From bugzilla at redhat.com Wed Apr 14 14:13:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Apr 2004 10:13 -0400 Subject: [RHSA-2004:133-01] Updated squid package fixes security vulnerability Message-ID: <200404141413.i3EEDWl32018@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated squid package fixes security vulnerability Advisory ID: RHSA-2004:133-01 Issue date: 2004-04-14 Updated on: 2004-04-14 Product: Red Hat Enterprise Linux Keywords: Phishing Spoofing Cross references: Obsoletes: CVE Names: CAN-2004-0189 - --------------------------------------------------------------------- 1. Topic: An updated squid package is avaliable that fixes a security vulnerability in URL decoding and provides a new ACL type for protecting vulnerable clients. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, ppc64, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Squid is a full-featured Web proxy cache. A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 and earlier. If a Squid configuration uses Access Control Lists (ACLs), a remote attacker could create URLs that would not be correctly tested against Squid's ACLs, potentially allowing clients to access prohibited URLs. Users of Squid should update to these erratum packages which are not vulnerable to this issue. In addition, these packages contain a new Access Control type, "urllogin", which can be used to protect vulnerable Microsoft Internet Explorer clients from accessing URLs that contain login information. Such URLs are often used by fraudsters to trick web users into revealing valuable personal data. Note that the default Squid configuration does not make use of this new access control type. You must explicitly configure Squid with ACLs that use this new type, in accordance with your own site policies. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 118032 - CAN-2004-0189 Squid ACL bypass 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm i386: Available from Red Hat Network: squid-2.4.STABLE6-10.21as.i386.rpm ia64: Available from Red Hat Network: squid-2.4.STABLE6-10.21as.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm ia64: Available from Red Hat Network: squid-2.4.STABLE6-10.21as.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm i386: Available from Red Hat Network: squid-2.4.STABLE6-10.21as.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm i386: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.i386.rpm ia64: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.ia64.rpm ppc: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.ppc.rpm ppc64: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.ppc64.rpm s390: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.s390.rpm s390x: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.s390x.rpm x86_64: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm i386: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm i386: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.i386.rpm ia64: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.ia64.rpm x86_64: Available from Red Hat Network: squid-2.5.STABLE3-5.3E.x86_64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 465f0c77fd485041607ffe5b65e3adfa 2.1AS/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm 2f72879474d822e5ee35c6169f3d350d 2.1AS/en/os/i386/squid-2.4.STABLE6-10.21as.i386.rpm a039857fa6ac4492986f508f0554c75b 2.1AS/en/os/ia64/squid-2.4.STABLE6-10.21as.ia64.rpm 465f0c77fd485041607ffe5b65e3adfa 2.1AW/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm a039857fa6ac4492986f508f0554c75b 2.1AW/en/os/ia64/squid-2.4.STABLE6-10.21as.ia64.rpm 465f0c77fd485041607ffe5b65e3adfa 2.1ES/en/os/SRPMS/squid-2.4.STABLE6-10.21as.src.rpm 2f72879474d822e5ee35c6169f3d350d 2.1ES/en/os/i386/squid-2.4.STABLE6-10.21as.i386.rpm 2732d4487caab1fa0d3238dbe2c6a1e6 3AS/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm f49a76f72f5811387b337cbfe6fea983 3AS/en/os/i386/squid-2.5.STABLE3-5.3E.i386.rpm f436a858a28cf351802a7ae4b792d9ca 3AS/en/os/ia64/squid-2.5.STABLE3-5.3E.ia64.rpm 3c5c99d1fea5ab90596557a78ef21a91 3AS/en/os/ppc/squid-2.5.STABLE3-5.3E.ppc.rpm f230504e2f3aee72fe46754ae0dc0e9e 3AS/en/os/ppc64/squid-2.5.STABLE3-5.3E.ppc64.rpm 9370229f49341fa002dfc566edbae0e6 3AS/en/os/s390/squid-2.5.STABLE3-5.3E.s390.rpm 5b5b760cb7b52691c1055b87bdc33183 3AS/en/os/s390x/squid-2.5.STABLE3-5.3E.s390x.rpm 9041369b91c153bb4f7ba392c62327ae 3AS/en/os/x86_64/squid-2.5.STABLE3-5.3E.x86_64.rpm 2732d4487caab1fa0d3238dbe2c6a1e6 3ES/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm f49a76f72f5811387b337cbfe6fea983 3ES/en/os/i386/squid-2.5.STABLE3-5.3E.i386.rpm 2732d4487caab1fa0d3238dbe2c6a1e6 3WS/en/os/SRPMS/squid-2.5.STABLE3-5.3E.src.rpm f49a76f72f5811387b337cbfe6fea983 3WS/en/os/i386/squid-2.5.STABLE3-5.3E.i386.rpm f436a858a28cf351802a7ae4b792d9ca 3WS/en/os/ia64/squid-2.5.STABLE3-5.3E.ia64.rpm 9041369b91c153bb4f7ba392c62327ae 3WS/en/os/x86_64/squid-2.5.STABLE3-5.3E.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://www.squid-cache.org/Advisories/SQUID-2004_1.txt http://www.microsoft.com/security/incident/spoof.asp http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0189 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAfUcJXlSAg2UNWIIRAoCbAJ4qZGwqGSdxMgRSdH10DebMa644+ACfWVfS Hjqj8KiS5beDPsxiknHYVsQ= =rwbK -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 14 14:13:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Apr 2004 10:13 -0400 Subject: [RHSA-2004:153-01] Updated CVS packages fix security issue Message-ID: <200404141413.i3EEDwl32044@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated CVS packages fix security issue Advisory ID: RHSA-2004:153-01 Issue date: 2004-04-14 Updated on: 2004-04-14 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: RHSA-2004:004 CVE Names: CAN-2004-0180 - --------------------------------------------------------------------- 1. Topic: Updated cvs packages that fix a client vulnerability that could be exploited by a malicious server are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: CVS is a version control system frequently used to manage source code repositories. Sebastian Krahmer discovered a flaw in CVS clients where rcs diff files can create files with absolute pathnames. An attacker could create a fake malicious CVS server that would cause arbitrary files to be created or overwritten when a victim connects to it. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0180 to this issue. Users of CVS are advised to upgrade to these erratum packages, which contain a patch correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 118719 - CAN-2004-0180 Malicious CVS server 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm i386: Available from Red Hat Network: cvs-1.11.1p1-12.i386.rpm ia64: Available from Red Hat Network: cvs-1.11.1p1-12.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm ia64: Available from Red Hat Network: cvs-1.11.1p1-12.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm i386: Available from Red Hat Network: cvs-1.11.1p1-12.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm i386: Available from Red Hat Network: cvs-1.11.1p1-12.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cvs-1.11.2-18.src.rpm i386: Available from Red Hat Network: cvs-1.11.2-18.i386.rpm ia64: Available from Red Hat Network: cvs-1.11.2-18.ia64.rpm ppc: Available from Red Hat Network: cvs-1.11.2-18.ppc.rpm s390: Available from Red Hat Network: cvs-1.11.2-18.s390.rpm s390x: Available from Red Hat Network: cvs-1.11.2-18.s390x.rpm x86_64: Available from Red Hat Network: cvs-1.11.2-18.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cvs-1.11.2-18.src.rpm i386: Available from Red Hat Network: cvs-1.11.2-18.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cvs-1.11.2-18.src.rpm i386: Available from Red Hat Network: cvs-1.11.2-18.i386.rpm ia64: Available from Red Hat Network: cvs-1.11.2-18.ia64.rpm x86_64: Available from Red Hat Network: cvs-1.11.2-18.x86_64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 43b2c45b2de3cf17588612cc9fdfdc67 2.1AS/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm 35f90c3f12d5890ad8e12813de8976dc 2.1AS/en/os/i386/cvs-1.11.1p1-12.i386.rpm c6f5c79e554beb1d8b40c05e64782a76 2.1AS/en/os/ia64/cvs-1.11.1p1-12.ia64.rpm 43b2c45b2de3cf17588612cc9fdfdc67 2.1AW/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm c6f5c79e554beb1d8b40c05e64782a76 2.1AW/en/os/ia64/cvs-1.11.1p1-12.ia64.rpm 43b2c45b2de3cf17588612cc9fdfdc67 2.1ES/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm 35f90c3f12d5890ad8e12813de8976dc 2.1ES/en/os/i386/cvs-1.11.1p1-12.i386.rpm 43b2c45b2de3cf17588612cc9fdfdc67 2.1WS/en/os/SRPMS/cvs-1.11.1p1-12.src.rpm 35f90c3f12d5890ad8e12813de8976dc 2.1WS/en/os/i386/cvs-1.11.1p1-12.i386.rpm 3c891ef8e85a899eefbcf3c6a5954534 3AS/en/os/SRPMS/cvs-1.11.2-18.src.rpm a05510025d541d009af264b36dbf21ab 3AS/en/os/i386/cvs-1.11.2-18.i386.rpm d4fdda36b5438129bbaaf3f1d60d286a 3AS/en/os/ia64/cvs-1.11.2-18.ia64.rpm 77a9b7bf2dad7eaaa9c03b8bb323466a 3AS/en/os/ppc/cvs-1.11.2-18.ppc.rpm f40100476c965466650490894e27d806 3AS/en/os/s390/cvs-1.11.2-18.s390.rpm 53a95d3c9fe4d603110cfceb5a953612 3AS/en/os/s390x/cvs-1.11.2-18.s390x.rpm 0130ce0aa0d51b3c556114d01bf30e7a 3AS/en/os/x86_64/cvs-1.11.2-18.x86_64.rpm 3c891ef8e85a899eefbcf3c6a5954534 3ES/en/os/SRPMS/cvs-1.11.2-18.src.rpm a05510025d541d009af264b36dbf21ab 3ES/en/os/i386/cvs-1.11.2-18.i386.rpm 3c891ef8e85a899eefbcf3c6a5954534 3WS/en/os/SRPMS/cvs-1.11.2-18.src.rpm a05510025d541d009af264b36dbf21ab 3WS/en/os/i386/cvs-1.11.2-18.i386.rpm d4fdda36b5438129bbaaf3f1d60d286a 3WS/en/os/ia64/cvs-1.11.2-18.ia64.rpm 0130ce0aa0d51b3c556114d01bf30e7a 3WS/en/os/x86_64/cvs-1.11.2-18.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAfUcVXlSAg2UNWIIRAk5MAJ43DgK2Wn7dbj/f9Et9DT45idyiSgCghHZ9 vP0MAVuWHHcEFDdD6OCOB5Y= =nH0n -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 14 14:14:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Apr 2004 10:14 -0400 Subject: [RHSA-2004:156-01] Updated mailman package closes DoS vulnerability Message-ID: <200404141414.i3EEEUl32066@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated mailman package closes DoS vulnerability Advisory ID: RHSA-2004:156-01 Issue date: 2004-04-14 Updated on: 2004-04-14 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: RHSA-2004:019 CVE Names: CAN-2004-0182 - --------------------------------------------------------------------- 1. Topic: An updated mailman package that closes a DoS vulnerability in mailman introduced by RHSA-2004:019 is now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 3. Problem description: Mailman is a mailing list manager. On February 19 2004, Red Hat issued security erratum RHSA-2004:019 to correct a DoS (Denial of Service) vulnerability where an attacker could send a carefully-crafted message and cause mailman to crash. Matthew Saltzman discovered a flaw in our original patch intended to correct this vulnerability. This flaw can cause mailman to crash if it receives an email destined for a list with an empty subject field. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0182 to this issue. Users of Mailman are advised to upgrade to these updated packages, which include an updated patch and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 118669 - DoS: qrunner fails if no Subject field in message header 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mailman-2.0.13-6.src.rpm i386: Available from Red Hat Network: mailman-2.0.13-6.i386.rpm ia64: Available from Red Hat Network: mailman-2.0.13-6.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mailman-2.0.13-6.src.rpm ia64: Available from Red Hat Network: mailman-2.0.13-6.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mailman-2.0.13-6.src.rpm i386: Available from Red Hat Network: mailman-2.0.13-6.i386.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- a3e21d6a121d92d2efcef4076faa0e16 2.1AS/en/os/SRPMS/mailman-2.0.13-6.src.rpm 74f69c7c5af328c581d053502e6b2465 2.1AS/en/os/i386/mailman-2.0.13-6.i386.rpm 027475a9d95a44f8a8c263f30b854902 2.1AS/en/os/ia64/mailman-2.0.13-6.ia64.rpm a3e21d6a121d92d2efcef4076faa0e16 2.1AW/en/os/SRPMS/mailman-2.0.13-6.src.rpm 027475a9d95a44f8a8c263f30b854902 2.1AW/en/os/ia64/mailman-2.0.13-6.ia64.rpm a3e21d6a121d92d2efcef4076faa0e16 2.1ES/en/os/SRPMS/mailman-2.0.13-6.src.rpm 74f69c7c5af328c581d053502e6b2465 2.1ES/en/os/i386/mailman-2.0.13-6.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0182 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAfUdCXlSAg2UNWIIRArmIAJ45wqfLMkWPFzshPzLCLMuHiT9mVgCguVyP aYl3Sdoia5OmQu2yf/0XvnE= =nhR9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 14 14:14:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Apr 2004 10:14 -0400 Subject: [RHSA-2004:157-01] Updated cadaver package fixes security vulnerability in neon Message-ID: <200404141414.i3EEEil32100@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated cadaver package fixes security vulnerability in neon Advisory ID: RHSA-2004:157-01 Issue date: 2004-04-14 Updated on: 2004-04-14 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2004-0179 - --------------------------------------------------------------------- 1. Topic: An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have been found to contain a number of format string bugs. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using cadaver. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0179 to this issue. Users of cadaver are advised to upgrade to this updated package, which contains a patch correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm i386: Available from Red Hat Network: cadaver-0.22.0-2.1.i386.rpm ia64: Available from Red Hat Network: cadaver-0.22.0-2.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm ia64: Available from Red Hat Network: cadaver-0.22.0-2.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm i386: Available from Red Hat Network: cadaver-0.22.0-2.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm i386: Available from Red Hat Network: cadaver-0.22.0-2.1.i386.rpm 6. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- fb2da5b61169eb8aba7ed4048776dd70 2.1AS/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm cf08ce3e0b0b81115edfe6ad441f7774 2.1AS/en/os/i386/cadaver-0.22.0-2.1.i386.rpm c9adaf20af6f5ba133cff98072129fa3 2.1AS/en/os/ia64/cadaver-0.22.0-2.1.ia64.rpm fb2da5b61169eb8aba7ed4048776dd70 2.1AW/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm c9adaf20af6f5ba133cff98072129fa3 2.1AW/en/os/ia64/cadaver-0.22.0-2.1.ia64.rpm fb2da5b61169eb8aba7ed4048776dd70 2.1ES/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm cf08ce3e0b0b81115edfe6ad441f7774 2.1ES/en/os/i386/cadaver-0.22.0-2.1.i386.rpm fb2da5b61169eb8aba7ed4048776dd70 2.1WS/en/os/SRPMS/cadaver-0.22.0-2.1.src.rpm cf08ce3e0b0b81115edfe6ad441f7774 2.1WS/en/os/i386/cadaver-0.22.0-2.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAfUdPXlSAg2UNWIIRAkBtAKDEvO7oeWMghYBmPau1p47Sv+O/+gCdHmDU 9dx2folPwJGs6Fto1ZC4T14= =cXom -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Apr 14 17:58:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 14 Apr 2004 13:58 -0400 Subject: [RHSA-2004:160-01] Updated OpenOffice packages fix security vulnerability in neon Message-ID: <200404141758.i3EHwUl22518@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated OpenOffice packages fix security vulnerability in neon Advisory ID: RHSA-2004:160-01 Issue date: 2004-04-14 Updated on: 2004-04-14 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: CVE Names: CAN-2004-0179 - --------------------------------------------------------------------- 1. Topic: Updated OpenOffice packages that fix a vulnerability in neon exploitable by a malicious DAV server are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386 Red Hat Enterprise Linux ES version 3 - i386 Red Hat Enterprise Linux WS version 3 - i386 3. Problem description: OpenOffice.org is an Open Source, community-developed, multi-platform office productivity suite. OpenOffice internally uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have been found to contain a number of format string bugs. An attacker could create a malicious WebDAV server in such a way as to allow arbitrary code execution on the client should a user connect to it using OpenOffice. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0179 to this issue. Users of OpenOffice are advised to upgrade to these updated packages, which contain a patch correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 119830 - CAN-2004-0179 neon format string vulnerability affects openoffice 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm i386: Available from Red Hat Network: openoffice.org-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-i18n-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-libs-1.1.0-15.EL.i386.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm i386: Available from Red Hat Network: openoffice.org-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-i18n-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-libs-1.1.0-15.EL.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm i386: Available from Red Hat Network: openoffice.org-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-i18n-1.1.0-15.EL.i386.rpm Available from Red Hat Network: openoffice.org-libs-1.1.0-15.EL.i386.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- cd2d259508251a38e40ff931e2c6f481 3AS/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm e599e344cad535d83264f2f2d4f69c7d 3AS/en/os/i386/openoffice.org-1.1.0-15.EL.i386.rpm 863af547b1d196549eb06ac695f35c1d 3AS/en/os/i386/openoffice.org-i18n-1.1.0-15.EL.i386.rpm cafb4dbca472c4e924577364689a9645 3AS/en/os/i386/openoffice.org-libs-1.1.0-15.EL.i386.rpm cd2d259508251a38e40ff931e2c6f481 3ES/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm e599e344cad535d83264f2f2d4f69c7d 3ES/en/os/i386/openoffice.org-1.1.0-15.EL.i386.rpm 863af547b1d196549eb06ac695f35c1d 3ES/en/os/i386/openoffice.org-i18n-1.1.0-15.EL.i386.rpm cafb4dbca472c4e924577364689a9645 3ES/en/os/i386/openoffice.org-libs-1.1.0-15.EL.i386.rpm cd2d259508251a38e40ff931e2c6f481 3WS/en/os/SRPMS/openoffice.org-1.1.0-15.EL.src.rpm e599e344cad535d83264f2f2d4f69c7d 3WS/en/os/i386/openoffice.org-1.1.0-15.EL.i386.rpm 863af547b1d196549eb06ac695f35c1d 3WS/en/os/i386/openoffice.org-i18n-1.1.0-15.EL.i386.rpm cafb4dbca472c4e924577364689a9645 3WS/en/os/i386/openoffice.org-libs-1.1.0-15.EL.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0179 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAfXu/XlSAg2UNWIIRAngNAJoDh6cfn3oGKQ6Uf3oba1MWBEsQZQCfZsep 7SKJVP6xmF+YajjT+zHCUp8= =dZ1S -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 22 08:52:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Apr 2004 04:52 -0400 Subject: [RHSA-2004:105-01] Updated kernel packages fix security vulnerability Message-ID: <200404220852.i3M8q2l30524@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages fix security vulnerability Advisory ID: RHSA-2004:105-01 Issue date: 2004-04-21 Updated on: 2004-04-21 Product: Red Hat Enterprise Linux Keywords: kernel update Cross references: Obsoletes: RHSA-2004:044 CVE Names: CAN-2004-0109 - --------------------------------------------------------------------- 1. Topic: Updated kernel packages that fix a security vulnerability which may allow local users to gain root privileges are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux ES version 2.1 - athlon, i386, i686 Red Hat Enterprise Linux WS version 2.1 - athlon, i386, i686 3. Problem description: The Linux kernel handles the basic functions of the operating system. This kernel updates several drivers and fixes a number of bugs, including a potential security vulnerability. iDefense reported a buffer overflow flaw in the ISO9660 filesystem code. An attacker could create a malicious filesystem in such a way that root privileges may be obtained if the filesystem is mounted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue. The following drivers were updated: LSI megaraid2 v2.10.1.1 IBM Serveraid v. 6.11.07 MPT Fusion v.2.05.11.03 All users are advised to upgrade to these errata packages, which contain a backported security patch that corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 119303 - oops when using the ipt_redirect module 118496 - updates to scsi_scan.c in RH EL 2.1 Update 4 112177 - blkdev_varyio is exported as a GPL only on RHEL 2.1 U4 90209 - only 2 processors of 4 seen on SE7505VB2 70607 - Oops in get_filesystem_info due to lack of locking 115061 - [PATCH] rhel 2.1 will need to pick up the cyclone-lpj-fix 112006 - [PATCH] BUG() from __remove_inode_page 101738 - mprotect areas not cleaned up 106448 - GRUB failing to install on recent HP DL servers with cciss RAID controllers 111680 - fix /proc/$PID/cmdline issue 114053 - [PATCH] file append not working when nfs mounted with nfs_uncached_io 77839 - Assert failure in transaction.c:1224: "!jh->b_committed_data 111342 - get_parition_list can loose disks 101365 - Additions to drivers/scsi/scsi_scan.c 112722 - ethtool crashes with segmentation fault for tg3 driver 111250 - tg3 driver fails to autonegotiate correctly 112021 - {PATCH] cciss driver change: SCSI prefetch 112108 - I/O mem bug fix 112130 - RHEL 2.1 U4: update cciss driver 113900 - RHEL 2.1 U4: Update mptfusion (LSI U320) driver to 2.05.10 or newest. 111672 - RHEL 2.1 U4 - Need latest Adaptec ServeRAID fix for IA64 for IBM only. 113738 - [PATCH] updated megaraid2 driver (2.10.1) 112057 - RHEL 3 U2: update megaraid2 to version 2.10.x 102692 - Crash with bigpages and ssh shared mem usage 120029 - CAN-2004-0109 kernel iso9660 buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.40.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.40.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-summit-2.4.9-e.40.i686.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.40.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.40.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.i686.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm athlon: Available from Red Hat Network: kernel-2.4.9-e.40.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-doc-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-headers-2.4.9-e.40.i386.rpm Available from Red Hat Network: kernel-source-2.4.9-e.40.i386.rpm i686: Available from Red Hat Network: kernel-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-debug-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-enterprise-2.4.9-e.40.i686.rpm Available from Red Hat Network: kernel-smp-2.4.9-e.40.i686.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- f66df0375d216b86e07fb71763ff9899 2.1AS/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm 452507f7e9ac8079c19e0640b74ae3d1 2.1AS/en/os/athlon/kernel-2.4.9-e.40.athlon.rpm 70fe436720e2bb799598fc74d6623d7f 2.1AS/en/os/athlon/kernel-smp-2.4.9-e.40.athlon.rpm 8e7674dd40856fdd9e7d3dd6d57dad5c 2.1AS/en/os/i386/kernel-BOOT-2.4.9-e.40.i386.rpm 9aa43e91e82c97bb7c18081cf7037018 2.1AS/en/os/i386/kernel-doc-2.4.9-e.40.i386.rpm 7b862da2e3947c6791012e058d517f2d 2.1AS/en/os/i386/kernel-headers-2.4.9-e.40.i386.rpm ad3bc6f5c81d6213f5eec5bc9b82cb86 2.1AS/en/os/i386/kernel-source-2.4.9-e.40.i386.rpm e7673832f7763e14138c6bc3519cd981 2.1AS/en/os/i686/kernel-2.4.9-e.40.i686.rpm 4d5225bfb895029bb69f50cbcb87af31 2.1AS/en/os/i686/kernel-debug-2.4.9-e.40.i686.rpm 3e38c77ad44b39326d21acddc8c74410 2.1AS/en/os/i686/kernel-enterprise-2.4.9-e.40.i686.rpm 4bbbdb628c4e0efb74c14b97f841a81f 2.1AS/en/os/i686/kernel-smp-2.4.9-e.40.i686.rpm a1116040cc09a8e9204d1fe6e44b91e4 2.1AS/en/os/i686/kernel-summit-2.4.9-e.40.i686.rpm f66df0375d216b86e07fb71763ff9899 2.1ES/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm 452507f7e9ac8079c19e0640b74ae3d1 2.1ES/en/os/athlon/kernel-2.4.9-e.40.athlon.rpm 70fe436720e2bb799598fc74d6623d7f 2.1ES/en/os/athlon/kernel-smp-2.4.9-e.40.athlon.rpm 8e7674dd40856fdd9e7d3dd6d57dad5c 2.1ES/en/os/i386/kernel-BOOT-2.4.9-e.40.i386.rpm 9aa43e91e82c97bb7c18081cf7037018 2.1ES/en/os/i386/kernel-doc-2.4.9-e.40.i386.rpm 7b862da2e3947c6791012e058d517f2d 2.1ES/en/os/i386/kernel-headers-2.4.9-e.40.i386.rpm ad3bc6f5c81d6213f5eec5bc9b82cb86 2.1ES/en/os/i386/kernel-source-2.4.9-e.40.i386.rpm e7673832f7763e14138c6bc3519cd981 2.1ES/en/os/i686/kernel-2.4.9-e.40.i686.rpm 4d5225bfb895029bb69f50cbcb87af31 2.1ES/en/os/i686/kernel-debug-2.4.9-e.40.i686.rpm 4bbbdb628c4e0efb74c14b97f841a81f 2.1ES/en/os/i686/kernel-smp-2.4.9-e.40.i686.rpm f66df0375d216b86e07fb71763ff9899 2.1WS/en/os/SRPMS/kernel-2.4.9-e.40.src.rpm 452507f7e9ac8079c19e0640b74ae3d1 2.1WS/en/os/athlon/kernel-2.4.9-e.40.athlon.rpm 70fe436720e2bb799598fc74d6623d7f 2.1WS/en/os/athlon/kernel-smp-2.4.9-e.40.athlon.rpm 8e7674dd40856fdd9e7d3dd6d57dad5c 2.1WS/en/os/i386/kernel-BOOT-2.4.9-e.40.i386.rpm 9aa43e91e82c97bb7c18081cf7037018 2.1WS/en/os/i386/kernel-doc-2.4.9-e.40.i386.rpm 7b862da2e3947c6791012e058d517f2d 2.1WS/en/os/i386/kernel-headers-2.4.9-e.40.i386.rpm ad3bc6f5c81d6213f5eec5bc9b82cb86 2.1WS/en/os/i386/kernel-source-2.4.9-e.40.i386.rpm e7673832f7763e14138c6bc3519cd981 2.1WS/en/os/i686/kernel-2.4.9-e.40.i686.rpm 4d5225bfb895029bb69f50cbcb87af31 2.1WS/en/os/i686/kernel-debug-2.4.9-e.40.i686.rpm 3e38c77ad44b39326d21acddc8c74410 2.1WS/en/os/i686/kernel-enterprise-2.4.9-e.40.i686.rpm 4bbbdb628c4e0efb74c14b97f841a81f 2.1WS/en/os/i686/kernel-smp-2.4.9-e.40.i686.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0109 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAh4egXlSAg2UNWIIRAnqWAJ0XxAt/M7+xhgWLUFGqlTs7mAtwuQCgoWo2 qOxXU3ZvraliPtrrTZBW3Z4= =mpwB -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 22 08:52:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Apr 2004 04:52 -0400 Subject: [RHSA-2004:106-01] Updated IA64 kernel packages resolve security vulnerabilities Message-ID: <200404220852.i3M8qHl30554@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated IA64 kernel packages resolve security vulnerabilities Advisory ID: RHSA-2004:106-01 Issue date: 2004-04-21 Updated on: 2004-04-21 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: RHSA-2003:368 CVE Names: CAN-2002-1574 CAN-2004-0003 CAN-2004-0010 CAN-2004-0077 CAN-2004-0109 - --------------------------------------------------------------------- 1. Topic: Updated IA64 kernel packages are now available that fix a security vulnerability which may allow local users to gain root privileges and other vulnerabilities. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This kernel updates several important drivers and fixes a number of bugs including potential security vulnerabilities. iDefense reported a buffer overflow flaw in the ISO9660 filesystem code. An attacker could create a malicious filesystem in such a way that root privileges may be obtained if the filesystem is mounted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue. A flaw in return value checking in mremap() in the Linux kernel versions 2.4.24 and previous that may allow a local attacker to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0077 to this issue. A flaw in ncp_lookup() in ncpfs could allow local privilege escalation. The ncpfs module allows a system to mount volumes of NetWare servers or print to NetWare printers. This is part of the kernel-unsupported package. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0010 to this issue. A flaw in the R128 Direct Render Infrastructure could allow local privilege escalation. This driver is part of the kernel-unsupported package. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0003 to this issue. An overflow was found in the ixj telephony card driver in Linux kernels prior to 2.4.20. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2002-1574 to this issue. The following drivers were updated: IBM Serveraid 6.11.07 MPT fusion v. 2.05.11.03 Qlogic v. 6.07.02-RH1 All users are advised to upgrade to these errata packages, which contain backported security patches that correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 113603 - CAN-2004-0003 r128 DRI ipf 115819 - CAN-2004-0077 Linux kernel do_mremap VMA limit local privilege escalation 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.18-e.43.src.rpm ia64: Available from Red Hat Network: kernel-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-doc-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-smp-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-source-2.4.18-e.43.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.18-e.43.src.rpm ia64: Available from Red Hat Network: kernel-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-doc-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-smp-2.4.18-e.43.ia64.rpm Available from Red Hat Network: kernel-source-2.4.18-e.43.ia64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 2b0732844beae34f4e6ff50238456843 2.1AS/en/os/SRPMS/kernel-2.4.18-e.43.src.rpm cd0def4ab36e03cc26bae0efeae67d0c 2.1AS/en/os/ia64/kernel-2.4.18-e.43.ia64.rpm 2add5f6cb65a21bd0bd2ccda8034f1e2 2.1AS/en/os/ia64/kernel-doc-2.4.18-e.43.ia64.rpm b2fb8c5402aa4b6ffae52fae14ebf3cb 2.1AS/en/os/ia64/kernel-smp-2.4.18-e.43.ia64.rpm b60e9de2e3cd59fddb2531a8b97a809f 2.1AS/en/os/ia64/kernel-source-2.4.18-e.43.ia64.rpm 2b0732844beae34f4e6ff50238456843 2.1AW/en/os/SRPMS/kernel-2.4.18-e.43.src.rpm cd0def4ab36e03cc26bae0efeae67d0c 2.1AW/en/os/ia64/kernel-2.4.18-e.43.ia64.rpm 2add5f6cb65a21bd0bd2ccda8034f1e2 2.1AW/en/os/ia64/kernel-doc-2.4.18-e.43.ia64.rpm b2fb8c5402aa4b6ffae52fae14ebf3cb 2.1AW/en/os/ia64/kernel-smp-2.4.18-e.43.ia64.rpm b60e9de2e3cd59fddb2531a8b97a809f 2.1AW/en/os/ia64/kernel-source-2.4.18-e.43.ia64.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1574 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0003 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0010 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0109 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAh4fBXlSAg2UNWIIRApEeAJ46Oza20eQGdyoswf8YZQi544g4gQCdEKbR NkFBqcC1bSq1flouuDnVCmw= =8aoQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 22 08:52:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Apr 2004 04:52 -0400 Subject: [RHSA-2004:152-01] Updated XFree86 packages fix minor security issue Message-ID: <200404220852.i3M8qZl30568@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated XFree86 packages fix minor security issue Advisory ID: RHSA-2004:152-01 Issue date: 2004-04-21 Updated on: 2004-04-21 Product: Red Hat Enterprise Linux Keywords: DoS Cross references: Obsoletes: RHSA-2004:060 CVE Names: CAN-2004-0093 CAN-2004-0094 - --------------------------------------------------------------------- 1. Topic: Updated XFree86 packages that fix a minor denial of service vulnerability are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: XFree86 is an implementation of the X Window System, providing the core graphical user interface and video drivers. Flaws in XFree86 4.1.0 allows local or remote attackers who are able to connect to the X server to cause a denial of service via an out-of-bounds array index or integer signedness error when using the GLX extension and Direct Rendering Infrastructure (DRI). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-0093 and CAN-2004-0094 to these issues. These issues do not affect Red Hat Enterprise Linux 3. All users of XFree86 are advised to upgrade to these erratum packages, which contain a backported fix and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 118705 - CAN-2004-0093/094 DoS in XFree86 4.1.0 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm i386: Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xnest-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xvfb-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-devel-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-doc-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-libs-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-tools-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-twm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xdm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xf86cfg-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xfs-4.1.0-58.EL.i386.rpm ia64: Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-Xnest-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-Xvfb-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-devel-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-doc-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-libs-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-tools-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-twm-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-xdm-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-xfs-4.1.0-58.EL.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm ia64: Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-Xnest-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-Xvfb-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-devel-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-doc-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-libs-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-tools-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-twm-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-xdm-4.1.0-58.EL.ia64.rpm Available from Red Hat Network: XFree86-xfs-4.1.0-58.EL.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm i386: Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xnest-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xvfb-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-devel-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-doc-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-libs-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-tools-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-twm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xdm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xf86cfg-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xfs-4.1.0-58.EL.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm i386: Available from Red Hat Network: XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xnest-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-Xvfb-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-devel-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-doc-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-libs-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-tools-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-twm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xdm-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xf86cfg-4.1.0-58.EL.i386.rpm Available from Red Hat Network: XFree86-xfs-4.1.0-58.EL.i386.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- dc4c48a19ccf5ea206ae03caba6388fa 2.1AS/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm dcc95ff095cf15c1d06a0cb4f7ca8009 2.1AS/en/os/i386/XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm 205a6d4836aeb906d6d2c9b2c6d10620 2.1AS/en/os/i386/XFree86-4.1.0-58.EL.i386.rpm 99ae31b0d801b1abbba1297efc5b1e67 2.1AS/en/os/i386/XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm a8cedf20386867bbe3d4132dfbbbb3df 2.1AS/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm 4bb7f7d2f9b8c2ad767096478219f12f 2.1AS/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm b2c9d9b758b4662289bdc1553df4ba40 2.1AS/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm 07206d786da6e276ff79f572677e53e9 2.1AS/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm a6285eb526d2457c189089c3d38f50cb 2.1AS/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm 4a1a8ec14f1a0f21015a24ae78e45c77 2.1AS/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm 47406316788f63b04ca4afe386cffee6 2.1AS/en/os/i386/XFree86-Xnest-4.1.0-58.EL.i386.rpm 1b0b5cf3bc0f894d34186e16503bdb1d 2.1AS/en/os/i386/XFree86-Xvfb-4.1.0-58.EL.i386.rpm a88bc5495376451825119fe49c669306 2.1AS/en/os/i386/XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm 69d29d5d33de5477760258895c994231 2.1AS/en/os/i386/XFree86-devel-4.1.0-58.EL.i386.rpm 809dd6d25fdb7ef83a735959f452200d 2.1AS/en/os/i386/XFree86-doc-4.1.0-58.EL.i386.rpm e71041e5e456a01d700c8a33132458e5 2.1AS/en/os/i386/XFree86-libs-4.1.0-58.EL.i386.rpm c49fd2dee91f7f89f480ace1c1f93793 2.1AS/en/os/i386/XFree86-tools-4.1.0-58.EL.i386.rpm fd454a6ec8ac1f335111cad9d04607f0 2.1AS/en/os/i386/XFree86-twm-4.1.0-58.EL.i386.rpm 7a4445e65c1dba807681e6b655602180 2.1AS/en/os/i386/XFree86-xdm-4.1.0-58.EL.i386.rpm ce13bf7b82bf8ec5106becf2185bb780 2.1AS/en/os/i386/XFree86-xf86cfg-4.1.0-58.EL.i386.rpm 882c25c8a045b3faef89eab3065df024 2.1AS/en/os/i386/XFree86-xfs-4.1.0-58.EL.i386.rpm eee705b0c7241be2e50f8a05569b0f0a 2.1AS/en/os/ia64/XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm bcd727111e7ac2b3d7986f516434d725 2.1AS/en/os/ia64/XFree86-4.1.0-58.EL.ia64.rpm 67061edd22c632894a12cf59c0eef6b4 2.1AS/en/os/ia64/XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm 2428669ee622a195b87aefcddf48ec6a 2.1AS/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm f304ab069cd9c7f6443cda2e4a734e15 2.1AS/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm 58ad1c604d64bdd8f86aaa275643857d 2.1AS/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm 72da617a9bf5c709635e8d35df079152 2.1AS/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm 83badabfc7b0d36ddcc5eb0b812244e2 2.1AS/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm 18a22477917681e54c988be72beef974 2.1AS/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm 9dcefa20ad05c68cd0e5d2d4a8cf1602 2.1AS/en/os/ia64/XFree86-Xnest-4.1.0-58.EL.ia64.rpm 68e1b787fb4bc4d4125f691a3565fb69 2.1AS/en/os/ia64/XFree86-Xvfb-4.1.0-58.EL.ia64.rpm fb89993ab18d2ef2601eabe06bc2e7f5 2.1AS/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm 91bf95c699baa25b002a3d3a87e4075b 2.1AS/en/os/ia64/XFree86-devel-4.1.0-58.EL.ia64.rpm 6af2997957436a2dedc005032b6734d7 2.1AS/en/os/ia64/XFree86-doc-4.1.0-58.EL.ia64.rpm baa245ac207a5a3c697756f74fa3bd24 2.1AS/en/os/ia64/XFree86-libs-4.1.0-58.EL.ia64.rpm 828cc7d4372bae21a56cb95e0e3d29aa 2.1AS/en/os/ia64/XFree86-tools-4.1.0-58.EL.ia64.rpm 9b1ae44982f7526bc366c97f7c346023 2.1AS/en/os/ia64/XFree86-twm-4.1.0-58.EL.ia64.rpm 2abb927d635f35e7b71c1888f9a171ef 2.1AS/en/os/ia64/XFree86-xdm-4.1.0-58.EL.ia64.rpm 6a4c11d8ebe72dd03c1f4c86aa6adddd 2.1AS/en/os/ia64/XFree86-xfs-4.1.0-58.EL.ia64.rpm dc4c48a19ccf5ea206ae03caba6388fa 2.1AW/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm eee705b0c7241be2e50f8a05569b0f0a 2.1AW/en/os/ia64/XFree86-100dpi-fonts-4.1.0-58.EL.ia64.rpm bcd727111e7ac2b3d7986f516434d725 2.1AW/en/os/ia64/XFree86-4.1.0-58.EL.ia64.rpm 67061edd22c632894a12cf59c0eef6b4 2.1AW/en/os/ia64/XFree86-75dpi-fonts-4.1.0-58.EL.ia64.rpm 2428669ee622a195b87aefcddf48ec6a 2.1AW/en/os/ia64/XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.ia64.rpm f304ab069cd9c7f6443cda2e4a734e15 2.1AW/en/os/ia64/XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.ia64.rpm 58ad1c604d64bdd8f86aaa275643857d 2.1AW/en/os/ia64/XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.ia64.rpm 72da617a9bf5c709635e8d35df079152 2.1AW/en/os/ia64/XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.ia64.rpm 83badabfc7b0d36ddcc5eb0b812244e2 2.1AW/en/os/ia64/XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.ia64.rpm 18a22477917681e54c988be72beef974 2.1AW/en/os/ia64/XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.ia64.rpm 9dcefa20ad05c68cd0e5d2d4a8cf1602 2.1AW/en/os/ia64/XFree86-Xnest-4.1.0-58.EL.ia64.rpm 68e1b787fb4bc4d4125f691a3565fb69 2.1AW/en/os/ia64/XFree86-Xvfb-4.1.0-58.EL.ia64.rpm fb89993ab18d2ef2601eabe06bc2e7f5 2.1AW/en/os/ia64/XFree86-cyrillic-fonts-4.1.0-58.EL.ia64.rpm 91bf95c699baa25b002a3d3a87e4075b 2.1AW/en/os/ia64/XFree86-devel-4.1.0-58.EL.ia64.rpm 6af2997957436a2dedc005032b6734d7 2.1AW/en/os/ia64/XFree86-doc-4.1.0-58.EL.ia64.rpm baa245ac207a5a3c697756f74fa3bd24 2.1AW/en/os/ia64/XFree86-libs-4.1.0-58.EL.ia64.rpm 828cc7d4372bae21a56cb95e0e3d29aa 2.1AW/en/os/ia64/XFree86-tools-4.1.0-58.EL.ia64.rpm 9b1ae44982f7526bc366c97f7c346023 2.1AW/en/os/ia64/XFree86-twm-4.1.0-58.EL.ia64.rpm 2abb927d635f35e7b71c1888f9a171ef 2.1AW/en/os/ia64/XFree86-xdm-4.1.0-58.EL.ia64.rpm 6a4c11d8ebe72dd03c1f4c86aa6adddd 2.1AW/en/os/ia64/XFree86-xfs-4.1.0-58.EL.ia64.rpm dc4c48a19ccf5ea206ae03caba6388fa 2.1ES/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm dcc95ff095cf15c1d06a0cb4f7ca8009 2.1ES/en/os/i386/XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm 205a6d4836aeb906d6d2c9b2c6d10620 2.1ES/en/os/i386/XFree86-4.1.0-58.EL.i386.rpm 99ae31b0d801b1abbba1297efc5b1e67 2.1ES/en/os/i386/XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm a8cedf20386867bbe3d4132dfbbbb3df 2.1ES/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm 4bb7f7d2f9b8c2ad767096478219f12f 2.1ES/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm b2c9d9b758b4662289bdc1553df4ba40 2.1ES/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm 07206d786da6e276ff79f572677e53e9 2.1ES/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm a6285eb526d2457c189089c3d38f50cb 2.1ES/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm 4a1a8ec14f1a0f21015a24ae78e45c77 2.1ES/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm 47406316788f63b04ca4afe386cffee6 2.1ES/en/os/i386/XFree86-Xnest-4.1.0-58.EL.i386.rpm 1b0b5cf3bc0f894d34186e16503bdb1d 2.1ES/en/os/i386/XFree86-Xvfb-4.1.0-58.EL.i386.rpm a88bc5495376451825119fe49c669306 2.1ES/en/os/i386/XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm 69d29d5d33de5477760258895c994231 2.1ES/en/os/i386/XFree86-devel-4.1.0-58.EL.i386.rpm 809dd6d25fdb7ef83a735959f452200d 2.1ES/en/os/i386/XFree86-doc-4.1.0-58.EL.i386.rpm e71041e5e456a01d700c8a33132458e5 2.1ES/en/os/i386/XFree86-libs-4.1.0-58.EL.i386.rpm c49fd2dee91f7f89f480ace1c1f93793 2.1ES/en/os/i386/XFree86-tools-4.1.0-58.EL.i386.rpm fd454a6ec8ac1f335111cad9d04607f0 2.1ES/en/os/i386/XFree86-twm-4.1.0-58.EL.i386.rpm 7a4445e65c1dba807681e6b655602180 2.1ES/en/os/i386/XFree86-xdm-4.1.0-58.EL.i386.rpm ce13bf7b82bf8ec5106becf2185bb780 2.1ES/en/os/i386/XFree86-xf86cfg-4.1.0-58.EL.i386.rpm 882c25c8a045b3faef89eab3065df024 2.1ES/en/os/i386/XFree86-xfs-4.1.0-58.EL.i386.rpm dc4c48a19ccf5ea206ae03caba6388fa 2.1WS/en/os/SRPMS/XFree86-4.1.0-58.EL.src.rpm dcc95ff095cf15c1d06a0cb4f7ca8009 2.1WS/en/os/i386/XFree86-100dpi-fonts-4.1.0-58.EL.i386.rpm 205a6d4836aeb906d6d2c9b2c6d10620 2.1WS/en/os/i386/XFree86-4.1.0-58.EL.i386.rpm 99ae31b0d801b1abbba1297efc5b1e67 2.1WS/en/os/i386/XFree86-75dpi-fonts-4.1.0-58.EL.i386.rpm a8cedf20386867bbe3d4132dfbbbb3df 2.1WS/en/os/i386/XFree86-ISO8859-15-100dpi-fonts-4.1.0-58.EL.i386.rpm 4bb7f7d2f9b8c2ad767096478219f12f 2.1WS/en/os/i386/XFree86-ISO8859-15-75dpi-fonts-4.1.0-58.EL.i386.rpm b2c9d9b758b4662289bdc1553df4ba40 2.1WS/en/os/i386/XFree86-ISO8859-2-100dpi-fonts-4.1.0-58.EL.i386.rpm 07206d786da6e276ff79f572677e53e9 2.1WS/en/os/i386/XFree86-ISO8859-2-75dpi-fonts-4.1.0-58.EL.i386.rpm a6285eb526d2457c189089c3d38f50cb 2.1WS/en/os/i386/XFree86-ISO8859-9-100dpi-fonts-4.1.0-58.EL.i386.rpm 4a1a8ec14f1a0f21015a24ae78e45c77 2.1WS/en/os/i386/XFree86-ISO8859-9-75dpi-fonts-4.1.0-58.EL.i386.rpm 47406316788f63b04ca4afe386cffee6 2.1WS/en/os/i386/XFree86-Xnest-4.1.0-58.EL.i386.rpm 1b0b5cf3bc0f894d34186e16503bdb1d 2.1WS/en/os/i386/XFree86-Xvfb-4.1.0-58.EL.i386.rpm a88bc5495376451825119fe49c669306 2.1WS/en/os/i386/XFree86-cyrillic-fonts-4.1.0-58.EL.i386.rpm 69d29d5d33de5477760258895c994231 2.1WS/en/os/i386/XFree86-devel-4.1.0-58.EL.i386.rpm 809dd6d25fdb7ef83a735959f452200d 2.1WS/en/os/i386/XFree86-doc-4.1.0-58.EL.i386.rpm e71041e5e456a01d700c8a33132458e5 2.1WS/en/os/i386/XFree86-libs-4.1.0-58.EL.i386.rpm c49fd2dee91f7f89f480ace1c1f93793 2.1WS/en/os/i386/XFree86-tools-4.1.0-58.EL.i386.rpm fd454a6ec8ac1f335111cad9d04607f0 2.1WS/en/os/i386/XFree86-twm-4.1.0-58.EL.i386.rpm 7a4445e65c1dba807681e6b655602180 2.1WS/en/os/i386/XFree86-xdm-4.1.0-58.EL.i386.rpm ce13bf7b82bf8ec5106becf2185bb780 2.1WS/en/os/i386/XFree86-xf86cfg-4.1.0-58.EL.i386.rpm 882c25c8a045b3faef89eab3065df024 2.1WS/en/os/i386/XFree86-xfs-4.1.0-58.EL.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0094 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAh4fRXlSAg2UNWIIRAuYlAJ9rvN92kBGv9nWuGFm5LGGKnpannACghlZK nOdKXVxL6QXarX2ieTPNqwo= =tUTB -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Apr 22 19:16:00 2004 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Apr 2004 15:16 -0400 Subject: [RHSA-2004:183-01] Updated kernel packages fix security vulnerabilities Message-ID: <200404221916.i3MJGrl14906@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages fix security vulnerabilities Advisory ID: RHSA-2004:183-01 Issue date: 2004-04-22 Updated on: 2004-04-22 Product: Red Hat Enterprise Linux Keywords: Cross references: Obsoletes: RHSA-2004:066 CVE Names: CAN-2004-0109 CAN-2004-0424 - --------------------------------------------------------------------- 1. Topic: Updated kernel packages that fix two privilege escalation vulnerabilities are now available. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - athlon, i386, i686, ia64, ppc64, ppc64iseries, ppc64pseries, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - athlon, i386, i686 Red Hat Enterprise Linux WS version 3 - athlon, i386, i686, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. iSEC Security Research discovered a flaw in the ip_setsockopt() function code of the Linux kernel versions 2.4.22 to 2.4.25 inclusive. This flaw also affects the 2.4.21 kernel in Red Hat Enterprise Linux 3 which contained a backported version of the affected code. A local user could use this flaw to gain root privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0424 to this issue. iDefense reported a buffer overflow flaw in the ISO9660 filesystem code. An attacker could create a malicious filesystem in such a way that root privileges may be obtained if the filesystem is mounted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0109 to this issue. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info): 120028 - CAN-2004-0109 kernel iso9660 buffer overflow 121314 - Linux kernel setsockopt MCAST_MSFILTER integer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm athlon: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.i386.rpm i686: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm ia64: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.ia64.rpm ppc64: Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.ppc64.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.ppc64.rpm ppc64iseries: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.ppc64iseries.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.ppc64iseries.rpm ppc64pseries: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.ppc64pseries.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.ppc64pseries.rpm s390: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.s390.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.s390.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.s390.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.s390.rpm s390x: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.s390x.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.s390x.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.s390x.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.s390x.rpm x86_64: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm athlon: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.i386.rpm i686: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm athlon: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm i386: Available from Red Hat Network: kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.i386.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.i386.rpm i686: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm ia64: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.ia64.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.ia64.rpm x86_64: Available from Red Hat Network: kernel-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-doc-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-smp-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-smp-unsupported-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-source-2.4.21-9.0.3.EL.x86_64.rpm Available from Red Hat Network: kernel-unsupported-2.4.21-9.0.3.EL.x86_64.rpm 7. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 75e184e496f05cd18eea12a94a45d992 3AS/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm 747381f00d4483d2b680d81a79ee87d0 3AS/en/os/athlon/kernel-2.4.21-9.0.3.EL.athlon.rpm 4419e2bc38199f6e108c87c34c29c77f 3AS/en/os/athlon/kernel-smp-2.4.21-9.0.3.EL.athlon.rpm c40f0b228e80bd863eeba517a05909c8 3AS/en/os/athlon/kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm 5fef3bbf1605baaea07bd77ff96fff79 3AS/en/os/athlon/kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm 9d44d75032a22e1bafe070cbf83abea3 3AS/en/os/i386/kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm 090afc63ecd3b2dd68e76c25c428c0c3 3AS/en/os/i386/kernel-doc-2.4.21-9.0.3.EL.i386.rpm 52678a51fc609431df2d2c7ec3d66396 3AS/en/os/i386/kernel-source-2.4.21-9.0.3.EL.i386.rpm 0f0d28e815672056c265bc5d95a26b04 3AS/en/os/i686/kernel-2.4.21-9.0.3.EL.i686.rpm 15edf9ad36ad8ab7655025be9c68149b 3AS/en/os/i686/kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm be46b5651aea10e71f8ce5cd403e5597 3AS/en/os/i686/kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm 58ef6536346d05530dea4d6553f22403 3AS/en/os/i686/kernel-smp-2.4.21-9.0.3.EL.i686.rpm 8803be23264421aaa299d55b8e534e9e 3AS/en/os/i686/kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm d678cc5434f16bb05af6ca66cafdea05 3AS/en/os/i686/kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm cb457e3e0a0460153b3bfbe5c39ef260 3AS/en/os/ia64/kernel-2.4.21-9.0.3.EL.ia64.rpm e5325b4988f0e75f185c1208749d1c62 3AS/en/os/ia64/kernel-doc-2.4.21-9.0.3.EL.ia64.rpm 977e74c136ab7e8cb2de0af714478544 3AS/en/os/ia64/kernel-source-2.4.21-9.0.3.EL.ia64.rpm b852fe340ebf22869bb1e02ce589aa0d 3AS/en/os/ia64/kernel-unsupported-2.4.21-9.0.3.EL.ia64.rpm 528032788bee51dae3dcd354d2f8b73a 3AS/en/os/ppc64/kernel-doc-2.4.21-9.0.3.EL.ppc64.rpm 7c2229ba9d9eafacb71bcc6e752f3a19 3AS/en/os/ppc64/kernel-source-2.4.21-9.0.3.EL.ppc64.rpm 97c5ecb52204e12156f7895edac7e064 3AS/en/os/ppc64iseries/kernel-2.4.21-9.0.3.EL.ppc64iseries.rpm 83307f0d8628593d4f82e2d73c0056fc 3AS/en/os/ppc64iseries/kernel-unsupported-2.4.21-9.0.3.EL.ppc64iseries.rpm c823973a230c40ac9edd411897b7113d 3AS/en/os/ppc64pseries/kernel-2.4.21-9.0.3.EL.ppc64pseries.rpm 65c97716b999af8eab0e1f8e24b209d8 3AS/en/os/ppc64pseries/kernel-unsupported-2.4.21-9.0.3.EL.ppc64pseries.rpm ae7e0719db784bb53d78caadb9a28f46 3AS/en/os/s390/kernel-2.4.21-9.0.3.EL.s390.rpm 1642932547b2719d36eca9b51d4825d6 3AS/en/os/s390/kernel-doc-2.4.21-9.0.3.EL.s390.rpm ae2f9d3424d123c7b3e0ba43d0031d81 3AS/en/os/s390/kernel-source-2.4.21-9.0.3.EL.s390.rpm d334ddf760fce749557602fb71b20fe7 3AS/en/os/s390/kernel-unsupported-2.4.21-9.0.3.EL.s390.rpm 2e08a2aa7c25dc023f31f7028daf1dbb 3AS/en/os/s390x/kernel-2.4.21-9.0.3.EL.s390x.rpm f2d16837ef21af8e303a7694cfc50e73 3AS/en/os/s390x/kernel-doc-2.4.21-9.0.3.EL.s390x.rpm 7383745e47cdd0e97d21d203df9a953e 3AS/en/os/s390x/kernel-source-2.4.21-9.0.3.EL.s390x.rpm abb43640b44870450af1f3b61a2d4b1e 3AS/en/os/s390x/kernel-unsupported-2.4.21-9.0.3.EL.s390x.rpm 4153e7472cbc9e57331d8bd6ab963374 3AS/en/os/x86_64/kernel-2.4.21-9.0.3.EL.x86_64.rpm b069533b3d6f1fc3aeba858a28dcfa1f 3AS/en/os/x86_64/kernel-doc-2.4.21-9.0.3.EL.x86_64.rpm 970369d2dfd7c9ea04d8073b7a8c9f3b 3AS/en/os/x86_64/kernel-smp-2.4.21-9.0.3.EL.x86_64.rpm 07628c9fe1be29deeabd2192dfeffcfb 3AS/en/os/x86_64/kernel-smp-unsupported-2.4.21-9.0.3.EL.x86_64.rpm dc4d55f0619c476d947f39a6760dca10 3AS/en/os/x86_64/kernel-source-2.4.21-9.0.3.EL.x86_64.rpm b8d738cb4bc5240bb089b59622da1ff4 3AS/en/os/x86_64/kernel-unsupported-2.4.21-9.0.3.EL.x86_64.rpm 75e184e496f05cd18eea12a94a45d992 3ES/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm 747381f00d4483d2b680d81a79ee87d0 3ES/en/os/athlon/kernel-2.4.21-9.0.3.EL.athlon.rpm 4419e2bc38199f6e108c87c34c29c77f 3ES/en/os/athlon/kernel-smp-2.4.21-9.0.3.EL.athlon.rpm c40f0b228e80bd863eeba517a05909c8 3ES/en/os/athlon/kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm 5fef3bbf1605baaea07bd77ff96fff79 3ES/en/os/athlon/kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm 9d44d75032a22e1bafe070cbf83abea3 3ES/en/os/i386/kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm 090afc63ecd3b2dd68e76c25c428c0c3 3ES/en/os/i386/kernel-doc-2.4.21-9.0.3.EL.i386.rpm 52678a51fc609431df2d2c7ec3d66396 3ES/en/os/i386/kernel-source-2.4.21-9.0.3.EL.i386.rpm 0f0d28e815672056c265bc5d95a26b04 3ES/en/os/i686/kernel-2.4.21-9.0.3.EL.i686.rpm 15edf9ad36ad8ab7655025be9c68149b 3ES/en/os/i686/kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm be46b5651aea10e71f8ce5cd403e5597 3ES/en/os/i686/kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm 58ef6536346d05530dea4d6553f22403 3ES/en/os/i686/kernel-smp-2.4.21-9.0.3.EL.i686.rpm 8803be23264421aaa299d55b8e534e9e 3ES/en/os/i686/kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm d678cc5434f16bb05af6ca66cafdea05 3ES/en/os/i686/kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm 75e184e496f05cd18eea12a94a45d992 3WS/en/os/SRPMS/kernel-2.4.21-9.0.3.EL.src.rpm 747381f00d4483d2b680d81a79ee87d0 3WS/en/os/athlon/kernel-2.4.21-9.0.3.EL.athlon.rpm 4419e2bc38199f6e108c87c34c29c77f 3WS/en/os/athlon/kernel-smp-2.4.21-9.0.3.EL.athlon.rpm c40f0b228e80bd863eeba517a05909c8 3WS/en/os/athlon/kernel-smp-unsupported-2.4.21-9.0.3.EL.athlon.rpm 5fef3bbf1605baaea07bd77ff96fff79 3WS/en/os/athlon/kernel-unsupported-2.4.21-9.0.3.EL.athlon.rpm 9d44d75032a22e1bafe070cbf83abea3 3WS/en/os/i386/kernel-BOOT-2.4.21-9.0.3.EL.i386.rpm 090afc63ecd3b2dd68e76c25c428c0c3 3WS/en/os/i386/kernel-doc-2.4.21-9.0.3.EL.i386.rpm 52678a51fc609431df2d2c7ec3d66396 3WS/en/os/i386/kernel-source-2.4.21-9.0.3.EL.i386.rpm 0f0d28e815672056c265bc5d95a26b04 3WS/en/os/i686/kernel-2.4.21-9.0.3.EL.i686.rpm 15edf9ad36ad8ab7655025be9c68149b 3WS/en/os/i686/kernel-hugemem-2.4.21-9.0.3.EL.i686.rpm be46b5651aea10e71f8ce5cd403e5597 3WS/en/os/i686/kernel-hugemem-unsupported-2.4.21-9.0.3.EL.i686.rpm 58ef6536346d05530dea4d6553f22403 3WS/en/os/i686/kernel-smp-2.4.21-9.0.3.EL.i686.rpm 8803be23264421aaa299d55b8e534e9e 3WS/en/os/i686/kernel-smp-unsupported-2.4.21-9.0.3.EL.i686.rpm d678cc5434f16bb05af6ca66cafdea05 3WS/en/os/i686/kernel-unsupported-2.4.21-9.0.3.EL.i686.rpm cb457e3e0a0460153b3bfbe5c39ef260 3WS/en/os/ia64/kernel-2.4.21-9.0.3.EL.ia64.rpm e5325b4988f0e75f185c1208749d1c62 3WS/en/os/ia64/kernel-doc-2.4.21-9.0.3.EL.ia64.rpm 977e74c136ab7e8cb2de0af714478544 3WS/en/os/ia64/kernel-source-2.4.21-9.0.3.EL.ia64.rpm b852fe340ebf22869bb1e02ce589aa0d 3WS/en/os/ia64/kernel-unsupported-2.4.21-9.0.3.EL.ia64.rpm 4153e7472cbc9e57331d8bd6ab963374 3WS/en/os/x86_64/kernel-2.4.21-9.0.3.EL.x86_64.rpm b069533b3d6f1fc3aeba858a28dcfa1f 3WS/en/os/x86_64/kernel-doc-2.4.21-9.0.3.EL.x86_64.rpm 970369d2dfd7c9ea04d8073b7a8c9f3b 3WS/en/os/x86_64/kernel-smp-2.4.21-9.0.3.EL.x86_64.rpm 07628c9fe1be29deeabd2192dfeffcfb 3WS/en/os/x86_64/kernel-smp-unsupported-2.4.21-9.0.3.EL.x86_64.rpm dc4d55f0619c476d947f39a6760dca10 3WS/en/os/x86_64/kernel-source-2.4.21-9.0.3.EL.x86_64.rpm b8d738cb4bc5240bb089b59622da1ff4 3WS/en/os/x86_64/kernel-unsupported-2.4.21-9.0.3.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://www.redhat.com/security/team/key.html You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 8. References: http://www.isec.pl/vulnerabilities/isec-0015-msfilter.txt http://www.idefense.com/application/poi/display?id=101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0109 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0424 9. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact.html Copyright 2004 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQFAiBoiXlSAg2UNWIIRAmIPAJ0dpW+WifnDNw254lN5VOThdMQSAQCgiJpB +Zp7Hnn3NAqJ/0pY6HPNA7U= =3Vr4 -----END PGP SIGNATURE-----