Advisories

Mandriva Advisories

Package name	gda2.0
Date	November 1st, 2005
Advisory ID	MDKSA-2005:203
Affected versions	CS3.0, 10.2, 2006.0
Synopsis	Updated gda2.0 packages fix string format vulnerability

Problem Description

Steve Kemp discovered two format string vulnerabilities in libgda2,
the GNOME Data Access library for GNOME2, which may lead to the
execution of arbitrary code in programs that use this library.

The updated packages have been patched to correct this issue.

Updated Packages

Corporate Server 3.0

 c2bee0812a3911016f32406c7e6b98c6  corporate/3.0/RPMS/gda2.0-1.0.3-3.2.C30mdk.i586.rpm
 1c60c3861756e5f2ebec25810d698319  corporate/3.0/RPMS/gda2.0-ldap-1.0.3-3.2.C30mdk.i586.rpm
 76329346f822881c283f1d80eccf0321  corporate/3.0/RPMS/gda2.0-mysql-1.0.3-3.2.C30mdk.i586.rpm
 9366a1dfd24862ba1c2e785c880f42b1  corporate/3.0/RPMS/gda2.0-odbc-1.0.3-3.2.C30mdk.i586.rpm
 d2eaf777cbc85fa050ea15d9483e8530  corporate/3.0/RPMS/gda2.0-postgres-1.0.3-3.2.C30mdk.i586.rpm
 efb6dcf8757552aca5a2afad5e214afa  corporate/3.0/RPMS/gda2.0-sqlite-1.0.3-3.2.C30mdk.i586.rpm
 d19b0dc56ecc6645735e5ba4df226ea5  corporate/3.0/RPMS/libgda2.0_1-1.0.3-3.2.C30mdk.i586.rpm
 04904635f832181f5f4bc13defbd2404  corporate/3.0/RPMS/libgda2.0_1-devel-1.0.3-3.2.C30mdk.i586.rpm
 4ded9fd88d06c155f3fadd5438855b49  corporate/3.0/SRPMS/gda2.0-1.0.3-3.2.C30mdk.src.rpm

Corporate Server 3.0/X86_64

 6db35535deba7751a627682f1ba77ace  x86_64/corporate/3.0/RPMS/gda2.0-1.0.3-3.2.C30mdk.x86_64.rpm
 f3cc7763718da0f76c3c1e9131e1b9f5  x86_64/corporate/3.0/RPMS/gda2.0-ldap-1.0.3-3.2.C30mdk.x86_64.rpm
 7f01b17e60477e916f6a390b4e4b7222  x86_64/corporate/3.0/RPMS/gda2.0-mysql-1.0.3-3.2.C30mdk.x86_64.rpm
 3c93f0b8fe2f90ad54c505a813a3ea4f  x86_64/corporate/3.0/RPMS/gda2.0-odbc-1.0.3-3.2.C30mdk.x86_64.rpm
 527ff7ccbd2af3ea24ac3f572b050de3  x86_64/corporate/3.0/RPMS/gda2.0-postgres-1.0.3-3.2.C30mdk.x86_64.rpm
 cc2aead64a14a2fa99c34a572024adbe  x86_64/corporate/3.0/RPMS/gda2.0-sqlite-1.0.3-3.2.C30mdk.x86_64.rpm
 0eb6f8c613088bbcbb0205eec0e7374d  x86_64/corporate/3.0/RPMS/lib64gda2.0_1-1.0.3-3.2.C30mdk.x86_64.rpm
 c4c5b62e45e95c0142fc823e2db49b4c  x86_64/corporate/3.0/RPMS/lib64gda2.0_1-devel-1.0.3-3.2.C30mdk.x86_64.rpm
 4ded9fd88d06c155f3fadd5438855b49  x86_64/corporate/3.0/SRPMS/gda2.0-1.0.3-3.2.C30mdk.src.rpm

Mandriva Linux LE2005

 8581951dac7e2e51d0e583355f0c4fdf  10.2/RPMS/gda2.0-1.2.1-1.2.102mdk.i586.rpm
 6df29b76c68f2dac41511f0047844a6c  10.2/RPMS/gda2.0-bdb-1.2.1-1.2.102mdk.i586.rpm
 ab2a54b37f5d3a5903c13b5caf0884f1  10.2/RPMS/gda2.0-ldap-1.2.1-1.2.102mdk.i586.rpm
 a46e61c38f33d3590255b349371e5dd2  10.2/RPMS/gda2.0-mysql-1.2.1-1.2.102mdk.i586.rpm
 5f82b737ad1df0f5e367554a6af57d25  10.2/RPMS/gda2.0-odbc-1.2.1-1.2.102mdk.i586.rpm
 9c15f2853a50a9b8ce21c99b7c357d69  10.2/RPMS/gda2.0-postgres-1.2.1-1.2.102mdk.i586.rpm
 2a99984e0d3f0ed0bb77e1df0781a745  10.2/RPMS/gda2.0-sqlite-1.2.1-1.2.102mdk.i586.rpm
 ac79f03faefae3d12b25a692d84aa09c  10.2/RPMS/gda2.0-xbase-1.2.1-1.2.102mdk.i586.rpm
 c246c62a8b6a44bdf517fc13ab5a9629  10.2/RPMS/libgda2.0_3-1.2.1-1.2.102mdk.i586.rpm
 33244d3790d14e77cf83e297d105a0e5  10.2/RPMS/libgda2.0_3-devel-1.2.1-1.2.102mdk.i586.rpm
 2ae1d69e77d265b6a45701dede9187b6  10.2/SRPMS/gda2.0-1.2.1-1.2.102mdk.src.rpm

Mandriva Linux LE2005/X86_64

 a22c56a701d4b323cd58199bd330d358  x86_64/10.2/RPMS/gda2.0-1.2.1-1.2.102mdk.x86_64.rpm
 ab86e362890a87d588c6180df048d380  x86_64/10.2/RPMS/gda2.0-bdb-1.2.1-1.2.102mdk.x86_64.rpm
 e68a0231c0ed2d16c71330ab2ec0bc02  x86_64/10.2/RPMS/gda2.0-ldap-1.2.1-1.2.102mdk.x86_64.rpm
 561b6118c3f60507bd1d39a61ae1d1ef  x86_64/10.2/RPMS/gda2.0-mysql-1.2.1-1.2.102mdk.x86_64.rpm
 9c09bdaed784668cf9326aaa25fe045e  x86_64/10.2/RPMS/gda2.0-odbc-1.2.1-1.2.102mdk.x86_64.rpm
 9c05d405913600ab83af41a5c43012f1  x86_64/10.2/RPMS/gda2.0-postgres-1.2.1-1.2.102mdk.x86_64.rpm
 678405e55c25c6be5fd1bc7282918dab  x86_64/10.2/RPMS/gda2.0-sqlite-1.2.1-1.2.102mdk.x86_64.rpm
 dd2b4c22b66bfdd9e7d079fceb8052bc  x86_64/10.2/RPMS/gda2.0-xbase-1.2.1-1.2.102mdk.x86_64.rpm
 3ad48b3adeb00a9f9a3ea7a1c987b735  x86_64/10.2/RPMS/lib64gda2.0_3-1.2.1-1.2.102mdk.x86_64.rpm
 e4d9fb39922d57f56902b721b80d7c9f  x86_64/10.2/RPMS/lib64gda2.0_3-devel-1.2.1-1.2.102mdk.x86_64.rpm
 2ae1d69e77d265b6a45701dede9187b6  x86_64/10.2/SRPMS/gda2.0-1.2.1-1.2.102mdk.src.rpm

Mandriva Linux 2006

 291823a3cf2fbd1321fafd6d465b9fbc  2006.0/RPMS/gda2.0-1.2.2-2.2.20060mdk.i586.rpm
 f8c350c51a5847e02e391507f1052867  2006.0/RPMS/gda2.0-bdb-1.2.2-2.2.20060mdk.i586.rpm
 dd0126df1e10c2f127ebecc5e0a1c26c  2006.0/RPMS/gda2.0-ldap-1.2.2-2.2.20060mdk.i586.rpm
 47e6a607eaa3738b4d07adb619232eb1  2006.0/RPMS/gda2.0-mysql-1.2.2-2.2.20060mdk.i586.rpm
 4d1f9d08c55ed0a195ca001996f239e3  2006.0/RPMS/gda2.0-odbc-1.2.2-2.2.20060mdk.i586.rpm
 e9dc80d837f6932969c3601f03707c59  2006.0/RPMS/gda2.0-postgres-1.2.2-2.2.20060mdk.i586.rpm
 0ec62e103852325ee70769fe2eadb6c4  2006.0/RPMS/gda2.0-sqlite-1.2.2-2.2.20060mdk.i586.rpm
 a5d3d090e83d080ebf6a1c210aa113f1  2006.0/RPMS/gda2.0-xbase-1.2.2-2.2.20060mdk.i586.rpm
 a4a8ae72f7cd866183c2e8a4a2e16bd3  2006.0/RPMS/libgda2.0_3-1.2.2-2.2.20060mdk.i586.rpm
 2b4c20ea0a38bf22c5aa31da3cd8884f  2006.0/RPMS/libgda2.0_3-devel-1.2.2-2.2.20060mdk.i586.rpm
 16c1de82d2b1996adeb4577b1ff9cdcd  2006.0/SRPMS/gda2.0-1.2.2-2.2.20060mdk.src.rpm

Mandriva Linux 2006/X86_64

 36a04443e670524ae0c4d93bf0752e9f  x86_64/2006.0/RPMS/gda2.0-1.2.2-2.2.20060mdk.x86_64.rpm
 d2fecb3c702f5c764c6a67c85e36e448  x86_64/2006.0/RPMS/gda2.0-bdb-1.2.2-2.2.20060mdk.x86_64.rpm
 44171de894c358c5bd3d4301b488170e  x86_64/2006.0/RPMS/gda2.0-ldap-1.2.2-2.2.20060mdk.x86_64.rpm
 863aacd7318479757dc2d2e1ed238418  x86_64/2006.0/RPMS/gda2.0-mysql-1.2.2-2.2.20060mdk.x86_64.rpm
 a82c2fceef36372b1fc17086b6237293  x86_64/2006.0/RPMS/gda2.0-odbc-1.2.2-2.2.20060mdk.x86_64.rpm
 067f1f9a633b3e2dbe8ca08591d48642  x86_64/2006.0/RPMS/gda2.0-postgres-1.2.2-2.2.20060mdk.x86_64.rpm
 4b257c7716b6eefcfb0fec95732975a0  x86_64/2006.0/RPMS/gda2.0-sqlite-1.2.2-2.2.20060mdk.x86_64.rpm
 9fef9fad9b8d98708c30c87b4bfdbece  x86_64/2006.0/RPMS/gda2.0-xbase-1.2.2-2.2.20060mdk.x86_64.rpm
 84787803035a7d1ee2bb7b12775ea9f0  x86_64/2006.0/RPMS/lib64gda2.0_3-1.2.2-2.2.20060mdk.x86_64.rpm
 3037e49d4a6f17e6b752fcff37f05986  x86_64/2006.0/RPMS/lib64gda2.0_3-devel-1.2.2-2.2.20060mdk.x86_64.rpm
 16c1de82d2b1996adeb4577b1ff9cdcd  x86_64/2006.0/SRPMS/gda2.0-1.2.2-2.2.20060mdk.src.rpm

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2958

Upgrade

To upgrade automatically, use MandrivaUpdate.

Verification

Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :

                rpm --checksig package.rpm

You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.

If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.

URL:

https://mandriva.com/security/advisories

Short link:

https://mandriva.com/content/view/full/1075

Intersites Menu

Mandriva

Tools

Top menu

Advisories

Footer