Home > Security > Advisories


Mandriva Advisories

Updates for both security and non-functional packages are essential for a smooth-running system. Mandriva recommends that all users upgrade to the packages issued by any advisory to prevent problems with your system and unauthorized intrusion or denial of service attacks.

A graphical update utility called MandrivaUpdate is installed on your Mandriva Linux desktop. All you have to do is launch MandrivaUpdate to update your system through the GUI utility. The program lets you choose your FTP server within a list of server mirror. Then it fetches each update you have to make and lets you choose those you really need. In Mandrakelinux 8.x+, MandrakeUpdate has been replaced by the Software Manager.

Security update advisories are sent to the security mailing lists.

All security announcements and updated RPMs are signed with the GPG key of the Mandriva Security Team which is available for download.

Legend/Filters: Security Update Bugfix Update General Update

Date Advisory Synopsis
2003-05-14 MDKSA-2003:056 Updated xinetd packages fix DoS vulnerability
2003-03-27 MDKSA-2003:039 Updated kernel22 packages fix multiple vulnerabilities
2003-03-25 MDKSA-2003:037 Updated glibc packages fix vulnerabilities in RPC XDR decoder
2003-03-25 MDKSA-2003:035 Updated openssl packages fix RSA-related insecurities
2003-03-18 MDKSA-2003:033 Updated zlib packages fix buffer overrun vulnerability
2003-03-06 MDKSA-2003:030 Updated file packages fix stack overflow vulnerability
2003-03-03 MDKSA-2003:027 Updated tcpdump packages fix denial of service vulnerabilities
2003-02-26 MDKSA-2003:025 Updated webmin packages fix session ID spoofing vulnerability
2003-02-24 MDKSA-2003:023 Updated lynx packages fix CRLF injection vulnerability
2003-02-21 MDKSA-2003:020 Updated openssl packages fix timing-based attack vulnerability
2003-02-11 MDKSA-2002:062-1 Updated postgresql packages fix various buffer overflows
2003-02-03 MDKSA-2003:013 Updated MySQL packages fix DoS vulnerability
2003-02-03 MDKSA-2003:012 Updated vim packages fix arbitrary command execution vulnerability
2003-01-27 MDKSA-2003:011 Updated fetchmail packages fix remote exploit vulnerability
2003-01-20 MDKSA-2003:009 Updated cvs packages fix multiple vulnerabilities
2003-01-20 MDKSA-2003:008 Updated libpng packages fix potential remote compromise
2003-01-17 MDKSA-2003:007 Updated dhcp packages fix remote code execution vulnerability
2003-01-09 MDKSA-2003:003 Updated dhcpcd packages fix character expansion vulnerability
2002-12-18 MDKSA-2002:087 Updated MySQL packages fix multiple vulnerabilities
2002-12-18 MDKSA-2002:068-1 Updated apache packages fix multiple vulnerabilities
2002-12-11 MDKSA-2002:086 Updated wget packages fix directory traversal vulnerability
2002-11-25 MDKSA-2002:082 Updated python packages fix local arbitrary code execution vulnerability
2002-11-14 MDKSA-2002:077 Updated bind packages fix remote compromise and DoS vulnerabilities
2002-11-07 MDKSA-2002:075 Updated nss_ldap and pam_ldap packages fix buffer and format string vulnerabilities
2002-10-24 MDKSA-2002:072 Updated mod_ssl packages fix cross-site scripting vulnerability
2002-10-10 MDKSA-2002:066 Updated tar packages fix directory traversal vulnerability
2002-10-10 MDKSA-2002:065 Updated unzip packages fix directory traversal vulnerability
2002-10-01 MDKSA-2002:063 Updated fetchmail packages fix various vulnerabilities
2002-10-01 MDKSA-2002:062 Updated postgresql packages fix various buffer overflows
2002-09-23 MDKSA-2002:061 Updated glibc packages fix Sun RPC vulnerability
2002-09-23 MDKSA-2002:060 Updated tcltk packages fix local vulnerabilities
2002-08-14 MDKSA-2002:052 Updated sharutils packages fix local file vulnerability
2002-08-13 MDKSA-2002:050 Updated glibc packages fix buffer overflow
2002-08-13 MDKSA-2002:049 Updated libpng packages fix buffer overflow
2002-08-08 MDKSA-2002:048 Updated mod_ssl packages fix buffer overflow
2002-08-08 MDKSA-2002:047 Updated util-linux packages fix temporary file race
2002-08-06 MDKSA-2002:046-1 Updated openssl packages fix various vulnerabilities
2002-07-30 MDKSA-2002:046 Updated openssl packages fix various vulnerabilities
2002-07-29 MDKSA-2002:045 Updated mm packages fix temporary file vulnerability
2002-07-17 MDKSA-2002:044 Updated squid packages fix multiple vulnerabilities
2002-07-16 MDKSA-2002:043 Updated bind packages fix buffer overflow in resolver libs
2002-07-04 MDKSA-2002:041 Updated kernel packages fix multiple vulnerabilities
2002-07-02 MDKSA-2002:040-1 Updated openssh packaegs fix remote vulnerability
2002-06-24 MDKSA-2002:040 Updated openssh packages provide privilege separation
2002-06-22 MDKSA-2002:039-2 Updated apache packages fix remotely exploitable conditions
2002-06-21 MDKSA-2002:039-1 Updated apache packages fix DoS vulnerability
2002-06-20 MDKSA-2002:039 Updated apache packages fix DoS vulnerability
2002-05-30 MDKSA-2002:037-1 Updated dhcp packages fix format string vulnerability
2002-05-29 MDKSA-2002:037 Updated dhcp packages fix format string vulnerability
2002-05-28 MDKSA-2002:036 Updated fetchmail packages fix array bounds checking
2002-05-21 MDKSA-2002:033 Updated webmin packages fix buffer overflow vulnerability
2002-05-16 MDKSA-2002:032 Updated tcpdump packages fix buffer overflows
2002-04-25 MDKSA-2002:028 Updated sudo packages fix heap corruption vulnerability
2002-04-16 MDKSA-2002:027 Updated squid packages fix DoS vulnerability
2002-04-11 MDKSA-2002:026 Updated libsafe packages fix inadequate format string protection
2002-03-13 MDKSA-2002:024 Updated rsync packages fix multiple vulnerabilities
2002-03-12 MDKSA-2002:023 Updated zlib-related packages fix double free vulnerability
2002-03-12 MDKSA-2002:022 Updated zlib packages fix double free vulnerability
2002-03-07 MDKSA-2002:020 Updated mod_ssl packages fix a buffer overflow vulnerability
2002-03-07 MDKSA-2002:019 Updated openssh packages fix local root vulnerability
2002-02-28 MDKSA-2002:017 Updated php packages fix file upload vulnerability
2002-02-26 MDKSA-2002:016-1 Updated squid packages fix dependency on openldap
2002-02-21 MDKSA-2002:016 Updated squid packages fix several insecurities
2002-02-15 MDKSA-2002:014 Updated ucd-snmp packages fix multiple vulnerabilities
2002-02-07 MDKSA-2002:012 Updated groff packages fix buffer overflow
2002-01-31 MDKSA-2002:011 Updated gzip packages fix buffer overflow
2002-01-28 MDKSA-2002:009 Updated rsync packages fix unsigned insecurities
2002-01-15 MDKSA-2002:003 Updated sudo packages fix local root vulnerability
2001-12-19 MDKSA-2001:095 Updated glibc packages fix buffer overflow vulnerability
2001-12-13 MDKSA-2001:092 Updated openssh packages fix local vulnerability with UseLogin
2001-11-29 MDKSA-2001:089 Updated postfix packages fix potential remote DoS
2001-11-28 MDKSA-2001:077-2 Updated apache packages fix a number of vulnerabilities
2001-11-21 MDKSA-2001:088 Updated squid packages fix potential DoS
2001-11-20 MDKSA-2001:085 Updated procmail packages fix crash insecurities
2001-11-20 MDKSA-2001:082-1 Updated kernel 2.2 packages fix additional remote vulnerability
2001-11-20 MDKA-2001:021 Updated mktemp packages can create temporary directories
2001-10-26 MDKSA-2001:082 Updated kernel 2.2 packages fix two local vulnerabilities
2001-10-16 MDKSA-2001:081 Updated openssh packages fix dishonored key option
2001-08-31 MDKSA-2001:076 Updated xinetd packages fix many potential vulnerabilities
2001-08-14 MDKA-2001:012 Updated naat-backend and perl packages fix problems with updates
2001-08-13 MDKSA-2001:069 Updated openldap packages fix invalid packet handling vulnerability
2001-08-13 MDKSA-2001:068 Updated telnet packages fix buffer overflow vulnerability
2001-07-25 MDKSA-2001:066 Updated squid packages fix httpd_accel_with_proxy vulnerability
2001-07-18 MDKSA-2001:065 Updated openssl packages fix predictable PRNG vulnerability
2001-07-09 MDKSA-2001:061-1 Updated gtk+ packages are gpg signed
2001-07-05 MDKSA-2001:063 Updated fetchmail packages fix buffer overflow
2001-07-05 MDKSA-2001:055-1 Updated xinetd packages fix improper umask and buffer overflows
2001-06-28 MDKSA-2001:061 Updated gtk+ packages fix environment variable insecurities
2001-06-20 MDKSA-2001:059 Updated webmin packages fix environment leaking vulnerabilities
2001-06-13 MDKSA-2001:056 Updated tcpdump packages fix buffer overflows
2001-06-11 MDKSA-2001:055 Updated xinetd packages fix improper umask