Mandriva Linux Security Advisory 2009-269 – The XML HMAC signature system in mono did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. This update fixes this vulnerability.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/81926/MDVSA-2009-269.txt
Source: https://packetstormsecurity.com/files/81926/Mandriva-Linux-Security-Advisory-2009-269.html