Multiple vulnerabilities has been found and corrected in mysql:

MySQL before 5.1.48 allows remote authenticated users with alter
database privileges to cause a denial of service (server crash
and database loss) via an ALTER DATABASE command with a #mysql50#
string followed by a . (dot), .. (dot dot), ../ (dot dot slash) or
similar sequence, and an UPGRADE DATA DIRECTORY NAME command, which
causes MySQL to move certain directories to the server data directory
(CVE-2010-2008).

Additionally many security issues noted in the 5.1.49 release notes
has been addressed with this advisory as well, such as:

* LOAD DATA INFILE did not check for SQL errors and sent an OK packet
even when errors were already reported. Also, an assert related to
client-server protocol checking in debug servers sometimes was raised
when it should not have been. (Bug#52512)

* Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY
(SELECT ... WHERE ...) could cause a server crash. (Bug#52711)

* The server could crash if there were alternate reads from two
indexes on a table using the HANDLER interface. (Bug#54007)

* A malformed argument to the BINLOG statement could result in Valgrind
warnings or a server crash. (Bug#54393)

* Incorrect handling of NULL arguments could lead to a crash for IN()
or CASE operations when NULL arguments were either passed explicitly
as arguments (for IN()) or implicitly generated by the WITH ROLLUP
modifier (for IN() and CASE). (Bug#54477)

* Joins involving a table with with a unique SET column could cause
a server crash. (Bug#54575)

* Use of TEMPORARY InnoDB tables with nullable columns could cause
a server crash. (Bug#54044)

The updated packages have been patched to correct these issues.

Various packages of old unix utilities (rsh, rlogin, telnet,
...) available in mandriva used to be paralleously installable, though
usage of setup-alternative utility. In 2010.1, the MIT-kerberized
versions from krb5-appl package ceased to use this setup, for sake of
simplicity, and was made conflicting with other packages. However,
the netkit version of rsh wasn't modified accordingly, and still
install its binaries as {rsh,rlogin,telnet}.netkit, making their
usage impractical.

Multiple vulnerabilities has been found and corrected in cabextract:

The MS-ZIP decompressor in cabextract before 1.3 allows remote
attackers to cause a denial of service (infinite loop) via a malformed
MSZIP archive in a .cab file during a test or extract action, related
to the libmspack library (CVE-2010-2800).

Integer signedness error in the Quantum decompressor in cabextract
before 1.3, when archive test mode is used, allows user-assisted
remote attackers to cause a denial of service (application crash)
or possibly execute arbitrary code via a crafted Quantum archive in
a .cab file, related to the libmspack library (CVE-2010-2801).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages provides cabextract 1.3 which is not vulnerable
to these issues.

Multiple vulnerabilities has been found and corrected in apache:

The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x
before 2.2.16 allow remote attackers to cause a denial of service
(process crash) via a request that lacks a path (CVE-2010-1452).

mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix,
does not close the backend connection if a timeout occurs when reading
a response from a persistent connection, which allows remote attackers
to obtain a potentially sensitive response intended for a different
client in opportunistic circumstances via a normal HTTP request.
NOTE: this is the same issue as CVE-2010-2068, but for a different
OS and set of affected versions (CVE-2010-2791).

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

A vulnerabilitiy has been found and corrected in apache:

The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x
before 2.2.16 allow remote attackers to cause a denial of service
(process crash) via a request that lacks a path (CVE-2010-1452).

Packages for 2008.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Gnucash would crash on startup for users who had updated from 2010.0
to 2010.1 as the slib package was not updated properly. This update
is the correct build of slib for Mandriva 2010.1.

A vulnerability has been discovered and corrected in libmikmod:

Multiple heap-based buffer overflows might allow remote attackers
to execute arbitrary code via (1) crafted samples or (2) crafted
instrument definitions in an Impulse Tracker file (CVE-2009-3995).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

A vulnerability has been discovered and corrected in libsndfile:

The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init,
(5) float32_init, and (6) sds_read_header functions in libsndfile
1.0.20 allow context-dependent attackers to cause a denial of service
(divide-by-zero error and application crash) via a crafted audio file
(CVE-2009-4835).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

A bug in nfs-server init script incorrectly reload rpc.idmapd after
rpc.nfsd start, preventing proper communication between the two
processes. As a result, all files are considered owned by nobody
uid/gid on client side. This update fix this issue.

Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

A vulnerability has been discovered and corrected in freetype2:

Multiple stack overflow flaws have been reported in the way FreeType
font rendering engine processed certain CFF opcodes. An attacker
could use these flaws to create a specially-crafted font file that,
when opened, would cause an application linked against libfreetype
to crash, or, possibly execute arbitrary code (CVE-2010-1797).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

A security vulnerability has been identified and fixed in pidgin:

The clientautoresp function in family_icbm.c in the oscar protocol
plugin in libpurple in Pidgin before 2.7.2 allows remote authenticated
users to cause a denial of service (NULL pointer dereference and
application crash) via an X-Status message that lacks the expected
end tag for a (1) desc or (2) title element (CVE-2010-2528).

Packages for 2008.0 and 2009.0 are provided due to the Extended
Maintenance Program for those products.

This update provides pidgin 2.7.3, which is not vulnerable to this
issue.

Security issues were identified and fixed in firefox:

layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not
properly free memory in the parameter array of a plugin instance,
which allows remote attackers to cause a denial of service (memory
corruption) or possibly execute arbitrary code via a crafted
HTML document, related to the DATA and SRC attributes of an OBJECT
element. NOTE: this vulnerability exists because of an incorrect fix
for CVE-2010-1214 (CVE-2010-2755).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

Additionally, some packages which require so, have been rebuilt and
are being provided as updates. The python packages contained a small
dependency problem on 2008.0/2009.0/MES5 that is addressed as well
with this advisory.

It was discovered that the snmpd daemon could segfault with certain
configuration options. The updated packages addresses this problem.

Multiple vulnerabilities has been discovered and corrected in libtiff:

The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in
ImageMagick, does not properly handle invalid ReferenceBlackWhite
values, which allows remote attackers to cause a denial of service
(application crash) via a crafted TIFF image that triggers an array
index error, related to downsampled OJPEG input. (CVE-2010-2595)

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c
in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to
execute arbitrary code or cause a denial of service (application crash)
via a crafted TIFF file that triggers a heap-based buffer overflow
(CVE-2010-1411).

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted TIFF file
that triggers a buffer overflow (CVE-2010-2065).

The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers
to cause a denial of service (out-of-bounds read and application crash)
via a TIFF file with an invalid combination of SamplesPerPixel and
Photometric values (CVE-2010-2483).

The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2
makes incorrect calls to the TIFFGetField function, which allows
remote attackers to cause a denial of service (application crash) via
a crafted TIFF image, related to downsampled OJPEG input and possibly
related to a compiler optimization that triggers a divide-by-zero error
(CVE-2010-2597).

The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly
handle unknown tag types in TIFF directory entries, which allows
remote attackers to cause a denial of service (out-of-bounds read
and application crash) via a crafted TIFF file (CVE-2010-248).

Stack-based buffer overflow in the TIFFFetchSubjectDistance function
in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to
cause a denial of service (application crash) or possibly execute
arbitrary code via a long EXIF SubjectDistance field in a TIFF file
(CVE-2010-2067).

tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as
used in ImageMagick, does not properly perform vertical flips, which
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted TIFF image,
related to downsampled OJPEG input. (CVE-2010-2233).

LibTIFF 3.9.4 and earlier does not properly handle an invalid
td_stripbytecount field, which allows remote attackers to cause a
denial of service (NULL pointer dereference and application crash)
via a crafted TIFF file, a different vulnerability than CVE-2010-2443
(CVE-2010-2482).

The updated packages have been patched to correct these issues.

Multiple vulnerabilities has been discovered and corrected in libtiff:

The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in
ImageMagick, does not properly handle invalid ReferenceBlackWhite
values, which allows remote attackers to cause a denial of service
(application crash) via a crafted TIFF image that triggers an array
index error, related to downsampled OJPEG input. (CVE-2010-2595)

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c
in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to
execute arbitrary code or cause a denial of service (application crash)
via a crafted TIFF file that triggers a heap-based buffer overflow
(CVE-2010-1411).

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3
allows remote attackers to cause a denial of service (application
crash) or possibly execute arbitrary code via a crafted TIFF file
that triggers a buffer overflow (CVE-2010-2065).

The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers
to cause a denial of service (out-of-bounds read and application crash)
via a TIFF file with an invalid combination of SamplesPerPixel and
Photometric values (CVE-2010-2483).

The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2
makes incorrect calls to the TIFFGetField function, which allows
remote attackers to cause a denial of service (application crash) via
a crafted TIFF image, related to downsampled OJPEG input and possibly
related to a compiler optimization that triggers a divide-by-zero error
(CVE-2010-2597).

The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly
handle unknown tag types in TIFF directory entries, which allows
remote attackers to cause a denial of service (out-of-bounds read
and application crash) via a crafted TIFF file (CVE-2010-248).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

This advisory updates wireshark to the latest version(s), fixing
several security issues:

Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through
1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack
vectors (CVE-2010-2284).

Buffer overflow in the SigComp Universal Decompressor Virtual Machine
dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8
has unknown impact and remote attack vectors (CVE-2010-2287).

A vulnerability has been discovered and corrected in gnupg2:

Importing a certificate with more than 98 Subject Alternate Names
via GPGSM's import command or implicitly while verifying a signature
causes GPGSM to reallocate an array with the names. The bug is that
the reallocation code misses assigning the reallocated array to the old
array variable and thus the old and freed array will be used. Usually
this leads to a segv (CVE-2010-2547).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Multiple vulnerabilities has been discovered and corrected in openldap:

The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not
check the return value of a call to the smr_normalize function, which
allows remote attackers to cause a denial of service (segmentation
fault) and possibly execute arbitrary code via a modrdn call with an
RDN string containing invalid UTF-8 sequences, which triggers a free
of an invalid, uninitialized pointer in the slap_mods_free function, as
demonstrated using the Codenomicon LDAPv3 test suite (CVE-2010-0211).

OpenLDAP 2.4.22 allows remote attackers to cause a denial of service
(crash) via a modrdn call with a zero-length RDN destination string,
which is not properly handled by the smr_normalize function and
triggers a NULL pointer dereference in the IA5StringNormalize function
in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test
suite (CVE-2010-0212).

Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct these issues.

Multiple vulnerabilities has been discovered and corrected in samba:

The chain_reply function in process.c in smbd in Samba before 3.4.8 and
3.5.x before 3.5.2 allows remote attackers to cause a denial of service
(NULL pointer dereference and process crash) via a Negotiate Protocol
request with a certain 0x0003 field value followed by a Session Setup
AndX request with a certain 0x8003 field value (CVE-2010-1635).

The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in
Samba before 3.4.8 and 3.5.x before 3.5.2 allows remote attackers to
trigger an out-of-bounds read, and cause a denial of service (process
crash), via a xffxff security blob length in a Session Setup AndX
request (CVE-2010-1642).

The updated packages provides samba 3.4.8 which is not vulnerable to
these issues.

This is a maintenance and security update that upgrades php to 5.3.3
for 2010.0/2010.1.

Security Enhancements and Fixes in PHP 5.3.3:

* Rewrote var_export() to use smart_str rather than output buffering,
prevents data disclosure if a fatal error occurs (CVE-2010-2531).
* Fixed a possible resource destruction issues in shm_put_var().
* Fixed a possible information leak because of interruption of
XOR operator.
* Fixed a possible memory corruption because of unexpected call-time
pass by refernce and following memory clobbering through callbacks.
* Fixed a possible memory corruption in ArrayObject::uasort().
* Fixed a possible memory corruption in parse_str().
* Fixed a possible memory corruption in pack().
* Fixed a possible memory corruption in substr_replace().
* Fixed a possible memory corruption in addcslashes().
* Fixed a possible stack exhaustion inside fnmatch().
* Fixed a possible dechunking filter buffer overflow.
* Fixed a possible arbitrary memory access inside sqlite extension.
* Fixed string format validation inside phar extension.
* Fixed handling of session variable serialization on certain prefix
characters.
* Fixed a NULL pointer dereference when processing invalid XML-RPC
requests (Fixes CVE-2010-0397, bug #51288).
* Fixed SplObjectStorage unserialization problems (CVE-2010-2225).
* Fixed possible buffer overflows in mysqlnd_list_fields,
mysqlnd_change_user.
* Fixed possible buffer overflows when handling error packets
in mysqlnd.

Additionally some of the third party extensions and required
dependencies has been upgraded and/or rebuilt for the new php version.