Mandrake Local Security Checks : Mandriva Update for mes52 MDVA-2011:009 (mes52)

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.831347

Category: Mandrake Local Security Checks

Title: Mandriva Update for mes52 MDVA-2011:009 (mes52)

Summary: The remote host is missing an update for the 'mes52'; package(s) announced via the referenced advisory.

Description: Summary:
The remote host is missing an update for the 'mes52'
package(s) announced via the referenced advisory.

Vulnerability Insight:
This is an upgrade bundle of packages incorporating various fixes
for the upcoming Mandriva Enterprise Server 5.2 release:

mandriva-release-2009.0-14.4mdvmes5.2:

* mandriva release should be update to 5.2 release, with new major
features.

grub-0.97-30.1mdvmes5.2:

* Change CFLAGS to disable stack protector (since gfxboot is tweaking
stack and can crash it with protector enabled). Use -Os, used by
Fedora since 2002.

* Replace ext4 patch with the one from Fedora

* Patches 23 / 24: allow to specify multiple initrd on a single boot

* add fedora patch to support virtio partitions, fix #52397

* add patches from ubuntu:
o add support for uuid xxx instead of root (hdX, Y)
o add support GPT (from Marco Gerards)
o add patch varargs (since some changes are used by uuid patch)

xz-5.0.0-0.1mdvmes5.2:

* We need to have xz support on mes5.2 to be able to handle new
packages from cooker or next product 2011.0

ka-deploy-0.94.4-0.1mdvmes5.2:

* add missing script udev_creation.sh

* fix annoying bug to umount $CHROOT/dev

* fix a lot of bugs in fstab, grub preparation, remove udev persistent
rules on client node

* remove all old scripts, cleaning the spec file

* update ka script to support UUID, remove old mke2fs static binairie

* don't use patch on 32b and 64b release (break the ka-d-client)

* do not build with -m32, doesn't exist on arm and mips

cpuset-1.5.5-0.1mdvmes5.2:

* Fix for Issue#3: cset fails to create cpu sets if some cpus are
offline
Problem in cset.rescan() for maxcpu if root cpuset cpus are complex
pattern due to offlining cpus.

* Fix for Issue#2: Apply patch by mostroski to avoid exception if
running tasks with non-existent uids

* Apply patch submitted by Christopher Johnston to fix failure of
finding cpusets in a case-sensitive manner.

* BNC#558395 - cset couldn't delete cpu set

* BNC#558399 - cset unable to move thread

* Fixed failure to delete cpuset if tasks preset, cset now waits a
little bit for tardy tasks to disappear

* Removed output noise from popened taskset command

* Added example init.d cset script in documentation directory

* Fix bug #26: Cpuset does not function on machines with greater than
16 CPUs

Affected Software/OS:
mes52 on Mandriva Enterprise Server 5,
Mandriva Enterprise Server 5/X86_64

Solution:
Please Install the Updated Packages.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Copyright Copyright (C) 2011 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

Test ID:	1.3.6.1.4.1.25623.1.0.831347
Category:	Mandrake Local Security Checks
Title:	Mandriva Update for mes52 MDVA-2011:009 (mes52)
Summary:	The remote host is missing an update for the 'mes52'; package(s) announced via the referenced advisory.
Description:	Summary: The remote host is missing an update for the 'mes52' package(s) announced via the referenced advisory. Vulnerability Insight: This is an upgrade bundle of packages incorporating various fixes for the upcoming Mandriva Enterprise Server 5.2 release: mandriva-release-2009.0-14.4mdvmes5.2: * mandriva release should be update to 5.2 release, with new major features. grub-0.97-30.1mdvmes5.2: * Change CFLAGS to disable stack protector (since gfxboot is tweaking stack and can crash it with protector enabled). Use -Os, used by Fedora since 2002. * Replace ext4 patch with the one from Fedora * Patches 23 / 24: allow to specify multiple initrd on a single boot * add fedora patch to support virtio partitions, fix #52397 * add patches from ubuntu: o add support for uuid xxx instead of root (hdX, Y) o add support GPT (from Marco Gerards) o add patch varargs (since some changes are used by uuid patch) xz-5.0.0-0.1mdvmes5.2: * We need to have xz support on mes5.2 to be able to handle new packages from cooker or next product 2011.0 ka-deploy-0.94.4-0.1mdvmes5.2: * add missing script udev_creation.sh * fix annoying bug to umount $CHROOT/dev * fix a lot of bugs in fstab, grub preparation, remove udev persistent rules on client node * remove all old scripts, cleaning the spec file * update ka script to support UUID, remove old mke2fs static binairie * don't use patch on 32b and 64b release (break the ka-d-client) * do not build with -m32, doesn't exist on arm and mips cpuset-1.5.5-0.1mdvmes5.2: * Fix for Issue#3: cset fails to create cpu sets if some cpus are offline Problem in cset.rescan() for maxcpu if root cpuset cpus are complex pattern due to offlining cpus. * Fix for Issue#2: Apply patch by mostroski to avoid exception if running tasks with non-existent uids * Apply patch submitted by Christopher Johnston to fix failure of finding cpusets in a case-sensitive manner. * BNC#558395 - cset couldn't delete cpu set * BNC#558399 - cset unable to move thread * Fixed failure to delete cpuset if tasks preset, cset now waits a little bit for tardy tasks to disappear * Removed output noise from popened taskset command * Added example init.d cset script in documentation directory * Fix bug #26: Cpuset does not function on machines with greater than 16 CPUs Affected Software/OS: mes52 on Mandriva Enterprise Server 5, Mandriva Enterprise Server 5/X86_64 Solution: Please Install the Updated Packages. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Copyright	Copyright (C) 2011 Greenbone AG