Advisories
Mandriva Advisories
Updates for both security and non-functional packages are essential for a smooth-running system. Mandriva recommends that all users upgrade to the packages issued by any advisory to prevent problems with your system and unauthorized intrusion or denial of service attacks.
A graphical update utility called MandrivaUpdate is installed on your Mandriva Linux desktop. All you have to do is launch MandrivaUpdate to update your system through the GUI utility. The program lets you choose your FTP server within a list of server mirror. Then it fetches each update you have to make and lets you choose those you really need. In Mandrakelinux 8.x+, MandrakeUpdate has been replaced by the Software Manager.
Security update advisories are sent to the security mailing lists.
All security announcements and updated RPMs are signed with the GPG key of the Mandriva Security Team which is available for download.
| Legend/Filters: |  Security Update |
 Bugfix Update |
 General Update |
| Date | Advisory | Synopsis | |
|
2001-04-18 | MDKSA-2001:039 | Future support for Linux-Mandrake 6.0, 6.1, and 7.0 will be unavailable |
|
2001-04-17 | MDKSA-2001:037 | Updated kernel packages fix a number of serious security flaws |
|
2001-04-06 | MDKSA-2001:036 | Updated ntp and xntp3 packages fix buffer overflows that can lead to remote root compromise |
|
2001-03-27 | MDKSA-2001:035 | Updated vim packages fix parsing of malicious VIM codes embedded in documents |
|
2001-03-22 | MDKSA-2001:034 | Updated timed packages fix remote Denial of Service vulnerability |
|
2001-03-19 | MDKSA-2001:031 | Updated mutt packages fix format string vulnerability |
|
2001-03-15 | MDKSA-2001:030 | Updated sgml-tools packages fix insecure handling of temporary files |
|
2001-03-09 | MDKSA-2001:028 | Updated slrn packages fix buffer overflows |
|
2001-03-06 | MDKSA-2001:026 | Updated joe packages fix vulnerability with .joerc files in CWD |
|
2001-02-20 | MDKSA-2001:022 | Updated vixie-cron packages fix buffer overflow problem with crontabs |
|
2001-01-31 | MDKSA-2001:019 | Updated xemacs packages fix buffer overflow issues |
|
2001-01-31 | MDKSA-2001:018 | Updated kdesu packages fix potential local root compromise |
|
2001-01-29 | MDKSA-2001:017 | Updated bind packages fix multiple vulnerabilities |
|
2001-01-26 | MDKSA-2001:015 | Updated exmh packages fix temporary file insecurities |
|
2001-01-18 | MDKSA-2001:012 | Updated glibc packages fix security problems with LD_PRELOAD variable and SUID/SGID applications |
|
2001-01-15 | MDKSA-2001:001-2 | Updated wu-ftpd packages fix incorrect pam support file |
|
2001-01-12 | MDKSA-2001:011 | Updated linuxconf packages fix potential temp file race |
|
2001-01-12 | MDKSA-2001:001-1 | Updated wu-ftpd packages fix incorrect dependency on xinetd |
|
2001-01-10 | MDKSA-2001:010 | Updated inn packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:009 | Updated mgetty packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008-1 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:008 | Updated diffutils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:007 | Updated shadow-utils packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:006 | Updated gpm packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:005 | Updated rdist packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:004 | Updated getty_ps packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:003 | Updated squid packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:002 | Updated arpwatch packages fix potential temp file race |
|
2001-01-10 | MDKSA-2001:001 | Updated wu-ftpd packages fix temp file creation bug |
|
2000-12-31 | MDKSA-2000:088 | Updated emacs packages fix improper security on slave PTY devices |
|
2000-12-18 | MDKSA-2000:085 | Updated slocate packages fix vulnerability in database reading code |
|
2000-12-16 | MDKSA-2000:082 | Updated pam packages fix buffer overflow in pam_localuser module |
|
2000-12-14 | MDKSA-2000:080 | Updated netscape packages fix a buffer overflow in HTML parsing code |
|
2000-12-14 | MDKSA-2000:079 | Updated BitchX packages fix insecure handling of DNS information |
|
2000-12-12 | MDKSA-2000:078 | Updated mc packages fix security problems with cons.saver program |
|
2000-12-09 | MDKSA-2000:076 | Updated ed packages fix insecure creation of temporary files |
|
2000-11-28 | MDKSA-2000:075 | Updated bash1 packages fix insecure creation of temporary files |
|
2000-11-27 | MDKSA-2000:073-1 | Updated description of pine vulnerabilities |
|
2000-11-22 | MDKSA-2000:074 | Updated ghostscript packages fix usage of mktemp and improper LD_RUN_PATH |
|
2000-11-20 | MDKSA-2000:073 | Updated pine packages fix security problems |
|
2000-11-20 | MDKSA-2000:072 | Updated joe packages fix unsafe creation of DEADJOE files |
|
2000-11-13 | MDKSA-2000:069 | Updated tcsh packages fix insecure creation of temporary files |
|
2000-11-10 | MDKSA-2000:067 | Updated bind packages fix improper handling of compressed zone transfers |
|
2000-11-10 | MDKA-2000:013 | Updated MandrakeUpdate packages are available which recognize updates with the new packaging scheme |
|
2000-11-02 | MDKSA-2000:065 | Linux-Mandrake is not vulnerable to insecure environment variables with dump |
|
2000-10-23 | MDKSA-2000:064 | Updated ybpind and ypserv packages fix string parsing problems and buffer overflow vulnerabilities |
|
2000-10-18 | MDKSA-2000:060-2 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-18 | MDKSA-2000:060-1 | Updated apache packages fix improper permissions on the suexec wrapper |
|
2000-10-12 | MDKSA-2000:062 | Updated mod_php3 packages fix format string attack vulnerability |
|
2000-10-11 | MDKSA-2000:060 | Updated apache packages fix vulnerability with mod_rewrite module |
|
2000-10-11 | MDKSA-2000:059 | Linux-Mandrake is not vulnerable to usermode potential format string vulnerabilities |
|
2000-10-11 | MDKSA-2000:058 | Linux-Mandrake is not vulnerable to boa insecure file access vulnerabilities |
|
2000-10-07 | MDKSA-2000:056 | Updated tmpwatch packages fix local denial of service and root vulnerabilities |
|
2000-10-06 | MDKSA-2000:055 | Updated gnorpm packages fix temporary file vulnerabilities |
|
2000-10-04 | MDKSA-2000:054 | Updated lpr packages fix a format string bug |
|
2000-10-02 | MDKSA-2000:053 | Updated traceroute packages fix segfault problem |
|
2000-09-27 | MDKSA-2000:051 | Updated esound packages fix insecure permissions of temporary directory |
|
2000-09-25 | MDKSA-2000:050-1 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-25 | MDKSA-2000:041-1 | Updated xpdf packages fix incorrect dependencies |
|
2000-09-22 | MDKA-2000:006 | Updated MandrakeUpdate packages fix problem creating temporary directory |
|
2000-09-18 | MDKSA-2000:050 | Updated sysklogd packages fix local root compromise in klogd |
|
2000-09-14 | MDKSA-2000:049 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in eject |
|
2000-09-13 | MDKSA-2000:048 | Updated mod_php3 packages fix vulnerability with file uploads |
|
2000-09-12 | MDKSA-2000:047 | Linux-Mandrake is not vulnerable to exploitable buffer overflows in either pam module |
|
2000-09-11 | MDKSA-2000:046 | Updated mod_perl packages fix insecure Options directive |
|
2000-09-07 | MDKSA-2000:045-1 | Updated glibc packages fix potential local root exploits |
|
2000-09-05 | MDKSA-2000:044 | Linux-Mandrake is not vulnerable to local root compromise in screen |
|
2000-08-31 | MDKSA-2000:042 | Updated mgetty packages fix temporary file vulnerabilities |
|
2000-08-29 | MDKSA-2000:041 | Updated xpdf packages fix temporary file vulnerabilities and problems with URL-links |
|
2000-08-23 | MDKSA-2000:038 | Updated xlockmore packages fix improper passing of display name |
|
2000-08-22 | MDKSA-2000:037 | Linux-Mandrake is not vulnerable to insecure configurations generated by gnome-lokkit |
|
2000-08-21 | MDKSA-2000:036 | Updated netscape packages fix serious problems with Java |
|
2000-08-12 | MDKSA-2000:034 | Updated MandrakeUpdate packages fix potential race condition |
|
2000-08-11 | MDKSA-2000:033-1 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-10 | MDKSA-2000:033 | Disable Java to prevent serious security problems under Netscape |
|
2000-08-09 | MDKSA-2000:032 | Linux-Mandrake is not vulnerable |
|
2000-08-08 | MDKSA-2000:031 | Updated perl packages fix security problems with setuidperl |
|
2000-08-02 | MDKSA-2000:030 | Linux-Mandrake is not vulnerable to mailman format bugs |
|
2000-08-01 | MDKSA-2000:029 | Updated pam packages fix potential remote exploit with the pam_console module |
|
2000-08-01 | MDKSA-2000:027-1 | Correction to md5sums published in previous advisory |
|
2000-07-31 | MDKSA-2000:027 | Updated netscape packages fix overflow flaw in improper JPEG verification code |
|
2000-07-27 | MDKSA-2000:025 | Updated gpm packages fix a number of security issues |
|
2000-07-27 | MDKSA-2000:024 | Linux-Mandrake is not vulnerable to OpenLDAP insecure file permissions |
|
2000-07-22 | MDKSA-2000:023 | Updated inn packages fix vulnerability with verifycancels and other security problems |
|
2000-07-11 | MDKSA-2000:018 | Updated dump packages fix potential buffer overflow exploit |
|
2000-07-07 | MDKSA-2000:017 | Updated BitchX packages fix denial of service vulnerability |
|
2000-07-07 | MDKSA-2000:016 | Updated inn packages fix vulnerability with verifycancels |
|
2000-07-07 | MDKSA-2000:015 | Updated man packages fix temporary file insecurities |
|
2000-07-02 | MDKSA-2000:014 | Updated wu-ftpd packages fix format string vulnerabilities |
|
2000-07-02 | MDKSA-2000:013 | Updated dhcp packages fix potential remote root compromise |
|
2000-06-04 | MDKSA-2000:011 | Updated xlockmore packages fix insecure viewing of shadow passwords |
|
2000-06-04 | MDKSA-2000:010 | Updated bind packages fix remotely exploitable vulnerabilities |
|
2000-06-03 | MDKSA-2000:009 | Updated cdrecord packages fix locally exploitable buffer overflow |
|
2000-04-13 | MDKSA-2000:002 | Updated gpm packages fix local root compromise |
|
2000-03-21 | MDKSA-2000:00x | Updated usermode packages fix local root vulnerability |
|
2000-03-20 | MDKSA-2000:000 | Updated nmh packages fix insecure MIME header handling |
|
1999-11-29 | MDKA-1999:013 | Updated lpr packages fix a bug that prevents lpr from working correctly in some cases |
|
1999-11-15 | MDKSA-1999:018 | Updated bind packages fix a number of security vulnerabilities |
|
1999-11-08 | MDKA-1999:012 | Updated initscripts packages fix a bug in ifup-aliases |
|
1999-11-05 | MDKSA-1999:017 | Updated kvirc packages fix file insecurities |
|
1999-10-29 | MDKSA-1999:016 | Updated am-utils packages fix potential remote exploit |
|
1999-10-29 | MDKSA-1999:015 | Updated ypserv packages fix a number of security problems |
|
1999-10-29 | MDKA-1999:011 | Updated kernel packages provide RAID support |
|
1999-10-29 | MDKA-1999:010 | Updated netscape packages fix timezone bug |
|
1999-10-22 | MDKSA-1999:014 | Updated wu-ftpd packages fix two potential buffer overflows |
|
1999-10-22 | MDKA-1999:009 | Updated MandrakeUpdate packages provide proper internationalization |
|
1999-10-21 | MDKSA-1999:013 | Updated screen packages fix insecure controlling terminals |
|
1999-10-18 | MDKSA-1999:012 | Updated lpr packages fix insecure file handling |
|
1999-10-02 | MDKA-1999:008 | Updated xpdf packages fix xpdf hanging when viewing some PDF files |
|
1999-10-02 | MDKA-1999:007 | Updated gnuplot packages fix problem of corrupted Postscript output generation |
|
1999-10-02 | MDKA-1999:006 | Updated mount packages fix problem mounting FAT filesystems |