%package libtiff-progs libtiff3 libtiff3-devel libtiff3-static-devel Updated: Tue Oct 19 12:49:38 2004 Importance: security %pre Several vulnerabilities have been discovered in the libtiff package: Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CAN-2004-0803) Matthias Clasen discovered a division by zero through an integer overflow. (CAN-2004-0804) Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CAN-2004-0886) %description The libtiff package contains a library of functions for manipulating TIFF (Tagged Image File Format) image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. %package libwxgtk2.5_1 libwxgtk2.5_1-devel libwxgtkgl2.5_1 wxGTK2.5 Updated: Thu Oct 21 12:11:16 2004 Importance: security %pre Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities: Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execution. (CAN-2004-0803) Matthias Clasen discovered a division by zero through an integer overflow. (CAN-2004-0804) Dmitry V. Levin discovered several integer overflows that caused malloc issues which can result to either plain crash or memory corruption. (CAN-2004-0886) %description wxWindows is a free C++ library for cross-platform GUI development. With wxWindows, you can create applications for different GUIs (GTK+, Motif/LessTif, MS Windows, Mac) from the same source code. %package squid Updated: Thu Oct 21 12:11:16 2004 Importance: security %pre iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through the validations performed by the ASN1 parser, leading to the server assuming there is heap corruption or some other exceptional condition, and closing all current connections then restarting. Squid 2.5.STABLE7 has been released to address this issue; the provided packages are patched to fix the issue. %description Squid is a high-performance proxy caching server for Web clients, supporting FTP, gopher, and HTTP data objects. Unlike traditional caching software, Squid handles all requests in a single, non-blocking, I/O-driven process. Squid keeps meta data and especially hot objects cached in RAM, caches DNS lookups, supports non-blocking DNS lookups, and implements negative caching of failed requests. Squid consists of a main server program squid, a Domain Name System lookup program (dnsserver), a program for retrieving FTP data (ftpget), and some management and client tools. Install squid if you need a proxy caching server. %package gpdf Updated: Thu Oct 21 14:20:57 2004 Importance: security %pre Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code: Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like gpdf which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. The updated packages are patched to protect against these vulnerabilities. %description GNOME PDF Viewer, based on xpdf %package xpdf Updated: Thu Oct 21 14:20:57 2004 Importance: security %pre Chris Evans discovered numerous vulnerabilities in the xpdf package: Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. (0888) Multiple integer overflow issues affecting xpdf-3.0 only. These can result in DoS or possibly arbitrary code execution. (0889) Chris also discovered issues with infinite loop logic error affecting xpdf-3.0 only. The updated packages are patched to deal with these issues. %description Xpdf is an X Window System based viewer for Portable Document Format (PDF) files. PDF files are sometimes called Acrobat files, after Adobe Acrobat (Adobe's PDF viewer). Xpdf is a small and efficient program which uses standard X fonts. %package kdegraphics kdegraphics-common kdegraphics-kdvi kdegraphics-kfax kdegraphics-kghostview kdegraphics-kiconedit kdegraphics-kooka kdegraphics-kpaint kdegraphics-kpdf kdegraphics-kpovmodeler kdegraphics-kruler kdegraphics-ksnapshot kdegraphics-ksvg kdegraphics-kuickshow kdegraphics-kview kdegraphics-mrmlsearch libkdegraphics0-common libkdegraphics0-common-devel libkdegraphics0-kooka libkdegraphics0-kooka-devel libkdegraphics0-kpovmodeler libkdegraphics0-kpovmodeler-devel libkdegraphics0-ksvg libkdegraphics0-ksvg-devel libkdegraphics0-kuickshow libkdegraphics0-kview libkdegraphics0-kview-devel libkdegraphics0-mrmlsearch libkdegraphics0-kghostview libkdegraphics0-kghostview-devel Updated: Thu Oct 21 14:20:57 2004 Importance: security %pre Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as kpdf: Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like kpdf which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. The updated packages are patched to protect against these vulnerabilities. %description Graphical tools for the K Desktop Environment. kdegraphics is a collection of graphic oriented applications: - kamera: digital camera io_slave for Konqueror. Together gPhoto this allows you to access your camera's picture with the URL kamera:/ - kcoloredit: contains two programs: a color value editor and also a color picker - kdvi: program (and embeddable KPart) to display *.DVI files from TeX - kfax: a program to display raw and tiffed fax images (g3, g3-2d, g4) - kfaxview: an embeddable KPart to display tiffed fax images - kfile-plugins: provide meta information for graphic files - kghostview: program (and embeddable KPart) to display *.PDF and *.PS - kiconedit: an icon editor - kooka: a raster image scan program, based on SANE and libkscan - kpaint: a simple pixel oriented image drawing program - kruler: a ruler in inch, centimeter and pixel to check distances on the screen - ksnapshot: make snapshots of the screen contents - kuickshow: fast and comfortable imageviewer - kview: picture viewer, provided as standalone program and embeddable KPart - kviewshell: generic framework for viewer applications %package cups cups-common cups-serial libcups2 libcups2-devel Updated: Thu Oct 21 14:20:57 2004 Importance: security %pre Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code: Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution. (CAN-2004-0888) Also, when CUPS debugging is enabled, device URIs containing username and password end up in error_log. This information is also visible via "ps". (CAN-2004-0923) The updated packages are patched to protect against these vulnerabilities. %description The Common Unix Printing System provides a portable printing layer for UNIX(TM) operating systems. It has been developed by Easy Software Products to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces. This is the main package needed for CUPS servers (machines where a printer is connected to or which host a queue for a network printer). It can also be used on CUPS clients so that they simply pick up broadcasted printer information from other CUPS servers and do not need to be assigned to a specific CUPS server by an /etc/cups/client.conf file. %package gaim gaim-devel gaim-festival gaim-gevolution gaim-perl gaim-tcl libgaim-remote0 libgaim-remote0-devel Updated: Mon Nov 01 09:30:35 2004 Importance: security %pre A vulnerability in the MSN protocol handler in the gaim instant messenger application was discovered. When receiving unexpected sequences of MSNSLP messages, it is possible that an attacker could trigger an internal buffer overflow which ould lead to a crash or even code execution as the user running gaim. The updated packages are patched to fix this problem. This problem does not affect Mandrakelinux 10.0 installations. %description Gaim allows you to talk to anyone using a variety of messaging protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just load the plugin for it. Gaim supports many common features of other clients, as well as many unique features, such as perl scripting and C plugins. Gaim is NOT affiliated with or endorsed by AOL. %package perl-Archive-Zip Updated: Mon Nov 01 09:30:35 2004 Importance: security %pre Recently, it was noticed that several antivirus programs miss viruses that are contained in ZIP archives with manipulated directory data. The global archive directory of these ZIP file have been manipulated to indicate zero file sizes. Archive::Zip produces files of zero length when decompressing this type of ZIP file. This causes AV products that use Archive::ZIP to fail to detect viruses in manipulated ZIP archives. One of these products is amavisd-new. The updated packages are patched to fix this problem. %description Provide an interface to ZIP archive files. %package libmysql12 libmysql12-devel MySQL MySQL-Max MySQL-bench MySQL-client MySQL-common Updated: Mon Nov 01 09:30:35 2004 Importance: security %pre A number of problems have been discovered in the MySQL database server: Jeroen van Wolffelaar discovered an insecure temporary file vulnerability in the mysqlhotcopy script when using the scp method (CAN-2004-0457). Oleksandr Byelkin discovered that the "ALTER TABLE ... RENAME" would check the CREATE/INSERT rights of the old table rather than the new one (CAN-2004-0835). Lukasz Wojtow discovered a buffer overrun in the mysql_real_connect function (CAN-2004-0836). Dean Ellis discovered that multiple threads ALTERing the same (or different) MERGE tables to change the UNION can cause the server to crash or stall (CAN-2004-0837). The updated MySQL packages have been patched to protect against these issues. %description The MySQL(TM) software delivers a very fast, multi-threaded, multi-user, and robust SQL (Structured Query Language) database server. MySQL Server is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software. MySQL is a trademark of MySQL AB. The MySQL software has Dual Licensing, which means you can use the MySQL software free of charge under the GNU General Public License (http://www.gnu.org/licenses/). You can also purchase commercial MySQL licenses from MySQL AB if you do not wish to be bound by the terms of the GPL. See the chapter "Licensing and Support" in the manual for further info. The MySQL web site (http://www.mysql.com/) provides the latest news and information about the MySQL software. Also please see the documentation and the manual for more information. %package mpg123 Updated: Mon Nov 01 10:31:37 2004 Importance: security %pre Carlos Barros discovered two buffer overflow vulnerabilities in mpg123; the first in the getauthfromURL() function and the second in the http_open() function. These vulnerabilities could be exploited to possibly execute arbitrary code with the privileges of the user running mpg123. The provided packages are patched to fix these issues, as well additional boundary checks that were lacking have been included (thanks to the Gentoo Linux Sound Team for these additional fixes). %description Mpg123 is a fast, free and portable MPEG audio player for Unix. It supports MPEG 1.0/2.0 layers 1, 2 and 3 ("mp3" files). For full CD quality playback (44 kHz, 16 bit, stereo) a fast CPU is required. Mono and/or reduced quality playback (22 kHz or 11 kHz) is possible on slow CPUs (like Intel 486). For information on the MP3 License, please visit: http://www.mpeg.org/ %package netatalk netatalk-devel Updated: Mon Nov 01 10:50:35 2004 Importance: security %pre The etc2ps.sh script, part of the netatalk package, creates files in /tmp with predicatable names which could allow a local attacker to use symbolic links to point to a valid file on the filesystem which could lead to the overwriting of arbitrary files if etc2ps.sh is executed by someone with enough privilege. The updated packages are patched to prevent this problem. %description netatalk is an implementation of the AppleTalk Protocol Suite for Unix/Linux systems. The current release contains support for Ethertalk Phase I and II, DDP, RTMP, NBP, ZIP, AEP, ATP, PAP, ASP, and AFP. It provides Appletalk file printing and routing services on Solaris 2.5, Linux, FreeBSD, SunOS 4.1 and Ultrix 4. It also supports AFP 2.1 and 2.2 (Appleshare IP). Note: The default configuration disables both guest accounts and plain-text passwords. To enable these options, review the configuration file /etc/netatalk/afpd.conf. %package mod_ssl Updated: Mon Nov 01 11:06:43 2004 Importance: security %pre A vulnerability in mod_ssl was discovered by Hartmut Keil. After a renegotiation, mod_ssl would fail to ensure that the requested cipher suite is actually negotiated. The provided packages have been patched to prevent this problem. %description The mod_ssl project provides strong cryptography for the Apache 1.3 webserver via the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols by the help of the Open Source SSL/TLS toolkit OpenSSL, which is based on SSLeay from Eric A. Young and Tim J. Hudson. The mod_ssl package was created in April 1998 by Ralf S. Engelschall and was originally derived from software developed by Ben Laurie for use in the Apache-SSL HTTP server project. The mod_ssl package is licensed under a BSD-style licence, which basically means that you are free to get and use it for commercial and non-commercial purposes. %package apache2 apache2-common apache2-devel apache2-manual apache2-mod_dav apache2-mod_ldap apache2-mod_ssl apache2-modules apache2-source apache2-mod_cache apache2-mod_deflate apache2-mod_disk_cache apache2-mod_file_cache apache2-mod_mem_cache apache2-mod_proxy Updated: Mon Nov 01 11:06:43 2004 Importance: security %pre A vulnerability in mod_ssl was discovered by Hartmut Keil. After a renegotiation, mod_ssl would fail to ensure that the requested cipher suite is actually negotiated. The provided packages have been patched to prevent this problem. %description This package contains the main binary of apache2, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache2 is fully modular, and many modules are available in pre-compiled formats, like PHP4 and mod_auth_external. Check for available Apache2 modules for MandrakeLinux at: http://www.deserve-it.com/modules_for_apache2.html (most of them can be installed from the contribs repository) You can build apache2 with some conditional build swithes; (ie. use with rpm --rebuild): --with debug Compile with debugging code %package perl-MIME-tools Updated: Mon Nov 01 11:06:43 2004 Importance: security %pre There is a bug in MIME-tools, where it mis-parses things like boundary="". Some viruses use an empty boundary, which may allow unapproved parts through MIMEDefang. The updated packages are patched to fix this problem. %description MIME-tools - modules for parsing (and creating!) MIME entities Modules in this toolkit : Abstract message holder (file, scalar, etc.), OO interface for decoding MIME messages, an extracted and decoded MIME entity, Mail::Field subclasses for parsing fields, a parsed MIME header (Mail::Header subclass), parser and tool for building your own MIME parser, and utilities. %package perl perl-doc perl-devel perl-base Updated: Mon Nov 01 11:06:43 2004 Importance: security %pre Updated perl-MIME-tools requires MIME::Base64 version 3.03. Since MIME::Base64 is integrated in the perl package on Mandakelinux, these updates now provide the newer version. The updated packages are patched to fix this problem. %description Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications (and what it excels at) are probably system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. You need perl-base to have a full perl. %package libxorg-x11 libxorg-x11-devel libxorg-x11-static-devel xorg-x11-100dpi-fonts xorg-x11-75dpi-fonts xorg-x11 xorg-x11-Xnest xorg-x11-Xvfb xorg-x11-cyrillic-fonts xorg-x11-doc xorg-x11-glide-module xorg-x11-server xorg-x11-xfs Updated: Thu Nov 04 12:00:31 2004 Importance: security %pre Updated xorg-x11 packages fix libXpm overflow vulnerabilities %description Chris Evans found several stack and integer overflows in the libXpm code of X.Org/XFree86: Stack overflows (CAN-2004-0687): Careless use of strcat() in both the XPMv1 and XPMv2/3 xpmParseColors code leads to a stack based overflow (parse.c). Stack overflow reading pixel values in ParseAndPutPixels (create.c) as well as ParsePixels (parse.c). Integer Overflows (CAN-2004-0688): Integer overflow allocating colorTable in xpmParseColors (parse.c) - probably a crashable but not exploitable offence. Additionally, the xorg-x11 packages have been patched with a backport from cvs to resolve a failure running the lsb-test-vsw4 test suite, which will soon be required for LSB2.0 compliance. The updated packages have patches from Chris Evans and Matthieu Herrb to address these vulnerabilities. %description If you want to install the X Window System (TM) on your machine, you'll need to install X11. The X Window System provides the base technology for developing graphical user interfaces. Simply stated, X draws the elements of the GUI on the user's screen and builds methods for sending user interactions back to the application. X also supports remote application deployment--running an application on another computer while viewing the input/output on your machine. X is a powerful environment which supports many different applications, such as games, programming tools, graphics programs, text editors, etc. This package contains the basic fonts, programs and documentation for an X workstation. You will also need the X11-server package, which contains the program which drives your video hardware. In addition to installing this package, you will need to install the drakxtools package to configure your card using XFdrake. You may also need to install one of the X11 fonts packages. And finally, if you are going to develop applications that run as X clients, you will also need to install libxorg-x11-devel. %package kaffeine Updated: Thu Nov 04 12:00:31 2004 Importance: bugfix %pre Various packages are now available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition: - Konqueror and/or KDE itself would freeze when plugging in a USB key - LIBDIR was improperly set for x86_64 in KDE - Konqueror fixes: fix loading nsplugins to load external module and fix a creash in keditbookmark - a bug in kaffeine would delete the temporary file for a downloaded web file before it was read - fixed improper naming of the krozat screensaver in french - a bug in knotes prevented notes from being written to the correct location - kwrite menu generation was broken - the audiocd.desktop for kcontrol was in the wrong location Note that some of these packages are fixed in the 10.1/x86_64 official version already and so are not included here. %description Kaffeine is a Xine-based Media Player for QT/KDE3. %package kdebase kdebase-common kdebase-kate kdebase-kcontrol-data kdebase-kdeprintfax kdebase-kdm kdebase-kdm-config-file kdebase-kmenuedit kdebase-konsole kdebase-nsplugins kdebase-progs libkdebase4 libkdebase4-devel libkdebase4-kate libkdebase4-kate-devel libkdebase4-kmenuedit libkdebase4-konsole Updated: Thu Nov 04 12:00:31 2004 Importance: bugfix %pre Various packages are now available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition: - Konqueror and/or KDE itself would freeze when plugging in a USB key - LIBDIR was improperly set for x86_64 in KDE - Konqueror fixes: fix loading nsplugins to load external module and fix a creash in keditbookmark - a bug in kaffeine would delete the temporary file for a downloaded web file before it was read - fixed improper naming of the krozat screensaver in french - a bug in knotes prevented notes from being written to the correct location - kwrite menu generation was broken - the audiocd.desktop for kcontrol was in the wrong location Note that some of these packages are fixed in the 10.1/x86_64 official version already and so are not included here. %description Core applications for the K Desktop Environment. Here is an overview of the directories: - drkonqi: if ever an app crashes (heaven forbid!) then Dr.Konqi will be so kind and make a stack trace. This is a great help for the developers to fix the bug. - kappfinder: searches your hard disk for non-KDE applications, e.g. Acrobat Reader (tm) and installs those apps under the K start button - kate: a fast and advanced text editor with nice plugins - kcheckpass: small program to enter and check passwords, only to be used by other programs - kcontrol: the KDE Control Center allows you to tweak the KDE settings - kdcop: GUI app to browse for DCOP interfaces, can also execute them - kdebugdialog: allows you to specify which debug messages you want to see - kdeprint: the KDE printing system - kdesktop: you guessed it: the desktop above the panel - kdesu: a graphical front end to "su" - kdm: replacement for XDM, for those people that like graphical logins - kfind: find files - khelpcenter: the app to read all great documentation about KDE - khotkeys: intercepts keys and can call applications - kicker: the panel at the botton with the K start button and the taskbar etc - kioslave: infrastructure that helps make every application internet enabled e.g. to directly save a file to ftp://place.org/dir/file.txt - klipper: enhances and extenses the X clipboard - kmenuedit: edit for the menu below the K start button - konqueror: the file manager and web browser you get easily used to - kpager: applet to show the contents of the virtual desktops - kpersonalizer: the customization wizard you get when you first start KDE - kreadconfig: a tool for shell scripts to get info from KDE's config files - kscreensaver: the KDE screensaver environment and lot's of savers - ksmserver: the KDE session manager (saves program status on login, restarts those program at the next login) - ksplash: the screen displayed while KDE starts - kstart: to launch applications with special window properties such as iconified etc - ksysguard: task manager and system monitor, even for remote systems - ksystraycmd: allows to run any application in the system tray - ktip: gives you tips how to use KDE - kwin: the KDE window manager - kxkb: a keyboard map tool - legacyimport: odd name for a cute program to load GTK themes - libkonq: some libraries needed by Konqueror - nsplugins: together with OSF/Motif or Lesstif allows you to use Netscape (tm) plugins in Konqueror %package kdepim kdepim-common kdepim-kaddressbook kdepim-karm kdepim-kmail kdepim-knode kdepim-knotes kdepim-kontact kdepim-korganizer kdepim-korn kdepim-kpilot libkdepim2-common libkdepim2-common-devel libkdepim2-kaddressbook libkdepim2-kaddressbook-devel libkdepim2-kmail libkdepim2-kmail-devel libkdepim2-knode libkdepim2-knode-devel libkdepim2-kontact libkdepim2-kontact-devel libkdepim2-korganizer libkdepim2-korganizer-devel libkdepim2-kpilot libkdepim2-kpilot-devel Updated: Thu Nov 04 12:00:31 2004 Importance: bugfix %pre Various packages are now available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition: - Konqueror and/or KDE itself would freeze when plugging in a USB key - LIBDIR was improperly set for x86_64 in KDE - Konqueror fixes: fix loading nsplugins to load external module and fix a creash in keditbookmark - a bug in kaffeine would delete the temporary file for a downloaded web file before it was read - fixed improper naming of the krozat screensaver in french - a bug in knotes prevented notes from being written to the correct location - kwrite menu generation was broken - the audiocd.desktop for kcontrol was in the wrong location Note that some of these packages are fixed in the 10.1/x86_64 official version already and so are not included here. %description Information Management applications for the K Desktop Environment. - kaddressbook: The KDE addressbook application. - kandy: sync phone book entries between your cell phone and computer ("kandy" comes from "Handy", the german word used for a cellular) - korganizer: a calendar-of-events and todo-list manager - kpilot: to sync with your PalmPilot - kalarm: gui for setting up personal alarm/reminder messages - kalarmd: personal alarm/reminder messages daemon, shared by korganizer and kalarm. - kaplan: A shell for the PIM apps, still experimental. - karm: Time tracker. - kitchensync: Synchronisation framework, still under heavy development. - kfile-plugins: vCard KFIleItem plugin. - knotes: yellow notes application - konsolecalendar: Command line tool for accessing calendar files. - kmail: universal mail client - kmailcvt: converst addressbooks to kmail format %package krozat Updated: Thu Nov 04 12:00:31 2004 Importance: bugfix %pre Various packages are now available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition: - Konqueror and/or KDE itself would freeze when plugging in a USB key - LIBDIR was improperly set for x86_64 in KDE - Konqueror fixes: fix loading nsplugins to load external module and fix a creash in keditbookmark - a bug in kaffeine would delete the temporary file for a downloaded web file before it was read - fixed improper naming of the krozat screensaver in french - a bug in knotes prevented notes from being written to the correct location - kwrite menu generation was broken - the audiocd.desktop for kcontrol was in the wrong location Note that some of these packages are fixed in the 10.1/x86_64 official version already and so are not included here. %description This package contains the default Mandrake Linux screensaver for KDE. %package kdemultimedia kdemultimedia-common kdemultimedia-juk kdemultimedia-kaboodle kdemultimedia-kaudiocreator kdemultimedia-kmid kdemultimedia-kmidi kdemultimedia-kmix kdemultimedia-krec kdemultimedia-kscd kdemultimedia-noatun libkdemultimedia1-common libkdemultimedia1-common-devel libkdemultimedia1-kaboodle libkdemultimedia1-kmix libkdemultimedia1-krec libkdemultimedia1-kscd libkdemultimedia1-kscd-devel libkdemultimedia1-noatun libkdemultimedia1-noatun-devel Updated: Thu Nov 04 12:00:31 2004 Importance: bugfix %pre Various packages are now available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition: - Konqueror and/or KDE itself would freeze when plugging in a USB key - LIBDIR was improperly set for x86_64 in KDE - Konqueror fixes: fix loading nsplugins to load external module and fix a creash in keditbookmark - a bug in kaffeine would delete the temporary file for a downloaded web file before it was read - fixed improper naming of the krozat screensaver in french - a bug in knotes prevented notes from being written to the correct location - kwrite menu generation was broken - the audiocd.desktop for kcontrol was in the wrong location Note that some of these packages are fixed in the 10.1/x86_64 official version already and so are not included here. %description Multimedia tools for the K Desktop Environment. - noatun: a multimedia player for sound and movies, very extensible due to it's plugin interface - kaudiocreator: CD ripper and audio encoder frontend. - kaboodle: light media player - kmid: A standalone and embeddable midi player, includes a karaoke-mode - kmix: the audio mixer as a standalone program and Kicker applet - kscd: A CD player with an interface to the internet CDDB database - krec: A recording frontend using aRts %package iptables iptables-ipv6 iptables-devel Updated: Thu Nov 04 14:03:18 2004 Importance: security %pre Faheem Mitha discovered that the iptables tool would not always load the required modules on its own as it should have, which could in turn lead to firewall rules not being loaded on system startup in some cases. The updated packages are patched to prevent this problem. %description iptables controls the Linux kernel network packet filtering code. It allows you to set up firewalls and IP masquerading, etc. Install iptables if you need to set up firewalling for your network. Install this only if you are using the 2.4 or 2.6 kernels!! %package shadow-utils Updated: Thu Nov 04 14:03:18 2004 Importance: security %pre A vulnerability in the shadow suite was discovered by Martin Schulze that can be exploited by local users to bypass certain security restrictions due to an input validation error in the passwd_check() function. This function is used by the chfn and chsh tools. The updated packages have been patched to prevent this problem. %description The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format, plus programs for managing user and group accounts. The pwconv command converts passwords to the shadow password format. The pwunconv command unconverts shadow passwords and generates an npasswd file (a standard UNIX password file). The pwck command checks the integrity of password and shadow files. The lastlog command prints out the last login times for all users. The useradd, userdel and usermod commands are used for managing user accounts. The groupadd, groupdel and groupmod commands are used for managing group accounts. %package libxml1 libxml1-devel Updated: Thu Nov 04 14:03:18 2004 Importance: security %pre Multiple buffer overflows were reported in the libxml XML parsing library. These vulnerabilities may allow remote attackers to execute arbitray code via a long FTP URL that is not properly handled by the xmlNanoFTPScanURL() function, a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy() function, and other overflows in the code that resolves names via DNS. The updated packages have been patched to prevent these issues. %description This library allows you to manipulate XML files. %package libxml2 libxml2-devel libxml2-python libxml2-utils Updated: Thu Nov 04 14:03:18 2004 Importance: security %pre Multiple buffer overflows were reported in the libxml XML parsing library. These vulnerabilities may allow remote attackers to execute arbitray code via a long FTP URL that is not properly handled by the xmlNanoFTPScanURL() function, a long proxy URL containing FTP data that is not properly handled by the xmlNanoFTPScanProxy() function, and other overflows in the code that resolves names via DNS. The updated packages have been patched to prevent these issues. %description This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or later once the document has been modified. The output can be a simple SAX stream or and in-memory DOM like representations. In this case one can use the built-in XPath and XPointer implementation to select subnodes or ranges. A flexible Input/Output mechanism is available, with existing HTTP and FTP modules and combined to an URI library. %package ruby ruby-devel ruby-doc ruby-tk Updated: Mon Nov 08 09:45:12 2004 Importance: security %pre Andres Salomon noticed a problem with the CGI session management in Ruby. The CGI:Session's FileStore implementations store session information in an insecure manner by just creating files and ignoring permission issues (CAN-2004-0755). The ruby developers have corrected a problem in the ruby CGI module that can be triggered remotely and cause an inifinite loop on the server (CAN-2004-0983). The updated packages are patched to prevent these problems. %description Ruby is the interpreted scripting language for quick and easy object-oriented programming. It has many features to process text files and to do system management tasks (as in Perl). It is simple, straight-forward, and extensible. %package webmin Updated: Wed Nov 11 10:22:43 2004 Importance: bugfix %pre There was a problem with two modules in the webmin package that did not work correctly: the cron and backup modules. The updates packages fix the problem so the modules will again work. %description A web-based administration interface for Unix systems. Using Webmin you can configure DNS, Samba, NFS, local/remote filesystems, Apache, Sendmail/Postfix, and more using your web browser. After installation, enter the URL https://localhost:10000/ into your browser and login as root with your root password. Please consider logging in and modify your password for security issue. PLEASE NOTE THAT THIS VERSION NOW USES SECURE WEB TRANSACTIONS: YOU HAVE TO LOGIN TO "https://localhost:10000/" AND NOT "http://localhost:10000/". %package speedtouch Updated: Wed Nov 11 10:22:43 2004 Importance: security %pre The Speedtouch USB driver contains a number of format string vulnerabilities due to improperly made syslog() system calls. These vulnerabilities can be abused by a local used to potentially allow the execution of arbitray code with elevated privileges. The updated packages have been patched to prevent this problem. %description ALCATEL SpeedTouch USB ADSL modem user-space driver. This package contains all the necessary software to use your SpeedTouch USB modem under Linux. It currently support only PPPoA encapsulation. %package ez-ipupdate Updated: Wed Nov 11 10:22:43 2004 Importance: security %pre Ulf Harnhammar discovered a format string vulnerability in ez-ipupdate, a client for many dynamic DNS services. The updated packages are patched to protect against this problem. %description ez-ipupdate is a small utility for updating your host name for any of the dynamic DNS service offered at: * http://www.ez-ip.net * http://www.justlinux.com * http://www.dhs.org * http://www.dyndns.org * http://www.ods.org * http://gnudip.cheapnet.net (GNUDip) * http://www.dyn.ca (GNUDip) * http://www.tzo.com * http://www.easydns.com * http://www.dyns.cx * http://www.hn.org * http://www.zoneedit.com it is pure C and works on Linux, *BSD and Solaris. Don't forget to create your own config file ( in /etc/ez-ipupdate.conf ) You can find some example in /usr/share/doc/ez-ipupdate-3.0.11b8 %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel nss_wins samba-client samba-common samba-doc samba-passdb-mysql samba-passdb-pgsql samba-passdb-xml samba-server samba-swat samba-winbind samba-vscan-clamav samba-vscan-icap Updated: Wed Nov 11 10:22:43 2004 Importance: security %pre Karol Wiesek discovered a bug in the input validation routines in Samba 3.xu sed to match filename strings containing wildcard characters. This bug may allow a user to consume more than normal amounts of CPU cycles which would impact the performance and response of the server. In some cases it could also cause the server to become entirely unresponsive. The updated packages are patched to prevent this problem with patches from the Samba team. This vulnerability is fixed in samba 3.0.8. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package sudo Updated: Mon Nov 15 10:50:04 2004 Importance: security %pre Liam Helmer discovered a flow in sudo's environment sanitizing. This flaw could allow a malicious users with permission to run a shell script that uses the bash shell to run arbitrary commands. The problem is fixed in sudo 1.6.8p2; the provided packages have been patched to correct the issue. %description Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. %package gd-utils libgd2 libgd2-devel libgd2-static-devel Updated: Mon Nov 15 10:50:04 2004 Importance: security %pre Integer overflows were reported in the GD Graphics Library (libgd) 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx() function. The updated packages have been patched to prevent these issues. %description gd is a graphics library. It allows your code to quickly draw images complete with lines, arcs, text, multiple colors, cut and paste from other images, and flood fills, and write out the result as a PNG or JPEG file. This is particularly useful in World Wide Webapplications, where PNG and JPEG are two of the formats accepted for inlineimages by most browsers. gd is not a paint program. If you are looking for a paint program, you are looking in the wrong place. If you are not a programmer, you are looking in the wrong place. gd does not provide for every possible desirable graphics operation. It is not necessary or desirable for gd to become a kitchen-sink graphics package, but version 1.7.3 incorporates most of the commonly requested features for an 8-bit 2D package. GIF creation will not reappear in gd until the patent expires world-wide on July 7th, 2004. I realize this situation is frustrating for many; please direct your anger and complaints toward the questionable patent system that allows the patenting of such straightforward algorithms in the first place. To enable GIF support use a commandline like: rpm -rebuild --with gif gd-2.0.27-3.2.101mdk.src.rpm %package apache apache-devel apache-modules apache-source Updated: Mon Nov 15 10:50:04 2004 Importance: security %pre A possible buffer overflow exists in the get_tag() function of mod_include, and if SSI (Server Side Includes) are enabled, a local attacker may be able to run arbitrary code with the rights of an httpd child process. This could be done with a special HTML document using malformed SSI. The updated packages have been patched to prevent this problem. %description Apache is a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of Apache includes many optimizations, Extended Application Programming Interface (EAPI), Shared memory module, hooks for SSL modules, and several patches/cosmetic improvements. It is also fully modular, and many modules are available in pre-compiled format, like PHP4, the Hotwired XSSI module and Apache-ASP. Also included are special patches to enable FrontPage 2000 support (see mod_frontpage package). %package apache2 apache2-common apache2-devel apache2-manual apache2-mod_dav apache2-mod_ldap apache2-modules apache2-source apache2-mod_cache apache2-mod_deflate apache2-mod_disk_cache apache2-mod_file_cache apache2-mod_mem_cache apache2-mod_proxy apache2-worker Updated: Mon Nov 15 10:50:04 2004 Importance: security %pre A vulnerability in apache 2.0.35-2.0.52 was discovered by Chintan Trivedi; he found that by sending a large amount of specially- crafted HTTP GET requests, a remote attacker could cause a Denial of Service on the httpd server. This vulnerability is due to improper enforcement of the field length limit in the header-parsing code. The updated packages have been patched to prevent this problem. %description This package contains the main binary of apache2, a powerful, full-featured, efficient and freely-available Web server. Apache is also the most popular Web server on the Internet. This version of apache2 is fully modular, and many modules are available in pre-compiled formats, like PHP4 and mod_auth_external. Check for available Apache2 modules for MandrakeLinux at: http://www.deserve-it.com/modules_for_apache2.html (most of them can be installed from the contribs repository) You can build apache2 with some conditional build swithes; (ie. use with rpm --rebuild): --with debug Compile with debugging code %package bootloader-utils Updated: Wed Nov 17 15:36:20 2004 Importance: bugfix %pre A problem with generating kernel headers exists when using the newer kernel-i686-up-64GB package. The updated bootloader-utils package corrects the issue. %description Utils needed to install/remove a kernel. Also for updating bootloaders. %package totem Updated: Wed Nov 17 15:36:20 2004 Importance: bugfix %pre There is a problem in the totem package where in some cases when running totem a blue screen would appear. Resizing the screen seems to fix the problem temporarily, however upon minimizing or maximizing the screen it would once again become blue. The updated packages are patched to correct this problem. %description Totem is simple movie player for the Gnome desktop based on xine. It features a simple playlist, a full-screen mode, seek and volume controls, as well as a pretty complete keyboard navigation. %package ldetect-lst ldetect-lst-devel Updated: Wed Nov 17 15:36:20 2004 Importance: bugfix %pre Fixes for ldetect-lst include: - do not wrongly detect some sound cards - disambiguate media devices (eg: TV cards vs SAT cards) - add a few PCMCIA, SATA and centrino entries - add a few missing description - add Sagem Fast 800 E3 %description The hardware device lists provided by this package are used as lookup table to get hardware autodetection %package ldetect ldetect-devel Updated: Wed Nov 17 15:36:20 2004 Importance: bugfix %pre Fixes for ldetect-lst include: - do not wrongly detect some sound cards - disambiguate media devices (eg: TV cards vs SAT cards) - add a few PCMCIA, SATA and centrino entries - add a few missing description - add Sagem Fast 800 E3 %description The hardware device lists provided by this package are used as lookup table to get hardware autodetection %package drakxtools drakxtools-backend drakxtools-http drakxtools-newt harddrake harddrake-ui Updated: Wed Nov 17 15:36:20 2004 Importance: bugfix %pre A number of fixes are available in the updated drakxtools package: - in drakconnect, ifcfg files are only readble by root when a WEP key is set - add support for Philips Semiconductors DSL card in drakconnect - update/add ADSL ISP entries in drakconnect - create cfg dir if needed in drakTermServ - ignore vmnet for broadcast address in drakTermServ - use xorg.conf file in drakTermServ - touch dhcp.conf.etherboot.kernel in drakTermServ - fix configuration fcitx IM in localedrake %description Contains many Mandrakelinux applications simplifying users and administrators life on a Mandrakelinux machine. Nearly all of them work both under XFree (graphical environment) and in console (text environment), allowing easy distant work. drakbug: interactive bug report tool drakbug_report: help find bugs in DrakX drakclock: date & time configurator drakfloppy: boot disk creator drakfont: import fonts in the system draklog: show extracted information from the system logs draknet_monitor: connection monitoring drakperm: msec GUI (permissions configurator) drakprinter: detect and configure your printer draksec: security options managment / msec frontend draksplash: bootsplash themes creation drakTermServ: terminal server configurator listsupportedprinters: list printers net_applet: applet to check network connection %package kdeutils-kfloppy Updated: Thu Nov 18 14:48:55 2004 Importance: bugfix %pre A problem with kfloppy and udev exists that prevent users from formatting floppy disks. The updated packages correct the issue. %description Kfloppy allows to format a floppy disks with this app %package clamav clamav-db clamav-milter libclamav1 libclamav1-devel clamd Updated: Thu Nov 18 14:48:55 2004 Importance: bugfix %pre The clamav databases for clamav version 0.75.1 no longer update, but rather return an error that the user needs to upgrade immediately. This update provides clamav 0.80 which allows for the databases to be updated. %description Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail seversions (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. %package libsmbclient0 libsmbclient0-devel libsmbclient0-static-devel nss_wins samba-client samba-common samba-doc samba-passdb-mysql samba-passdb-pgsql samba-passdb-xml samba-server samba-swat samba-winbind samba-vscan-clamav samba-vscan-icap Updated: Thu Nov 18 14:48:55 2004 Importance: security %pre Steffan Esser discovered that invalid bounds checking in reply to certain trans2 requests could result in a buffer overrun in smbd. This can only be exploited by malicious user able to create files with very specific Unicode filenames on a samba share. The updated packages have been patched to prevent this problem. %description Samba provides an SMB server which can be used to provide network services to SMB (sometimes called "Lan Manager") clients, including various versions of MS Windows, OS/2, and other Linux machines. Samba also provides some SMB clients, which complement the built-in SMB filesystem in Linux. Samba uses NetBIOS over TCP/IP (NetBT) protocols and does NOT need NetBEUI (Microsoft Raw NetBIOS frame) protocol. Samba-3.0 features working NT Domain Control capability and includes the SWAT (Samba Web Administration Tool) that allows samba's smb.conf file to be remotely managed using your favourite web browser. For the time being this is being enabled on TCP port 901 via xinetd. SWAT is now included in it's own subpackage, samba-swat. Please refer to the WHATSNEW.txt document for fixup information. This binary release includes encrypted password support. Please read the smb.conf file and ENCRYPTION.txt in the docs directory for implementation details. %package libxorg-x11 libxorg-x11-devel libxorg-x11-static-devel xorg-x11-100dpi-fonts xorg-x11-75dpi-fonts xorg-x11 xorg-x11-Xnest xorg-x11-Xvfb xorg-x11-cyrillic-fonts xorg-x11-doc xorg-x11-glide-module xorg-x11-server xorg-x11-xfs X11R6-contrib Updated: Mon Nov 22 14:40:12 2004 Importance: security %pre The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. A source code review of the XPM library, done by Thomas Biege of the SuSE Security-Team revealed several different kinds of bugs. These bugs include integer overflows, out-of-bounds memory access, shell command execution, path traversal, and endless loops. These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted xpm image. Updated packages are patched to correct all these issues. %description If you want to install the X Window System (TM) on your machine, you'll need to install X11. The X Window System provides the base technology for developing graphical user interfaces. Simply stated, X draws the elements of the GUI on the user's screen and builds methods for sending user interactions back to the application. X also supports remote application deployment--running an application on another computer while viewing the input/output on your machine. X is a powerful environment which supports many different applications, such as games, programming tools, graphics programs, text editors, etc. This package contains the basic fonts, programs and documentation for an X workstation. You will also need the X11-server package, which contains the program which drives your video hardware. In addition to installing this package, you will need to install the drakxtools package to configure your card using XFdrake. You may also need to install one of the X11 fonts packages. And finally, if you are going to develop applications that run as X clients, you will also need to install libxorg-x11-devel. %package libxpm4 libxpm4-devel Updated: Mon Nov 22 14:40:12 2004 Importance: security %pre The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. A source code review of the XPM library, done by Thomas Biege of the SuSE Security-Team revealed several different kinds of bugs. These bugs include integer overflows, out-of-bounds memory access, shell command execution, path traversal, and endless loops. These bugs can be exploited by remote and/or local attackers to gain access to the system or to escalate their local privileges, by using a specially crafted xpm image. Updated packages are patched to correct all these issues. %description The xpm package contains the XPM pixmap library for the X Window System. The XPM library allows applications to display color, pixmapped images, and is used by many popular X programs. %package cyrus-imapd cyrus-imapd-devel cyrus-imapd-murder cyrus-imapd-nntp cyrus-imapd-utils perl-Cyrus Updated: Thu Nov 25 12:11:34 MST 2004 Importance: security %pre A number of vulnerabilities in the Cyrus-IMAP server were found by Stefan Esser. Due to insufficient checking within the argument parser of the 'partial' and 'fetch' commands, a buffer overflow could be exploited to execute arbitrary attacker-supplied code. Another exploitable buffer overflow could be triggered in situations when memory allocation files. The provided packages have been patched to prevent these problems. %description The Cyrus IMAP Server is a scaleable enterprise mail system designed for use from small to large enterprise environments using standards-based technologies. A full Cyrus IMAP implementation allows a seamless mail and bulletin board environment to be set up across multiple servers. It differs from other IMAP server implementations in that it is run on "sealed" servers, where users are not normally permitted to log in. The mailbox database is stored in parts of the filesystem that are private to the Cyrus IMAP system. All user access to mail is through software using the IMAP, POP3, or KPOP protocols. TLSv1 and SSL are supported for security. This is the main package, install also the cyrus-imapd-utils package (it contains server administration tools and depends on the perl-Cyrus package). %package a2ps a2ps-devel a2ps-static-devel Updated: Thu Nov 25 15:08:20 2004 Importance: security %pre The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitray commands with the privileges of the user running the vulnerable application. The updated packages have been patched to prevent this problem. %description The a2ps filter converts text and other types of files to PostScript(TM). a2ps has pretty-printing capabilities and includes support for a wide number of programming languages, encodings (ISO Latins, Cyrillic, etc.), and medias. %package zip Updated: Thu Nov 25 15:08:34 2004 Importance: security %pre A vulnerability in zip was discovered where zip would not check the resulting path length when doing recursive folder compression, which could allow a malicious person to convince a user to create an archive containing a specially-crafted path name. By doing so, arbitrary code could be executed with the permissions of the user running zip. The updated packages are patched to prevent this problem. %description The zip program is a compression and file packaging utility. Zip is analogous to a combination of the UNIX tar and compress commands and is compatible with PKZIP (a compression and file packaging utility for MS-DOS systems). Install the zip package if you need to compress files using the zip program. This version support crypto encryption. %package kdebase kdebase-common kdebase-kate kdebase-kcontrol-data kdebase-kdeprintfax kdebase-kdm kdebase-kdm-config-file kdebase-kmenuedit kdebase-konsole kdebase-nsplugins kdebase-progs libkdebase4 libkdebase4-devel libkdebase4-kate libkdebase4-kate-devel libkdebase4-kmenuedit libkdebase4-konsole Updated: Thu Nov 25 17:03:41 2004 Importance: bugfix %pre A number of bugs in kdebase are fixed with this update: - fix screensaver duplicate entry - fix shortcut conflicts with OOo - fix device icon showing up when user doesn't want it to show up - fix kioslave fish encoding - fix kioslave smb "don't keep the password as part of the URL." - fix kicker applet proxy "delete the applet when the proxy goes away so that applet dtors get run!" - fix safari user agent (support new safari) - kde bug #68173: klipper workaround for acroread - kde bug #81833: "Fixed increasing memory usage when reloading a fullpage nsplugin" - kde bug #93832: kwin %description Core applications for the K Desktop Environment. Here is an overview of the directories: - drkonqi: if ever an app crashes (heaven forbid!) then Dr.Konqi will be so kind and make a stack trace. This is a great help for the developers to fix the bug. - kappfinder: searches your hard disk for non-KDE applications, e.g. Acrobat Reader (tm) and installs those apps under the K start button - kate: a fast and advanced text editor with nice plugins - kcheckpass: small program to enter and check passwords, only to be used by other programs - kcontrol: the KDE Control Center allows you to tweak the KDE settings - kdcop: GUI app to browse for DCOP interfaces, can also execute them - kdebugdialog: allows you to specify which debug messages you want to see - kdeprint: the KDE printing system - kdesktop: you guessed it: the desktop above the panel - kdesu: a graphical front end to "su" - kdm: replacement for XDM, for those people that like graphical logins - kfind: find files - khelpcenter: the app to read all great documentation about KDE - khotkeys: intercepts keys and can call applications - kicker: the panel at the botton with the K start button and the taskbar etc - kioslave: infrastructure that helps make every application internet enabled e.g. to directly save a file to ftp://place.org/dir/file.txt - klipper: enhances and extenses the X clipboard - kmenuedit: edit for the menu below the K start button - konqueror: the file manager and web browser you get easily used to - kpager: applet to show the contents of the virtual desktops - kpersonalizer: the customization wizard you get when you first start KDE - kreadconfig: a tool for shell scripts to get info from KDE's config files - kscreensaver: the KDE screensaver environment and lot's of savers - ksmserver: the KDE session manager (saves program status on login, restarts those program at the next login) - ksplash: the screen displayed while KDE starts - kstart: to launch applications with special window properties such as iconified etc - ksysguard: task manager and system monitor, even for remote systems - ksystraycmd: allows to run any application in the system tray - ktip: gives you tips how to use KDE - kwin: the KDE window manager - kxkb: a keyboard map tool - legacyimport: odd name for a cute program to load GTK themes - libkonq: some libraries needed by Konqueror - nsplugins: together with OSF/Motif or Lesstif allows you to use Netscape (tm) plugins in Konqueror %package kdelibs-common libkdecore4 libkdecore4-devel Updated: Thu Nov 25 17:04:45 2004 Importance: bugfix %pre A number of bugs in kdelibs are fixed with this update: - kde bug #53005: fix khtml auto width table - kde bug #63351: fix khtml rtl "Inverted logic for text-indent in RTL" - kde bug #75771: link to url without trailing slash is not marked as a visited link - kde bug #79269: fix khtml "ignore height element for input elements that are not image" - kde bug #87466: fix listbox in khtml - kde bug #91327: fixing the default margins for H{1-6} as they are in mozilla, IE, and Safari - kde bug #91439: fix kdatepicker reset toggle button - kde bug #91444: fix kdatepicker "show the uer what he's supposed to do" - kde bug #92066: fix khtml crash - kde bug #93193: clicking in textarea causes text to scroll - fix khtml iframe support "allow