From bugzilla at redhat.com Tue Jul 5 19:52:58 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 5 Jul 2005 15:52:58 -0400 Subject: [RHSA-2005:523-02] Critical: RealPlayer security update Message-ID: <200507051952.j65JqxZg026591@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: RealPlayer security update Advisory ID: RHSA-2005:523-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-523.html Issue date: 2005-06-23 Updated on: 2005-07-05 Product: Red Hat Enterprise Linux Extras CVE Names: CAN-2005-1766 - --------------------------------------------------------------------- 1. Summary: An updated RealPlayer package that fixes a buffer overflow issue is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. [Updated 05 Jul 2005] The previous package for Red Hat Enterprise Linux 4 did not contain the proper fix for this issue. This erratum has been updated with a replacement package that corrects this issue 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Problem description: RealPlayer is a media player that provides media playback locally and via streaming. It plays RealAudio, RealVideo, MP3, 3GPP Video, Flash, SMIL 2.0, JPEG, GIF, PNG, RealPix, RealText, and more. A buffer overflow bug was found in the way RealPlayer processes SMIL files. An attacker could create a specially crafted SMIL file that could combine with a malicious Web server to execute arbitrary code when the file was opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1766 to this issue. All users of RealPlayer are advised to upgrade to this updated package, which contains RealPlayer version 10.0.5 and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 159864 - CAN-2005-1766 RealPlayer heap overflow 159868 - CAN-2005-1766 RealPlayer heap overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm x86_64: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm Red Hat Desktop version 3 Extras: i386: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm x86_64: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm x86_64: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm x86_64: 7508c3d3ca7a7739e3422ad14537b657 realplayer-10.0.5-0.rhel3.1.i386.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm x86_64: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm Red Hat Desktop version 4 Extras: i386: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm x86_64: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm x86_64: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm x86_64: 4d71e816c48c03236ac6653b343daf77 RealPlayer-10.0.5-2.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1766 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCyuUHXlSAg2UNWIIRAutsAJ9iW+DHh1BmAIYl1vuicoQjrHCxCwCeIJGA xPvMPzR/DJu4udFpIgetSIM= =t/sY -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 6 14:34:48 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 6 Jul 2005 10:34:48 -0400 Subject: [RHSA-2005:569-01] Important: zlib security update Message-ID: <200507061434.j66EYnRF004164@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: zlib security update Advisory ID: RHSA-2005:569-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-569.html Issue date: 2005-07-06 Updated on: 2005-07-06 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-2096 - --------------------------------------------------------------------- 1. Summary: Updated Zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Zlib is a general-purpose lossless data compression library which is used by many different programs. Tavis Ormandy discovered a buffer overflow affecting Zlib version 1.2 and above. An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. As an example, an attacker could create a malicious PNG image file which would cause a web browser or mail viewer to crash if the image is viewed. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2096 to this issue. Please note that the versions of Zlib as shipped with Red Hat Enterprise Linux 2.1 and 3 are not vulnerable to this issue. All users should update to these erratum packages which contain a patch from Mark Adler which corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 162391 - CAN-2005-2096 zlib buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/zlib-1.2.1.2-1.1.src.rpm b09854b7fbd3c6aef59e15379d563bc2 zlib-1.2.1.2-1.1.src.rpm i386: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm ia64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm cc9e3223c11f5046a24ec68ff98d3a43 zlib-1.2.1.2-1.1.ia64.rpm c46ed128d73cba13ace294e80e9a48d3 zlib-devel-1.2.1.2-1.1.ia64.rpm ppc: 0a40389caa51dec8625e0c0b11a44e87 zlib-1.2.1.2-1.1.ppc.rpm 68de3c2b8e24ee086718f888b52d2d1d zlib-1.2.1.2-1.1.ppc64.rpm b87b7e205c4d450a31b75a7a1ed9be0b zlib-devel-1.2.1.2-1.1.ppc.rpm 1d57bd73dc26f813fed1450dc9c70638 zlib-devel-1.2.1.2-1.1.ppc64.rpm s390: 95bd5739a0d7e95977c4d1ead6584776 zlib-1.2.1.2-1.1.s390.rpm 87c887b819a7c2d2ed9fb5bf672f8b84 zlib-devel-1.2.1.2-1.1.s390.rpm s390x: 95bd5739a0d7e95977c4d1ead6584776 zlib-1.2.1.2-1.1.s390.rpm dfa44b20f0fe492a3c14c4a2e1b18f86 zlib-1.2.1.2-1.1.s390x.rpm 87c887b819a7c2d2ed9fb5bf672f8b84 zlib-devel-1.2.1.2-1.1.s390.rpm 24bb5acdf163d308774d0c05ecf5a5bb zlib-devel-1.2.1.2-1.1.s390x.rpm x86_64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d033b0a59c082ab7038435862f8f8ea6 zlib-1.2.1.2-1.1.x86_64.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm 93289aa3e51b5f8e0bf2300dc2b97784 zlib-devel-1.2.1.2-1.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/zlib-1.2.1.2-1.1.src.rpm b09854b7fbd3c6aef59e15379d563bc2 zlib-1.2.1.2-1.1.src.rpm i386: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm x86_64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d033b0a59c082ab7038435862f8f8ea6 zlib-1.2.1.2-1.1.x86_64.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm 93289aa3e51b5f8e0bf2300dc2b97784 zlib-devel-1.2.1.2-1.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/zlib-1.2.1.2-1.1.src.rpm b09854b7fbd3c6aef59e15379d563bc2 zlib-1.2.1.2-1.1.src.rpm i386: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm ia64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm cc9e3223c11f5046a24ec68ff98d3a43 zlib-1.2.1.2-1.1.ia64.rpm c46ed128d73cba13ace294e80e9a48d3 zlib-devel-1.2.1.2-1.1.ia64.rpm x86_64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d033b0a59c082ab7038435862f8f8ea6 zlib-1.2.1.2-1.1.x86_64.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm 93289aa3e51b5f8e0bf2300dc2b97784 zlib-devel-1.2.1.2-1.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/zlib-1.2.1.2-1.1.src.rpm b09854b7fbd3c6aef59e15379d563bc2 zlib-1.2.1.2-1.1.src.rpm i386: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm ia64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm cc9e3223c11f5046a24ec68ff98d3a43 zlib-1.2.1.2-1.1.ia64.rpm c46ed128d73cba13ace294e80e9a48d3 zlib-devel-1.2.1.2-1.1.ia64.rpm x86_64: b80a549b59a2864e51fce1849ed91714 zlib-1.2.1.2-1.1.i386.rpm d033b0a59c082ab7038435862f8f8ea6 zlib-1.2.1.2-1.1.x86_64.rpm d5db7d5f5a65de792571dffd49abb433 zlib-devel-1.2.1.2-1.1.i386.rpm 93289aa3e51b5f8e0bf2300dc2b97784 zlib-devel-1.2.1.2-1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCy+v7XlSAg2UNWIIRAkwtAKC1ClT2DyFFV65IBNDqqzzVwMxzkACfXpV7 uP9ZvH+FP0TG1MnQSRC9NS8= =oIsr -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 7 20:06:17 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 7 Jul 2005 16:06:17 -0400 Subject: [RHSA-2005:564-01] Important: php security update Message-ID: <200507072006.j67K6Qgh017302@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2005:564-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-564.html Issue date: 2005-07-07 Updated on: 2005-07-07 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1751 CAN-2005-1921 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix two security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1921 to this issue. When using the default SELinux "targeted" policy on Red Hat Enterprise Linux 4, the impact of this issue is reduced since the scripts executed by PHP are constrained within the httpd_sys_script_t security context. A race condition in temporary file handling was discovered in the shtool script installed by PHP. If a third-party PHP module which uses shtool was compiled as root, a local user may be able to modify arbitrary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1751 to this issue. Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 158904 - Incorrect descriptions for php-ncurses and php-gd packages 159000 - CAN-2005-1751 shtool insecure temporary file creation 162044 - CAN-2005-1921 PHP PEAR XML_RPC arbitrary code execution 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-24.ent.src.rpm f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm i386: 2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm 6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm 9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm 0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm 40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm ia64: bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm 67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm 993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm 2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm 89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm ppc: c5e7bcb825c95e74da277c3d19a3d4d5 php-4.3.2-24.ent.ppc.rpm 01a8744c7a8ff98af61c95201498c525 php-devel-4.3.2-24.ent.ppc.rpm 578871a86d0439704e9014d419e6b9fc php-imap-4.3.2-24.ent.ppc.rpm cb801002f101b54b0b5dcb3c41df8de3 php-ldap-4.3.2-24.ent.ppc.rpm b2b3d9fd1b64470d3b1b7ffecf07f028 php-mysql-4.3.2-24.ent.ppc.rpm 3fc69bdaffaabd90bbc1191c2725d552 php-odbc-4.3.2-24.ent.ppc.rpm 5116dab82f8b99b6c8e988934a00b683 php-pgsql-4.3.2-24.ent.ppc.rpm s390: 50176f1192af0aeb6d72ea9245d0da62 php-4.3.2-24.ent.s390.rpm 457b588fc3df06385ae1146ca8c17ad4 php-devel-4.3.2-24.ent.s390.rpm 03ebdae3cbd4b5513b403b094af72348 php-imap-4.3.2-24.ent.s390.rpm 2ada8ab314aeb929fcac760bd817c754 php-ldap-4.3.2-24.ent.s390.rpm 024f9581408a8af35fb138902fbc8963 php-mysql-4.3.2-24.ent.s390.rpm 525e6ce35913dd0874173615f3c38862 php-odbc-4.3.2-24.ent.s390.rpm 4942a24e8f236483fa98104fff73c030 php-pgsql-4.3.2-24.ent.s390.rpm s390x: dbf0f7b8622ab9afc1bb0813f148839e php-4.3.2-24.ent.s390x.rpm 52e3e4da8f008924d28c8aac308c8712 php-devel-4.3.2-24.ent.s390x.rpm 70456a949a2e08a9beb79abe8f2f054b php-imap-4.3.2-24.ent.s390x.rpm 32fc1e42fcfa36ae908aba0588b33d32 php-ldap-4.3.2-24.ent.s390x.rpm aa1da593d994fedff26812ca5f73a997 php-mysql-4.3.2-24.ent.s390x.rpm 2fed2e7c1d7119ec16470c87f96291d1 php-odbc-4.3.2-24.ent.s390x.rpm 8c75c6b45244b9fcdc57489c08207694 php-pgsql-4.3.2-24.ent.s390x.rpm x86_64: 42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm 4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm 19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm 08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-24.ent.src.rpm f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm i386: 2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm 6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm 9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm 0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm 40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm x86_64: 42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm 4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm 19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm 08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-24.ent.src.rpm f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm i386: 2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm 6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm 9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm 0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm 40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm ia64: bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm 67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm 993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm 2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm 89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm x86_64: 42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm 4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm 19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm 08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-24.ent.src.rpm f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm i386: 2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm 6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm 9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm 0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm 40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm ia64: bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm 67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm 993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm 2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm 89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm x86_64: 42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm 4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm 19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm 08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.7.src.rpm 7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm i386: 8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm 7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm 0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm 5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm 3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm 0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm 316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm 67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm ia64: 410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm 58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm 4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm 5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm 7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm 4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm 4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm 7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm 5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm 27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm 8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm 98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm ppc: 9b767d6b7cc8169c7500af5ec54440bd php-4.3.9-3.7.ppc.rpm 520efe3d7aa43f658438db2124bb2e89 php-devel-4.3.9-3.7.ppc.rpm 29263976528e49b8cba91e777b23d6d5 php-domxml-4.3.9-3.7.ppc.rpm 651290657f9f3efe4e298ec00adafe1a php-gd-4.3.9-3.7.ppc.rpm 8ff5fceb90bc9a470fc96b09e914dd29 php-imap-4.3.9-3.7.ppc.rpm 067d6aec5c880d76037104ee7aff36fc php-ldap-4.3.9-3.7.ppc.rpm 4c01da7a962c99dabd718eaa4d1a770c php-mbstring-4.3.9-3.7.ppc.rpm 437bffdd9d3f6d199a361db3701e855e php-mysql-4.3.9-3.7.ppc.rpm deab11841419e619452c48a81449401a php-ncurses-4.3.9-3.7.ppc.rpm 8da559385e89177cc916d9958a5562fd php-odbc-4.3.9-3.7.ppc.rpm 9cbfe13f588ab2dd5681de604be35906 php-pear-4.3.9-3.7.ppc.rpm c8ff870fddcea9727d4efa29556487ef php-pgsql-4.3.9-3.7.ppc.rpm 7b37f9cd955ee99ef460cb71853ec46f php-snmp-4.3.9-3.7.ppc.rpm 33a3d25709154521ced462debb453046 php-xmlrpc-4.3.9-3.7.ppc.rpm s390: cb912cb18556828f579763c57894085c php-4.3.9-3.7.s390.rpm d958230d42baf65357cb853d0c1c9640 php-devel-4.3.9-3.7.s390.rpm 3d8e25de53579e9439a479c9ee27aa5c php-domxml-4.3.9-3.7.s390.rpm 32c159e9f339f6012c8c9b21f0885e51 php-gd-4.3.9-3.7.s390.rpm b01e429ee34648452f97b749dd175967 php-imap-4.3.9-3.7.s390.rpm 5ce501c28f62774fdf2923a2ec1ddb80 php-ldap-4.3.9-3.7.s390.rpm 974155dc8e6ebcf62bf64803966c024b php-mbstring-4.3.9-3.7.s390.rpm 4a9961cb08a84c864a508a90fa805b25 php-mysql-4.3.9-3.7.s390.rpm 7988dac4cbfda1ae37f291f92fff8a60 php-ncurses-4.3.9-3.7.s390.rpm 84e58c44ea8f26700fb58c8321b4bed4 php-odbc-4.3.9-3.7.s390.rpm c6af35745c56c2f10052f6e3d6417992 php-pear-4.3.9-3.7.s390.rpm 447e4d38ca1230e046513c2c08830d7a php-pgsql-4.3.9-3.7.s390.rpm 3f7c23b552ceff684bb21e5115ee0bc5 php-snmp-4.3.9-3.7.s390.rpm 0246b3e8171f4b9a490502f1874e9840 php-xmlrpc-4.3.9-3.7.s390.rpm s390x: 0bb83d7489d27b060b92cf86b1efddb6 php-4.3.9-3.7.s390x.rpm b638c7c0d9ba77ddbccf2cb84a159015 php-devel-4.3.9-3.7.s390x.rpm 382d058aaa5f89a3ec4585c919c86803 php-domxml-4.3.9-3.7.s390x.rpm f970b6e56b71b64c96cbb3bfae04b451 php-gd-4.3.9-3.7.s390x.rpm a725286bb6807e77fab312bef07a64cc php-imap-4.3.9-3.7.s390x.rpm 4f209a066beb07bc1caf0edc31fd152a php-ldap-4.3.9-3.7.s390x.rpm 7fe2d9f955a012604fdcf5b1530986f4 php-mbstring-4.3.9-3.7.s390x.rpm f2b4cb261fc78aef254043c3c226a094 php-mysql-4.3.9-3.7.s390x.rpm 879d75684edc4865a56a9d62bc76c2e4 php-ncurses-4.3.9-3.7.s390x.rpm ffb67a20f14362d890073c1673384a20 php-odbc-4.3.9-3.7.s390x.rpm f664e7ba528e01d83597724518258d12 php-pear-4.3.9-3.7.s390x.rpm a0d2d00384ba23ad1cd55065b827ab89 php-pgsql-4.3.9-3.7.s390x.rpm 69521c6628814ad1636277f6d36decaa php-snmp-4.3.9-3.7.s390x.rpm 32288a3119a5073e36a141a06a06c2d6 php-xmlrpc-4.3.9-3.7.s390x.rpm x86_64: da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm 3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm 74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm 2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm 485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm 435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm 4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm 347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm 7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm 88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.7.src.rpm 7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm i386: 8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm 7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm 0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm 5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm 3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm 0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm 316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm 67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm x86_64: da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm 3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm 74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm 2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm 485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm 435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm 4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm 347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm 7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm 88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.7.src.rpm 7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm i386: 8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm 7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm 0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm 5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm 3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm 0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm 316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm 67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm ia64: 410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm 58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm 4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm 5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm 7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm 4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm 4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm 7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm 5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm 27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm 8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm 98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm x86_64: da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm 3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm 74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm 2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm 485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm 435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm 4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm 347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm 7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm 88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.7.src.rpm 7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm i386: 8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm 7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm 0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm 5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm 3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm 0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm 316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm 67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm ia64: 410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm 58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm 4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm 5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm 7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm 4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm 4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm 7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm 5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm 27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm 8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm 98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm x86_64: da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm 3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm 74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm 2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm 485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm 435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm 4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm 347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm 7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm 88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1751 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCzYsnXlSAg2UNWIIRAtX5AJ42kV0rmBiBt14TH9TzI3pWHzEkbgCePiOJ lPAvXdqwRdoG/wN+h+wIl9g= =LA0P -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jul 8 19:45:29 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 8 Jul 2005 15:45:29 -0400 Subject: [RHSA-2005:575-01] Critical: Adobe Acrobat Reader security update Message-ID: <200507081945.j68JjZ0m003373@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: Adobe Acrobat Reader security update Advisory ID: RHSA-2005:575-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-575.html Issue date: 2005-07-08 Updated on: 2005-07-08 Product: Red Hat Enterprise Linux Extras CVE Names: CAN-2005-1625 CAN-2005-1841 - --------------------------------------------------------------------- 1. Summary: Updated acroread packages that fix a security issue are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Problem description: The Adobe Acrobat Reader browser allows for the viewing, distributing, and printing of documents in portable document format (PDF). A buffer overflow bug has been found in Adobe Acrobat Reader. It is possible to execute arbitrary code on a victim's machine if the victim is tricked into opening a malicious PDF file. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-1625 to this issue. Please note that there is no browser plugin included with the x86_64 Adobe Acrobat Reader package; Therefore the security impact of this issue on x86_64 is reduced from "critical" to "important". Additionally Secunia Research discovered a bug in the way Adobe Acrobat Reader creates temporary files. When a user opens a document, temporary files are created which may be world readable, allowing a local user to view sensitive information. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-1841 to this issue. All users of Acrobat Reader are advised to upgrade to these updated packages, which contain Acrobat Reader version 7.0.0 and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 160649 - CAN-2005-1841 temporary file disclosure flaw 161807 - CAN-2005-1841 temporary file disclosure flaw 162569 - CAN-2005-1625 acroread buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm 14eaca74d05e428ed6396e176230d21a acroread-plugin-7.0.0-4.1.0.EL3.i386.rpm x86_64: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm Red Hat Desktop version 3 Extras: i386: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm 14eaca74d05e428ed6396e176230d21a acroread-plugin-7.0.0-4.1.0.EL3.i386.rpm x86_64: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm 14eaca74d05e428ed6396e176230d21a acroread-plugin-7.0.0-4.1.0.EL3.i386.rpm x86_64: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm 14eaca74d05e428ed6396e176230d21a acroread-plugin-7.0.0-4.1.0.EL3.i386.rpm x86_64: 71bfd84b4bc13528a35d0c544535caa5 acroread-7.0.0-4.1.0.EL3.i386.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm 8fdf6724f98d5d49e079c2d0cc09bf30 acroread-plugin-7.0.0-4.2.0.EL4.i386.rpm x86_64: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm Red Hat Desktop version 4 Extras: i386: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm 8fdf6724f98d5d49e079c2d0cc09bf30 acroread-plugin-7.0.0-4.2.0.EL4.i386.rpm x86_64: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm 8fdf6724f98d5d49e079c2d0cc09bf30 acroread-plugin-7.0.0-4.2.0.EL4.i386.rpm x86_64: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm 8fdf6724f98d5d49e079c2d0cc09bf30 acroread-plugin-7.0.0-4.2.0.EL4.i386.rpm x86_64: 1a4177e53580392be16d393578fbf192 acroread-7.0.0-4.2.0.EL4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.adobe.com/support/techdocs/329083.html http://secunia.com/advisories/14457/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1841 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCzte/XlSAg2UNWIIRAimyAKCrDj3pjP/EVt+PxUvhiGwC4ebKbgCgiS23 iSWBAIzvKV2krpcVXhLZ8tw= =mY2A -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 12 18:34:29 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 12 Jul 2005 14:34:29 -0400 Subject: [RHSA-2005:562-01] Critical: krb5 security update Message-ID: <200507121834.j6CIYVBu032217@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: krb5 security update Advisory ID: RHSA-2005:562-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-562.html Issue date: 2005-07-12 Updated on: 2005-07-12 Product: Red Hat Enterprise Linux Cross references: RHSA-2005:567 Obsoletes: RHSA-2005:330 CVE Names: CAN-2004-0175 CAN-2005-0488 CAN-2005-1175 CAN-2005-1689 - --------------------------------------------------------------------- 1. Summary: Updated krb5 packages which fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Although no exploit is currently known to exist, this issue could potentially be exploited to allow arbitrary code execution on a Key Distribution Center (KDC). The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1689 to this issue. Daniel Wachdorf discovered a single byte heap overflow in the krb5_unparse_name() function, part of krb5-libs. Sucessful exploitation of this flaw would lead to a denial of service (crash). To trigger this flaw an attacker would need to have control of a kerberos realm that shares a cross-realm key with the target, making exploitation of this flaw unlikely. (CAN-2005-1175). Ga?l Delalleau discovered an information disclosure issue in the way some telnet clients handle messages from a server. An attacker could construct a malicious telnet server that collects information from the environment of any victim who connects to it using the Kerberos-aware telnet client (CAN-2005-0488). The rcp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses the Kerberos-aware rcp to copy files from a malicious server (CAN-2004-0175). All users of krb5 should update to these erratum packages which contain backported patches to correct these issues. Red Hat would like to thank the MIT Kerberos Development Team for their responsible disclosure of these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 159304 - CAN-2005-0488 telnet Information Disclosure Vulnerability 159753 - CAN-2005-1689 double-free in krb5_recvauth 161471 - krb5 krb5_principal_compare NULL pointer crash 161611 - CAN-2004-0175 malicious rsh server can cause rcp to write to arbitrary files 162255 - CAN-2005-1175 krb5 buffer overflow in KDC 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-37.src.rpm 5d772e7c740e732034b985eb5e7d7b41 krb5-1.2.2-37.src.rpm i386: 283a0ed8f883a7ad7b26b45cb016e8ca krb5-devel-1.2.2-37.i386.rpm 7cb388a856413589650647e0a9564cb1 krb5-libs-1.2.2-37.i386.rpm e9aa3596874efb262790e07ac672d3b6 krb5-server-1.2.2-37.i386.rpm 169c84674beb1695eb981fdd50b576a1 krb5-workstation-1.2.2-37.i386.rpm ia64: d7508a6995fe60eb2ef436d377539cec krb5-devel-1.2.2-37.ia64.rpm 088e0a0865d8239b28be7427920c784f krb5-libs-1.2.2-37.ia64.rpm 5aa88a1c23d6282d314038d20dc968bd krb5-server-1.2.2-37.ia64.rpm ca40819f1a408b1eb7415adae1951dd4 krb5-workstation-1.2.2-37.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-37.src.rpm 5d772e7c740e732034b985eb5e7d7b41 krb5-1.2.2-37.src.rpm ia64: d7508a6995fe60eb2ef436d377539cec krb5-devel-1.2.2-37.ia64.rpm 088e0a0865d8239b28be7427920c784f krb5-libs-1.2.2-37.ia64.rpm 5aa88a1c23d6282d314038d20dc968bd krb5-server-1.2.2-37.ia64.rpm ca40819f1a408b1eb7415adae1951dd4 krb5-workstation-1.2.2-37.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-37.src.rpm 5d772e7c740e732034b985eb5e7d7b41 krb5-1.2.2-37.src.rpm i386: 283a0ed8f883a7ad7b26b45cb016e8ca krb5-devel-1.2.2-37.i386.rpm 7cb388a856413589650647e0a9564cb1 krb5-libs-1.2.2-37.i386.rpm e9aa3596874efb262790e07ac672d3b6 krb5-server-1.2.2-37.i386.rpm 169c84674beb1695eb981fdd50b576a1 krb5-workstation-1.2.2-37.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-37.src.rpm 5d772e7c740e732034b985eb5e7d7b41 krb5-1.2.2-37.src.rpm i386: 283a0ed8f883a7ad7b26b45cb016e8ca krb5-devel-1.2.2-37.i386.rpm 7cb388a856413589650647e0a9564cb1 krb5-libs-1.2.2-37.i386.rpm e9aa3596874efb262790e07ac672d3b6 krb5-server-1.2.2-37.i386.rpm 169c84674beb1695eb981fdd50b576a1 krb5-workstation-1.2.2-37.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-47.src.rpm b8269d371eb18afe5f496a6da97c5c40 krb5-1.2.7-47.src.rpm i386: 61ed228798dfec78fe47f3a64a02853b krb5-devel-1.2.7-47.i386.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm 5872d358c01320902ccacd063a6121f6 krb5-server-1.2.7-47.i386.rpm d55268c2e3f2156ec4116fe088bb85b1 krb5-workstation-1.2.7-47.i386.rpm ia64: 2072d4e5f43da1792152e9b54ced0a17 krb5-devel-1.2.7-47.ia64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm acfd537073b91f424bf50ebe8deac442 krb5-libs-1.2.7-47.ia64.rpm ae65b2188580cff61cc0312e4d5b3202 krb5-server-1.2.7-47.ia64.rpm cb0cb308aa0f1137c0daa669ec1ead24 krb5-workstation-1.2.7-47.ia64.rpm ppc: a903b06e058a287be57e2c7f0f94e980 krb5-devel-1.2.7-47.ppc.rpm 8a8469e3ef6a67eb496ad16559aa7405 krb5-libs-1.2.7-47.ppc.rpm 977ad9b12b867b889ff6bfd0b94c4a8f krb5-libs-1.2.7-47.ppc64.rpm 731d35f2b029c41a0b24891732bb4559 krb5-server-1.2.7-47.ppc.rpm 12d4e81ac7be9082782c78c899e433d8 krb5-workstation-1.2.7-47.ppc.rpm s390: 867e2d001c6980c0c5d0f37e714247ea krb5-devel-1.2.7-47.s390.rpm ee7b6ec8720ad8d9852d484c185165af krb5-libs-1.2.7-47.s390.rpm b048fb47c789862b45c6df459ad27d47 krb5-server-1.2.7-47.s390.rpm 1a0cfff73729877a6d82aba64d3f7e52 krb5-workstation-1.2.7-47.s390.rpm s390x: c80223d11f2563d11a057295860add78 krb5-devel-1.2.7-47.s390x.rpm ee7b6ec8720ad8d9852d484c185165af krb5-libs-1.2.7-47.s390.rpm 4d6fda2c87164c6292ec6b8edcea69f0 krb5-libs-1.2.7-47.s390x.rpm a95168d9021cc7c787c2de94afd38ebf krb5-server-1.2.7-47.s390x.rpm b6b382bbc101ef8287abc2b27e44d8b5 krb5-workstation-1.2.7-47.s390x.rpm x86_64: d467a180a18c6abcaad7c15406602417 krb5-devel-1.2.7-47.x86_64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm b319c5aee6eca1f14b3ae009f54202b9 krb5-libs-1.2.7-47.x86_64.rpm 98ba88672f8710329630030b8de6712e krb5-server-1.2.7-47.x86_64.rpm ad10533e67f6047f378cafbf922fea77 krb5-workstation-1.2.7-47.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-47.src.rpm b8269d371eb18afe5f496a6da97c5c40 krb5-1.2.7-47.src.rpm i386: 61ed228798dfec78fe47f3a64a02853b krb5-devel-1.2.7-47.i386.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm d55268c2e3f2156ec4116fe088bb85b1 krb5-workstation-1.2.7-47.i386.rpm x86_64: d467a180a18c6abcaad7c15406602417 krb5-devel-1.2.7-47.x86_64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm b319c5aee6eca1f14b3ae009f54202b9 krb5-libs-1.2.7-47.x86_64.rpm ad10533e67f6047f378cafbf922fea77 krb5-workstation-1.2.7-47.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-47.src.rpm b8269d371eb18afe5f496a6da97c5c40 krb5-1.2.7-47.src.rpm i386: 61ed228798dfec78fe47f3a64a02853b krb5-devel-1.2.7-47.i386.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm 5872d358c01320902ccacd063a6121f6 krb5-server-1.2.7-47.i386.rpm d55268c2e3f2156ec4116fe088bb85b1 krb5-workstation-1.2.7-47.i386.rpm ia64: 2072d4e5f43da1792152e9b54ced0a17 krb5-devel-1.2.7-47.ia64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm acfd537073b91f424bf50ebe8deac442 krb5-libs-1.2.7-47.ia64.rpm ae65b2188580cff61cc0312e4d5b3202 krb5-server-1.2.7-47.ia64.rpm cb0cb308aa0f1137c0daa669ec1ead24 krb5-workstation-1.2.7-47.ia64.rpm x86_64: d467a180a18c6abcaad7c15406602417 krb5-devel-1.2.7-47.x86_64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm b319c5aee6eca1f14b3ae009f54202b9 krb5-libs-1.2.7-47.x86_64.rpm 98ba88672f8710329630030b8de6712e krb5-server-1.2.7-47.x86_64.rpm ad10533e67f6047f378cafbf922fea77 krb5-workstation-1.2.7-47.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-47.src.rpm b8269d371eb18afe5f496a6da97c5c40 krb5-1.2.7-47.src.rpm i386: 61ed228798dfec78fe47f3a64a02853b krb5-devel-1.2.7-47.i386.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm d55268c2e3f2156ec4116fe088bb85b1 krb5-workstation-1.2.7-47.i386.rpm ia64: 2072d4e5f43da1792152e9b54ced0a17 krb5-devel-1.2.7-47.ia64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm acfd537073b91f424bf50ebe8deac442 krb5-libs-1.2.7-47.ia64.rpm cb0cb308aa0f1137c0daa669ec1ead24 krb5-workstation-1.2.7-47.ia64.rpm x86_64: d467a180a18c6abcaad7c15406602417 krb5-devel-1.2.7-47.x86_64.rpm cd30cacc7f4eaa7b098b33feb06253df krb5-libs-1.2.7-47.i386.rpm b319c5aee6eca1f14b3ae009f54202b9 krb5-libs-1.2.7-47.x86_64.rpm ad10533e67f6047f378cafbf922fea77 krb5-workstation-1.2.7-47.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-003-recvauth.txt http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2005-002-kdc.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0488 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC1A0yXlSAg2UNWIIRAqHhAJ9qUYUzVa0SMBxwiMnPvK8qh3jWGgCfSA50 gxvbJ/8prTsXziguyas+vZ0= =RPDC -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 12 18:34:47 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 12 Jul 2005 14:34:47 -0400 Subject: [RHSA-2005:567-02] Important: krb5 security update Message-ID: <200507121834.j6CIYnuc032232@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2005:567-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-567.html Issue date: 2005-07-12 Updated on: 2005-07-12 Product: Red Hat Enterprise Linux Cross references: RHSA-2005:562 Obsoletes: RHSA-2005:330 CVE Names: CAN-2004-0175 CAN-2005-1174 CAN-2005-1175 CAN-2005-1689 - --------------------------------------------------------------------- 1. Summary: Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Kerberos is a networked authentication system that uses a trusted third party (a KDC) to authenticate clients and servers to each other. A double-free flaw was found in the krb5_recvauth() routine which may be triggered by a remote unauthenticated attacker. Red Hat Enterprise Linux 4 contains checks within glibc that detect double-free flaws. Therefore, on Red Hat Enterprise Linux 4 successful exploitation of this issue can only lead to a denial of service (KDC crash). The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1689 to this issue. Daniel Wachdorf discovered a single byte heap overflow in the krb5_unparse_name() function, part of krb5-libs. Sucessful exploitation of this flaw would lead to a denial of service (crash). To trigger this flaw an attacker would need to have control of a kerberos realm that shares a cross-realm key with the target, making exploitation of this flaw unlikely. (CAN-2005-1175). Daniel Wachdorf also discovered that in error conditions that may occur in response to correctly-formatted client requests, the Kerberos 5 KDC may attempt to free uninitialized memory. This could allow a remote attacker to cause a denial of service (KDC crash) (CAN-2005-1174). Ga?l Delalleau discovered an information disclosure issue in the way some telnet clients handle messages from a server. An attacker could construct a malicious telnet server that collects information from the environment of any victim who connects to it using the Kerberos-aware telnet client (CAN-2005-0488). The rcp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses the Kerberos-aware rcp to copy files from a malicious server (CAN-2004-0175). All users of krb5 should update to these erratum packages, which contain backported patches to correct these issues. Red Hat would like to thank the MIT Kerberos Development Team for their responsible disclosure of these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 157103 - CAN-2005-1174 krb5 buffer overflow, heap corruption in KDC (CAN-2005-1175) 159304 - CAN-2005-0488 telnet Information Disclosure Vulnerability 159756 - CAN-2005-1689 double-free in krb5_recvauth 161471 - krb5 krb5_principal_compare NULL pointer crash 161611 - CAN-2004-0175 malicious rsh server can cause rcp to write to arbitrary files 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-17.src.rpm eb03ea1204d767bfdd5c651047474bc8 krb5-1.3.4-17.src.rpm i386: 8711751b5bbc9a586c05c5f6122758df krb5-devel-1.3.4-17.i386.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 36077a459b9e60055f1c4f97fe54b7e4 krb5-server-1.3.4-17.i386.rpm 41a717b95454e404d379a85ce691aa72 krb5-workstation-1.3.4-17.i386.rpm ia64: e022bc5b3a7fa4aa58c8df9ac8d4eb1c krb5-devel-1.3.4-17.ia64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 05f9346a3d1749ed344c1b6886ce8363 krb5-libs-1.3.4-17.ia64.rpm 23d98f10451ba361f99e8fd01da62729 krb5-server-1.3.4-17.ia64.rpm 47c4e458b181a4fc2d99ad110c35e80e krb5-workstation-1.3.4-17.ia64.rpm ppc: efa66e287518dd981a385f93dd087445 krb5-devel-1.3.4-17.ppc.rpm b01ebd176e288cadf3288162d5d45997 krb5-libs-1.3.4-17.ppc.rpm 6b57eff4d9b5506b45b749500b848838 krb5-libs-1.3.4-17.ppc64.rpm 4642ab1a5a73cb1fb4985cf7aa63003e krb5-server-1.3.4-17.ppc.rpm c4d951ee5954b2c7655c65af59e4cd6c krb5-workstation-1.3.4-17.ppc.rpm s390: 748be68de3ed9f3d40ce624322dc555e krb5-devel-1.3.4-17.s390.rpm f7b51e891da7442bf41d8297247dc1d5 krb5-libs-1.3.4-17.s390.rpm bfb93446ef2ab7b8a6d2a0ca0786aca5 krb5-server-1.3.4-17.s390.rpm ec219d6075667d8d7698e358d0d7e7ef krb5-workstation-1.3.4-17.s390.rpm s390x: 2370a9ceabc738c716ae515f598d4713 krb5-devel-1.3.4-17.s390x.rpm f7b51e891da7442bf41d8297247dc1d5 krb5-libs-1.3.4-17.s390.rpm b251dee235fdaaddfbc02dcf1106f5eb krb5-libs-1.3.4-17.s390x.rpm df7a2c26ac6a6f872ec3b8d33649bd8f krb5-server-1.3.4-17.s390x.rpm 79f44c1f3cf6e66892d6c40865ce8f72 krb5-workstation-1.3.4-17.s390x.rpm x86_64: 6810bc5ab22a5b9d8aef3728fdbf239c krb5-devel-1.3.4-17.x86_64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 24cb00892ca0c1d278cb6d92568145a0 krb5-libs-1.3.4-17.x86_64.rpm 197573ea8764dbf467df0c71546facdc krb5-server-1.3.4-17.x86_64.rpm 9c5d3e5cb109a13c1140cf2060e768b8 krb5-workstation-1.3.4-17.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-17.src.rpm eb03ea1204d767bfdd5c651047474bc8 krb5-1.3.4-17.src.rpm i386: 8711751b5bbc9a586c05c5f6122758df krb5-devel-1.3.4-17.i386.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 36077a459b9e60055f1c4f97fe54b7e4 krb5-server-1.3.4-17.i386.rpm 41a717b95454e404d379a85ce691aa72 krb5-workstation-1.3.4-17.i386.rpm x86_64: 6810bc5ab22a5b9d8aef3728fdbf239c krb5-devel-1.3.4-17.x86_64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 24cb00892ca0c1d278cb6d92568145a0 krb5-libs-1.3.4-17.x86_64.rpm 197573ea8764dbf467df0c71546facdc krb5-server-1.3.4-17.x86_64.rpm 9c5d3e5cb109a13c1140cf2060e768b8 krb5-workstation-1.3.4-17.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-17.src.rpm eb03ea1204d767bfdd5c651047474bc8 krb5-1.3.4-17.src.rpm i386: 8711751b5bbc9a586c05c5f6122758df krb5-devel-1.3.4-17.i386.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 36077a459b9e60055f1c4f97fe54b7e4 krb5-server-1.3.4-17.i386.rpm 41a717b95454e404d379a85ce691aa72 krb5-workstation-1.3.4-17.i386.rpm ia64: e022bc5b3a7fa4aa58c8df9ac8d4eb1c krb5-devel-1.3.4-17.ia64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 05f9346a3d1749ed344c1b6886ce8363 krb5-libs-1.3.4-17.ia64.rpm 23d98f10451ba361f99e8fd01da62729 krb5-server-1.3.4-17.ia64.rpm 47c4e458b181a4fc2d99ad110c35e80e krb5-workstation-1.3.4-17.ia64.rpm x86_64: 6810bc5ab22a5b9d8aef3728fdbf239c krb5-devel-1.3.4-17.x86_64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 24cb00892ca0c1d278cb6d92568145a0 krb5-libs-1.3.4-17.x86_64.rpm 197573ea8764dbf467df0c71546facdc krb5-server-1.3.4-17.x86_64.rpm 9c5d3e5cb109a13c1140cf2060e768b8 krb5-workstation-1.3.4-17.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-17.src.rpm eb03ea1204d767bfdd5c651047474bc8 krb5-1.3.4-17.src.rpm i386: 8711751b5bbc9a586c05c5f6122758df krb5-devel-1.3.4-17.i386.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 36077a459b9e60055f1c4f97fe54b7e4 krb5-server-1.3.4-17.i386.rpm 41a717b95454e404d379a85ce691aa72 krb5-workstation-1.3.4-17.i386.rpm ia64: e022bc5b3a7fa4aa58c8df9ac8d4eb1c krb5-devel-1.3.4-17.ia64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 05f9346a3d1749ed344c1b6886ce8363 krb5-libs-1.3.4-17.ia64.rpm 23d98f10451ba361f99e8fd01da62729 krb5-server-1.3.4-17.ia64.rpm 47c4e458b181a4fc2d99ad110c35e80e krb5-workstation-1.3.4-17.ia64.rpm x86_64: 6810bc5ab22a5b9d8aef3728fdbf239c krb5-devel-1.3.4-17.x86_64.rpm d672310384822836b3257c85777426ab krb5-libs-1.3.4-17.i386.rpm 24cb00892ca0c1d278cb6d92568145a0 krb5-libs-1.3.4-17.x86_64.rpm 197573ea8764dbf467df0c71546facdc krb5-server-1.3.4-17.x86_64.rpm 9c5d3e5cb109a13c1140cf2060e768b8 krb5-workstation-1.3.4-17.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1174 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1175 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1689 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC1A1FXlSAg2UNWIIRAgoRAKCuH08WzrJVtBUXB+kenSISHahRTwCeNyfz 7KQcZBE0oDxr5z0t7r9ZwQg= =q/Av -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 14 17:50:24 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 14 Jul 2005 13:50:24 -0400 Subject: [RHSA-2005:571-01] Moderate: cups security update Message-ID: <200507141750.j6EHoOCc011248@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: cups security update Advisory ID: RHSA-2005:571-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-571.html Issue date: 2005-07-14 Updated on: 2005-07-14 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-2154 - --------------------------------------------------------------------- 1. Summary: Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX(R) operating systems. When processing a request, the CUPS scheduler would use case-sensitive matching on the queue name to decide which authorization policy should be used. However, queue names are not case-sensitive. An unauthorized user could print to a password-protected queue without needing a password. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-2154 to this issue. Please note that the version of CUPS included in Red Hat Enterprise Linux 4 is not vulnerable to this issue. All users of CUPS should upgrade to these erratum packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 162405 - CAN-2004-2154 directive is case-sensitive in cupsd.conf but should not 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cups-1.1.17-13.3.29.src.rpm 81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm i386: 36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm 72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm ia64: 36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm 7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm ppc: 86f8571af07d8d5fa479ed729a13af37 cups-1.1.17-13.3.29.ppc.rpm ff62e1f6ae117e1db87a4299a4bd33a9 cups-devel-1.1.17-13.3.29.ppc.rpm 6e334775b2dbb8c09c25e011cb69cba4 cups-libs-1.1.17-13.3.29.ppc.rpm 9f23a140336a37a76bf6a9dbcbcdb9ff cups-libs-1.1.17-13.3.29.ppc64.rpm s390: 54d08a23a20b825b5c0c1e59ea0fe54b cups-1.1.17-13.3.29.s390.rpm eb62a6ea4f287a6eab9a0157f909e9e4 cups-devel-1.1.17-13.3.29.s390.rpm e067385a2f2e9ab235bd9f98943626c7 cups-libs-1.1.17-13.3.29.s390.rpm s390x: d400e53066c2c831ae85155c9b8b0de0 cups-1.1.17-13.3.29.s390x.rpm e3c00601315da00de3b8980a2c93aec8 cups-devel-1.1.17-13.3.29.s390x.rpm e067385a2f2e9ab235bd9f98943626c7 cups-libs-1.1.17-13.3.29.s390.rpm f6bb5b5be02c4acd32561a7a857c7eae cups-libs-1.1.17-13.3.29.s390x.rpm x86_64: a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm 7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm 56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cups-1.1.17-13.3.29.src.rpm 81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm i386: 36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm 72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm x86_64: a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm 7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm 56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cups-1.1.17-13.3.29.src.rpm 81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm i386: 36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm 72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm ia64: 36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm 7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm x86_64: a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm 7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm 56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cups-1.1.17-13.3.29.src.rpm 81c72be8ece7d629a9a73ffa32916c41 cups-1.1.17-13.3.29.src.rpm i386: 36bdfb6c6aa5eb58d5fe41b457ac7361 cups-1.1.17-13.3.29.i386.rpm 72307b7ee7bba211a5546a28362ac2a6 cups-devel-1.1.17-13.3.29.i386.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm ia64: 36d374d2e1abacc34ce965750541626b cups-1.1.17-13.3.29.ia64.rpm 7f3441b9e9879be1087bcd0607b1ab66 cups-devel-1.1.17-13.3.29.ia64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm a96ac4679c8b522d5433f23fade03f07 cups-libs-1.1.17-13.3.29.ia64.rpm x86_64: a692e1999e3ee1a95f3053d894675100 cups-1.1.17-13.3.29.x86_64.rpm 7f56302afb665afafcf61577a31bb1d6 cups-devel-1.1.17-13.3.29.x86_64.rpm 5dc46b9df27b30286b6604c6a1e6ee98 cups-libs-1.1.17-13.3.29.i386.rpm 56379591a637d0085b0838e0d97f0111 cups-libs-1.1.17-13.3.29.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2154 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC1qXLXlSAg2UNWIIRArVlAJ933Tn6L9v3/YDbNxnC76aUNEkWGQCfeDpx X91TrYMxU8iEe+bECcYx1oI= =GVe9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 21 10:21:12 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jul 2005 06:21:12 -0400 Subject: [RHSA-2005:586-01] Important: firefox security update Message-ID: <200507211021.j6LALCtW016980@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: firefox security update Advisory ID: RHSA-2005:586-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-586.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 - --------------------------------------------------------------------- 1. Summary: An updated firefox package that fixes various security bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. A bug was found in the way Firefox handled synthetic events. It is possible that Web content could generate events such as keystrokes or mouse clicks that could be used to steal data or execute malicious JavaScript code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2260 to this issue. A bug was found in the way Firefox executed Javascript in XBL controls. It is possible for a malicious webpage to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Firefox set an image as the desktop wallpaper. If a user chooses the "Set As Wallpaper..." context menu item on a specially crafted image, it is possible for an attacker to execute arbitrary code on a victim's machine. (CAN-2005-2262) A bug was found in the way Firefox installed its extensions. If a user can be tricked into visiting a malicious webpage, it may be possible to obtain sensitive information such as cookies or passwords. (CAN-2005-2263) A bug was found in the way Firefox handled the _search target. It is possible for a malicious website to inject JavaScript into an already open webpage. (CAN-2005-2264) A bug was found in the way Firefox handled certain Javascript functions. It is possible for a malicious web page to crash the browser by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Firefox handled multiple frame domains. It is possible for a frame as part of a malicious web site to inject content into a frame that belongs to another domain. This issue was previously fixed as CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937) A bug was found in the way Firefox handled child frames. It is possible for a malicious framed page to steal sensitive information from its parent page. (CAN-2005-2266) A bug was found in the way Firefox opened URLs from media players. If a media player opens a URL that is JavaScript, JavaScript is executed with access to the currently open webpage. (CAN-2005-2267) A design flaw was found in the way Firefox displayed alerts and prompts. Alerts and prompts were given the generic title [JavaScript Application] which prevented a user from knowing which site created them. (CAN-2005-2268) A bug was found in the way Firefox handled DOM node names. It is possible for a malicious site to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Firefox cloned base objects. It is possible for Web content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Firefox are advised to upgrade to this updated package that contains Firefox version 1.0.6 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163069 - CAN-2005-1937 multiple firefox security issues (CAN-2005-2260 CAN-2005-2261 CAN-2005-2262 CAN-2005-2263 CAN-2005-2264 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.0.6-1.4.1.src.rpm 58452d0748de0ee8c4eb95bb94e205fa firefox-1.0.6-1.4.1.src.rpm i386: a573396480cf9cca90721ecbdeafb10e firefox-1.0.6-1.4.1.i386.rpm ia64: cce285eeea2a5030dc5f3825e5ebb7a0 firefox-1.0.6-1.4.1.ia64.rpm ppc: 80c6ec042d1c769158d8910c8ed77a4b firefox-1.0.6-1.4.1.ppc.rpm s390: 13ade70330982cb475bc067626b10a6b firefox-1.0.6-1.4.1.s390.rpm s390x: 0542190e1e19ae9366138c198b3a5d2c firefox-1.0.6-1.4.1.s390x.rpm x86_64: fe91ccf88f5d99475078a16520937047 firefox-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.0.6-1.4.1.src.rpm 58452d0748de0ee8c4eb95bb94e205fa firefox-1.0.6-1.4.1.src.rpm i386: a573396480cf9cca90721ecbdeafb10e firefox-1.0.6-1.4.1.i386.rpm x86_64: fe91ccf88f5d99475078a16520937047 firefox-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.0.6-1.4.1.src.rpm 58452d0748de0ee8c4eb95bb94e205fa firefox-1.0.6-1.4.1.src.rpm i386: a573396480cf9cca90721ecbdeafb10e firefox-1.0.6-1.4.1.i386.rpm ia64: cce285eeea2a5030dc5f3825e5ebb7a0 firefox-1.0.6-1.4.1.ia64.rpm x86_64: fe91ccf88f5d99475078a16520937047 firefox-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.0.6-1.4.1.src.rpm 58452d0748de0ee8c4eb95bb94e205fa firefox-1.0.6-1.4.1.src.rpm i386: a573396480cf9cca90721ecbdeafb10e firefox-1.0.6-1.4.1.i386.rpm ia64: cce285eeea2a5030dc5f3825e5ebb7a0 firefox-1.0.6-1.4.1.ia64.rpm x86_64: fe91ccf88f5d99475078a16520937047 firefox-1.0.6-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2262 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2263 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2264 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC33b+XlSAg2UNWIIRAlvWAJ44PamVEqU2eSUzpyDkTquzkqY8NQCgsGV+ YnbRiq3NaI0xHhsYXapJ4uU= =2t3y -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 21 18:25:40 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jul 2005 14:25:40 -0400 Subject: [RHSA-2005:378-01] Low: cpio security update Message-ID: <200507211825.j6LIPfuI030512@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: cpio security update Advisory ID: RHSA-2005:378-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-378.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1111 - --------------------------------------------------------------------- 1. Summary: An updated cpio package that fixes multiple issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GNU cpio copies files into or out of a cpio or tar archive. A race condition bug was found in cpio. It is possible for a local malicious user to modify the permissions of a local file if they have write access to a directory in which a cpio archive is being extracted. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1111 to this issue. Additionally, this update adds cpio support for archives larger than 2GB. However, the size of individual files within an archive is limited to 4GB. All users of cpio are advised to upgrade to this updated package, which contains backported fixes for these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 105617 - cpio does not support large files > 2GB 144688 - cpio fails to unpack initrd on ppc 154507 - 511278 - needs fix for RHEL 4 on cpio bugzilla 105617 155749 - CAN-2005-1111 Race condition in cpio 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/cpio-2.5-4.RHEL3.src.rpm e5f2a621ca4099de80ad451722fbf17f cpio-2.5-4.RHEL3.src.rpm i386: 6d24e863541e94a83322c2c2f9a7cf01 cpio-2.5-4.RHEL3.i386.rpm ia64: e7d62ac8c85bdf8e6292ff6d6b167069 cpio-2.5-4.RHEL3.ia64.rpm ppc: 387a870467065f058f2dc75e0b4088d6 cpio-2.5-4.RHEL3.ppc.rpm s390: fe8d12ebe4e78abe460a7c062eac777f cpio-2.5-4.RHEL3.s390.rpm s390x: 7f78260811bb7a827b436d1f19a5b780 cpio-2.5-4.RHEL3.s390x.rpm x86_64: e8c3dc0c74a04b6d42bcb9af63a0e3f3 cpio-2.5-4.RHEL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/cpio-2.5-4.RHEL3.src.rpm e5f2a621ca4099de80ad451722fbf17f cpio-2.5-4.RHEL3.src.rpm i386: 6d24e863541e94a83322c2c2f9a7cf01 cpio-2.5-4.RHEL3.i386.rpm x86_64: e8c3dc0c74a04b6d42bcb9af63a0e3f3 cpio-2.5-4.RHEL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/cpio-2.5-4.RHEL3.src.rpm e5f2a621ca4099de80ad451722fbf17f cpio-2.5-4.RHEL3.src.rpm i386: 6d24e863541e94a83322c2c2f9a7cf01 cpio-2.5-4.RHEL3.i386.rpm ia64: e7d62ac8c85bdf8e6292ff6d6b167069 cpio-2.5-4.RHEL3.ia64.rpm x86_64: e8c3dc0c74a04b6d42bcb9af63a0e3f3 cpio-2.5-4.RHEL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/cpio-2.5-4.RHEL3.src.rpm e5f2a621ca4099de80ad451722fbf17f cpio-2.5-4.RHEL3.src.rpm i386: 6d24e863541e94a83322c2c2f9a7cf01 cpio-2.5-4.RHEL3.i386.rpm ia64: e7d62ac8c85bdf8e6292ff6d6b167069 cpio-2.5-4.RHEL3.ia64.rpm x86_64: e8c3dc0c74a04b6d42bcb9af63a0e3f3 cpio-2.5-4.RHEL3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cpio-2.5-8.RHEL4.src.rpm 17b4f342a3b3aaa3d47b06b420b6950f cpio-2.5-8.RHEL4.src.rpm i386: e275d9014ba5e817b821597548f73d20 cpio-2.5-8.RHEL4.i386.rpm ia64: f433780eb69c44dbe0cdd9ebca0c2ab6 cpio-2.5-8.RHEL4.ia64.rpm ppc: 8b2602b1cd384a24e881b0c1c5100fe3 cpio-2.5-8.RHEL4.ppc.rpm s390: 135b9dca6dac52f3889b0b06bcebd118 cpio-2.5-8.RHEL4.s390.rpm s390x: 64df4fdcf4219ebfc5b7d1559150765e cpio-2.5-8.RHEL4.s390x.rpm x86_64: ce03220243730632bbfdad24ee340b8d cpio-2.5-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cpio-2.5-8.RHEL4.src.rpm 17b4f342a3b3aaa3d47b06b420b6950f cpio-2.5-8.RHEL4.src.rpm i386: e275d9014ba5e817b821597548f73d20 cpio-2.5-8.RHEL4.i386.rpm x86_64: ce03220243730632bbfdad24ee340b8d cpio-2.5-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cpio-2.5-8.RHEL4.src.rpm 17b4f342a3b3aaa3d47b06b420b6950f cpio-2.5-8.RHEL4.src.rpm i386: e275d9014ba5e817b821597548f73d20 cpio-2.5-8.RHEL4.i386.rpm ia64: f433780eb69c44dbe0cdd9ebca0c2ab6 cpio-2.5-8.RHEL4.ia64.rpm x86_64: ce03220243730632bbfdad24ee340b8d cpio-2.5-8.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cpio-2.5-8.RHEL4.src.rpm 17b4f342a3b3aaa3d47b06b420b6950f cpio-2.5-8.RHEL4.src.rpm i386: e275d9014ba5e817b821597548f73d20 cpio-2.5-8.RHEL4.i386.rpm ia64: f433780eb69c44dbe0cdd9ebca0c2ab6 cpio-2.5-8.RHEL4.ia64.rpm x86_64: ce03220243730632bbfdad24ee340b8d cpio-2.5-8.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1111 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC3+iWXlSAg2UNWIIRAveoAJ0XwI2JVQsBRaHpfANkarPbUcd9cACgghSc 5XZBdHwd9QmlmWW3PAr07bU= =JgsL -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 21 18:25:59 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jul 2005 14:25:59 -0400 Subject: [RHSA-2005:584-01] Important: zlib security update Message-ID: <200507211826.j6LIQ0la030906@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: zlib security update Advisory ID: RHSA-2005:584-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-584.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:569 CVE Names: CAN-2005-1849 - --------------------------------------------------------------------- 1. Summary: Updated zlib packages that fix a buffer overflow are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Zlib is a general-purpose lossless data compression library that is used by many different programs. A previous zlib update, RHSA-2005:569 (CAN-2005-2096) fixed a flaw in zlib that could allow a carefully crafted compressed stream to crash an application. While the original patch corrected the reported overflow, Markus Oberhumer discovered additional ways a stream could trigger an overflow. An attacker could create a carefully crafted compressed stream that would cause an application to crash if the stream is opened by a user. As an example, an attacker could create a malicious PNG image file that would cause a Web browser or mail viewer to crash if the image is viewed. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2005-1849 to this issue. Note that the versions of zlib shipped with Red Hat Enterprise Linux 2.1 and 3 are not vulnerable to this issue. All users should update to these errata packages that contain a patch from Mark Adler that corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163037 - CAN-2005-1849 zlib buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm ppc: d9cd4122eccc130ec2a6d7c64444c3b9 zlib-1.2.1.2-1.2.ppc.rpm c2191b6f367b068c5aadad73bbf22c5c zlib-1.2.1.2-1.2.ppc64.rpm 961c16ee93912237b347328f73fa3c9b zlib-devel-1.2.1.2-1.2.ppc.rpm 235b2aec2af9595771b10218ec467635 zlib-devel-1.2.1.2-1.2.ppc64.rpm s390: 7efc2375f317b93d57d360cd4ac5a296 zlib-1.2.1.2-1.2.s390.rpm 942b1745f31f9719a6c0a8d5c7fef689 zlib-devel-1.2.1.2-1.2.s390.rpm s390x: 7efc2375f317b93d57d360cd4ac5a296 zlib-1.2.1.2-1.2.s390.rpm 2fddcbebe2083e23a16353719f241c44 zlib-1.2.1.2-1.2.s390x.rpm 942b1745f31f9719a6c0a8d5c7fef689 zlib-devel-1.2.1.2-1.2.s390.rpm 6797b66922691f00c5f6c1454c2522fe zlib-devel-1.2.1.2-1.2.s390x.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/zlib-1.2.1.2-1.2.src.rpm 53285b12c3dd5df4124d06fb883babad zlib-1.2.1.2-1.2.src.rpm i386: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm ia64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 1312f81b44238af7a12e6d129c2a4214 zlib-1.2.1.2-1.2.ia64.rpm 8c33f481ebacb03cd7e4a14260ca99fe zlib-devel-1.2.1.2-1.2.ia64.rpm x86_64: 30f929114a8ea2b081ce351d3d246d28 zlib-1.2.1.2-1.2.i386.rpm 2888c31cba9b579a69c08fb52a6464b3 zlib-1.2.1.2-1.2.x86_64.rpm bf96769c3fb67abb62f3bc4d0b0a0d5e zlib-devel-1.2.1.2-1.2.i386.rpm 9c789749e4d9a8e051f884cc29f307aa zlib-devel-1.2.1.2-1.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC3+iyXlSAg2UNWIIRAuy4AKC/6S+MgKGu1gK0fMNTWySgFXxpXwCglkBU BJqle8b0ZA+7+YBV8QSzI0U= =xI56 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 21 18:26:18 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jul 2005 14:26:18 -0400 Subject: [RHSA-2005:601-01] Important: thunderbird security update Message-ID: <200507211826.j6LIQIPj031282@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: thunderbird security update Advisory ID: RHSA-2005:601-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-601.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0989 CAN-2005-1159 CAN-2005-1160 CAN-2005-1532 CAN-2005-2261 CAN-2005-2265 CAN-2005-2266 CAN-2005-2269 CAN-2005-2270 - --------------------------------------------------------------------- 1. Summary: Updated thunderbird package that fixes various bugs is now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Thunderbird is a standalone mail and newsgroup client. A bug was found in the way Thunderbird handled anonymous functions during regular expression string replacement. It is possible for a malicious HTML mail to capture a random block of client memory. The Common Vulnerabilities and Exposures project has assigned this bug the name CAN-2005-0989. A bug was found in the way Thunderbird validated several XPInstall related JavaScript objects. A malicious HTML mail could pass other objects to the XPInstall objects, resulting in the JavaScript interpreter jumping to arbitrary locations in memory. (CAN-2005-1159) A bug was found in the way the Thunderbird privileged UI code handled DOM nodes from the content window. An HTML message could install malicious JavaScript code or steal data when a user performs commonplace actions such as clicking a link or opening the context menu. (CAN-2005-1160) A bug was found in the way Thunderbird executed JavaScript code. JavaScript executed from HTML mail should run with a restricted access level, preventing dangerous actions. It is possible that a malicious HTML mail could execute JavaScript code with elevated privileges, allowing access to protected data and functions. (CAN-2005-1532) A bug was found in the way Thunderbird executed Javascript in XBL controls. It is possible for a malicious HTML mail to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Thunderbird handled certain Javascript functions. It is possible for a malicious HTML mail to crash the client by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Thunderbird handled child frames. It is possible for a malicious framed HTML mail to steal sensitive information from its parent frame. (CAN-2005-2266) A bug was found in the way Thunderbird handled DOM node names. It is possible for a malicious HTML mail to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious JavaScript. (CAN-2005-2269) A bug was found in the way Thunderbird cloned base objects. It is possible for HTML content to navigate up the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Thunderbird are advised to upgrade to this updated package that contains Thunderbird version 1.0.6 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163285 - CAN-2005-0989 multiple thunderbird issues (CAN-2005-1159 CAN-2005-1160 CAN-2005-1532 CAN-2005-2261 CAN-2005-2265 CAN-2005-2266 CAN-2005-2269 CAN-2005-2270) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.0.6-1.4.1.src.rpm 4ca651b5dc57453928592fd044c5ec06 thunderbird-1.0.6-1.4.1.src.rpm i386: 360f828a103407017b5b55080c2abce2 thunderbird-1.0.6-1.4.1.i386.rpm ia64: 5dc22069eb5347949c82b03a817aab67 thunderbird-1.0.6-1.4.1.ia64.rpm ppc: c789ef4e880198bf62c1d5ce6ce45a1a thunderbird-1.0.6-1.4.1.ppc.rpm s390: 04de8ac6a39f91872cf0fea9a1d095e6 thunderbird-1.0.6-1.4.1.s390.rpm s390x: 8f157d7f59e420e847b4fc35848dcb29 thunderbird-1.0.6-1.4.1.s390x.rpm x86_64: a2eed99f760e2a273fbf33f47224ba49 thunderbird-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.0.6-1.4.1.src.rpm 4ca651b5dc57453928592fd044c5ec06 thunderbird-1.0.6-1.4.1.src.rpm i386: 360f828a103407017b5b55080c2abce2 thunderbird-1.0.6-1.4.1.i386.rpm x86_64: a2eed99f760e2a273fbf33f47224ba49 thunderbird-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.0.6-1.4.1.src.rpm 4ca651b5dc57453928592fd044c5ec06 thunderbird-1.0.6-1.4.1.src.rpm i386: 360f828a103407017b5b55080c2abce2 thunderbird-1.0.6-1.4.1.i386.rpm ia64: 5dc22069eb5347949c82b03a817aab67 thunderbird-1.0.6-1.4.1.ia64.rpm x86_64: a2eed99f760e2a273fbf33f47224ba49 thunderbird-1.0.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.0.6-1.4.1.src.rpm 4ca651b5dc57453928592fd044c5ec06 thunderbird-1.0.6-1.4.1.src.rpm i386: 360f828a103407017b5b55080c2abce2 thunderbird-1.0.6-1.4.1.i386.rpm ia64: 5dc22069eb5347949c82b03a817aab67 thunderbird-1.0.6-1.4.1.ia64.rpm x86_64: a2eed99f760e2a273fbf33f47224ba49 thunderbird-1.0.6-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0989 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1159 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1532 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC3+jDXlSAg2UNWIIRAod6AKC64FHUzfZ+uK++7nxGlMQYKn3U4QCgnDZp jHygooEBm7EXFndD7VSng8g= =eJ7Q -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jul 22 01:29:24 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 21 Jul 2005 21:29:24 -0400 Subject: [RHSA-2005:639-01] Critical: kdenetwork security update Message-ID: <200507220129.j6M1TORE015104@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: kdenetwork security update Advisory ID: RHSA-2005:639-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-639.html Issue date: 2005-07-21 Updated on: 2005-07-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1852 - --------------------------------------------------------------------- 1. Summary: Updated kdenetwork packages to correct a security flaw in Kopete are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdenetwork package contains networking applications for the K Desktop Environment. Kopete is a KDE instant messenger which supports a number of protocols including ICQ, MSN, Yahoo, Jabber, and Gadu-Gadu. Multiple integer overflow flaws were found in the way Kopete processes Gadu-Gadu messages. A remote attacker could send a specially crafted Gadu-Gadu message which would cause Kopete to crash or possibly execute arbitrary code. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1852 to this issue. In order to be affected by this issue, a user would need to have registered with Gadu-Gadu and be signed in to the Gadu-Gadu server in order to receive a malicious message. In addition, Red Hat believes that the Exec-shield technology (enabled by default in Red Hat Enterprise Linux 4) would block attempts to remotely exploit this vulnerability. Note that this issue does not affect Red Hat Enterprise Linux 2.1 or 3. Users of Kopete should update to these packages which contain a patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163811 - CAN-2005-1852 Kopete gadu-gadu flaws 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm ppc: e700306fc8af2647c6c1e9ab27160b11 kdenetwork-3.3.1-2.3.ppc.rpm 72b1d01d47a9f7c0aef8d42c0d56be81 kdenetwork-devel-3.3.1-2.3.ppc.rpm d48485fba0d6275ff7b27332c217cde5 kdenetwork-nowlistening-3.3.1-2.3.ppc.rpm s390: ebe481a9cbe64d6dca04412fa931f85b kdenetwork-3.3.1-2.3.s390.rpm 0f6f5d291cdd5f2f67e1c2cf1b7cfe29 kdenetwork-devel-3.3.1-2.3.s390.rpm 121c5802302ff1e97f0d42fb3b8a83cd kdenetwork-nowlistening-3.3.1-2.3.s390.rpm s390x: 8a4dabb465fe0b7e30049f02e212c011 kdenetwork-3.3.1-2.3.s390x.rpm 1c1373d084dbd2c9a8b5d5cc7982d27d kdenetwork-devel-3.3.1-2.3.s390x.rpm 9c628f1b5ba78f188eb336ad4a3ac223 kdenetwork-nowlistening-3.3.1-2.3.s390x.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdenetwork-3.3.1-2.3.src.rpm 4d73843cbbcbf0f0ee1a3a9f7a3f7932 kdenetwork-3.3.1-2.3.src.rpm i386: bb90b0ceb81c85b9e329b49d30bff1f6 kdenetwork-3.3.1-2.3.i386.rpm 49ab06ee9b0cb4cb2e851a89688422b5 kdenetwork-devel-3.3.1-2.3.i386.rpm fa35b167ffe98d2cf50edb95b03bc03a kdenetwork-nowlistening-3.3.1-2.3.i386.rpm ia64: 3a1ecfa51031cb82d59c95a94be3bca0 kdenetwork-3.3.1-2.3.ia64.rpm fbda969a428e54cbd6b1b06b86498693 kdenetwork-devel-3.3.1-2.3.ia64.rpm bc8975dacb662a74fe6f675a7bd9b107 kdenetwork-nowlistening-3.3.1-2.3.ia64.rpm x86_64: 332a9169f1c435736553380dc5ce56ec kdenetwork-3.3.1-2.3.x86_64.rpm ed34f101f51abdbbc1c2d83d21cc6e87 kdenetwork-devel-3.3.1-2.3.x86_64.rpm 3fa57e6865b5b948ad35895054d15a58 kdenetwork-nowlistening-3.3.1-2.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kde.org/info/security/advisory-20050721-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1852 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC4EvgXlSAg2UNWIIRAlruAJ9OqVeQERYmkVQOvDjTl9rPBNcYVACgpJy9 wYFITcEYeU0wJDYATgPmfLA= =vbwB -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jul 22 10:57:32 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 22 Jul 2005 06:57:32 -0400 Subject: [RHSA-2005:587-01] Important: mozilla security update Message-ID: <200507221057.j6MAvXWM011888@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mozilla security update Advisory ID: RHSA-2005:587-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-587.html Issue date: 2005-07-22 Updated on: 2005-07-22 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1937 CAN-2005-2260 CAN-2005-2261 CAN-2005-2263 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270 - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix various security issues are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. A bug was found in the way Mozilla handled synthetic events. It is possible that Web content could generate events such as keystrokes or mouse clicks that could be used to steal data or execute malicious Javascript code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2260 to this issue. A bug was found in the way Mozilla executed Javascript in XBL controls. It is possible for a malicious webpage to leverage this vulnerability to execute other JavaScript based attacks even when JavaScript is disabled. (CAN-2005-2261) A bug was found in the way Mozilla installed its extensions. If a user can be tricked into visiting a malicious webpage, it may be possible to obtain sensitive information such as cookies or passwords. (CAN-2005-2263) A bug was found in the way Mozilla handled certain Javascript functions. It is possible for a malicious webpage to crash the browser by executing malformed Javascript code. (CAN-2005-2265) A bug was found in the way Mozilla handled multiple frame domains. It is possible for a frame as part of a malicious website to inject content into a frame that belongs to another domain. This issue was previously fixed as CAN-2004-0718 but was accidentally disabled. (CAN-2005-1937) A bug was found in the way Mozilla handled child frames. It is possible for a malicious framed page to steal sensitive information from its parent page. (CAN-2005-2266) A bug was found in the way Mozilla opened URLs from media players. If a media player opens a URL which is Javascript, the Javascript executes with access to the currently open webpage. (CAN-2005-2267) A design flaw was found in the way Mozilla displayed alerts and prompts. Alerts and prompts were given the generic title [JavaScript Application] which prevented a user from knowing which site created them. (CAN-2005-2268) A bug was found in the way Mozilla handled DOM node names. It is possible for a malicious site to overwrite a DOM node name, allowing certain privileged chrome actions to execute the malicious Javascript. (CAN-2005-2269) A bug was found in the way Mozilla cloned base objects. It is possible for Web content to traverse the prototype chain to gain access to privileged chrome objects. (CAN-2005-2270) Users of Mozilla are advised to upgrade to these updated packages, which contain Mozilla version 1.7.10 and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163065 - CAN-2005-1937 multiple mozilla issues (CAN-2005-2260 CAN-2005-2261 CAN-2005-2263 CAN-2005-2265 CAN-2005-2266 CAN-2005-2267 CAN-2005-2268 CAN-2005-2269 CAN-2005-2270) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm 0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm i386: 503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm 54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm 70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm 8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm 34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm 8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm 31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm 685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm 38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm 9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm ia64: fe007c5aeab15bb51fc6ef0d1ec27492 galeon-1.2.14-1.2.6.ia64.rpm a14c8458ee5f5efebaf02cda1ebc0be4 mozilla-1.7.10-1.1.2.1.ia64.rpm f04c19712e922b20629accebc242e975 mozilla-chat-1.7.10-1.1.2.1.ia64.rpm 2081d6ba23f7b20cf15f066097a45d21 mozilla-devel-1.7.10-1.1.2.1.ia64.rpm 7d8685c2fdec1a927839fbf50584c181 mozilla-dom-inspector-1.7.10-1.1.2.1.ia64.rpm cd0a7d0907ef12686baa40c028cb654a mozilla-js-debugger-1.7.10-1.1.2.1.ia64.rpm a8422ba50dedf0429c5899c811904dfa mozilla-mail-1.7.10-1.1.2.1.ia64.rpm 561dd683ad2d2167c5c336aed35ae1ac mozilla-nspr-1.7.10-1.1.2.1.ia64.rpm ae7f3c458ae829fd1a38791f764b1b1d mozilla-nspr-devel-1.7.10-1.1.2.1.ia64.rpm 33f495c91192fe5bf5bcb03ca8a7ddae mozilla-nss-1.7.10-1.1.2.1.ia64.rpm c189f674770639f564610c4017843b40 mozilla-nss-devel-1.7.10-1.1.2.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm 0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm ia64: fe007c5aeab15bb51fc6ef0d1ec27492 galeon-1.2.14-1.2.6.ia64.rpm a14c8458ee5f5efebaf02cda1ebc0be4 mozilla-1.7.10-1.1.2.1.ia64.rpm f04c19712e922b20629accebc242e975 mozilla-chat-1.7.10-1.1.2.1.ia64.rpm 2081d6ba23f7b20cf15f066097a45d21 mozilla-devel-1.7.10-1.1.2.1.ia64.rpm 7d8685c2fdec1a927839fbf50584c181 mozilla-dom-inspector-1.7.10-1.1.2.1.ia64.rpm cd0a7d0907ef12686baa40c028cb654a mozilla-js-debugger-1.7.10-1.1.2.1.ia64.rpm a8422ba50dedf0429c5899c811904dfa mozilla-mail-1.7.10-1.1.2.1.ia64.rpm 561dd683ad2d2167c5c336aed35ae1ac mozilla-nspr-1.7.10-1.1.2.1.ia64.rpm ae7f3c458ae829fd1a38791f764b1b1d mozilla-nspr-devel-1.7.10-1.1.2.1.ia64.rpm 33f495c91192fe5bf5bcb03ca8a7ddae mozilla-nss-1.7.10-1.1.2.1.ia64.rpm c189f674770639f564610c4017843b40 mozilla-nss-devel-1.7.10-1.1.2.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm 0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm i386: 503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm 54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm 70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm 8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm 34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm 8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm 31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm 685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm 38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm 9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.14-1.2.6.src.rpm 0efc549b05541584bbe0580b309e626e galeon-1.2.14-1.2.6.src.rpm ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.7.10-1.1.2.1.src.rpm b4f31dd3bab37f37a735988f9d9cb79c mozilla-1.7.10-1.1.2.1.src.rpm i386: 503bd641193b7b938a790ac6811722b4 galeon-1.2.14-1.2.6.i386.rpm 54c16dcb9cb4b25fe9635703b8b3b64e mozilla-1.7.10-1.1.2.1.i386.rpm 70b9fd52c1ac5a16960494d7ef970181 mozilla-chat-1.7.10-1.1.2.1.i386.rpm b8eb806bc1522f1fff47a19aedfb3185 mozilla-devel-1.7.10-1.1.2.1.i386.rpm 8b04844a9d203acdc094be6a6c79f60d mozilla-dom-inspector-1.7.10-1.1.2.1.i386.rpm 34ed2601c805dbbd7bce9c97a3243d50 mozilla-js-debugger-1.7.10-1.1.2.1.i386.rpm 8bb1cdafe228b9020d826ca19137b6e7 mozilla-mail-1.7.10-1.1.2.1.i386.rpm 31f8f5626982030594836bf64cc911be mozilla-nspr-1.7.10-1.1.2.1.i386.rpm 685d42ce2ab996af55547edb250b3bee mozilla-nspr-devel-1.7.10-1.1.2.1.i386.rpm 38f17f69c9e96ed7711911fd389dd6b0 mozilla-nss-1.7.10-1.1.2.1.i386.rpm 9f94a78d1309e727e6bf00c2419a5947 mozilla-nss-devel-1.7.10-1.1.2.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm 5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm i386: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm 73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm 96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm ia64: 5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm 0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm 2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm 5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm 476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm ppc: a273881236ced7b3ed1421d858b942e3 mozilla-1.7.10-1.1.3.1.ppc.rpm 13dbbf154b0f92f26fe85774f87a5d04 mozilla-chat-1.7.10-1.1.3.1.ppc.rpm e05025d348d7a41fb5d78d37e73e0ce9 mozilla-devel-1.7.10-1.1.3.1.ppc.rpm c2f80509c8efeee780ed5f013b8750f3 mozilla-dom-inspector-1.7.10-1.1.3.1.ppc.rpm 3734bc8eef9c8b9e06ae069e2d3d98ac mozilla-js-debugger-1.7.10-1.1.3.1.ppc.rpm d4d61cc3ab8b2577583d43f4d7c385c9 mozilla-mail-1.7.10-1.1.3.1.ppc.rpm 321254e75a1edb8ebefff3ec590b3f9a mozilla-nspr-1.7.10-1.1.3.1.ppc.rpm 2d4d76575d2972c54d33c4fd416d1615 mozilla-nspr-devel-1.7.10-1.1.3.1.ppc.rpm bd668c7a1c61efbc506c1968f6c0e609 mozilla-nss-1.7.10-1.1.3.1.ppc.rpm a6f36089b07858613cdd0f447e5d0a59 mozilla-nss-devel-1.7.10-1.1.3.1.ppc.rpm s390: d8f262dcb986d8f0f40a54d0fb288b05 mozilla-1.7.10-1.1.3.1.s390.rpm 7b0fb38d5411bcab949c25cedb9b6bfb mozilla-chat-1.7.10-1.1.3.1.s390.rpm c3f41cc1cc498ba489b7210a8486f19b mozilla-devel-1.7.10-1.1.3.1.s390.rpm cd1c01a2100ab991b415eba0a513883d mozilla-dom-inspector-1.7.10-1.1.3.1.s390.rpm 072cfe26cac9c47db3774f4f05b1254c mozilla-js-debugger-1.7.10-1.1.3.1.s390.rpm 1e998338017e650d59c3580fe66a977d mozilla-mail-1.7.10-1.1.3.1.s390.rpm 11182130e5eef2a02caa72e590363e94 mozilla-nspr-1.7.10-1.1.3.1.s390.rpm c7cdafddf50765268a7760a9dfff8852 mozilla-nspr-devel-1.7.10-1.1.3.1.s390.rpm 645c5a31669b069d9b8482671fa8d7e4 mozilla-nss-1.7.10-1.1.3.1.s390.rpm 5ee7658c170115f7db183498b81661d1 mozilla-nss-devel-1.7.10-1.1.3.1.s390.rpm s390x: ebbb9ecaf288f22333c52ea17877f9f2 mozilla-1.7.10-1.1.3.1.s390x.rpm b0cd7e2734f24c158448cfe78f3a661d mozilla-chat-1.7.10-1.1.3.1.s390x.rpm f9cb2ec93ff7a313ed8696b83fe75fd1 mozilla-devel-1.7.10-1.1.3.1.s390x.rpm cf7e733bb650b41af0d2eac59fa4b6d2 mozilla-dom-inspector-1.7.10-1.1.3.1.s390x.rpm 866d7496f6f47a0ca947018aecff7af8 mozilla-js-debugger-1.7.10-1.1.3.1.s390x.rpm a4b6b093f937b40745c89521d79added mozilla-mail-1.7.10-1.1.3.1.s390x.rpm 11182130e5eef2a02caa72e590363e94 mozilla-nspr-1.7.10-1.1.3.1.s390.rpm 0ee073bacc4b220974c1d4efbcde0e7f mozilla-nspr-1.7.10-1.1.3.1.s390x.rpm a7594b57fa06fcff1ef2b7f6ea78a8e8 mozilla-nspr-devel-1.7.10-1.1.3.1.s390x.rpm 645c5a31669b069d9b8482671fa8d7e4 mozilla-nss-1.7.10-1.1.3.1.s390.rpm 575e93f265982b2f4e113a07104a9c96 mozilla-nss-1.7.10-1.1.3.1.s390x.rpm e453d176623d8312c1ad37488753b585 mozilla-nss-devel-1.7.10-1.1.3.1.s390x.rpm x86_64: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm 18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm 7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm 5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm 9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm 5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm i386: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm 73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm 96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm x86_64: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm 18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm 7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm 5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm 9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm 5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm i386: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm 73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm 96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm ia64: 5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm 0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm 2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm 5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm 476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm x86_64: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm 18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm 7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm 5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm 9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.7.10-1.1.3.1.src.rpm 5be9293ad20481e090089248ec72f569 mozilla-1.7.10-1.1.3.1.src.rpm i386: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm b90d9ca49fe4e4609197459edffad028 mozilla-chat-1.7.10-1.1.3.1.i386.rpm 73e860293288e78a14c2f4edade4dee5 mozilla-devel-1.7.10-1.1.3.1.i386.rpm cf36c0546533cf93cbb5e6cf15c9cc98 mozilla-dom-inspector-1.7.10-1.1.3.1.i386.rpm ca8de793d9d2cf6a33243272aca73837 mozilla-js-debugger-1.7.10-1.1.3.1.i386.rpm 96357ec23c95a06b19d698ac2fcb9c27 mozilla-mail-1.7.10-1.1.3.1.i386.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 0d63d6fb2815aac46f24e8f7e6957ef1 mozilla-nspr-devel-1.7.10-1.1.3.1.i386.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm e786121ce22876d72ed2840aea3dce7c mozilla-nss-devel-1.7.10-1.1.3.1.i386.rpm ia64: 5e3895eb658fac13a84b4ded56b99df2 mozilla-1.7.10-1.1.3.1.ia64.rpm 0fc33964f8f4436bfd758de7c1c68f84 mozilla-chat-1.7.10-1.1.3.1.ia64.rpm d4c7da8a62f7eb6f7b6008c8daf379c6 mozilla-devel-1.7.10-1.1.3.1.ia64.rpm 2dc9329cabbb39479977799c73c5b6ab mozilla-dom-inspector-1.7.10-1.1.3.1.ia64.rpm 5e7454db9574fa6d143435c6fd6d8d06 mozilla-js-debugger-1.7.10-1.1.3.1.ia64.rpm ae7cab7a1a246dba8e93a62447af31ca mozilla-mail-1.7.10-1.1.3.1.ia64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm b5d1310782a64bf3f93e111a82894824 mozilla-nspr-1.7.10-1.1.3.1.ia64.rpm a030311feee7fbbdca9c180c52d3b69b mozilla-nspr-devel-1.7.10-1.1.3.1.ia64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm be9bf6d876580e3be201ff8400507193 mozilla-nss-1.7.10-1.1.3.1.ia64.rpm 476787654ef26f572369b59dd07974db mozilla-nss-devel-1.7.10-1.1.3.1.ia64.rpm x86_64: a4d59681197dd05947d03254af144382 mozilla-1.7.10-1.1.3.1.i386.rpm 18eca4706e6cf5e7fe5b04d141d8b894 mozilla-1.7.10-1.1.3.1.x86_64.rpm 7d56eaef3efd6043f6a7d821c454fb69 mozilla-chat-1.7.10-1.1.3.1.x86_64.rpm d6aef40f00dbbca27add8718b1c0a1b2 mozilla-devel-1.7.10-1.1.3.1.x86_64.rpm 5b0bf6f2522b9005cd07ea2af26aae9c mozilla-dom-inspector-1.7.10-1.1.3.1.x86_64.rpm d9454e562991a5aa925d382187b87dae mozilla-js-debugger-1.7.10-1.1.3.1.x86_64.rpm bfbd3a65b3c42867ab8c7607f30c9240 mozilla-mail-1.7.10-1.1.3.1.x86_64.rpm ec24bf2b81535e2df88d9c5c59fa99c9 mozilla-nspr-1.7.10-1.1.3.1.i386.rpm 43d4d3c4b47d3ad0974e0ee575025f63 mozilla-nspr-1.7.10-1.1.3.1.x86_64.rpm d0c34a693fdd32c9a9910c12524b7681 mozilla-nspr-devel-1.7.10-1.1.3.1.x86_64.rpm 528d164350bfe977cb59282589e62eb9 mozilla-nss-1.7.10-1.1.3.1.i386.rpm 9ffd15ddd436c95484b7628d6850e7db mozilla-nss-1.7.10-1.1.3.1.x86_64.rpm a88940fc293380a0a79fa53a0fc67f36 mozilla-nss-devel-1.7.10-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm 6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm i386: 6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm 0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm 8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm 01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm 057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm ia64: 08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm 721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm 04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm 9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm 6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm ppc: 3490e4c201149cd5a40d07199e09259a devhelp-0.9.2-2.4.6.ppc.rpm 77de6ca9b2341a1acc794cc3283e7892 devhelp-devel-0.9.2-2.4.6.ppc.rpm e91228aae16cbd4432f1c6785e1910dc mozilla-1.7.10-1.4.1.ppc.rpm 8cd6c1947cbcbf5854d7372d5227c078 mozilla-chat-1.7.10-1.4.1.ppc.rpm 8141f353358737214cd661e8292e6256 mozilla-devel-1.7.10-1.4.1.ppc.rpm 51a02b5b5e63acbefa1fd92434739e76 mozilla-dom-inspector-1.7.10-1.4.1.ppc.rpm 5ad9e91f4b140f5f86ee6aaa13efc2b1 mozilla-js-debugger-1.7.10-1.4.1.ppc.rpm dcfd4381d225cb01e65c2d2af6b85151 mozilla-mail-1.7.10-1.4.1.ppc.rpm 9a7b556b2307cfa2a660f8a4bdf39683 mozilla-nspr-1.7.10-1.4.1.ppc.rpm e64ba39a25cbe666f68b88721ed0f80e mozilla-nspr-devel-1.7.10-1.4.1.ppc.rpm 9a57a6b889377fbb96e6aedbeb57cdef mozilla-nss-1.7.10-1.4.1.ppc.rpm 175d0d7b8a94a99a7c5df4f7e40dcd99 mozilla-nss-devel-1.7.10-1.4.1.ppc.rpm s390: 5779cc03221cd93907bc53169d46f918 mozilla-1.7.10-1.4.1.s390.rpm 856e8bd10955d8749acffdbbd21a1b55 mozilla-chat-1.7.10-1.4.1.s390.rpm 02c2e88459afa2234c1dc34084ae272a mozilla-devel-1.7.10-1.4.1.s390.rpm 2cfa053e12aa3f3f64aee92a76402cbe mozilla-dom-inspector-1.7.10-1.4.1.s390.rpm c7f83860518a9403c52b84fff95c295b mozilla-js-debugger-1.7.10-1.4.1.s390.rpm caad7e8a27a26d2552f28959788a5553 mozilla-mail-1.7.10-1.4.1.s390.rpm b678ab0dc75d79511b2c645b02543b9b mozilla-nspr-1.7.10-1.4.1.s390.rpm fbc3c9bd3b91ed508f3ebd6cb5249990 mozilla-nspr-devel-1.7.10-1.4.1.s390.rpm 2e0101b6fe0e14984bb77e2d8de38ebf mozilla-nss-1.7.10-1.4.1.s390.rpm 8940aaee0a1cd6eaa6d30744673f3766 mozilla-nss-devel-1.7.10-1.4.1.s390.rpm s390x: faf9cf08a2fe9aecc5f0d87d903c41ce mozilla-1.7.10-1.4.1.s390x.rpm 8e6cf06518a6b5bbda90d3e977631b8d mozilla-chat-1.7.10-1.4.1.s390x.rpm 7e219d326f8a0806bd19b6eea112d41a mozilla-devel-1.7.10-1.4.1.s390x.rpm a3d898bc0f391e0b44c7714c4fc95792 mozilla-dom-inspector-1.7.10-1.4.1.s390x.rpm e79e1e56be0b37f042e0aabb765f7466 mozilla-js-debugger-1.7.10-1.4.1.s390x.rpm 4c3adcdda04fce563572832b0ca32189 mozilla-mail-1.7.10-1.4.1.s390x.rpm b678ab0dc75d79511b2c645b02543b9b mozilla-nspr-1.7.10-1.4.1.s390.rpm 9c57538aea43d4436adb872df1679d5c mozilla-nspr-1.7.10-1.4.1.s390x.rpm 93def21691eb82d9f1b14a8a3611cad8 mozilla-nspr-devel-1.7.10-1.4.1.s390x.rpm 2e0101b6fe0e14984bb77e2d8de38ebf mozilla-nss-1.7.10-1.4.1.s390.rpm f8481e9160b83ef6c6a6dd170504a8f5 mozilla-nss-1.7.10-1.4.1.s390x.rpm 57656885eba76655c12e0087111f4dba mozilla-nss-devel-1.7.10-1.4.1.s390x.rpm x86_64: c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm 7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm 1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm 99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm 3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm 6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm i386: 6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm 0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm 8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm 01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm 057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm x86_64: c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm 7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm 1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm 99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm 3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm 6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm i386: 6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm 0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm 8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm 01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm 057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm ia64: 08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm 721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm 04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm 9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm 6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm x86_64: c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm 7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm 1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm 99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm 3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/devhelp-0.9.2-2.4.6.src.rpm e744570e643ca7d711edc06fc5c0cb11 devhelp-0.9.2-2.4.6.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.10-1.4.1.src.rpm 6f0d2dcce1978e2bfe8383032e28e0c4 mozilla-1.7.10-1.4.1.src.rpm i386: 6415ce5bc7747718f53d932ced954a6f devhelp-0.9.2-2.4.6.i386.rpm d0d75f33bc9222bd854ff380de2f0ad2 devhelp-devel-0.9.2-2.4.6.i386.rpm 0c277762fddace5c02810fb386b8210a mozilla-1.7.10-1.4.1.i386.rpm 8175340ca355bc93ecb5b0fa2d537f28 mozilla-chat-1.7.10-1.4.1.i386.rpm e935040b93af50d96d211716117318d6 mozilla-devel-1.7.10-1.4.1.i386.rpm ee9649189d5c0433941fe3fda7ef2695 mozilla-dom-inspector-1.7.10-1.4.1.i386.rpm 01ef2f199e8eebae02ebefa64ccf6019 mozilla-js-debugger-1.7.10-1.4.1.i386.rpm 057789761797488246007f576febba49 mozilla-mail-1.7.10-1.4.1.i386.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm d2c07e11c1e451ba399aaa4d3a4f04d1 mozilla-nspr-devel-1.7.10-1.4.1.i386.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 37f8373b0b95fedeb6ad50adcf8368c5 mozilla-nss-devel-1.7.10-1.4.1.i386.rpm ia64: 08df7c973605b47cd3f4ceb328432e53 mozilla-1.7.10-1.4.1.ia64.rpm 721fbcb141c34f9ad2f9749a4191b1ae mozilla-chat-1.7.10-1.4.1.ia64.rpm 04a79997bd50159edad681d803d36b81 mozilla-devel-1.7.10-1.4.1.ia64.rpm a532b504a846ccf5445fec809da9dd27 mozilla-dom-inspector-1.7.10-1.4.1.ia64.rpm 9aa1f4b2f221390d368c3841870462a6 mozilla-js-debugger-1.7.10-1.4.1.ia64.rpm 6ad344d2c345e0e9043a461258a4d2e1 mozilla-mail-1.7.10-1.4.1.ia64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 3029412a99acc58c97974e0762c1ca56 mozilla-nspr-1.7.10-1.4.1.ia64.rpm afcc6928178beb17757184ba7bca3c9d mozilla-nspr-devel-1.7.10-1.4.1.ia64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm fb3d8124f85521d1232424132b292765 mozilla-nss-1.7.10-1.4.1.ia64.rpm e48ff1104d889f3cf76e1ce5d02d12ae mozilla-nss-devel-1.7.10-1.4.1.ia64.rpm x86_64: c3a41ff5f79bb2e4bb95587492cac3eb devhelp-0.9.2-2.4.6.x86_64.rpm 7b7fe7d9c09046b4a1d6ed7f2f4deb7e devhelp-devel-0.9.2-2.4.6.x86_64.rpm ed831e150aa80275e2eccf017610223d mozilla-1.7.10-1.4.1.x86_64.rpm f87cc0db45edd6f05ca745031755d7c1 mozilla-chat-1.7.10-1.4.1.x86_64.rpm 1fa48e8af50a194e2f3334cfcb3179b5 mozilla-devel-1.7.10-1.4.1.x86_64.rpm b74873dddb70ee940d42197d3c8b87d8 mozilla-dom-inspector-1.7.10-1.4.1.x86_64.rpm 99ee3b8c9a54174c19be51700697bce2 mozilla-js-debugger-1.7.10-1.4.1.x86_64.rpm c11fa7562236caf2a5cce5eac603227a mozilla-mail-1.7.10-1.4.1.x86_64.rpm b2d7c5638c440221a3fa0fd8b42d189d mozilla-nspr-1.7.10-1.4.1.i386.rpm 36886d6b5f2326ef84ab8eafc2ee3d11 mozilla-nspr-1.7.10-1.4.1.x86_64.rpm 3c876bb470c007e81ce94879584cc179 mozilla-nspr-devel-1.7.10-1.4.1.x86_64.rpm 660a5f41fb56206fb2ee619ae8048302 mozilla-nss-1.7.10-1.4.1.i386.rpm 0a23d4014a0d23121ef378c303db5fec mozilla-nss-1.7.10-1.4.1.x86_64.rpm d7186dbf2143a07439b8bd421a71a543 mozilla-nss-devel-1.7.10-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2260 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2263 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2265 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2266 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2267 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2269 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2270 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC4NELXlSAg2UNWIIRAtYWAKCN3IvqM+dURCGzNSQINm3d3Ap71wCeJQLA EPnCPhBTu1CXMywFOBJitxE= =RUJz -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 25 07:54:46 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 25 Jul 2005 03:54:46 -0400 Subject: [RHSA-2005:582-01] Moderate: httpd security update Message-ID: <200507250754.j6P7skES021298@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2005:582-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-582.html Issue date: 2005-07-25 Updated on: 2005-07-25 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1268 CAN-2005-2088 - --------------------------------------------------------------------- 1. Summary: Updated Apache httpd packages to correct two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Apache HTTP Server is a powerful, full-featured, efficient, and freely-available Web server. Watchfire reported a flaw that occured when using the Apache server as an HTTP proxy. A remote attacker could send an HTTP request with both a "Transfer-Encoding: chunked" header and a "Content-Length" header. This caused Apache to incorrectly handle and forward the body of the request in a way that the receiving server processes it as a separate HTTP request. This could allow the bypass of Web application firewall protection or lead to cross-site scripting (XSS) attacks. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2005-2088 to this issue. Marc Stern reported an off-by-one overflow in the mod_ssl CRL verification callback. In order to exploit this issue the Apache server would need to be configured to use a malicious certificate revocation list (CRL). The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CAN-2005-1268 to this issue. Users of Apache httpd should update to these errata packages that contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 161893 - Bug 145666 is missing a ',' after REDIRECT_REMOTE_USER 162244 - CAN-2005-2088 httpd proxy request smuggling 163013 - CAN-2005-1268 mod_ssl off-by-one 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm 2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm i386: 5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm 16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm ia64: fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm ppc: d74b60a2081276c375074735c200bf71 httpd-2.0.46-46.2.ent.ppc.rpm debba18353c314f1156b379fff3e0ba3 httpd-devel-2.0.46-46.2.ent.ppc.rpm d4055c6b92c696c90259753c195dd2f5 mod_ssl-2.0.46-46.2.ent.ppc.rpm s390: 9c0c7fd62f33cb30e479d920b296ae52 httpd-2.0.46-46.2.ent.s390.rpm 772353077869e3daa4cd9a223626b87e httpd-devel-2.0.46-46.2.ent.s390.rpm 4ad4d92181a4d3dec2a7a7f2a6c802fd mod_ssl-2.0.46-46.2.ent.s390.rpm s390x: 7acb2591480191fc2388050a1fcbbd6f httpd-2.0.46-46.2.ent.s390x.rpm 759af088061f6de619f45d2a4186f391 httpd-devel-2.0.46-46.2.ent.s390x.rpm 0df3c03a9ddec5969f5e44a344f25797 mod_ssl-2.0.46-46.2.ent.s390x.rpm x86_64: ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm 36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm 3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm 2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm i386: 5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm 16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm x86_64: ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm 36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm 3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm 2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm i386: 5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm 16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm ia64: fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm x86_64: ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm 36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm 3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-46.2.ent.src.rpm 2485d59f9189bb5a5e9463867cb00937 httpd-2.0.46-46.2.ent.src.rpm i386: 5915db1d48c7e002164887a49156f038 httpd-2.0.46-46.2.ent.i386.rpm dcd3540ca04584c48b126d19b4d02f00 httpd-devel-2.0.46-46.2.ent.i386.rpm 16497b8e37ecefc801109a3aafe9e2cd mod_ssl-2.0.46-46.2.ent.i386.rpm ia64: fe914bbf691939bfb2f87a002ec2e7a8 httpd-2.0.46-46.2.ent.ia64.rpm e3f48f063d1eec644797347299ebd317 httpd-devel-2.0.46-46.2.ent.ia64.rpm b8fc362a02f2d1a74ebd1e8573288831 mod_ssl-2.0.46-46.2.ent.ia64.rpm x86_64: ceff2faef7e7761e0c3af1afddd90089 httpd-2.0.46-46.2.ent.x86_64.rpm 36d38f054073c6ba6fe191661e5a3262 httpd-devel-2.0.46-46.2.ent.x86_64.rpm 3364d1be17046cf4b34e2d07eb480c0c mod_ssl-2.0.46-46.2.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm 4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm i386: f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm 5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm 5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm 5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm 8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm ia64: d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm 97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm 718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm 10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm ppc: 1a5a5c16643d4dde9cbb7b91da6ee148 httpd-2.0.52-12.1.ent.ppc.rpm d7394c176ccf80e7e5b5349d7ea56849 httpd-devel-2.0.52-12.1.ent.ppc.rpm 021f850d3602a95333c4bd09a5157f3a httpd-manual-2.0.52-12.1.ent.ppc.rpm 86bc7a492b98346c43e9896c2ba69e42 httpd-suexec-2.0.52-12.1.ent.ppc.rpm 9d8b653242aa26be29c935821d69a3d7 mod_ssl-2.0.52-12.1.ent.ppc.rpm s390: 49b18d9f25642358fc51b9ee899ce821 httpd-2.0.52-12.1.ent.s390.rpm 134b801a276e12c3c18cf8c3224de76b httpd-devel-2.0.52-12.1.ent.s390.rpm b83871e54a55b528bfd721d09a3750c7 httpd-manual-2.0.52-12.1.ent.s390.rpm 787d97aa79b2e56baa3f0e32a4381ede httpd-suexec-2.0.52-12.1.ent.s390.rpm 387c3be4fbe49a71c1b25692d195bb25 mod_ssl-2.0.52-12.1.ent.s390.rpm s390x: b332322b6ab797bba039212403240cb9 httpd-2.0.52-12.1.ent.s390x.rpm 67b79e022ea14b19e5c6a50862db2b36 httpd-devel-2.0.52-12.1.ent.s390x.rpm b09d1feaa0370a17d629ab0e2499ff33 httpd-manual-2.0.52-12.1.ent.s390x.rpm dad3f84731db6346251bcae31528b8fa httpd-suexec-2.0.52-12.1.ent.s390x.rpm a0c61974562e85e3b89957d478be6c42 mod_ssl-2.0.52-12.1.ent.s390x.rpm x86_64: 8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm 84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm 7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm 4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm i386: f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm 5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm 5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm 5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm 8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm x86_64: 8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm 84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm 7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm 4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm i386: f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm 5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm 5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm 5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm 8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm ia64: d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm 97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm 718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm 10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm x86_64: 8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm 84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm 7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-12.1.ent.src.rpm 4bf86a415d443e3f9e82a8655f70491d httpd-2.0.52-12.1.ent.src.rpm i386: f0ff91d7729f04fcb6b772f87b01c179 httpd-2.0.52-12.1.ent.i386.rpm 5bfd6d2f6c3b1da7dd0e49ff845ec22c httpd-devel-2.0.52-12.1.ent.i386.rpm 5cd0e2f836bca3d18cd85d580b1df21d httpd-manual-2.0.52-12.1.ent.i386.rpm 5eeef4820af8a522e0cd8c38dd50705c httpd-suexec-2.0.52-12.1.ent.i386.rpm 8c88eec014875998f0d61ed71005d764 mod_ssl-2.0.52-12.1.ent.i386.rpm ia64: d461e0a6b0b00511f55f2407e466ce46 httpd-2.0.52-12.1.ent.ia64.rpm 97d80a559ec7287d2d5f5f2d2c6ad358 httpd-devel-2.0.52-12.1.ent.ia64.rpm 718fd0a64412ade9e587ecb2efec2f8d httpd-manual-2.0.52-12.1.ent.ia64.rpm ca9b95e1307733fb7405ee2637d258b3 httpd-suexec-2.0.52-12.1.ent.ia64.rpm 10d218820e3916ea405c487f00b2adef mod_ssl-2.0.52-12.1.ent.ia64.rpm x86_64: 8a92e250417a3dee66927f566c04becd httpd-2.0.52-12.1.ent.x86_64.rpm 84ad072a58b1410ece325c35b3b4b07f httpd-devel-2.0.52-12.1.ent.x86_64.rpm d3ca7c4932a1004b5f009b4ddc9d8895 httpd-manual-2.0.52-12.1.ent.x86_64.rpm bd5ac6d9149784138adbaf6172602998 httpd-suexec-2.0.52-12.1.ent.x86_64.rpm 7912fac9169ce5071198c3503566cbaf mod_ssl-2.0.52-12.1.ent.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf http://issues.apache.org/bugzilla/show_bug.cgi?id=35081 http://issues.apache.org/bugzilla/show_bug.cgi?id=34588 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1268 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2088 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC5JrDXlSAg2UNWIIRAnFCAKC51oPUM9bRwwvU7+E+pGrt75yiOQCfeL/i TYL5ModguxnNAWldSyIGvm0= =EmRB -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 25 07:54:58 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 25 Jul 2005 03:54:58 -0400 Subject: [RHSA-2005:640-01] Important: fetchmail security update Message-ID: <200507250754.j6P7swbY021307@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: fetchmail security update Advisory ID: RHSA-2005:640-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-640.html Issue date: 2005-07-25 Updated on: 2005-07-25 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-2335 - --------------------------------------------------------------------- 1. Summary: Updated fetchmail packages that fix a security flaw are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Fetchmail is a remote mail retrieval and forwarding utility. A buffer overflow was discovered in fetchmail's POP3 client. A malicious server could cause send a carefully crafted message UID and cause fetchmail to crash or potentially execute arbitrary code as the user running fetchmail. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-2335 to this issue. Users of fetchmail should update to this erratum package which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163816 - CAN-2005-2335 fetchmail overflow from malicious pop3 server 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm 31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm i386: 858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm 3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm ia64: 5119f1b228b5bf0bf68b7a4907f43c84 fetchmail-5.9.0-21.7.3.el2.1.1.ia64.rpm eead1136cdaae89c4af5be3e5af15ee5 fetchmailconf-5.9.0-21.7.3.el2.1.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm 31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm ia64: 5119f1b228b5bf0bf68b7a4907f43c84 fetchmail-5.9.0-21.7.3.el2.1.1.ia64.rpm eead1136cdaae89c4af5be3e5af15ee5 fetchmailconf-5.9.0-21.7.3.el2.1.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm 31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm i386: 858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm 3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm 31686858a916ff3a956692767b54d069 fetchmail-5.9.0-21.7.3.el2.1.1.src.rpm i386: 858ca98c8dd78b81d166ef9e986d50aa fetchmail-5.9.0-21.7.3.el2.1.1.i386.rpm 3b0de7ddec9b7baf8e483671cc134042 fetchmailconf-5.9.0-21.7.3.el2.1.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm i386: fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm ia64: cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm ppc: 5e47a6d1f8babd0005baa45378a8e40c fetchmail-6.2.0-3.el3.2.ppc.rpm s390: d4b0e5c8bed708c6b3b2d8b00ba9262c fetchmail-6.2.0-3.el3.2.s390.rpm s390x: 4a5f2fb842e10f1886d5b33afead33a9 fetchmail-6.2.0-3.el3.2.s390x.rpm x86_64: 7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm i386: fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm x86_64: 7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm i386: fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm ia64: cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm x86_64: 7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/fetchmail-6.2.0-3.el3.2.src.rpm f8cf96a663157fefaeb4fc6f1a8cf63d fetchmail-6.2.0-3.el3.2.src.rpm i386: fdfe7a3616a60b838b55c2fa9e818ccf fetchmail-6.2.0-3.el3.2.i386.rpm ia64: cd02da478c2e507e094b3581edf8768b fetchmail-6.2.0-3.el3.2.ia64.rpm x86_64: 7bee2b44f864c4ffebdce96fce226d44 fetchmail-6.2.0-3.el3.2.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm 74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm i386: 07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm ia64: 289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm ppc: 6face3dff0e660e2d5eceb82150b371a fetchmail-6.2.5-6.el4.2.ppc.rpm s390: c0227905c02d361963da67f1ed45db38 fetchmail-6.2.5-6.el4.2.s390.rpm s390x: 96d83be40ae7081aa1dd73ff54f389d8 fetchmail-6.2.5-6.el4.2.s390x.rpm x86_64: c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm 74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm i386: 07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm x86_64: c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm 74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm i386: 07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm ia64: 289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm x86_64: c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/fetchmail-6.2.5-6.el4.2.src.rpm 74a78227b3e3f5b8a0c392ea1325a2d3 fetchmail-6.2.5-6.el4.2.src.rpm i386: 07da83424466fe1f855de9c82beb230c fetchmail-6.2.5-6.el4.2.i386.rpm ia64: 289d48240464a4279b0774e79ebed25f fetchmail-6.2.5-6.el4.2.ia64.rpm x86_64: c92a8b8909a1ec1c27cb011d1aa0b924 fetchmail-6.2.5-6.el4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2335 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC5JrPXlSAg2UNWIIRApNfAJ49Y/eUstz4yT8V66zbRENv0CNypACeKEgE PHYNiQJGyDPT4GFta7C+vvA= =uMsb -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 27 15:43:20 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 27 Jul 2005 11:43:20 -0400 Subject: [RHSA-2005:603-01] Moderate: dhcpcd security update Message-ID: <200507271543.j6RFhK2W022731@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: dhcpcd security update Advisory ID: RHSA-2005:603-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-603.html Issue date: 2005-07-27 Updated on: 2005-07-27 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1848 - --------------------------------------------------------------------- 1. Summary: An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious user on the local network could send a specially crafted DHCP packet to the client causing it to crash. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1848 to this issue. Users of dhcpcd should update to this erratum package, which contains a patch that resolves this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 162009 - CAN-2005-1848 dhcpcd bad packet crash 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/dhcpcd-1.3.20pl0-2.src.rpm b2d5aa9d71b2332f0a90a4d91c66f505 dhcpcd-1.3.20pl0-2.src.rpm i386: e2accda34fcf2949a6b0d96b448f664a dhcpcd-1.3.20pl0-2.i386.rpm ia64: 4f766b091e10331658f38828df7dd985 dhcpcd-1.3.20pl0-2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/dhcpcd-1.3.20pl0-2.src.rpm b2d5aa9d71b2332f0a90a4d91c66f505 dhcpcd-1.3.20pl0-2.src.rpm ia64: 4f766b091e10331658f38828df7dd985 dhcpcd-1.3.20pl0-2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/dhcpcd-1.3.20pl0-2.src.rpm b2d5aa9d71b2332f0a90a4d91c66f505 dhcpcd-1.3.20pl0-2.src.rpm i386: e2accda34fcf2949a6b0d96b448f664a dhcpcd-1.3.20pl0-2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/dhcpcd-1.3.20pl0-2.src.rpm b2d5aa9d71b2332f0a90a4d91c66f505 dhcpcd-1.3.20pl0-2.src.rpm i386: e2accda34fcf2949a6b0d96b448f664a dhcpcd-1.3.20pl0-2.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1848 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC56sXXlSAg2UNWIIRAnQaAKCwKnbfHWEzjmg/UAKuwlyRWY/xrwCfXJBA 329l/FSa1gZZ6pz95IC2J+o= =pWgD -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 27 15:44:24 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 27 Jul 2005 11:44:24 -0400 Subject: [RHSA-2005:612-01] Moderate: kdelibs security update Message-ID: <200507271544.j6RFiOmc023104@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kdelibs security update Advisory ID: RHSA-2005:612-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-612.html Issue date: 2005-07-27 Updated on: 2005-07-27 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1920 - --------------------------------------------------------------------- 1. Summary: Updated kdelibs packages are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: kdelibs contains libraries for the K Desktop Environment. A flaw was discovered affecting Kate, the KDE advanced text editor, and Kwrite. Depending on system settings, it may be possible for a local user to read the backup files created by Kate or Kwrite. The Common Vulnerabilities and Exposures project assigned the name CAN-2005-1920 to this issue. Please note this issue does not affect Red Hat Enterprise Linux 3 or 2.1. Users of Kate or Kwrite should update to these errata packages which contains a backported patch from the KDE security team correcting this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163130 - CAN-2005-1920 Kate backup file permissions leak 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-3.11.src.rpm 7ede6e2ce67ea07acfa48f5606221f86 kdelibs-3.3.1-3.11.src.rpm i386: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 6d78e7103dea7680d8e3f12df426ef02 kdelibs-devel-3.3.1-3.11.i386.rpm ia64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 0b8b9aca15d8208b84f86bb1bb69c2f0 kdelibs-3.3.1-3.11.ia64.rpm 978969c1cea859331a148ea684b4545d kdelibs-devel-3.3.1-3.11.ia64.rpm ppc: 5944e019680a511a7a70b9a62f4308ea kdelibs-3.3.1-3.11.ppc.rpm aa8c1691accf4259008ccae4ca1bc2ff kdelibs-3.3.1-3.11.ppc64.rpm 3b7221663806e81c258b51573386b77f kdelibs-devel-3.3.1-3.11.ppc.rpm s390: 0a0980c4be1e48695672baef885a17f8 kdelibs-3.3.1-3.11.s390.rpm d5e64cea7aa588eeef77860ef7017b64 kdelibs-devel-3.3.1-3.11.s390.rpm s390x: 0a0980c4be1e48695672baef885a17f8 kdelibs-3.3.1-3.11.s390.rpm fc55eedb0682632e4358b3c93a891ff7 kdelibs-3.3.1-3.11.s390x.rpm 5d095f1dd6703d6265da51d27167cdfa kdelibs-devel-3.3.1-3.11.s390x.rpm x86_64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm a7a1caf8c40aafd865f9b8c74b286fc9 kdelibs-3.3.1-3.11.x86_64.rpm 8ec6fe4ead529b3388468f089731de57 kdelibs-devel-3.3.1-3.11.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-3.11.src.rpm 7ede6e2ce67ea07acfa48f5606221f86 kdelibs-3.3.1-3.11.src.rpm i386: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 6d78e7103dea7680d8e3f12df426ef02 kdelibs-devel-3.3.1-3.11.i386.rpm x86_64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm a7a1caf8c40aafd865f9b8c74b286fc9 kdelibs-3.3.1-3.11.x86_64.rpm 8ec6fe4ead529b3388468f089731de57 kdelibs-devel-3.3.1-3.11.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-3.11.src.rpm 7ede6e2ce67ea07acfa48f5606221f86 kdelibs-3.3.1-3.11.src.rpm i386: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 6d78e7103dea7680d8e3f12df426ef02 kdelibs-devel-3.3.1-3.11.i386.rpm ia64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 0b8b9aca15d8208b84f86bb1bb69c2f0 kdelibs-3.3.1-3.11.ia64.rpm 978969c1cea859331a148ea684b4545d kdelibs-devel-3.3.1-3.11.ia64.rpm x86_64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm a7a1caf8c40aafd865f9b8c74b286fc9 kdelibs-3.3.1-3.11.x86_64.rpm 8ec6fe4ead529b3388468f089731de57 kdelibs-devel-3.3.1-3.11.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-3.11.src.rpm 7ede6e2ce67ea07acfa48f5606221f86 kdelibs-3.3.1-3.11.src.rpm i386: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 6d78e7103dea7680d8e3f12df426ef02 kdelibs-devel-3.3.1-3.11.i386.rpm ia64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm 0b8b9aca15d8208b84f86bb1bb69c2f0 kdelibs-3.3.1-3.11.ia64.rpm 978969c1cea859331a148ea684b4545d kdelibs-devel-3.3.1-3.11.ia64.rpm x86_64: c77e6bdb35366f70784e6aa9216bc8bc kdelibs-3.3.1-3.11.i386.rpm a7a1caf8c40aafd865f9b8c74b286fc9 kdelibs-3.3.1-3.11.x86_64.rpm 8ec6fe4ead529b3388468f089731de57 kdelibs-devel-3.3.1-3.11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kde.org/info/security/advisory-20050718-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1920 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFC56umXlSAg2UNWIIRAqoOAJ9sxoN4sCm8zyTKa9EAiDPzYEheMQCdGSkA hEHnGFI8VVLoEm2BwIVNkzk= =+E4W -----END PGP SIGNATURE-----