldier packages fix exploitable buffer overflow |
|
2000-04-22 | MDKSA-2000:003 | Updated OpenLDAP packages fix temporary file vulnerabilities |
|
2000-04-13 | MDKSA-2000:002 | Updated gpm packages fix local root compromise |
|
2000-04-13 | MDKSA-2000:001 | Updated imwheel packages fix local root compromise |
|
2000-03-20 | MDKSA-2000:000 | Updated nmh packages fix insecure MIME header handling |