From bugzilla at redhat.com Tue Mar 1 19:04:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 Mar 2005 14:04 -0500 Subject: [RHSA-2005:176-01] Critical: firefox security update Message-ID: <200503011904.j21J44F10327@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2005:176-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-176.html Issue date: 2005-03-01 Updated on: 2005-03-01 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1156 CAN-2005-0231 CAN-2005-0232 CAN-2005-0233 CAN-2005-0255 CAN-2005-0527 CAN-2005-0578 CAN-2005-0584 CAN-2005-0585 CAN-2005-0586 CAN-2005-0588 CAN-2005-0589 CAN-2005-0590 CAN-2005-0591 CAN-2005-0592 CAN-2005-0593 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. A bug was found in the Firefox string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0255 to this issue. A bug was found in the way Firefox handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156) A bug was found in the way Firefox allows plug-ins to load privileged content into a frame. It is possible that a malicious webpage could trick a user into clicking in certain places to modify configuration settings or execute arbitrary code. (CAN-2005-0232 and CAN-2005-0527). A flaw was found in the way Firefox displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233) A bug was found in the way Firefox handles plug-in temporary files. A malicious local user could create a symlink to a victims directory, causing it to be deleted when the victim exits Firefox. (CAN-2005-0578) A bug has been found in one of Firefox's UTF-8 converters. It may be possible for an attacker to supply a specially crafted UTF-8 string to the buggy converter, leading to arbitrary code execution. (CAN-2005-0592) A bug was found in the Firefox javascript security manager. If a user drags a malicious link to a tab, the javascript security manager is bypassed which could result in remote code execution or information disclosure. (CAN-2005-0231) A bug was found in the way Firefox displays the HTTP authentication prompt. When a user is prompted for authentication, the dialog window is displayed over the active tab, regardless of the tab that caused the pop-up to appear and could trick a user into entering their username and password for a trusted site. (CAN-2005-0584) A bug was found in the way Firefox displays the save file dialog. It is possible for a malicious webserver to spoof the Content-Disposition header, tricking the user into thinking they are downloading a different filetype. (CAN-2005-0586) A bug was found in the way Firefox handles users "down-arrow" through auto completed choices. When an autocomplete choice is selected, the information is copied into the input control, possibly allowing a malicious web site to steal information by tricking a user into arrowing through autocompletion choices. (CAN-2005-0589) Several bugs were found in the way Firefox displays the secure site icon. It is possible that a malicious website could display the secure site icon along with incorrect certificate information. (CAN-2005-0593) A bug was found in the way Firefox displays the download dialog window. A malicious site can obfuscate the content displayed in the source field, tricking a user into thinking they are downloading content from a trusted source. (CAN-2005-0585) A bug was found in the way Firefox handles xsl:include and xsl:import directives. It is possible for a malicious website to import XSLT stylesheets from a domain behind a firewall, leaking information to an attacker. (CAN-2005-0588) A bug was found in the way Firefox displays the installation confirmation dialog. An attacker could add a long user:pass before the true hostname, tricking a user into thinking they were installing content from a trusted source. (CAN-2005-0590) A bug was found in the way Firefox displays download and security dialogs. An attacker could cover up part of a dialog window tricking the user into clicking "Allow" or "Open", which could potentially lead to arbitrary code execution. (CAN-2005-0591) Users of Firefox are advised to upgrade to this updated package which contains Firefox version 1.0.1 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 147727 - CAN-2005-0232 fireflashing vulnerability (CAN-2005-0527) 149876 - CAN-2005-0255 Memory overwrite in string library 147735 - CAN-2005-0231 firefox javascript tab security bypass 147402 - CAN-2005-0233 homograph spoofing 142506 - CAN-2004-1156 Frame injection vulnerability. 144216 - CAN-2005-0585 download dialog URL spoofing 149923 - CAN-2005-0578 Unsafe /tmp/plugtmp directory exploitable to erase user's files 149929 - CAN-2005-0584 HTTP auth prompt tab spoofing 149930 - CAN-2005-0586 Download dialog spoofing using Content-Disposition header 149931 - CAN-2005-0588 XSLT can include stylesheets from arbitrary hosts 149934 - CAN-2005-0589 Autocomplete data leak 149936 - CAN-2005-0590 Install source spoofing with user:pass at host 149937 - CAN-2005-0591 Spoofing download and security dialogs with overlapping windows 149938 - CAN-2005-0592 Heap overflow possible in UTF8 to Unicode conversion 149939 - CAN-2005-0593 SSL "secure site" indicator spoofing 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.0.1-1.4.3.src.rpm 8a6aedb095f62077e64124ddc577b9fb firefox-1.0.1-1.4.3.src.rpm i386: b892ffeb126d1ef24f2c9059650d1000 firefox-1.0.1-1.4.3.i386.rpm ia64: 303645b51596c4d7d0f0de81c3efdf4b firefox-1.0.1-1.4.3.ia64.rpm ppc: 7b3535d928649b7e2ae3c594fa4635bd firefox-1.0.1-1.4.3.ppc.rpm s390: 73ea97180b4ca648b996c3e33e4b8ed8 firefox-1.0.1-1.4.3.s390.rpm s390x: 5cacc37451e98bcc57134d5e4fb9542b firefox-1.0.1-1.4.3.s390x.rpm x86_64: 5d826defe063b94510651a6b68e6e719 firefox-1.0.1-1.4.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.0.1-1.4.3.src.rpm 8a6aedb095f62077e64124ddc577b9fb firefox-1.0.1-1.4.3.src.rpm i386: b892ffeb126d1ef24f2c9059650d1000 firefox-1.0.1-1.4.3.i386.rpm x86_64: 5d826defe063b94510651a6b68e6e719 firefox-1.0.1-1.4.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.0.1-1.4.3.src.rpm 8a6aedb095f62077e64124ddc577b9fb firefox-1.0.1-1.4.3.src.rpm i386: b892ffeb126d1ef24f2c9059650d1000 firefox-1.0.1-1.4.3.i386.rpm ia64: 303645b51596c4d7d0f0de81c3efdf4b firefox-1.0.1-1.4.3.ia64.rpm x86_64: 5d826defe063b94510651a6b68e6e719 firefox-1.0.1-1.4.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.0.1-1.4.3.src.rpm 8a6aedb095f62077e64124ddc577b9fb firefox-1.0.1-1.4.3.src.rpm i386: b892ffeb126d1ef24f2c9059650d1000 firefox-1.0.1-1.4.3.i386.rpm ia64: 303645b51596c4d7d0f0de81c3efdf4b firefox-1.0.1-1.4.3.ia64.rpm x86_64: 5d826defe063b94510651a6b68e6e719 firefox-1.0.1-1.4.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.mozilla.org/projects/security/known-vulnerabilities.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1156 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0231 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0527 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0578 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0584 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0585 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0586 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0588 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0589 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0591 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0593 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCJLyZXlSAg2UNWIIRAj+bAKDErHriZ1+v4OVoNWYECs1tSwqFCQCgrG1Y 6wk5QA0uUCLRdPJWeWAQPOo= =6TrL -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 3 16:04:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Mar 2005 11:04 -0500 Subject: [RHSA-2005:173-01] Moderate: squid security update Message-ID: <200503031604.j23G4NF06934@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: squid security update Advisory ID: RHSA-2005:173-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-173.html Issue date: 2005-03-03 Updated on: 2005-03-03 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0446 - --------------------------------------------------------------------- 1. Summary: Updated squid packages that fix a denial of service issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Squid is a full-featured Web proxy cache. A bug was found in the way Squid handles FQDN lookups. It was possible to crash the Squid server by sending a carefully crafted DNS response to an FQDN lookup. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0446 to this issue. Users of squid should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 148882 - CAN-2005-0446 Squid DoS from bad DNS response 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/squid-2.4.STABLE7-1.21as.5.src.rpm 63b4267b6fb3c1345cb9dee4a979eee1 squid-2.4.STABLE7-1.21as.5.src.rpm i386: 81505707ca33f4870a62382b88745bbc squid-2.4.STABLE7-1.21as.5.i386.rpm ia64: c3a025c8b1847017da5e05d039e3bcc0 squid-2.4.STABLE7-1.21as.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/squid-2.4.STABLE7-1.21as.5.src.rpm 63b4267b6fb3c1345cb9dee4a979eee1 squid-2.4.STABLE7-1.21as.5.src.rpm ia64: c3a025c8b1847017da5e05d039e3bcc0 squid-2.4.STABLE7-1.21as.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/squid-2.4.STABLE7-1.21as.5.src.rpm 63b4267b6fb3c1345cb9dee4a979eee1 squid-2.4.STABLE7-1.21as.5.src.rpm i386: 81505707ca33f4870a62382b88745bbc squid-2.4.STABLE7-1.21as.5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/squid-2.5.STABLE3-6.3E.8.src.rpm ee14ff8dd48ea6e08c97dd4c2167550a squid-2.5.STABLE3-6.3E.8.src.rpm i386: 25f9ca52f04b6571c9b29b2de47a82e4 squid-2.5.STABLE3-6.3E.8.i386.rpm ia64: 429a13ef1b3e9dce3fe157cd3b6d1651 squid-2.5.STABLE3-6.3E.8.ia64.rpm ppc: e3f3bab5baefba94302135e61499683f squid-2.5.STABLE3-6.3E.8.ppc.rpm s390: 0c97fc7f12ac29445de550ec866feb82 squid-2.5.STABLE3-6.3E.8.s390.rpm s390x: 9a2a1b5c70a510695ee560fe55358228 squid-2.5.STABLE3-6.3E.8.s390x.rpm x86_64: c2757abe79275c3b8ff61abb3a9c2406 squid-2.5.STABLE3-6.3E.8.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/squid-2.5.STABLE3-6.3E.8.src.rpm ee14ff8dd48ea6e08c97dd4c2167550a squid-2.5.STABLE3-6.3E.8.src.rpm i386: 25f9ca52f04b6571c9b29b2de47a82e4 squid-2.5.STABLE3-6.3E.8.i386.rpm x86_64: c2757abe79275c3b8ff61abb3a9c2406 squid-2.5.STABLE3-6.3E.8.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/squid-2.5.STABLE3-6.3E.8.src.rpm ee14ff8dd48ea6e08c97dd4c2167550a squid-2.5.STABLE3-6.3E.8.src.rpm i386: 25f9ca52f04b6571c9b29b2de47a82e4 squid-2.5.STABLE3-6.3E.8.i386.rpm ia64: 429a13ef1b3e9dce3fe157cd3b6d1651 squid-2.5.STABLE3-6.3E.8.ia64.rpm x86_64: c2757abe79275c3b8ff61abb3a9c2406 squid-2.5.STABLE3-6.3E.8.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/squid-2.5.STABLE3-6.3E.8.src.rpm ee14ff8dd48ea6e08c97dd4c2167550a squid-2.5.STABLE3-6.3E.8.src.rpm i386: 25f9ca52f04b6571c9b29b2de47a82e4 squid-2.5.STABLE3-6.3E.8.i386.rpm ia64: 429a13ef1b3e9dce3fe157cd3b6d1651 squid-2.5.STABLE3-6.3E.8.ia64.rpm x86_64: c2757abe79275c3b8ff61abb3a9c2406 squid-2.5.STABLE3-6.3E.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCJzWFXlSAg2UNWIIRAoauAJ9ngFrg/TIRjAvBEMDoy7ZHTuwXGACgve6v SkjooK2wZMIfqEzP0sCUxZA= =OD4G -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 3 16:04:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Mar 2005 11:04 -0500 Subject: [RHSA-2005:175-01] Low: kdenetwork security update Message-ID: <200503031604.j23G4hF06950@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: kdenetwork security update Advisory ID: RHSA-2005:175-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-175.html Issue date: 2005-03-03 Updated on: 2005-03-03 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0205 - --------------------------------------------------------------------- 1. Summary: Updated kdenetwork packages that fix a file descriptor leak are now available. This update has been rated as having low security impact by the Red Hat Security Response Team 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The kdenetwork packages contain a collection of networking applications for the K Desktop Environment. A bug was found in the way kppp handles privileged file descriptors. A malicious local user could make use of this flaw to modify the /etc/hosts or /etc/resolv.conf files, which could be used to spoof domain information. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0205 to this issue. Please note that the default installation of kppp on Red Hat Enterprise Linux uses consolehelper and is not vulnerable to this issue. However, the kppp FAQ provides instructions for removing consolehelper and running kppp suid root, which is a vulnerable configuration. Users of kdenetwork should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 148912 - CAN-2005-0205 kppp local domain name hijacking 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kdenetwork-2.2.2-3.1.src.rpm 6d45b649fdbf409ee1cac80df44cbaf3 kdenetwork-2.2.2-3.1.src.rpm i386: f77d0b1ec8454d5e9db1ac68075dd40a kdenetwork-2.2.2-3.1.i386.rpm e9ad587c10388c19b57de53297a56fc1 kdenetwork-ppp-2.2.2-3.1.i386.rpm ia64: ff112935f6c2c6993703ef942bdbce45 kdenetwork-2.2.2-3.1.ia64.rpm 6e6f090bf6e50e1357d05744eca2c04a kdenetwork-ppp-2.2.2-3.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kdenetwork-2.2.2-3.1.src.rpm 6d45b649fdbf409ee1cac80df44cbaf3 kdenetwork-2.2.2-3.1.src.rpm ia64: ff112935f6c2c6993703ef942bdbce45 kdenetwork-2.2.2-3.1.ia64.rpm 6e6f090bf6e50e1357d05744eca2c04a kdenetwork-ppp-2.2.2-3.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kdenetwork-2.2.2-3.1.src.rpm 6d45b649fdbf409ee1cac80df44cbaf3 kdenetwork-2.2.2-3.1.src.rpm i386: f77d0b1ec8454d5e9db1ac68075dd40a kdenetwork-2.2.2-3.1.i386.rpm e9ad587c10388c19b57de53297a56fc1 kdenetwork-ppp-2.2.2-3.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kdenetwork-2.2.2-3.1.src.rpm 6d45b649fdbf409ee1cac80df44cbaf3 kdenetwork-2.2.2-3.1.src.rpm i386: f77d0b1ec8454d5e9db1ac68075dd40a kdenetwork-2.2.2-3.1.i386.rpm e9ad587c10388c19b57de53297a56fc1 kdenetwork-ppp-2.2.2-3.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kdenetwork-3.1.3-1.8.src.rpm 0a726316b46482f984b35c9d1353c51a kdenetwork-3.1.3-1.8.src.rpm i386: 45731aeaf4549c038bb83fdca74fb4a3 kdenetwork-3.1.3-1.8.i386.rpm 53b0d4af942642630e09792d653c9db7 kdenetwork-devel-3.1.3-1.8.i386.rpm ia64: 7bc73bc084db2416a5a727106088e563 kdenetwork-3.1.3-1.8.ia64.rpm 4d1fc33723154ddac7b1621189bdb82f kdenetwork-devel-3.1.3-1.8.ia64.rpm ppc: 5a74bdef261122d6d5c2e32dbef559ec kdenetwork-3.1.3-1.8.ppc.rpm c78052b174f31955e99bc415e959398f kdenetwork-devel-3.1.3-1.8.ppc.rpm s390: 3ab0491c71719fa9da87cd341d6e8486 kdenetwork-3.1.3-1.8.s390.rpm d4110571eebc4978b073a3652726b763 kdenetwork-devel-3.1.3-1.8.s390.rpm s390x: 18cc2a9c00a999b43e652374e7037220 kdenetwork-3.1.3-1.8.s390x.rpm 9a67309561e157e455480193f40a0a59 kdenetwork-devel-3.1.3-1.8.s390x.rpm x86_64: e078407491bbef5814ee0a610859ecc5 kdenetwork-3.1.3-1.8.x86_64.rpm dfa39b122c1ae9352b01962d4f530254 kdenetwork-devel-3.1.3-1.8.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kdenetwork-3.1.3-1.8.src.rpm 0a726316b46482f984b35c9d1353c51a kdenetwork-3.1.3-1.8.src.rpm i386: 45731aeaf4549c038bb83fdca74fb4a3 kdenetwork-3.1.3-1.8.i386.rpm 53b0d4af942642630e09792d653c9db7 kdenetwork-devel-3.1.3-1.8.i386.rpm x86_64: e078407491bbef5814ee0a610859ecc5 kdenetwork-3.1.3-1.8.x86_64.rpm dfa39b122c1ae9352b01962d4f530254 kdenetwork-devel-3.1.3-1.8.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kdenetwork-3.1.3-1.8.src.rpm 0a726316b46482f984b35c9d1353c51a kdenetwork-3.1.3-1.8.src.rpm i386: 45731aeaf4549c038bb83fdca74fb4a3 kdenetwork-3.1.3-1.8.i386.rpm 53b0d4af942642630e09792d653c9db7 kdenetwork-devel-3.1.3-1.8.i386.rpm ia64: 7bc73bc084db2416a5a727106088e563 kdenetwork-3.1.3-1.8.ia64.rpm 4d1fc33723154ddac7b1621189bdb82f kdenetwork-devel-3.1.3-1.8.ia64.rpm x86_64: e078407491bbef5814ee0a610859ecc5 kdenetwork-3.1.3-1.8.x86_64.rpm dfa39b122c1ae9352b01962d4f530254 kdenetwork-devel-3.1.3-1.8.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kdenetwork-3.1.3-1.8.src.rpm 0a726316b46482f984b35c9d1353c51a kdenetwork-3.1.3-1.8.src.rpm i386: 45731aeaf4549c038bb83fdca74fb4a3 kdenetwork-3.1.3-1.8.i386.rpm 53b0d4af942642630e09792d653c9db7 kdenetwork-devel-3.1.3-1.8.i386.rpm ia64: 7bc73bc084db2416a5a727106088e563 kdenetwork-3.1.3-1.8.ia64.rpm 4d1fc33723154ddac7b1621189bdb82f kdenetwork-devel-3.1.3-1.8.ia64.rpm x86_64: e078407491bbef5814ee0a610859ecc5 kdenetwork-3.1.3-1.8.x86_64.rpm dfa39b122c1ae9352b01962d4f530254 kdenetwork-devel-3.1.3-1.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0205 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCJzWYXlSAg2UNWIIRAlzqAKCxQO7iNzE9Qeh7my0ARI8+TlktvACeM9qg BjMHm92TbXUiMcyqr5i+pmg= =fD7c -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 3 16:05:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Mar 2005 11:05 -0500 Subject: [RHSA-2005:265-01] Critical: RealPlayer security update Message-ID: <200503031605.j23G58F07042@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: RealPlayer security update Advisory ID: RHSA-2005:265-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-265.html Issue date: 2005-03-03 Updated on: 2005-03-03 Product: Red Hat Enterprise Linux LACD CVE Names: CAN-2005-0455 CAN-2005-0611 - --------------------------------------------------------------------- 1. Summary: An updated RealPlayer package that fixes two buffer overflow issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux LACD 4AS - i386 Red Hat Enterprise Linux LACD 4Desktop - i386 Red Hat Enterprise Linux LACD 4ES - i386 Red Hat Enterprise Linux LACD 4WS - i386 3. Problem description: RealPlayer is a media player. A stack based buffer overflow bug was found in RealPlayer's Synchronized Multimedia Integration Language (SMIL) file processor. An attacker could create a specially crafted SMIL file which would execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0455 to this issue. A buffer overflow bug was found in the way RealPlayer decodes WAV sound files. An attacker could create a specially crafted WAV file which could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0611 to this issue. All users of RealPlayer are advised to upgrade to this updated package, which contains RealPlayer version 10.0.3 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150078 - CAN-2005-0611 .wav overflow in Realplayer 150050 - CAN-2005-0455 buffer overflow in realplayer 6. RPMs required: Red Hat Enterprise Linux LACD 4AS: i386: 2b7bfc2b30b15dad7c5a78704a798841 RealPlayer-10.0.3-1.i386.rpm Red Hat Enterprise Linux LACD 4Desktop: i386: 2b7bfc2b30b15dad7c5a78704a798841 RealPlayer-10.0.3-1.i386.rpm Red Hat Enterprise Linux LACD 4ES: i386: 2b7bfc2b30b15dad7c5a78704a798841 RealPlayer-10.0.3-1.i386.rpm Red Hat Enterprise Linux LACD 4WS: i386: 2b7bfc2b30b15dad7c5a78704a798841 RealPlayer-10.0.3-1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://service.real.com/help/faq/security/050224_player/EN/ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0455 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0611 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCJzWyXlSAg2UNWIIRAmU3AJ96oV48ALb30wQJFjf6rVdx7kgurwCfcIYM 6/K2P+OZacp9gFPfp8ozVFQ= =YX9l -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 3 20:08:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 Mar 2005 15:08 -0500 Subject: [RHSA-2005:271-01] Critical: HelixPlayer security update Message-ID: <200503032008.j23K83F21457@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: HelixPlayer security update Advisory ID: RHSA-2005:271-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-271.html Issue date: 2005-03-03 Updated on: 2005-03-03 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0455 CAN-2005-0611 - --------------------------------------------------------------------- 1. Summary: An updated HelixPlayer package that fixes two buffer overflow issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Problem description: HelixPlayer is a media player. A stack based buffer overflow bug was found in HelixPlayer's Synchronized Multimedia Integration Language (SMIL) file processor. An attacker could create a specially crafted SMIL file which would execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0455 to this issue. A buffer overflow bug was found in the way HelixPlayer decodes WAV files. An attacker could create a specially crafted WAV file which could execute arbitrary code when opened by a user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0611 to this issue. All users of HelixPlayer are advised to upgrade to this updated package, which contains HelixPlayer 1.0.3 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150098 - CAN-2005-0455 buffer overflow in helixplayer 150103 - CAN-2005-0611 .wav overflow in helixplayer 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/HelixPlayer-1.0.3-1.src.rpm 18433065b08278bd8a92e2593420d296 HelixPlayer-1.0.3-1.src.rpm i386: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm ppc: 49d0c209a6ce719d38c963eef42f01ff HelixPlayer-1.0.3-1.ppc.rpm x86_64: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/HelixPlayer-1.0.3-1.src.rpm 18433065b08278bd8a92e2593420d296 HelixPlayer-1.0.3-1.src.rpm i386: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm x86_64: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/HelixPlayer-1.0.3-1.src.rpm 18433065b08278bd8a92e2593420d296 HelixPlayer-1.0.3-1.src.rpm i386: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm x86_64: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/HelixPlayer-1.0.3-1.src.rpm 18433065b08278bd8a92e2593420d296 HelixPlayer-1.0.3-1.src.rpm i386: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm x86_64: cab19eecbe5bb0e27eca237ee22c9ddd HelixPlayer-1.0.3-1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0455 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0611 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCJ26TXlSAg2UNWIIRAjE9AJ4jKZjQwv8kruZyZRsfHloJaRGTAACgo0uD pB3yCUZ7LfuGKwpK9kWLWg8= =ReLp -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Mar 4 09:23:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 4 Mar 2005 04:23 -0500 Subject: [RHSA-2005:213-01] Important: xpdf security update Message-ID: <200503040923.j249NgF00863@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: xpdf security update Advisory ID: RHSA-2005:213-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-213.html Issue date: 2005-03-04 Updated on: 2005-03-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0206 - --------------------------------------------------------------------- 1. Summary: An updated xpdf package that correctly fixes several integer overflows is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The xpdf package is an X Window System-based viewer for Portable Document Format (PDF) files. During a source code audit, Chris Evans and others discovered a number of integer overflow bugs that affected all versions of Xpdf. An attacker could construct a carefully crafted PDF file that could cause Xpdf to crash or possibly execute arbitrary code when opened. This issue was assigned the name CAN-2004-0888 by The Common Vulnerabilities and Exposures project (cve.mitre.org). RHSA-2004:592 contained a fix for this issue, but it was found to be incomplete and left 64-bit architectures vulnerable. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0206 to this issue. All users of xpdf should upgrade to this updated package, which contains backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 135393 - CAN-2004-0888 xpdf integer overflows (CAN-2005-0206) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/xpdf-0.92-15.src.rpm 4f85ed5e129e5b1737ef711b598c7c9d xpdf-0.92-15.src.rpm i386: 7a6880608bdc6d06b08e363ca1396c22 xpdf-0.92-15.i386.rpm ia64: a98435fe76e02c0a5c47e59ecd1ae6a1 xpdf-0.92-15.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/xpdf-0.92-15.src.rpm 4f85ed5e129e5b1737ef711b598c7c9d xpdf-0.92-15.src.rpm ia64: a98435fe76e02c0a5c47e59ecd1ae6a1 xpdf-0.92-15.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/xpdf-0.92-15.src.rpm 4f85ed5e129e5b1737ef711b598c7c9d xpdf-0.92-15.src.rpm i386: 7a6880608bdc6d06b08e363ca1396c22 xpdf-0.92-15.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/xpdf-0.92-15.src.rpm 4f85ed5e129e5b1737ef711b598c7c9d xpdf-0.92-15.src.rpm i386: 7a6880608bdc6d06b08e363ca1396c22 xpdf-0.92-15.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/xpdf-2.02-9.6.src.rpm 1976be6990391a42f52e231de297be87 xpdf-2.02-9.6.src.rpm i386: bb68c0b307e327afb205a79847ee86cf xpdf-2.02-9.6.i386.rpm ia64: 0ef5235258a6ea789cae9f0c89a5eecb xpdf-2.02-9.6.ia64.rpm ppc: 6c0cb36784fa5e110e4de5b17fa1ddb0 xpdf-2.02-9.6.ppc.rpm s390: 7edbe967e377130e117c28f7b54f47f2 xpdf-2.02-9.6.s390.rpm s390x: eefb8189ffb941f46128419578663ebf xpdf-2.02-9.6.s390x.rpm x86_64: c00c9587c4a87e1ac920be1e1de73b5a xpdf-2.02-9.6.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/xpdf-2.02-9.6.src.rpm 1976be6990391a42f52e231de297be87 xpdf-2.02-9.6.src.rpm i386: bb68c0b307e327afb205a79847ee86cf xpdf-2.02-9.6.i386.rpm x86_64: c00c9587c4a87e1ac920be1e1de73b5a xpdf-2.02-9.6.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/xpdf-2.02-9.6.src.rpm 1976be6990391a42f52e231de297be87 xpdf-2.02-9.6.src.rpm i386: bb68c0b307e327afb205a79847ee86cf xpdf-2.02-9.6.i386.rpm ia64: 0ef5235258a6ea789cae9f0c89a5eecb xpdf-2.02-9.6.ia64.rpm x86_64: c00c9587c4a87e1ac920be1e1de73b5a xpdf-2.02-9.6.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/xpdf-2.02-9.6.src.rpm 1976be6990391a42f52e231de297be87 xpdf-2.02-9.6.src.rpm i386: bb68c0b307e327afb205a79847ee86cf xpdf-2.02-9.6.i386.rpm ia64: 0ef5235258a6ea789cae9f0c89a5eecb xpdf-2.02-9.6.ia64.rpm x86_64: c00c9587c4a87e1ac920be1e1de73b5a xpdf-2.02-9.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0206 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCKCkbXlSAg2UNWIIRApm5AJwJyV/jFW8ykyIdRzAaOOlK3sW3iwCcD+1i Hu9HtD555pRQYx8Jgpao8zE= =Qtl2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Mar 4 09:23:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 4 Mar 2005 04:23 -0500 Subject: [RHSA-2005:217-01] Moderate: mc security update Message-ID: <200503040923.j249NqF00868@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: mc security update Advisory ID: RHSA-2005:217-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-217.html Issue date: 2005-03-04 Updated on: 2005-03-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1004 CAN-2004-1005 CAN-2004-1176 - --------------------------------------------------------------------- 1. Summary: Updated mc packages that fix multiple security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: Midnight Commander (mc) is a visual shell, much like a file manager. Several format string bugs were found in Midnight Commander. If a user is tricked by an attacker into opening a specially crafted path with mc, it may be possible to execute arbitrary code as the user running Midnight Commander. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1004 to this issue. Several buffer overflow bugs were found in Midnight Commander. If a user is tricked by an attacker into opening a specially crafted file or path with mc, it may be possible to execute arbitrary code as the user running Midnight Commander. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1005 to this issue. A buffer underflow bug was found in Midnight Commander. If a malicious local user is able to modify the extfs.ini file, it could be possible to execute arbitrary code as a user running Midnight Commander. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1176 to this issue. Users of mc should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 148864 - CAN-2004-1004 multiple issues with mc (CAN-2004-1005 CAN-2005-1176) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mc-4.5.51-36.6.src.rpm 0280014f6cce24b5a7e86224d1a4c20e mc-4.5.51-36.6.src.rpm i386: f9cf57bc299aff9a913dfd4801bf962d gmc-4.5.51-36.6.i386.rpm 34fab95940f7bd986db806c30abf2264 mc-4.5.51-36.6.i386.rpm dd976aa43c29b97804a1149cc64c56e4 mcserv-4.5.51-36.6.i386.rpm ia64: 6f6c8b333239ba869ea8f32e05d9cf04 gmc-4.5.51-36.6.ia64.rpm 012c0f617c2dd9593f53fa8c25839489 mc-4.5.51-36.6.ia64.rpm f067178eaa407dc355cd1e5b5d536b44 mcserv-4.5.51-36.6.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mc-4.5.51-36.6.src.rpm 0280014f6cce24b5a7e86224d1a4c20e mc-4.5.51-36.6.src.rpm ia64: 6f6c8b333239ba869ea8f32e05d9cf04 gmc-4.5.51-36.6.ia64.rpm 012c0f617c2dd9593f53fa8c25839489 mc-4.5.51-36.6.ia64.rpm f067178eaa407dc355cd1e5b5d536b44 mcserv-4.5.51-36.6.ia64.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mc-4.5.51-36.6.src.rpm 0280014f6cce24b5a7e86224d1a4c20e mc-4.5.51-36.6.src.rpm i386: f9cf57bc299aff9a913dfd4801bf962d gmc-4.5.51-36.6.i386.rpm 34fab95940f7bd986db806c30abf2264 mc-4.5.51-36.6.i386.rpm dd976aa43c29b97804a1149cc64c56e4 mcserv-4.5.51-36.6.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1004 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1176 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCKCkmXlSAg2UNWIIRAo72AJ9ZI7wVdd2MwOSe2zly8pJ8mM2tEACeKKaL SJ2xr2QqQOy16NbOslnkqHE= =dYRx -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Mar 4 09:24:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 4 Mar 2005 04:24 -0500 Subject: [RHSA-2005:277-01] Critical: mozilla security update Message-ID: <200503040924.j249O3F00878@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: mozilla security update Advisory ID: RHSA-2005:277-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-277.html Issue date: 2005-03-04 Updated on: 2005-03-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0255 - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix a buffer overflow issue are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. A bug was found in the Mozilla string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0255 to this issue. Please note that other security issues have been found that affect Mozilla. These other issues have a lower severity, and are therefore planned to be released as additional security updates in the future. Users of Mozilla should upgrade to these updated packages, which contain a backported patch and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150124 - CAN-2005-0255 Memory overwrite in string library 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm ppc: 4f14f23c3f82b7cd991c8c307346c3b4 mozilla-1.7.3-19.EL4.ppc.rpm 8929adbac27a0119b282fe1afc98f0ef mozilla-chat-1.7.3-19.EL4.ppc.rpm b899f513c30ace575ab4e9b83162bb5e mozilla-devel-1.7.3-19.EL4.ppc.rpm 105b7865dc67efa9f589f805a64ec9af mozilla-dom-inspector-1.7.3-19.EL4.ppc.rpm bf2755837521d659b2d497949dfc86c0 mozilla-js-debugger-1.7.3-19.EL4.ppc.rpm 7b8a29af2710b33b664548c933484f8f mozilla-mail-1.7.3-19.EL4.ppc.rpm c615451892c2a69503c57a9f4e75e007 mozilla-nspr-1.7.3-19.EL4.ppc.rpm c2de101cf5751833f149ae4102e21cff mozilla-nspr-devel-1.7.3-19.EL4.ppc.rpm 96b763974d10ac72401f364ff196b290 mozilla-nss-1.7.3-19.EL4.ppc.rpm f7f3f84a81eae1936be81d1a3d887e58 mozilla-nss-devel-1.7.3-19.EL4.ppc.rpm s390: f2e1f2a5d33abf7e1b9350c169a2cc84 mozilla-1.7.3-19.EL4.s390.rpm 0a51da8cec34280604a009e7c09144bc mozilla-chat-1.7.3-19.EL4.s390.rpm b5280f95e1d4fbcfd2fbe3ebe5c7128b mozilla-devel-1.7.3-19.EL4.s390.rpm 84a2fafb4d8581067fdd255d9ee161a8 mozilla-dom-inspector-1.7.3-19.EL4.s390.rpm 8da4e2d1d8c81cb195b911e8c40ed9f8 mozilla-js-debugger-1.7.3-19.EL4.s390.rpm a983613094c5b1f2e9f1369c94aa651e mozilla-mail-1.7.3-19.EL4.s390.rpm 2d6ab4a4a5c13efaa9a84ce14393284a mozilla-nspr-1.7.3-19.EL4.s390.rpm 4086ab3ca9b912854a0eea21fd6f9a40 mozilla-nspr-devel-1.7.3-19.EL4.s390.rpm 91042804e7acdc601033c5953021defb mozilla-nss-1.7.3-19.EL4.s390.rpm 68a8b46fa0f9944d822e1f3cfd2582a1 mozilla-nss-devel-1.7.3-19.EL4.s390.rpm s390x: 1802303fc112de0d5418f1bbb65ffe13 mozilla-1.7.3-19.EL4.s390x.rpm e080b19af615c3f3fc6c9995c179bfa9 mozilla-chat-1.7.3-19.EL4.s390x.rpm e66986eda1e3df2916cd01883acb4479 mozilla-devel-1.7.3-19.EL4.s390x.rpm 5269aba3adb89b23321948cfcad311bc mozilla-dom-inspector-1.7.3-19.EL4.s390x.rpm d06443ccad52994058ee252d16801f87 mozilla-js-debugger-1.7.3-19.EL4.s390x.rpm a768d5077632f588070be23882b937c2 mozilla-mail-1.7.3-19.EL4.s390x.rpm baf7c42fdaa423b0c3494ee682a39dd1 mozilla-nspr-1.7.3-19.EL4.s390x.rpm 2d6ab4a4a5c13efaa9a84ce14393284a mozilla-nspr-1.7.3-19.EL4.s390.rpm 05d4351be5e8e1d5c382d9cf0b353713 mozilla-nspr-devel-1.7.3-19.EL4.s390x.rpm 37901c38badcb3d39cb7a64397ec4f93 mozilla-nss-1.7.3-19.EL4.s390x.rpm 91042804e7acdc601033c5953021defb mozilla-nss-1.7.3-19.EL4.s390.rpm 8d67688575c64ad370a5283342be5109 mozilla-nss-devel-1.7.3-19.EL4.s390x.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.3-19.EL4.src.rpm f38dbc4a876a2e8a7d22bf87b76fd615 mozilla-1.7.3-19.EL4.src.rpm i386: 39ae3210517d35d921e930006841ee43 mozilla-1.7.3-19.EL4.i386.rpm 4ee1aef2c3beaa885da379f3269e8c6d mozilla-chat-1.7.3-19.EL4.i386.rpm 29012dae4a799da739161abbb2d92191 mozilla-devel-1.7.3-19.EL4.i386.rpm eb579278872aa0c63991657c267709d9 mozilla-dom-inspector-1.7.3-19.EL4.i386.rpm c35b92bcb3231bddb30ee8c5b085f7f1 mozilla-js-debugger-1.7.3-19.EL4.i386.rpm 55e70ed5c693b518abd3e6655b2756c3 mozilla-mail-1.7.3-19.EL4.i386.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 51c68d470ff73cda32e53faccf0d09de mozilla-nspr-devel-1.7.3-19.EL4.i386.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 998c5006ebadb4dc0667dd45c062481a mozilla-nss-devel-1.7.3-19.EL4.i386.rpm ia64: ca68d27df9d703f28caf702f03a2c815 mozilla-1.7.3-19.EL4.ia64.rpm c9613d7843931c8f307e7d030bcfeebb mozilla-chat-1.7.3-19.EL4.ia64.rpm 50112396b34bd6724f61db2bdda37f3c mozilla-devel-1.7.3-19.EL4.ia64.rpm 08f955d73348162bc74d205b1afcb2f4 mozilla-dom-inspector-1.7.3-19.EL4.ia64.rpm bcbad4d5cf1df6b85c25d5718c3297e7 mozilla-js-debugger-1.7.3-19.EL4.ia64.rpm 246c4095425ed95cf3d4e7524eabafc6 mozilla-mail-1.7.3-19.EL4.ia64.rpm a0c490f4e9cd7f9d89b72a84fc8382b0 mozilla-nspr-1.7.3-19.EL4.ia64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm 2bb0039d09b0b9e90ec2ba2a45b349d3 mozilla-nspr-devel-1.7.3-19.EL4.ia64.rpm b6566d37c099e89a790247f5ee01511b mozilla-nss-1.7.3-19.EL4.ia64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm 162f10e927ac46eb5c997fb8fb8aef31 mozilla-nss-devel-1.7.3-19.EL4.ia64.rpm x86_64: 9f52dbcbe3bf5a56f22eadf2969d9c6a mozilla-1.7.3-19.EL4.x86_64.rpm 598e7b559ed697719b65982ad5797252 mozilla-chat-1.7.3-19.EL4.x86_64.rpm 0ac7afa778ab2b8aaaf6d0f30016d0cd mozilla-devel-1.7.3-19.EL4.x86_64.rpm 97fc7abc0299fa2810ce0d225908433a mozilla-dom-inspector-1.7.3-19.EL4.x86_64.rpm 3d967bdd0340af26c9e8a0ab2ad5b0c6 mozilla-js-debugger-1.7.3-19.EL4.x86_64.rpm 95bc074f815a069613faf291c61a9a69 mozilla-mail-1.7.3-19.EL4.x86_64.rpm 62c81b6dc5d6b86f08a2541980221a11 mozilla-nspr-1.7.3-19.EL4.x86_64.rpm eb3c48388e576edb480b7c2effc4a33e mozilla-nspr-1.7.3-19.EL4.i386.rpm cb1cb0147b778d54e643576b3a5f2da1 mozilla-nspr-devel-1.7.3-19.EL4.x86_64.rpm 63d679f77661d47ea5b4292976ce756d mozilla-nss-1.7.3-19.EL4.x86_64.rpm 0f87bb5b91f895f7f2ddc50d8fa7a783 mozilla-nss-1.7.3-19.EL4.i386.rpm bb682fbbfe26f9b914cee41e6bb27984 mozilla-nss-devel-1.7.3-19.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.mozilla.org/security/announce/mfsa2005-18.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCKCkxXlSAg2UNWIIRAmFoAKCd0JljpfDp1Li6oTreAZLQGv2XvQCcCP10 3+HfeqALjPlRANhJfghnYD0= =Mh9/ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Mar 10 16:43:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 10 Mar 2005 11:43 -0500 Subject: [RHSA-2005:215-01] Important: gaim security update Message-ID: <200503101643.j2AGhbF30111@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: gaim security update Advisory ID: RHSA-2005:215-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-215.html Issue date: 2005-03-10 Updated on: 2005-03-10 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0208 CAN-2005-0472 CAN-2005-0473 - --------------------------------------------------------------------- 1. Summary: An updated gaim package that fixes various security issues as well as a number of bugs is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Gaim application is a multi-protocol instant messaging client. Two HTML parsing bugs were discovered in Gaim. It is possible that a remote attacker could send a specially crafted message to a Gaim client, causing it to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0208 and CAN-2005-0473 to these issues. A bug in the way Gaim processes SNAC packets was discovered. It is possible that a remote attacker could send a specially crafted SNAC packet to a Gaim client, causing the client to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0472 to this issue. Additionally, various client crashes, memory leaks, and protocol issues have been resolved. Users of Gaim are advised to upgrade to this updated package which contains Gaim version 1.1.4 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 149273 - CAN-2005-0472 Gaim DoS issues (CAN-2005-0473) 149533 - CAN-2005-0208 Gaim HTML parsing DoS 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gaim-1.1.4-1.EL3.1.src.rpm 9f1bfa6ce7406bbbc0a30cd04cb073d4 gaim-1.1.4-1.EL3.1.src.rpm i386: 218ff6d08503544284b364936d3e0190 gaim-1.1.4-1.EL3.1.i386.rpm ia64: 83c88870e4f7768d31d4d49080cd7ee7 gaim-1.1.4-1.EL3.1.ia64.rpm ppc: ed065290789b7c1b853b48190196e489 gaim-1.1.4-1.EL3.1.ppc.rpm s390: 661cb60fd773860efd3b650ef71dbbdc gaim-1.1.4-1.EL3.1.s390.rpm s390x: 37328ca4a27e3c723728b52250b55ecc gaim-1.1.4-1.EL3.1.s390x.rpm x86_64: 07d199a6d844c82d24ecdbdfa5e1b261 gaim-1.1.4-1.EL3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gaim-1.1.4-1.EL3.1.src.rpm 9f1bfa6ce7406bbbc0a30cd04cb073d4 gaim-1.1.4-1.EL3.1.src.rpm i386: 218ff6d08503544284b364936d3e0190 gaim-1.1.4-1.EL3.1.i386.rpm x86_64: 07d199a6d844c82d24ecdbdfa5e1b261 gaim-1.1.4-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gaim-1.1.4-1.EL3.1.src.rpm 9f1bfa6ce7406bbbc0a30cd04cb073d4 gaim-1.1.4-1.EL3.1.src.rpm i386: 218ff6d08503544284b364936d3e0190 gaim-1.1.4-1.EL3.1.i386.rpm ia64: 83c88870e4f7768d31d4d49080cd7ee7 gaim-1.1.4-1.EL3.1.ia64.rpm x86_64: 07d199a6d844c82d24ecdbdfa5e1b261 gaim-1.1.4-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gaim-1.1.4-1.EL3.1.src.rpm 9f1bfa6ce7406bbbc0a30cd04cb073d4 gaim-1.1.4-1.EL3.1.src.rpm i386: 218ff6d08503544284b364936d3e0190 gaim-1.1.4-1.EL3.1.i386.rpm ia64: 83c88870e4f7768d31d4d49080cd7ee7 gaim-1.1.4-1.EL3.1.ia64.rpm x86_64: 07d199a6d844c82d24ecdbdfa5e1b261 gaim-1.1.4-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gaim-1.1.4-1.EL4.src.rpm cf278d34f8506f58787cb3b98902598e gaim-1.1.4-1.EL4.src.rpm i386: 2094ebb0841241f3e1e93746eb9f866f gaim-1.1.4-1.EL4.i386.rpm ia64: ab04967c0d74ff2bf06357e4f28d8926 gaim-1.1.4-1.EL4.ia64.rpm ppc: ab7f56bd3e2dcc698bdd7891c1d2e7b7 gaim-1.1.4-1.EL4.ppc.rpm s390: fe5232ce6fe076d36be9661456bc8adc gaim-1.1.4-1.EL4.s390.rpm s390x: f9bcc40e04a4292946438d39d52b01fc gaim-1.1.4-1.EL4.s390x.rpm x86_64: 01bf8fe852d882f007be5e7dc0da9326 gaim-1.1.4-1.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gaim-1.1.4-1.EL4.src.rpm cf278d34f8506f58787cb3b98902598e gaim-1.1.4-1.EL4.src.rpm i386: 2094ebb0841241f3e1e93746eb9f866f gaim-1.1.4-1.EL4.i386.rpm x86_64: 01bf8fe852d882f007be5e7dc0da9326 gaim-1.1.4-1.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gaim-1.1.4-1.EL4.src.rpm cf278d34f8506f58787cb3b98902598e gaim-1.1.4-1.EL4.src.rpm i386: 2094ebb0841241f3e1e93746eb9f866f gaim-1.1.4-1.EL4.i386.rpm ia64: ab04967c0d74ff2bf06357e4f28d8926 gaim-1.1.4-1.EL4.ia64.rpm x86_64: 01bf8fe852d882f007be5e7dc0da9326 gaim-1.1.4-1.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gaim-1.1.4-1.EL4.src.rpm cf278d34f8506f58787cb3b98902598e gaim-1.1.4-1.EL4.src.rpm i386: 2094ebb0841241f3e1e93746eb9f866f gaim-1.1.4-1.EL4.i386.rpm ia64: ab04967c0d74ff2bf06357e4f28d8926 gaim-1.1.4-1.EL4.ia64.rpm x86_64: 01bf8fe852d882f007be5e7dc0da9326 gaim-1.1.4-1.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://gaim.sourceforge.net/security/index.php?id=10 http://gaim.sourceforge.net/security/index.php?id=11 http://gaim.sourceforge.net/security/index.php?id=12 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0208 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0473 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCMHksXlSAg2UNWIIRAuRPAJ4hciJSKgGFQxzuaH1shUZTmH4jUgCfYUSV QF24oXKR9eLvmrtjho4LBRY= =8TfH -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 16 15:25:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Mar 2005 10:25 -0500 Subject: [RHSA-2005:026-01] Moderate: tetex security update Message-ID: <200503161525.j2GFPdZ17842@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: tetex security update Advisory ID: RHSA-2005:026-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-026.html Issue date: 2005-03-16 Updated on: 2005-03-16 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0064 CAN-2004-1125 - --------------------------------------------------------------------- 1. Summary: Updated tetex packages that resolve security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The tetex packages (teTeX) contain an implementation of TeX for Linux or UNIX systems. A buffer overflow flaw was found in the Gfx::doImage function of Xpdf which also affects teTeX due to a shared codebase. An attacker could construct a carefully crafted PDF file that could cause teTeX to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1125 to this issue. A buffer overflow flaw was found in the Decrypt::makeFileKey2 function of Xpdf which also affects teTeX due to a shared codebase. An attacker could construct a carefully crafted PDF file that could cause teTeX to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0064 to this issue. Users should update to these erratum packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 144257 - CAN-2004-1125 xpdf buffer overflow 145055 - CAN-2005-0064 xpdf buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tetex-2.0.2-22.EL4.4.src.rpm 0e9f7658ff7f20c50a411b66359043d4 tetex-2.0.2-22.EL4.4.src.rpm i386: 4a864c86edbd510bf92e60d921044663 tetex-2.0.2-22.EL4.4.i386.rpm 2001bd44e3c46e850071ffb096039201 tetex-afm-2.0.2-22.EL4.4.i386.rpm 596e753eb5f3e6d0ff7473f8ae462134 tetex-doc-2.0.2-22.EL4.4.i386.rpm 023f7113ebc22db5b6b86b11153ae079 tetex-dvips-2.0.2-22.EL4.4.i386.rpm 3490e58a864bec84d1a7c5479335f7a8 tetex-fonts-2.0.2-22.EL4.4.i386.rpm 5378603b54e287c472fb258384186ca4 tetex-latex-2.0.2-22.EL4.4.i386.rpm 36a8f5600bc353c4c2f14fa5f6fda26e tetex-xdvi-2.0.2-22.EL4.4.i386.rpm ia64: 67604c19f7004d315bb34ffd3322d73d tetex-2.0.2-22.EL4.4.ia64.rpm 5a0ca23db1069968333a248803187c0b tetex-afm-2.0.2-22.EL4.4.ia64.rpm fdeeb8a3e904988da6b06ce910545cf2 tetex-doc-2.0.2-22.EL4.4.ia64.rpm b92924a28ca56eada03a5e3e24891629 tetex-dvips-2.0.2-22.EL4.4.ia64.rpm 2dac870c773978a9c7049bfc45a56fc8 tetex-fonts-2.0.2-22.EL4.4.ia64.rpm 185d6d9b2ea2c65fc04e5cdb42d68172 tetex-latex-2.0.2-22.EL4.4.ia64.rpm cb3e781f24161ebf863997552b17eb28 tetex-xdvi-2.0.2-22.EL4.4.ia64.rpm ppc: b3526bdd4ac4b2645e050eb46b120fef tetex-2.0.2-22.EL4.4.ppc.rpm 4bd4a2d136c614fd12184fa6f975f03d tetex-afm-2.0.2-22.EL4.4.ppc.rpm 324623ce7f83bc85498b3468431f4a34 tetex-doc-2.0.2-22.EL4.4.ppc.rpm 3e6630554d2e6d9d24a3775d53ef05db tetex-dvips-2.0.2-22.EL4.4.ppc.rpm d1524075b8381a43811c37b68a7cadd8 tetex-fonts-2.0.2-22.EL4.4.ppc.rpm df820f28dffdbcd721bb90d002d268c9 tetex-latex-2.0.2-22.EL4.4.ppc.rpm a411d97f10aafe2f1c24f938b0de1b80 tetex-xdvi-2.0.2-22.EL4.4.ppc.rpm s390: 67d1731c40c382b68e6b2e41b459a276 tetex-2.0.2-22.EL4.4.s390.rpm 0e70a1b95bf3057e3cb46f1cd7f96655 tetex-afm-2.0.2-22.EL4.4.s390.rpm d88d319fc363565364316b8c7e34b11f tetex-doc-2.0.2-22.EL4.4.s390.rpm e87976edf77da5d891edec54a2e01dc5 tetex-dvips-2.0.2-22.EL4.4.s390.rpm 7fd9246af62e280513c5cd1a74d960c9 tetex-fonts-2.0.2-22.EL4.4.s390.rpm fce2bd0bd18b996467356235f171e160 tetex-latex-2.0.2-22.EL4.4.s390.rpm d1c6d90df13c9dd8a703a536704a0043 tetex-xdvi-2.0.2-22.EL4.4.s390.rpm s390x: 9efc79c6bb7cfb79afca130230d1df96 tetex-2.0.2-22.EL4.4.s390x.rpm 5e7f852d9d335e553f87ba1f22c84528 tetex-afm-2.0.2-22.EL4.4.s390x.rpm 041948d9d1ab97bb52fc3900feed81eb tetex-doc-2.0.2-22.EL4.4.s390x.rpm a86ef414af5736820b9c2d0692ce6c5b tetex-dvips-2.0.2-22.EL4.4.s390x.rpm 08cfa664c6bbcdc537f869f6f421effe tetex-fonts-2.0.2-22.EL4.4.s390x.rpm d1d15249a5dbe61f48a2ea30fc317597 tetex-latex-2.0.2-22.EL4.4.s390x.rpm c25be003bd1cfccbdf9c0f1f06e19573 tetex-xdvi-2.0.2-22.EL4.4.s390x.rpm x86_64: d16c24dcba2e2ed5d33138b124502c10 tetex-2.0.2-22.EL4.4.x86_64.rpm 5ef87c25c1eccd45354405fc5e5fad94 tetex-afm-2.0.2-22.EL4.4.x86_64.rpm 8af688b7a5d0451ddc77040ad95d0238 tetex-doc-2.0.2-22.EL4.4.x86_64.rpm 31e64490019b29a36a0f41f390517fe8 tetex-dvips-2.0.2-22.EL4.4.x86_64.rpm 211fe3d816ff83b6403866f1e927360a tetex-fonts-2.0.2-22.EL4.4.x86_64.rpm ef10ca5f1c4721a0c6f8b071336987b6 tetex-latex-2.0.2-22.EL4.4.x86_64.rpm 1aff9145a331d9ebb6a03bd9fad671e6 tetex-xdvi-2.0.2-22.EL4.4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tetex-2.0.2-22.EL4.4.src.rpm 0e9f7658ff7f20c50a411b66359043d4 tetex-2.0.2-22.EL4.4.src.rpm i386: 4a864c86edbd510bf92e60d921044663 tetex-2.0.2-22.EL4.4.i386.rpm 2001bd44e3c46e850071ffb096039201 tetex-afm-2.0.2-22.EL4.4.i386.rpm 596e753eb5f3e6d0ff7473f8ae462134 tetex-doc-2.0.2-22.EL4.4.i386.rpm 023f7113ebc22db5b6b86b11153ae079 tetex-dvips-2.0.2-22.EL4.4.i386.rpm 3490e58a864bec84d1a7c5479335f7a8 tetex-fonts-2.0.2-22.EL4.4.i386.rpm 5378603b54e287c472fb258384186ca4 tetex-latex-2.0.2-22.EL4.4.i386.rpm 36a8f5600bc353c4c2f14fa5f6fda26e tetex-xdvi-2.0.2-22.EL4.4.i386.rpm x86_64: d16c24dcba2e2ed5d33138b124502c10 tetex-2.0.2-22.EL4.4.x86_64.rpm 5ef87c25c1eccd45354405fc5e5fad94 tetex-afm-2.0.2-22.EL4.4.x86_64.rpm 8af688b7a5d0451ddc77040ad95d0238 tetex-doc-2.0.2-22.EL4.4.x86_64.rpm 31e64490019b29a36a0f41f390517fe8 tetex-dvips-2.0.2-22.EL4.4.x86_64.rpm 211fe3d816ff83b6403866f1e927360a tetex-fonts-2.0.2-22.EL4.4.x86_64.rpm ef10ca5f1c4721a0c6f8b071336987b6 tetex-latex-2.0.2-22.EL4.4.x86_64.rpm 1aff9145a331d9ebb6a03bd9fad671e6 tetex-xdvi-2.0.2-22.EL4.4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tetex-2.0.2-22.EL4.4.src.rpm 0e9f7658ff7f20c50a411b66359043d4 tetex-2.0.2-22.EL4.4.src.rpm i386: 4a864c86edbd510bf92e60d921044663 tetex-2.0.2-22.EL4.4.i386.rpm 2001bd44e3c46e850071ffb096039201 tetex-afm-2.0.2-22.EL4.4.i386.rpm 596e753eb5f3e6d0ff7473f8ae462134 tetex-doc-2.0.2-22.EL4.4.i386.rpm 023f7113ebc22db5b6b86b11153ae079 tetex-dvips-2.0.2-22.EL4.4.i386.rpm 3490e58a864bec84d1a7c5479335f7a8 tetex-fonts-2.0.2-22.EL4.4.i386.rpm 5378603b54e287c472fb258384186ca4 tetex-latex-2.0.2-22.EL4.4.i386.rpm 36a8f5600bc353c4c2f14fa5f6fda26e tetex-xdvi-2.0.2-22.EL4.4.i386.rpm ia64: 67604c19f7004d315bb34ffd3322d73d tetex-2.0.2-22.EL4.4.ia64.rpm 5a0ca23db1069968333a248803187c0b tetex-afm-2.0.2-22.EL4.4.ia64.rpm fdeeb8a3e904988da6b06ce910545cf2 tetex-doc-2.0.2-22.EL4.4.ia64.rpm b92924a28ca56eada03a5e3e24891629 tetex-dvips-2.0.2-22.EL4.4.ia64.rpm 2dac870c773978a9c7049bfc45a56fc8 tetex-fonts-2.0.2-22.EL4.4.ia64.rpm 185d6d9b2ea2c65fc04e5cdb42d68172 tetex-latex-2.0.2-22.EL4.4.ia64.rpm cb3e781f24161ebf863997552b17eb28 tetex-xdvi-2.0.2-22.EL4.4.ia64.rpm x86_64: d16c24dcba2e2ed5d33138b124502c10 tetex-2.0.2-22.EL4.4.x86_64.rpm 5ef87c25c1eccd45354405fc5e5fad94 tetex-afm-2.0.2-22.EL4.4.x86_64.rpm 8af688b7a5d0451ddc77040ad95d0238 tetex-doc-2.0.2-22.EL4.4.x86_64.rpm 31e64490019b29a36a0f41f390517fe8 tetex-dvips-2.0.2-22.EL4.4.x86_64.rpm 211fe3d816ff83b6403866f1e927360a tetex-fonts-2.0.2-22.EL4.4.x86_64.rpm ef10ca5f1c4721a0c6f8b071336987b6 tetex-latex-2.0.2-22.EL4.4.x86_64.rpm 1aff9145a331d9ebb6a03bd9fad671e6 tetex-xdvi-2.0.2-22.EL4.4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tetex-2.0.2-22.EL4.4.src.rpm 0e9f7658ff7f20c50a411b66359043d4 tetex-2.0.2-22.EL4.4.src.rpm i386: 4a864c86edbd510bf92e60d921044663 tetex-2.0.2-22.EL4.4.i386.rpm 2001bd44e3c46e850071ffb096039201 tetex-afm-2.0.2-22.EL4.4.i386.rpm 596e753eb5f3e6d0ff7473f8ae462134 tetex-doc-2.0.2-22.EL4.4.i386.rpm 023f7113ebc22db5b6b86b11153ae079 tetex-dvips-2.0.2-22.EL4.4.i386.rpm 3490e58a864bec84d1a7c5479335f7a8 tetex-fonts-2.0.2-22.EL4.4.i386.rpm 5378603b54e287c472fb258384186ca4 tetex-latex-2.0.2-22.EL4.4.i386.rpm 36a8f5600bc353c4c2f14fa5f6fda26e tetex-xdvi-2.0.2-22.EL4.4.i386.rpm ia64: 67604c19f7004d315bb34ffd3322d73d tetex-2.0.2-22.EL4.4.ia64.rpm 5a0ca23db1069968333a248803187c0b tetex-afm-2.0.2-22.EL4.4.ia64.rpm fdeeb8a3e904988da6b06ce910545cf2 tetex-doc-2.0.2-22.EL4.4.ia64.rpm b92924a28ca56eada03a5e3e24891629 tetex-dvips-2.0.2-22.EL4.4.ia64.rpm 2dac870c773978a9c7049bfc45a56fc8 tetex-fonts-2.0.2-22.EL4.4.ia64.rpm 185d6d9b2ea2c65fc04e5cdb42d68172 tetex-latex-2.0.2-22.EL4.4.ia64.rpm cb3e781f24161ebf863997552b17eb28 tetex-xdvi-2.0.2-22.EL4.4.ia64.rpm x86_64: d16c24dcba2e2ed5d33138b124502c10 tetex-2.0.2-22.EL4.4.x86_64.rpm 5ef87c25c1eccd45354405fc5e5fad94 tetex-afm-2.0.2-22.EL4.4.x86_64.rpm 8af688b7a5d0451ddc77040ad95d0238 tetex-doc-2.0.2-22.EL4.4.x86_64.rpm 31e64490019b29a36a0f41f390517fe8 tetex-dvips-2.0.2-22.EL4.4.x86_64.rpm 211fe3d816ff83b6403866f1e927360a tetex-fonts-2.0.2-22.EL4.4.x86_64.rpm ef10ca5f1c4721a0c6f8b071336987b6 tetex-latex-2.0.2-22.EL4.4.x86_64.rpm 1aff9145a331d9ebb6a03bd9fad671e6 tetex-xdvi-2.0.2-22.EL4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0064 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1125 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCOE/wXlSAg2UNWIIRAvdnAKCibUeWo7jUUsjoOnKjY/cnuk9W8gCeNPvu BYAIAW1uNOW6r7unyKudPJI= =sObz -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 16 15:25:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Mar 2005 10:25 -0500 Subject: [RHSA-2005:152-01] Low: postfix security update Message-ID: <200503161525.j2GFPpZ17849@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: postfix security update Advisory ID: RHSA-2005:152-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-152.html Issue date: 2005-03-16 Updated on: 2005-03-16 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0337 - --------------------------------------------------------------------- 1. Summary: Updated postfix packages that include a security fix and two other bug fixes are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Postfix is a Mail Transport Agent (MTA), supporting LDAP, SMTP AUTH (SASL), and TLS. A flaw was found in the ipv6 patch used with Postfix. When the file /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, this flaw could allow remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0337 to this issue. These updated packages also fix the following problems: - - wrong permissions on doc directory - - segfault when gethostbyname or gethostbyaddr fails All users of postfix should upgrade to these updated packages, which contain patches which resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/): 146732 - CAN-2005-0337 open relay bug in postfix ipv6 patch 147280 - Permissions on doc directory is wrong 139983 - newaliases segfaults when gethostbyname or gethostbyaddr fails 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postfix-2.1.5-4.2.RHEL4.src.rpm 6cb38ee879fcbf2c2790890e49dd1a4b postfix-2.1.5-4.2.RHEL4.src.rpm i386: 986882612b24197ca6a962e2e863dba7 postfix-2.1.5-4.2.RHEL4.i386.rpm 1dc80db9e883731d25f3783fa47dccd8 postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm ia64: 01c0c0432414d34d774b6d118e8fd93c postfix-2.1.5-4.2.RHEL4.ia64.rpm 3a07219a527596c4719cb971aa54aa38 postfix-pflogsumm-2.1.5-4.2.RHEL4.ia64.rpm ppc: 6eb2d7a742a0684b0031ea30843fd8ac postfix-2.1.5-4.2.RHEL4.ppc.rpm f15d4f4e2823befcbdf5e913182c592a postfix-pflogsumm-2.1.5-4.2.RHEL4.ppc.rpm s390: 915feb7be6d01186fb61d1664d5714a7 postfix-2.1.5-4.2.RHEL4.s390.rpm 96202b25b1775f7fd1a96077354ebf72 postfix-pflogsumm-2.1.5-4.2.RHEL4.s390.rpm s390x: fbb35e5cb15347ffaa68cdad954683d0 postfix-2.1.5-4.2.RHEL4.s390x.rpm aeb220b7e428f560e6cad87f367fd8ff postfix-pflogsumm-2.1.5-4.2.RHEL4.s390x.rpm x86_64: 365c57d129da99b56ba8d54b73539c89 postfix-2.1.5-4.2.RHEL4.x86_64.rpm 3a39dc000dd43d57144da89450accfbe postfix-pflogsumm-2.1.5-4.2.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postfix-2.1.5-4.2.RHEL4.src.rpm 6cb38ee879fcbf2c2790890e49dd1a4b postfix-2.1.5-4.2.RHEL4.src.rpm i386: 986882612b24197ca6a962e2e863dba7 postfix-2.1.5-4.2.RHEL4.i386.rpm 1dc80db9e883731d25f3783fa47dccd8 postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm x86_64: 365c57d129da99b56ba8d54b73539c89 postfix-2.1.5-4.2.RHEL4.x86_64.rpm 3a39dc000dd43d57144da89450accfbe postfix-pflogsumm-2.1.5-4.2.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postfix-2.1.5-4.2.RHEL4.src.rpm 6cb38ee879fcbf2c2790890e49dd1a4b postfix-2.1.5-4.2.RHEL4.src.rpm i386: 986882612b24197ca6a962e2e863dba7 postfix-2.1.5-4.2.RHEL4.i386.rpm 1dc80db9e883731d25f3783fa47dccd8 postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm ia64: 01c0c0432414d34d774b6d118e8fd93c postfix-2.1.5-4.2.RHEL4.ia64.rpm 3a07219a527596c4719cb971aa54aa38 postfix-pflogsumm-2.1.5-4.2.RHEL4.ia64.rpm x86_64: 365c57d129da99b56ba8d54b73539c89 postfix-2.1.5-4.2.RHEL4.x86_64.rpm 3a39dc000dd43d57144da89450accfbe postfix-pflogsumm-2.1.5-4.2.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postfix-2.1.5-4.2.RHEL4.src.rpm 6cb38ee879fcbf2c2790890e49dd1a4b postfix-2.1.5-4.2.RHEL4.src.rpm i386: 986882612b24197ca6a962e2e863dba7 postfix-2.1.5-4.2.RHEL4.i386.rpm 1dc80db9e883731d25f3783fa47dccd8 postfix-pflogsumm-2.1.5-4.2.RHEL4.i386.rpm ia64: 01c0c0432414d34d774b6d118e8fd93c postfix-2.1.5-4.2.RHEL4.ia64.rpm 3a07219a527596c4719cb971aa54aa38 postfix-pflogsumm-2.1.5-4.2.RHEL4.ia64.rpm x86_64: 365c57d129da99b56ba8d54b73539c89 postfix-2.1.5-4.2.RHEL4.x86_64.rpm 3a39dc000dd43d57144da89450accfbe postfix-pflogsumm-2.1.5-4.2.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0337 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCOE/7XlSAg2UNWIIRAg5lAJ9r27061DzKcSPp7dJKfe2Qe7aPtgCfUNgq zbdRUKsbvV7Ct2AgmDfNu+s= =VanQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 16 15:26:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 Mar 2005 10:26 -0500 Subject: [RHSA-2005:201-01] Moderate: squid security update Message-ID: <200503161526.j2GFQ3Z17862@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: squid security update Advisory ID: RHSA-2005:201-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-201.html Issue date: 2005-03-16 Updated on: 2005-03-16 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0446 - --------------------------------------------------------------------- 1. Summary: An updated squid package that fixes a denial of service issue is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Squid is a full-featured Web proxy cache. A bug was found in the way Squid handles fully qualified domain name (FQDN) lookups. A malicious DNS server could crash Squid by sending a carefully crafted DNS response to an FQDN lookup. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0446 to this issue. This erratum also includes two minor patches to the LDAP helpers. One corrects a slight malformation in ldap search requests (although all known LDAP servers accept the requests). The other adds documentation for the -v option to the ldap helpers. Users of Squid should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 148882 - CAN-2005-0446 Squid DoS from bad DNS response 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/squid-2.5.STABLE6-3.4E.5.src.rpm 211b70fedb9069adb1eec627a4f8e707 squid-2.5.STABLE6-3.4E.5.src.rpm i386: c67133061261fcf5c3cac5345c7222fa squid-2.5.STABLE6-3.4E.5.i386.rpm ia64: 99d6fd73bb7d277fc679cc00d9b19e7d squid-2.5.STABLE6-3.4E.5.ia64.rpm ppc: 4c144b5a2171d36b1e6b5992f4912775 squid-2.5.STABLE6-3.4E.5.ppc.rpm s390: 22e53afff8b89dda33a0e208f2eb38cf squid-2.5.STABLE6-3.4E.5.s390.rpm s390x: 00f6e8d80524790bc43ad89bf080cf86 squid-2.5.STABLE6-3.4E.5.s390x.rpm x86_64: 644f7b720340cfc60f5f62fddc595560 squid-2.5.STABLE6-3.4E.5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/squid-2.5.STABLE6-3.4E.5.src.rpm 211b70fedb9069adb1eec627a4f8e707 squid-2.5.STABLE6-3.4E.5.src.rpm i386: c67133061261fcf5c3cac5345c7222fa squid-2.5.STABLE6-3.4E.5.i386.rpm x86_64: 644f7b720340cfc60f5f62fddc595560 squid-2.5.STABLE6-3.4E.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/squid-2.5.STABLE6-3.4E.5.src.rpm 211b70fedb9069adb1eec627a4f8e707 squid-2.5.STABLE6-3.4E.5.src.rpm i386: c67133061261fcf5c3cac5345c7222fa squid-2.5.STABLE6-3.4E.5.i386.rpm ia64: 99d6fd73bb7d277fc679cc00d9b19e7d squid-2.5.STABLE6-3.4E.5.ia64.rpm x86_64: 644f7b720340cfc60f5f62fddc595560 squid-2.5.STABLE6-3.4E.5.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/squid-2.5.STABLE6-3.4E.5.src.rpm 211b70fedb9069adb1eec627a4f8e707 squid-2.5.STABLE6-3.4E.5.src.rpm i386: c67133061261fcf5c3cac5345c7222fa squid-2.5.STABLE6-3.4E.5.i386.rpm ia64: 99d6fd73bb7d277fc679cc00d9b19e7d squid-2.5.STABLE6-3.4E.5.ia64.rpm x86_64: 644f7b720340cfc60f5f62fddc595560 squid-2.5.STABLE6-3.4E.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE8-dns_assert http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0446 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCOFAJXlSAg2UNWIIRAuBdAJ4kSrxHyDORDoNw64Kr2oEzSSRP0QCgh6oA ALL9Kulaye09wWTLEsIWbrA= =V/Cz -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Mar 18 09:27:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 18 Mar 2005 04:27 -0500 Subject: [RHSA-2005:303-01] Important: sylpheed security update Message-ID: <200503180927.j2I9RLZ23480@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: sylpheed security update Advisory ID: RHSA-2005:303-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-303.html Issue date: 2005-03-18 Updated on: 2005-03-18 Product: Red Hat Enterprise Linux Keywords: buffer overflow CVE Names: CAN-2005-0667 - --------------------------------------------------------------------- 1. Summary: An updated sylpheed package that fixes a buffer overflow issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: Sylpheed is a GTK+ based fast email client. A buffer overflow bug has been found in the way Sylpheed handles non-ASCII characters in the header of a message to which a victim replies. A carefully crafted email message could potentially allow an attacker to execute arbitrary code on a victim's machine if they reply to such a message. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0667 to this issue. Users of Sylpheed should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150687 - CAN-2005-0667 sylpheed buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/sylpheed-0.5.0-3.EL21.1.src.rpm 8b6c86548aa1e9c54f0d017c00e145cb sylpheed-0.5.0-3.EL21.1.src.rpm i386: 4cc680f7f44dc289cfe8350cc5d2a5f8 sylpheed-0.5.0-3.EL21.1.i386.rpm ia64: 7b067a34374921415a498662db9c98ee sylpheed-0.5.0-3.EL21.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/sylpheed-0.5.0-3.EL21.1.src.rpm 8b6c86548aa1e9c54f0d017c00e145cb sylpheed-0.5.0-3.EL21.1.src.rpm ia64: 7b067a34374921415a498662db9c98ee sylpheed-0.5.0-3.EL21.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/sylpheed-0.5.0-3.EL21.1.src.rpm 8b6c86548aa1e9c54f0d017c00e145cb sylpheed-0.5.0-3.EL21.1.src.rpm i386: 4cc680f7f44dc289cfe8350cc5d2a5f8 sylpheed-0.5.0-3.EL21.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/sylpheed-0.5.0-3.EL21.1.src.rpm 8b6c86548aa1e9c54f0d017c00e145cb sylpheed-0.5.0-3.EL21.1.src.rpm i386: 4cc680f7f44dc289cfe8350cc5d2a5f8 sylpheed-0.5.0-3.EL21.1.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0667 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCOp73XlSAg2UNWIIRAtMKAKCoqMSLEfkrhxMXnw9hdnCo5SCtuwCeJczZ jUhVhZzZOAd1nHXTYjFrb+c= =9s9A -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Mar 18 09:27:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 18 Mar 2005 04:27 -0500 Subject: [RHSA-2005:306-01] Moderate: ethereal security update Message-ID: <200503180927.j2I9RXZ23486@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ethereal security update Advisory ID: RHSA-2005:306-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-306.html Issue date: 2005-03-18 Updated on: 2005-03-18 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0699 CAN-2005-0704 CAN-2005-0705 CAN-2005-0739 - --------------------------------------------------------------------- 1. Summary: Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. A buffer overflow flaw was discovered in the Etheric dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0704 to this issue. The GPRS-LLC dissector could crash if the "ignore cipher bit" option was set. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0705 to this issue. A buffer overflow flaw was discovered in the 3GPP2 A11 dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0699 to this issue. A buffer overflow flaw was discovered in the IAPP dissector. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0739 to this issue. Users of ethereal should upgrade to these updated packages, which contain version 0.10.10 and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150705 - CAN-2005-0699 Multiple ethereal issues (CAN-2005-0704 CAN-2005-0705) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm i386: 3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm ia64: e99a353b78155e1436671d304cc5783f ethereal-0.10.10-1.AS21.1.ia64.rpm 52f3fe5e9b24e8cef8fa7c314bbe87c9 ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm ia64: e99a353b78155e1436671d304cc5783f ethereal-0.10.10-1.AS21.1.ia64.rpm 52f3fe5e9b24e8cef8fa7c314bbe87c9 ethereal-gnome-0.10.10-1.AS21.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm i386: 3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ethereal-0.10.10-1.AS21.1.src.rpm a338f0f8bf256c967075886f040d28e2 ethereal-0.10.10-1.AS21.1.src.rpm i386: 3b3961d37d85f1d133b6a547d3a1c1df ethereal-0.10.10-1.AS21.1.i386.rpm a9612756dfc446a516f8a6cdc6751b7c ethereal-gnome-0.10.10-1.AS21.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm 32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm i386: 3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm 3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm ia64: 51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm 9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm ppc: e7bbc35c074deceb6642110280963ffc ethereal-0.10.10-1.EL3.1.ppc.rpm d62cdda64da9b8ac99e9a113dffd51e2 ethereal-gnome-0.10.10-1.EL3.1.ppc.rpm s390: e058533841940611b6dfd41dddf353d4 ethereal-0.10.10-1.EL3.1.s390.rpm 9b5f47fe9c15df640f0fb12ad259be69 ethereal-gnome-0.10.10-1.EL3.1.s390.rpm s390x: dceafd4686403083809b54b6921a09a3 ethereal-0.10.10-1.EL3.1.s390x.rpm f54f092d247cec4a1c441d548f75ffe5 ethereal-gnome-0.10.10-1.EL3.1.s390x.rpm x86_64: e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm 3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm 32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm i386: 3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm 3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm x86_64: e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm 3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm 32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm i386: 3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm 3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm ia64: 51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm 9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm x86_64: e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm 3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ethereal-0.10.10-1.EL3.1.src.rpm 32d2c9b57fa40066052daea53db4bcf1 ethereal-0.10.10-1.EL3.1.src.rpm i386: 3b03965e2cf37d7af3032f2807416ee2 ethereal-0.10.10-1.EL3.1.i386.rpm 3205521c99494c2093e05d71c1cd3dbd ethereal-gnome-0.10.10-1.EL3.1.i386.rpm ia64: 51ece445012d8f536a217b24978feaab ethereal-0.10.10-1.EL3.1.ia64.rpm 9fca87b270af3770ef431d6cb4cd8cf0 ethereal-gnome-0.10.10-1.EL3.1.ia64.rpm x86_64: e245dbbca7a2140c71c3e256479e68d4 ethereal-0.10.10-1.EL3.1.x86_64.rpm 3f6d6aa9b62db253f6ed0c56a3ba65e5 ethereal-gnome-0.10.10-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm 79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm i386: 42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm ia64: d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm ppc: 9fdb6c8afe12e15da837f0f1e927cfbb ethereal-0.10.10-1.EL4.1.ppc.rpm d8494d4ec54becd0f468f49004bd6273 ethereal-gnome-0.10.10-1.EL4.1.ppc.rpm s390: 32a15bad41ee0b610d8e42519eefda50 ethereal-0.10.10-1.EL4.1.s390.rpm 196489ef013a4874ad5abe9788689585 ethereal-gnome-0.10.10-1.EL4.1.s390.rpm s390x: c3fc67ecb11f7fce145a8eb2ed2cf0b3 ethereal-0.10.10-1.EL4.1.s390x.rpm b71701f345bfa34bfade35b0b15ee745 ethereal-gnome-0.10.10-1.EL4.1.s390x.rpm x86_64: 1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm 8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm 79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm i386: 42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm x86_64: 1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm 8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm 79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm i386: 42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm ia64: d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm x86_64: 1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm 8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ethereal-0.10.10-1.EL4.1.src.rpm 79554433258770de9543af0c4c46530a ethereal-0.10.10-1.EL4.1.src.rpm i386: 42ef9c43f9beac7e56daeb0fe37b0410 ethereal-0.10.10-1.EL4.1.i386.rpm c2deaa08b9bb28dda7d0bd70250743a7 ethereal-gnome-0.10.10-1.EL4.1.i386.rpm ia64: d359ec6bcd42d582f72d11f35da06380 ethereal-0.10.10-1.EL4.1.ia64.rpm e8c95b60c9acc82772207af1e99d1804 ethereal-gnome-0.10.10-1.EL4.1.ia64.rpm x86_64: 1c0fb944257bb3da1f5265a2957b26bd ethereal-0.10.10-1.EL4.1.x86_64.rpm 8ac83f1a2e468dbc2cbf24f215cc5ed7 ethereal-gnome-0.10.10-1.EL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.ethereal.com/appnotes/enpa-sa-00018.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0699 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0704 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0705 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0739 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCOp8CXlSAg2UNWIIRAgFzAKCtAQt0KuAIRA/xpAbycAzyqTUDcACgqNFm RYH+0wneEgv3wvlTKSa+0E0= =IUoY -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 21 18:35:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Mar 2005 13:35 -0500 Subject: [RHSA-2005:235-01] Important: mailman security update Message-ID: <200503211835.j2LIZQZ08802@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mailman security update Advisory ID: RHSA-2005:235-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-235.html Issue date: 2005-03-21 Updated on: 2005-03-21 Product: Red Hat Enterprise Linux Keywords: XSS CVE Names: CAN-2004-1177 - --------------------------------------------------------------------- 1. Summary: An updated mailman package that corrects a cross-site scripting flaw is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mailman manages electronic mail discussion and e-newsletter lists. A cross-site scripting (XSS) flaw in the driver script of mailman prior to version 2.1.5 could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1177 to this issue. Users of mailman should update to this erratum package, which corrects this issue by turning on STEALTH_MODE by default and using Utils.websafe() to quote the html. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 132750 - Mailman doesn't work with courier 143008 - mailman logrotate has wrong location for mailmanctl 142605 - init script doesn't use /var/lock/subsys 147833 - CAN-2004-1177 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mailman-2.1.5-25.rhel3.src.rpm cec4560e18c7249eeab97f33209ab268 mailman-2.1.5-25.rhel3.src.rpm i386: 6c052b1a07bfdec09756ee58be0e4c56 mailman-2.1.5-25.rhel3.i386.rpm ia64: 41cbca1ff68fa89f87f6686aaf57f229 mailman-2.1.5-25.rhel3.ia64.rpm ppc: d1b78c0297714110557d5e24af03b1e0 mailman-2.1.5-25.rhel3.ppc.rpm s390: 475bdfee1a9c0f1580d5c62c9fa0f71d mailman-2.1.5-25.rhel3.s390.rpm s390x: f59fd25effa4d958730b1c778d47a4c6 mailman-2.1.5-25.rhel3.s390x.rpm x86_64: 1a3ca7f170accc1a9747ef78b8ad0006 mailman-2.1.5-25.rhel3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mailman-2.1.5-25.rhel3.src.rpm cec4560e18c7249eeab97f33209ab268 mailman-2.1.5-25.rhel3.src.rpm i386: 6c052b1a07bfdec09756ee58be0e4c56 mailman-2.1.5-25.rhel3.i386.rpm x86_64: 1a3ca7f170accc1a9747ef78b8ad0006 mailman-2.1.5-25.rhel3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mailman-2.1.5-25.rhel3.src.rpm cec4560e18c7249eeab97f33209ab268 mailman-2.1.5-25.rhel3.src.rpm i386: 6c052b1a07bfdec09756ee58be0e4c56 mailman-2.1.5-25.rhel3.i386.rpm ia64: 41cbca1ff68fa89f87f6686aaf57f229 mailman-2.1.5-25.rhel3.ia64.rpm x86_64: 1a3ca7f170accc1a9747ef78b8ad0006 mailman-2.1.5-25.rhel3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mailman-2.1.5-25.rhel3.src.rpm cec4560e18c7249eeab97f33209ab268 mailman-2.1.5-25.rhel3.src.rpm i386: 6c052b1a07bfdec09756ee58be0e4c56 mailman-2.1.5-25.rhel3.i386.rpm ia64: 41cbca1ff68fa89f87f6686aaf57f229 mailman-2.1.5-25.rhel3.ia64.rpm x86_64: 1a3ca7f170accc1a9747ef78b8ad0006 mailman-2.1.5-25.rhel3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mailman-2.1.5-33.rhel4.src.rpm db340a0e60ff33b47156d0ca96f95f14 mailman-2.1.5-33.rhel4.src.rpm i386: 97e1cbd6ec4f6099def5ed95f072d603 mailman-2.1.5-33.rhel4.i386.rpm ia64: 0fde6fa6ab37f8ae0031e53d62615c8c mailman-2.1.5-33.rhel4.ia64.rpm ppc: 376ec413afbc6d85ab268bdbab811b79 mailman-2.1.5-33.rhel4.ppc.rpm s390: 79bda3c10f6204e47c36c8372956602a mailman-2.1.5-33.rhel4.s390.rpm s390x: e1746fc732cbb29a0df14db5a7e88f0a mailman-2.1.5-33.rhel4.s390x.rpm x86_64: 97a3e1f38866b40d06b2226e0901fc45 mailman-2.1.5-33.rhel4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mailman-2.1.5-33.rhel4.src.rpm db340a0e60ff33b47156d0ca96f95f14 mailman-2.1.5-33.rhel4.src.rpm i386: 97e1cbd6ec4f6099def5ed95f072d603 mailman-2.1.5-33.rhel4.i386.rpm x86_64: 97a3e1f38866b40d06b2226e0901fc45 mailman-2.1.5-33.rhel4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mailman-2.1.5-33.rhel4.src.rpm db340a0e60ff33b47156d0ca96f95f14 mailman-2.1.5-33.rhel4.src.rpm i386: 97e1cbd6ec4f6099def5ed95f072d603 mailman-2.1.5-33.rhel4.i386.rpm ia64: 0fde6fa6ab37f8ae0031e53d62615c8c mailman-2.1.5-33.rhel4.ia64.rpm x86_64: 97a3e1f38866b40d06b2226e0901fc45 mailman-2.1.5-33.rhel4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mailman-2.1.5-33.rhel4.src.rpm db340a0e60ff33b47156d0ca96f95f14 mailman-2.1.5-33.rhel4.src.rpm i386: 97e1cbd6ec4f6099def5ed95f072d603 mailman-2.1.5-33.rhel4.i386.rpm ia64: 0fde6fa6ab37f8ae0031e53d62615c8c mailman-2.1.5-33.rhel4.ia64.rpm x86_64: 97a3e1f38866b40d06b2226e0901fc45 mailman-2.1.5-33.rhel4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1177 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCPxPpXlSAg2UNWIIRArk+AJ4/T42574DurShoHfsfUlnY4xEZRwCfVQRK /bb0MZsmUANHAzs15FLfr8M= =5UzL -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 21 18:35:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Mar 2005 13:35 -0500 Subject: [RHSA-2005:299-01] Important: realplayer security update Message-ID: <200503211835.j2LIZlZ08806@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: realplayer security update Advisory ID: RHSA-2005:299-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-299.html Issue date: 2005-03-21 Updated on: 2005-03-21 Product: Red Hat Enterprise Linux Extras Keywords: LACD - --------------------------------------------------------------------- 1. Summary: Updated realplayer packages that fix a number of security issues are now available for Red Hat Enterprise Linux 3 Extras. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386 Red Hat Desktop version 3 Extras - i386 Red Hat Enterprise Linux ES version 3 Extras - i386 Red Hat Enterprise Linux WS version 3 Extras - i386 3. Problem description: The realplayer package contains RealPlayer, a media format player. A number of security issues have been discovered in RealPlayer 8 of which a subset are believed to affect the Linux version as shipped with Red Hat Enterprise Linux 3 Extras. RealPlayer 8 is no longer supported by RealNetworks. Users of RealPlayer are advised to upgrade to this erratum package which contains RealPlayer 10. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150341 - RHEL3 U5: Update to RealPlayer 10 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: ba5814b72fd7f0c4838fd628d6d9ec2b realplayer-10.0.3-1.rhel3.i386.rpm Red Hat Desktop version 3 Extras: i386: ba5814b72fd7f0c4838fd628d6d9ec2b realplayer-10.0.3-1.rhel3.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: ba5814b72fd7f0c4838fd628d6d9ec2b realplayer-10.0.3-1.rhel3.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: ba5814b72fd7f0c4838fd628d6d9ec2b realplayer-10.0.3-1.rhel3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCPxP3XlSAg2UNWIIRAj4wAJ0Vz04R7OQ+DNIgKrkyWTkcWNxPOACgmK0/ VHvpINuz3JWZGH8E8dpkGkc= =N8bu -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 21 18:36:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Mar 2005 13:36 -0500 Subject: [RHSA-2005:300-01] Low: libexif security update Message-ID: <200503211836.j2LIa7Z08820@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: libexif security update Advisory ID: RHSA-2005:300-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-300.html Issue date: 2005-03-21 Updated on: 2005-03-21 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0664 - --------------------------------------------------------------------- 1. Summary: Updated libexif packages that fix a buffer overflow issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The libexif package contains the EXIF library. Applications use this library to parse EXIF image files. A bug was found in the way libexif parses EXIF tags. An attacker could create a carefully crafted EXIF image file which could cause image viewers linked against libexif to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0664 to this issue. Users of libexif should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150503 - CAN-2005-0664 buffer overflow in libexif 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libexif-0.5.12-5.1.src.rpm 371fbbcd2a471d3e8a47ef25743687a4 libexif-0.5.12-5.1.src.rpm i386: da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cf4266f5169a641988d78692862ac123 libexif-devel-0.5.12-5.1.i386.rpm ia64: 063977d8cf3fa8d762876c0b03c628fc libexif-0.5.12-5.1.ia64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm 64adda01f6ee366d3d0648f5aefd8aeb libexif-devel-0.5.12-5.1.ia64.rpm ppc: 641ff4e17fdd75cdba40f096b27be7a6 libexif-0.5.12-5.1.ppc.rpm 1b5a793074ec0c93e18894e012860690 libexif-0.5.12-5.1.ppc64.rpm 79e96019b18609766d27d6018f4a91a1 libexif-devel-0.5.12-5.1.ppc.rpm s390: 18e3ad9ecbf8808e0ff8a568a330e7d2 libexif-0.5.12-5.1.s390.rpm fdc7468498cb6099d7de253ecd814134 libexif-devel-0.5.12-5.1.s390.rpm s390x: 7dcf828336530af124e05c0c1e0a8f72 libexif-0.5.12-5.1.s390x.rpm 18e3ad9ecbf8808e0ff8a568a330e7d2 libexif-0.5.12-5.1.s390.rpm e7322c9443f2db1e12de7c399066dd75 libexif-devel-0.5.12-5.1.s390x.rpm x86_64: 1de5c99dff768c5b1667d838f470b320 libexif-0.5.12-5.1.x86_64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cb1e0972270a3520cae3fe2e9c844f18 libexif-devel-0.5.12-5.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libexif-0.5.12-5.1.src.rpm 371fbbcd2a471d3e8a47ef25743687a4 libexif-0.5.12-5.1.src.rpm i386: da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cf4266f5169a641988d78692862ac123 libexif-devel-0.5.12-5.1.i386.rpm x86_64: 1de5c99dff768c5b1667d838f470b320 libexif-0.5.12-5.1.x86_64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cb1e0972270a3520cae3fe2e9c844f18 libexif-devel-0.5.12-5.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libexif-0.5.12-5.1.src.rpm 371fbbcd2a471d3e8a47ef25743687a4 libexif-0.5.12-5.1.src.rpm i386: da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cf4266f5169a641988d78692862ac123 libexif-devel-0.5.12-5.1.i386.rpm ia64: 063977d8cf3fa8d762876c0b03c628fc libexif-0.5.12-5.1.ia64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm 64adda01f6ee366d3d0648f5aefd8aeb libexif-devel-0.5.12-5.1.ia64.rpm x86_64: 1de5c99dff768c5b1667d838f470b320 libexif-0.5.12-5.1.x86_64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cb1e0972270a3520cae3fe2e9c844f18 libexif-devel-0.5.12-5.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libexif-0.5.12-5.1.src.rpm 371fbbcd2a471d3e8a47ef25743687a4 libexif-0.5.12-5.1.src.rpm i386: da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cf4266f5169a641988d78692862ac123 libexif-devel-0.5.12-5.1.i386.rpm ia64: 063977d8cf3fa8d762876c0b03c628fc libexif-0.5.12-5.1.ia64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm 64adda01f6ee366d3d0648f5aefd8aeb libexif-devel-0.5.12-5.1.ia64.rpm x86_64: 1de5c99dff768c5b1667d838f470b320 libexif-0.5.12-5.1.x86_64.rpm da56dfdd5aff92e12392320572801f28 libexif-0.5.12-5.1.i386.rpm cb1e0972270a3520cae3fe2e9c844f18 libexif-devel-0.5.12-5.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0664 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCPxQOXlSAg2UNWIIRAhWKAJ0TNeS8KhTIR6Ycgzvv8GCiRsblvgCgtnIt zy0qDA8zZyFQs6o0MSaoSoQ= =vgI9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 10:11:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 05:11 -0500 Subject: [RHSA-2005:070-01] Moderate: ImageMagick security update Message-ID: <200503231011.j2NAB4Z16520@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ImageMagick security update Advisory ID: RHSA-2005:070-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-070.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0005 CAN-2005-0397 CAN-2005-0759 CAN-2005-0760 CAN-2005-0761 CAN-2005-0762 - --------------------------------------------------------------------- 1. Summary: Updated ImageMagick packages that fix a heap based buffer overflow are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: ImageMagick is an image display and manipulation tool for the X Window System. Andrei Nigmatulin discovered a heap based buffer overflow flaw in the ImageMagick image handler. An attacker could create a carefully crafted Photoshop Document (PSD) image in such a way that it would cause ImageMagick to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0005 to this issue. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. A bug was found in the way ImageMagick handles TIFF tags. It is possible that a TIFF image file with an invalid tag could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0759 to this issue. A bug was found in ImageMagick's TIFF decoder. It is possible that a specially crafted TIFF image file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0760 to this issue. A bug was found in the way ImageMagick parses PSD files. It is possible that a specially crafted PSD file could cause ImageMagick to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0761 to this issue. A heap overflow bug was found in ImageMagick's SGI parser. It is possible that an attacker could execute arbitrary code by tricking a user into opening a specially crafted SGI image file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0762 to this issue. Users of ImageMagick should upgrade to these updated packages, which contain backported patches, and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 145111 - CAN-2005-0005 buffer overflow in ImageMagick 150185 - CAN-2005-0397 ImageMagick format string flaw 150312 - CAN-2005-0759 Denial of Service in .tiff images with invalid TAG 150315 - CAN-2005-0760 Accessing memory outside of image during decoding of TIFF 150323 - CAN-2005-0761 Bug in parsing PSD files 150327 - CAN-2005-0762 Buffer overflow in SGI parser 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm ia64: de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm 313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm 12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm ia64: de0ab5db6c53da4abc76ef97fd0983ec ImageMagick-5.3.8-10.ia64.rpm dc987dc03c1aba45a59051c59db887e0 ImageMagick-c++-5.3.8-10.ia64.rpm 313eab6adc60421b639c2cf76714f55a ImageMagick-c++-devel-5.3.8-10.ia64.rpm e964030f316ac822f1749352fa38a225 ImageMagick-devel-5.3.8-10.ia64.rpm 12124b283bc60518963483d957f71fb1 ImageMagick-perl-5.3.8-10.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-10.src.rpm 7ea876dd7ef145131e227b93c9477c3c ImageMagick-5.3.8-10.src.rpm i386: e79b17a0964f3242afe48ea977cba811 ImageMagick-5.3.8-10.i386.rpm e613edc5a641b2826a17a014d23b561d ImageMagick-c++-5.3.8-10.i386.rpm 73699f8ab694fc27c901dd4b24c9bbd6 ImageMagick-c++-devel-5.3.8-10.i386.rpm 208653fea7be46c37dedb8f335d9bd29 ImageMagick-devel-5.3.8-10.i386.rpm dfef04e0cc1b1e411a79e67b03b905ac ImageMagick-perl-5.3.8-10.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm ppc: f5c8817d0a4c7cfc309ffc91f88536cf ImageMagick-5.5.6-13.ppc.rpm 9d50784dc7ba6f7442d91d19d4ced50d ImageMagick-5.5.6-13.ppc64.rpm 6ec612e90b6a29e49fc9dad40632e05b ImageMagick-c++-5.5.6-13.ppc.rpm 4307b341167d18b89ec07477044da9cf ImageMagick-c++-5.5.6-13.ppc64.rpm 2a110d90ccf8fe7de4f7c21c95076d8a ImageMagick-c++-devel-5.5.6-13.ppc.rpm b7497b642ca0781a97ada5078d8c82d3 ImageMagick-devel-5.5.6-13.ppc.rpm f50e182783d0fe2a316e44f77813501f ImageMagick-perl-5.5.6-13.ppc.rpm s390: ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm 5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm fa6a3166f01de5e3af7f6dffa4c61378 ImageMagick-c++-devel-5.5.6-13.s390.rpm a4efd895558315a4b37b977c07e392c2 ImageMagick-devel-5.5.6-13.s390.rpm 8ef03012a946a11d29c8990d782f5160 ImageMagick-perl-5.5.6-13.s390.rpm s390x: 29cb46983c1f8e6efe0663b0a2b8a6d4 ImageMagick-5.5.6-13.s390x.rpm ffdc5754ae7f12c66b1f4dba743678df ImageMagick-5.5.6-13.s390.rpm 68fba7343df00dad18bfd44da9fd86fc ImageMagick-c++-5.5.6-13.s390x.rpm 5ab787e7742193fd5ab09d70306afda1 ImageMagick-c++-5.5.6-13.s390.rpm b2856e4eea04fc5113213361ae38e492 ImageMagick-c++-devel-5.5.6-13.s390x.rpm 159972f15e0e249ab2ef742400f7fedd ImageMagick-devel-5.5.6-13.s390x.rpm aabd863febeffaafb913d0513f9152c4 ImageMagick-perl-5.5.6-13.s390x.rpm x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ImageMagick-5.5.6-13.src.rpm c9df74ebf9e921c9a254015e9a60da68 ImageMagick-5.5.6-13.src.rpm i386: e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 571d4b8252cd09388e811dab7b7d420a ImageMagick-c++-devel-5.5.6-13.i386.rpm d52da9fea241e7069834e43870d6e305 ImageMagick-devel-5.5.6-13.i386.rpm 0c410c10953a8641a2c58cdd79590318 ImageMagick-perl-5.5.6-13.i386.rpm ia64: 57266d92716e2e72c4758df06c7078b1 ImageMagick-5.5.6-13.ia64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm 97caf495f60b7d27b2da35e17d91b806 ImageMagick-c++-5.5.6-13.ia64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 439e8b7a4c60e7a8d3f21438aa400667 ImageMagick-c++-devel-5.5.6-13.ia64.rpm 50f8e9f478f5888153ddc4a5542250b0 ImageMagick-devel-5.5.6-13.ia64.rpm 99c88878747e363fcb12ba1edb15bb76 ImageMagick-perl-5.5.6-13.ia64.rpm x86_64: d4e3cfc3f690b5f0a96660eb8f15857f ImageMagick-5.5.6-13.x86_64.rpm e96c043b59ad808214398d62765884b3 ImageMagick-5.5.6-13.i386.rpm aabcec7ef0e8545b170a86246114bc64 ImageMagick-c++-5.5.6-13.x86_64.rpm ca5a5de88dbce63e4b68d0813dd0aa0b ImageMagick-c++-5.5.6-13.i386.rpm 70e707a934f7c674180d144dc54750c7 ImageMagick-c++-devel-5.5.6-13.x86_64.rpm 3a17b125eb8909661f2d0790c788cf4b ImageMagick-devel-5.5.6-13.x86_64.rpm 9581f193326fb69a826aba2db00c6d98 ImageMagick-perl-5.5.6-13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0759 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0761 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0762 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQUC1XlSAg2UNWIIRAruBAJ0bjRd+wfQqpRMYNLLOMFUQzHbNcACgm20t +RsvoFnqnvaPCMpBvZA3BKg= =0KrU -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 10:11:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 05:11 -0500 Subject: [RHSA-2005:232-01] Moderate: ipsec-tools security update Message-ID: <200503231011.j2NABSZ16583@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ipsec-tools security update Advisory ID: RHSA-2005:232-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-232.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0398 - --------------------------------------------------------------------- 1. Summary: An updated ipsec-tools package that fixes a bug in parsing of ISAKMP headers is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The ipsec-tools package includes: - - setkey, a program to directly manipulate policies and SAs - - racoon, an IKEv1 keying daemon A bug was found in the way the racoon daemon handled incoming ISAKMP requests. It is possible that an attacker could crash the racoon daemon by sending a specially crafted ISAKMP packet. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0398 to this issue. Additionally, the following issues have been fixed: - - racoon mishandled restarts in the presence of stale administration sockets. - - on Red Hat Enterprise Linux 4, racoon and setkey did not properly set up forward policies, which prevented tunnels from working. Users of ipsec-tools should upgrade to this updated package, which contains backported patches, and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 145531 - EMBARGOED CAN-2005-0398 multiple issues with racoon 145535 - EMBARGOED CAN-2005-0398 multiple issues with racoon 148950 - racoon unable to start with stale socket /tmp/.racoon 150179 - ipsec/racoon/setkey does not properly forward packets to vpn peer 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ipsec-tools-0.2.5-0.7.src.rpm 04fc5b942ed112aa3d8ecd3e6e527e87 ipsec-tools-0.2.5-0.7.src.rpm i386: 55373f7613bd894b051137eca8c799fb ipsec-tools-0.2.5-0.7.i386.rpm ia64: b646a3cc587fbc09f357fc034a023b50 ipsec-tools-0.2.5-0.7.ia64.rpm ppc: 429e2466025454529bd6c5db6dac8463 ipsec-tools-0.2.5-0.7.ppc.rpm s390: fbfda4852a54348abcd7d7e474195782 ipsec-tools-0.2.5-0.7.s390.rpm s390x: 39fef41381e2bb472937ba83aaa956af ipsec-tools-0.2.5-0.7.s390x.rpm x86_64: 4335033d7b3726c4ce1ff9a51747756a ipsec-tools-0.2.5-0.7.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ipsec-tools-0.2.5-0.7.src.rpm 04fc5b942ed112aa3d8ecd3e6e527e87 ipsec-tools-0.2.5-0.7.src.rpm i386: 55373f7613bd894b051137eca8c799fb ipsec-tools-0.2.5-0.7.i386.rpm x86_64: 4335033d7b3726c4ce1ff9a51747756a ipsec-tools-0.2.5-0.7.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ipsec-tools-0.2.5-0.7.src.rpm 04fc5b942ed112aa3d8ecd3e6e527e87 ipsec-tools-0.2.5-0.7.src.rpm i386: 55373f7613bd894b051137eca8c799fb ipsec-tools-0.2.5-0.7.i386.rpm ia64: b646a3cc587fbc09f357fc034a023b50 ipsec-tools-0.2.5-0.7.ia64.rpm x86_64: 4335033d7b3726c4ce1ff9a51747756a ipsec-tools-0.2.5-0.7.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ipsec-tools-0.2.5-0.7.src.rpm 04fc5b942ed112aa3d8ecd3e6e527e87 ipsec-tools-0.2.5-0.7.src.rpm i386: 55373f7613bd894b051137eca8c799fb ipsec-tools-0.2.5-0.7.i386.rpm ia64: b646a3cc587fbc09f357fc034a023b50 ipsec-tools-0.2.5-0.7.ia64.rpm x86_64: 4335033d7b3726c4ce1ff9a51747756a ipsec-tools-0.2.5-0.7.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ipsec-tools-0.3.3-6.src.rpm 6d465bb4084c165d8471ae457a1627d8 ipsec-tools-0.3.3-6.src.rpm i386: 5e608be5a2d36e626451905cdca79252 ipsec-tools-0.3.3-6.i386.rpm ia64: eb21e0073264ad7010a2b5a4e66538e9 ipsec-tools-0.3.3-6.ia64.rpm ppc: f99ca70bb00a40ea4d4d5fc4397ad953 ipsec-tools-0.3.3-6.ppc.rpm s390: f4d588f28fcdb8a543a556a0712ab627 ipsec-tools-0.3.3-6.s390.rpm s390x: 4c65730a3848f3ac85db031c33de24a9 ipsec-tools-0.3.3-6.s390x.rpm x86_64: 18fbd03935536494294326a7b1895ff6 ipsec-tools-0.3.3-6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ipsec-tools-0.3.3-6.src.rpm 6d465bb4084c165d8471ae457a1627d8 ipsec-tools-0.3.3-6.src.rpm i386: 5e608be5a2d36e626451905cdca79252 ipsec-tools-0.3.3-6.i386.rpm x86_64: 18fbd03935536494294326a7b1895ff6 ipsec-tools-0.3.3-6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ipsec-tools-0.3.3-6.src.rpm 6d465bb4084c165d8471ae457a1627d8 ipsec-tools-0.3.3-6.src.rpm i386: 5e608be5a2d36e626451905cdca79252 ipsec-tools-0.3.3-6.i386.rpm ia64: eb21e0073264ad7010a2b5a4e66538e9 ipsec-tools-0.3.3-6.ia64.rpm x86_64: 18fbd03935536494294326a7b1895ff6 ipsec-tools-0.3.3-6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ipsec-tools-0.3.3-6.src.rpm 6d465bb4084c165d8471ae457a1627d8 ipsec-tools-0.3.3-6.src.rpm i386: 5e608be5a2d36e626451905cdca79252 ipsec-tools-0.3.3-6.i386.rpm ia64: eb21e0073264ad7010a2b5a4e66538e9 ipsec-tools-0.3.3-6.ia64.rpm x86_64: 18fbd03935536494294326a7b1895ff6 ipsec-tools-0.3.3-6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQUDIXlSAg2UNWIIRAsSvAJ9RPtm7MOYA7lTWx3oyVWMwQ7L7vACgrVR0 8yxFngihwUZqrxi72MARFZk= =r8uT -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 10:12:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 05:12 -0500 Subject: [RHSA-2005:320-01] Moderate: ImageMagick security update Message-ID: <200503231012.j2NAC5Z16603@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ImageMagick security update Advisory ID: RHSA-2005:320-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-320.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0397 - --------------------------------------------------------------------- 1. Summary: Updated ImageMagick packages that fix a format string bug are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: ImageMagick(TM) is an image display and manipulation tool for the X Window System which can read and write multiple image formats. A format string bug was found in the way ImageMagick handles filenames. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a file with a specially crafted name. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0397 to this issue. Additionally, a bug was fixed which caused ImageMagick(TM) to occasionally segfault when writing TIFF images to standard output. Users of ImageMagick should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 142045 - Segmentation fault on conversion to TIFF (possible libtiff bug) 150185 - CAN-2005-0397 ImageMagick format string flaw 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-10.src.rpm 983a85a6a04cd419b211542237f624fd ImageMagick-6.0.7.1-10.src.rpm i386: c49a75c5604dc6c91dd7644d5f8f1317 ImageMagick-6.0.7.1-10.i386.rpm 703a14542bc4d191d1e8e4eabdb12c7f ImageMagick-c++-6.0.7.1-10.i386.rpm 2f7c6aaff730080c5df1a0e5a81fd4c7 ImageMagick-c++-devel-6.0.7.1-10.i386.rpm c2b40c33bdc90235538bc40e14b293f9 ImageMagick-devel-6.0.7.1-10.i386.rpm 6f8508bdf55102434b3d734e66a0e8f3 ImageMagick-perl-6.0.7.1-10.i386.rpm ia64: 001bda657397f288044e64e0bc05b70b ImageMagick-6.0.7.1-10.ia64.rpm 7d931c803bc50137ce838b4abcbd2429 ImageMagick-c++-6.0.7.1-10.ia64.rpm 4a305e0d3d43b5c4819577d52cb3665b ImageMagick-c++-devel-6.0.7.1-10.ia64.rpm 2a86fc9da66f0e6d0e96b3069ca2a657 ImageMagick-devel-6.0.7.1-10.ia64.rpm a2604e4a1e0e05077e4710a73beeb4c0 ImageMagick-perl-6.0.7.1-10.ia64.rpm ppc: 12be580ec878b85766fb395b12594ef3 ImageMagick-6.0.7.1-10.ppc.rpm 0231e95c9d3d20a4ec33bb840f6b95c0 ImageMagick-c++-6.0.7.1-10.ppc.rpm 73d33cc0070d616f04fcc30dddf98db7 ImageMagick-c++-devel-6.0.7.1-10.ppc.rpm 0775ecaf973f9985e195d7d088e3a342 ImageMagick-devel-6.0.7.1-10.ppc.rpm e59efdba147068fdec313afef97dcb5b ImageMagick-perl-6.0.7.1-10.ppc.rpm s390: dcbb2aedbc432f9291314079a4c2ff7d ImageMagick-6.0.7.1-10.s390.rpm 4745e6e2e665afbc7b1cac91cddbbc9d ImageMagick-c++-6.0.7.1-10.s390.rpm 2c4f816ab3892f6914986b2217e2c73e ImageMagick-c++-devel-6.0.7.1-10.s390.rpm 67adaba9d191ede734f758aec0cd9b5c ImageMagick-devel-6.0.7.1-10.s390.rpm 2a9a4922e589877e70e2c2e918b05b0f ImageMagick-perl-6.0.7.1-10.s390.rpm s390x: 6dea39358712b8575da76e27ff671924 ImageMagick-6.0.7.1-10.s390x.rpm 7e6df039cba4a3cf7fbf5b550dd7a4d1 ImageMagick-c++-6.0.7.1-10.s390x.rpm 87f2a92001e88334cf6f55e82e54529a ImageMagick-c++-devel-6.0.7.1-10.s390x.rpm 377ad1d4145efd9ae1556f7498564d4d ImageMagick-devel-6.0.7.1-10.s390x.rpm b55a7bf0fe172df9936f3628722fc14e ImageMagick-perl-6.0.7.1-10.s390x.rpm x86_64: 672a0fe5f9ba36d3a5398262a2ab4339 ImageMagick-6.0.7.1-10.x86_64.rpm 409c209e120fa43e39c33cacda54c917 ImageMagick-c++-6.0.7.1-10.x86_64.rpm 70aaee17027423dcc49895e31889741f ImageMagick-c++-devel-6.0.7.1-10.x86_64.rpm db06e770f7f2b943a0ec9a368adc5fa9 ImageMagick-devel-6.0.7.1-10.x86_64.rpm c144f3cbc8398fda48fac46e2faadeb7 ImageMagick-perl-6.0.7.1-10.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-10.src.rpm 983a85a6a04cd419b211542237f624fd ImageMagick-6.0.7.1-10.src.rpm i386: c49a75c5604dc6c91dd7644d5f8f1317 ImageMagick-6.0.7.1-10.i386.rpm 703a14542bc4d191d1e8e4eabdb12c7f ImageMagick-c++-6.0.7.1-10.i386.rpm 2f7c6aaff730080c5df1a0e5a81fd4c7 ImageMagick-c++-devel-6.0.7.1-10.i386.rpm c2b40c33bdc90235538bc40e14b293f9 ImageMagick-devel-6.0.7.1-10.i386.rpm 6f8508bdf55102434b3d734e66a0e8f3 ImageMagick-perl-6.0.7.1-10.i386.rpm x86_64: 672a0fe5f9ba36d3a5398262a2ab4339 ImageMagick-6.0.7.1-10.x86_64.rpm 409c209e120fa43e39c33cacda54c917 ImageMagick-c++-6.0.7.1-10.x86_64.rpm 70aaee17027423dcc49895e31889741f ImageMagick-c++-devel-6.0.7.1-10.x86_64.rpm db06e770f7f2b943a0ec9a368adc5fa9 ImageMagick-devel-6.0.7.1-10.x86_64.rpm c144f3cbc8398fda48fac46e2faadeb7 ImageMagick-perl-6.0.7.1-10.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-10.src.rpm 983a85a6a04cd419b211542237f624fd ImageMagick-6.0.7.1-10.src.rpm i386: c49a75c5604dc6c91dd7644d5f8f1317 ImageMagick-6.0.7.1-10.i386.rpm 703a14542bc4d191d1e8e4eabdb12c7f ImageMagick-c++-6.0.7.1-10.i386.rpm 2f7c6aaff730080c5df1a0e5a81fd4c7 ImageMagick-c++-devel-6.0.7.1-10.i386.rpm c2b40c33bdc90235538bc40e14b293f9 ImageMagick-devel-6.0.7.1-10.i386.rpm 6f8508bdf55102434b3d734e66a0e8f3 ImageMagick-perl-6.0.7.1-10.i386.rpm ia64: 001bda657397f288044e64e0bc05b70b ImageMagick-6.0.7.1-10.ia64.rpm 7d931c803bc50137ce838b4abcbd2429 ImageMagick-c++-6.0.7.1-10.ia64.rpm 4a305e0d3d43b5c4819577d52cb3665b ImageMagick-c++-devel-6.0.7.1-10.ia64.rpm 2a86fc9da66f0e6d0e96b3069ca2a657 ImageMagick-devel-6.0.7.1-10.ia64.rpm a2604e4a1e0e05077e4710a73beeb4c0 ImageMagick-perl-6.0.7.1-10.ia64.rpm x86_64: 672a0fe5f9ba36d3a5398262a2ab4339 ImageMagick-6.0.7.1-10.x86_64.rpm 409c209e120fa43e39c33cacda54c917 ImageMagick-c++-6.0.7.1-10.x86_64.rpm 70aaee17027423dcc49895e31889741f ImageMagick-c++-devel-6.0.7.1-10.x86_64.rpm db06e770f7f2b943a0ec9a368adc5fa9 ImageMagick-devel-6.0.7.1-10.x86_64.rpm c144f3cbc8398fda48fac46e2faadeb7 ImageMagick-perl-6.0.7.1-10.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-10.src.rpm 983a85a6a04cd419b211542237f624fd ImageMagick-6.0.7.1-10.src.rpm i386: c49a75c5604dc6c91dd7644d5f8f1317 ImageMagick-6.0.7.1-10.i386.rpm 703a14542bc4d191d1e8e4eabdb12c7f ImageMagick-c++-6.0.7.1-10.i386.rpm 2f7c6aaff730080c5df1a0e5a81fd4c7 ImageMagick-c++-devel-6.0.7.1-10.i386.rpm c2b40c33bdc90235538bc40e14b293f9 ImageMagick-devel-6.0.7.1-10.i386.rpm 6f8508bdf55102434b3d734e66a0e8f3 ImageMagick-perl-6.0.7.1-10.i386.rpm ia64: 001bda657397f288044e64e0bc05b70b ImageMagick-6.0.7.1-10.ia64.rpm 7d931c803bc50137ce838b4abcbd2429 ImageMagick-c++-6.0.7.1-10.ia64.rpm 4a305e0d3d43b5c4819577d52cb3665b ImageMagick-c++-devel-6.0.7.1-10.ia64.rpm 2a86fc9da66f0e6d0e96b3069ca2a657 ImageMagick-devel-6.0.7.1-10.ia64.rpm a2604e4a1e0e05077e4710a73beeb4c0 ImageMagick-perl-6.0.7.1-10.ia64.rpm x86_64: 672a0fe5f9ba36d3a5398262a2ab4339 ImageMagick-6.0.7.1-10.x86_64.rpm 409c209e120fa43e39c33cacda54c917 ImageMagick-c++-6.0.7.1-10.x86_64.rpm 70aaee17027423dcc49895e31889741f ImageMagick-c++-devel-6.0.7.1-10.x86_64.rpm db06e770f7f2b943a0ec9a368adc5fa9 ImageMagick-devel-6.0.7.1-10.x86_64.rpm c144f3cbc8398fda48fac46e2faadeb7 ImageMagick-perl-6.0.7.1-10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0397 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQUDmXlSAg2UNWIIRAg8ZAKCffK5dfZ0jV36Vckkj9aZBlRp5mwCgoY1V /E7+3tpNFs312jjL2izBqmQ= =+tXl -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 10:21:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 05:21 -0500 Subject: [RHSA-2005:325-01] Important: kdelibs security update Message-ID: <200503231021.j2NALrZ16995@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kdelibs security update Advisory ID: RHSA-2005:325-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-325.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0237 CAN-2005-0365 CAN-2005-0396 - --------------------------------------------------------------------- 1. Summary: Updated kdelibs packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdelibs package provides libraries for the K Desktop Environment. The International Domain Name (IDN) support in the Konqueror browser allowed remote attackers to spoof domain names using punycode encoded domain names. Such domain names are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0237 to this issue. Sebastian Krahmer discovered a flaw in dcopserver, the KDE Desktop Communication Protocol (DCOP) daemon. A local user could use this flaw to stall the DCOP authentication process, affecting any local desktop users and causing a reduction in their desktop functionality. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0396 to this issue. A flaw in the dcopidlng script was discovered. The dcopidlng script would create temporary files with predictable filenames which could allow local users to overwrite arbitrary files via a symlink attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0365 to this issue. Users of KDE should upgrade to these erratum packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 147405 - CAN-2005-0237 homograph spoofing 148822 - CAN-2005-0365 dcopidlng insecure temporary file usage 150090 - CAN-2005-0396 kdelibs DCOP DoS 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-3.6.src.rpm 6ccf8717107ecc6d72b35704aaa9e07e kdelibs-3.3.1-3.6.src.rpm i386: 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 1af694976c9994ff3bc42b04ed122684 kdelibs-devel-3.3.1-3.6.i386.rpm ia64: aeac4b10cefa2eb651331da7d7543688 kdelibs-3.3.1-3.6.ia64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 86c14fcc2971949ae7d2bf6d4dc64ceb kdelibs-devel-3.3.1-3.6.ia64.rpm ppc: d7b5bea6a04c878784dcbf7753cd0b41 kdelibs-3.3.1-3.6.ppc.rpm b42f3377c51e8de4370f41daec826078 kdelibs-3.3.1-3.6.ppc64.rpm 63f50dac91194f9964f7c6cfad306be5 kdelibs-devel-3.3.1-3.6.ppc.rpm s390: 69622bbacd11c294bd01e98434a5b13b kdelibs-3.3.1-3.6.s390.rpm e54406f8e75005d869539b701bddbe4f kdelibs-devel-3.3.1-3.6.s390.rpm s390x: 6898fa8e5397b0c634a88f09872cd348 kdelibs-3.3.1-3.6.s390x.rpm 69622bbacd11c294bd01e98434a5b13b kdelibs-3.3.1-3.6.s390.rpm 65d18f1af50501dd67c477ea4e1fc3a5 kdelibs-devel-3.3.1-3.6.s390x.rpm x86_64: 1a99bb1ca25663786baca88582364276 kdelibs-3.3.1-3.6.x86_64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 918fbe7a0df8853c16213e9cc85311ca kdelibs-devel-3.3.1-3.6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-3.6.src.rpm 6ccf8717107ecc6d72b35704aaa9e07e kdelibs-3.3.1-3.6.src.rpm i386: 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 1af694976c9994ff3bc42b04ed122684 kdelibs-devel-3.3.1-3.6.i386.rpm x86_64: 1a99bb1ca25663786baca88582364276 kdelibs-3.3.1-3.6.x86_64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 918fbe7a0df8853c16213e9cc85311ca kdelibs-devel-3.3.1-3.6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-3.6.src.rpm 6ccf8717107ecc6d72b35704aaa9e07e kdelibs-3.3.1-3.6.src.rpm i386: 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 1af694976c9994ff3bc42b04ed122684 kdelibs-devel-3.3.1-3.6.i386.rpm ia64: aeac4b10cefa2eb651331da7d7543688 kdelibs-3.3.1-3.6.ia64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 86c14fcc2971949ae7d2bf6d4dc64ceb kdelibs-devel-3.3.1-3.6.ia64.rpm x86_64: 1a99bb1ca25663786baca88582364276 kdelibs-3.3.1-3.6.x86_64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 918fbe7a0df8853c16213e9cc85311ca kdelibs-devel-3.3.1-3.6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-3.6.src.rpm 6ccf8717107ecc6d72b35704aaa9e07e kdelibs-3.3.1-3.6.src.rpm i386: 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 1af694976c9994ff3bc42b04ed122684 kdelibs-devel-3.3.1-3.6.i386.rpm ia64: aeac4b10cefa2eb651331da7d7543688 kdelibs-3.3.1-3.6.ia64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 86c14fcc2971949ae7d2bf6d4dc64ceb kdelibs-devel-3.3.1-3.6.ia64.rpm x86_64: 1a99bb1ca25663786baca88582364276 kdelibs-3.3.1-3.6.x86_64.rpm 105b9b5875503e735f0ee528b98b503b kdelibs-3.3.1-3.6.i386.rpm 918fbe7a0df8853c16213e9cc85311ca kdelibs-devel-3.3.1-3.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.kde.org/info/security/advisory-20050316-3.txt http://www.kde.org/info/security/advisory-20050316-2.txt http://www.kde.org/info/security/advisory-20050316-1.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0365 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0396 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQUMrXlSAg2UNWIIRAprFAJ9hFjKtSzbyo6Cbaw6RN3qfn88ynQCdEWVf nawkiiiGU7S7FC69F0FKeXE= =iav2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 19:32:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 14:32 -0500 Subject: [RHSA-2005:323-01] Critical: mozilla security update Message-ID: <200503231932.j2NJW3Z17701@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: mozilla security update Advisory ID: RHSA-2005:323-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-323.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-0906 CAN-2004-1380 CAN-2004-1613 CAN-2005-0141 CAN-2005-0144 CAN-2005-0147 CAN-2005-0149 CAN-2005-0232 CAN-2005-0399 - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1380 to this issue. A bug was found in the way Firefox allowed plug-ins to load privileged content into a frame. It is possible that a malicious webpage could trick a user into clicking in certain places to modify configuration settings or execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0232 to this issue. A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0149 to this issue. A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0147 to this issue. A bug was found in the way Mozilla handles certain start tags followed by a NULL character. A malicious web page could cause Mozilla to crash when viewed by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1613 to this issue. A bug was found in the way Mozilla sets file permissions when installing XPI packages. It is possible for an XPI package to install some files world readable or writable, allowing a malicious local user to steal information or execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0906 to this issue. A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0141 to this issue. A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0144 to this issue. Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.4.4 and additional backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 145597 - CAN-2005-0141 Link opened in new tab can load a local file 145609 - CAN-2005-0144 Secure site lock can be spoofed with view-source: 145610 - CAN-2004-1380 Input stealing from other tabs (CAN-2004-1381) 145614 - CAN-2005-0147 Browser responds to proxy auth request from non-proxy server (ssl/https) 145615 - CAN-2005-0149 Mail responds to cookie requests 151209 - 151492 - CAN-2004-1613 Mozilla start tag NULL character DoS 151494 - CAN-2004-0906 Mozilla XPI installer insecure file creation 151496 - CAN-2005-0232 fireflashing vulnerability (CAN-2005-0527) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm 492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm i386: 640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm 6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm 1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm 26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm 53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm 38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm 6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm ia64: 32ad65318604c36cf95b25f2124ec223 galeon-1.2.13-6.2.1.ia64.rpm 6cb59d01995e11204ab23a54568c9f9f mozilla-1.4.4-1.2.3.ia64.rpm 1f25d7f9d3c80cade1f8efd8b0ee98b7 mozilla-chat-1.4.4-1.2.3.ia64.rpm 01cc33ec4c371a843a411ac869f94ca0 mozilla-devel-1.4.4-1.2.3.ia64.rpm 5d779ebb2e5dab692710ca931fed6f79 mozilla-dom-inspector-1.4.4-1.2.3.ia64.rpm 2fc3624b90c331946afdf14352711f27 mozilla-js-debugger-1.4.4-1.2.3.ia64.rpm e20163a2bc4cb9237735bebb5949bd09 mozilla-mail-1.4.4-1.2.3.ia64.rpm 280721615940ff5cf20592b0aff50cd3 mozilla-nspr-1.4.4-1.2.3.ia64.rpm dedc936c50f2d93712a1a85ed391fb49 mozilla-nspr-devel-1.4.4-1.2.3.ia64.rpm bb0524cc191752bbd6c1e4380d978640 mozilla-nss-1.4.4-1.2.3.ia64.rpm 62c1a1ebb38cc6374697247699c121df mozilla-nss-devel-1.4.4-1.2.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm 492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm ia64: 32ad65318604c36cf95b25f2124ec223 galeon-1.2.13-6.2.1.ia64.rpm 6cb59d01995e11204ab23a54568c9f9f mozilla-1.4.4-1.2.3.ia64.rpm 1f25d7f9d3c80cade1f8efd8b0ee98b7 mozilla-chat-1.4.4-1.2.3.ia64.rpm 01cc33ec4c371a843a411ac869f94ca0 mozilla-devel-1.4.4-1.2.3.ia64.rpm 5d779ebb2e5dab692710ca931fed6f79 mozilla-dom-inspector-1.4.4-1.2.3.ia64.rpm 2fc3624b90c331946afdf14352711f27 mozilla-js-debugger-1.4.4-1.2.3.ia64.rpm e20163a2bc4cb9237735bebb5949bd09 mozilla-mail-1.4.4-1.2.3.ia64.rpm 280721615940ff5cf20592b0aff50cd3 mozilla-nspr-1.4.4-1.2.3.ia64.rpm dedc936c50f2d93712a1a85ed391fb49 mozilla-nspr-devel-1.4.4-1.2.3.ia64.rpm bb0524cc191752bbd6c1e4380d978640 mozilla-nss-1.4.4-1.2.3.ia64.rpm 62c1a1ebb38cc6374697247699c121df mozilla-nss-devel-1.4.4-1.2.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm 492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm i386: 640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm 6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm 1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm 26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm 53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm 38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm 6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.13-6.2.1.src.rpm bfa6d2b47049ca23b8b8b320749b7ea2 galeon-1.2.13-6.2.1.src.rpm ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.4.4-1.2.3.src.rpm 492ba66de02ce249a94226f7da5cb1a8 mozilla-1.4.4-1.2.3.src.rpm i386: 640ead171aa0fc4cdf6367e63df5652c galeon-1.2.13-6.2.1.i386.rpm 6f3df40d9ceea897b0b4d6bbcf08f32f mozilla-1.4.4-1.2.3.i386.rpm 1b885fa495058785d4d726c52119ef6e mozilla-chat-1.4.4-1.2.3.i386.rpm af7ed1e862811a591b6d70df4c21ee95 mozilla-devel-1.4.4-1.2.3.i386.rpm ae51fad443b9f7f86019f9da87534499 mozilla-dom-inspector-1.4.4-1.2.3.i386.rpm b5f9b2fd48e520c0548024f062d3be4a mozilla-js-debugger-1.4.4-1.2.3.i386.rpm 26f5a720479169d6ee2618a1df2876cf mozilla-mail-1.4.4-1.2.3.i386.rpm 53988d7daa3f6b92dbbf8a4638fde336 mozilla-nspr-1.4.4-1.2.3.i386.rpm fd1a43ab2e3dfa370989a2806ee7fa10 mozilla-nspr-devel-1.4.4-1.2.3.i386.rpm 38851672d0ec94d06447bf082cf58d96 mozilla-nss-1.4.4-1.2.3.i386.rpm 6e826549e1c1526af249034bd6c3de26 mozilla-nss-devel-1.4.4-1.2.3.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm 56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm i386: d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm 750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm 98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm 02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm ia64: 0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm 44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm 482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm 532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm 80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm 604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm ppc: 696f7f714ea9bf4e9c85aa76fb05fc43 mozilla-1.4.4-1.3.5.ppc.rpm e633b0cc0581ba5cb69307dd7c1d3501 mozilla-chat-1.4.4-1.3.5.ppc.rpm 94a938d734de1cca883de9d442b9cf48 mozilla-devel-1.4.4-1.3.5.ppc.rpm c7b55219bf541e824163e816eeba3d72 mozilla-dom-inspector-1.4.4-1.3.5.ppc.rpm 08b74fe5d8232682ce1f35a0cf75e88e mozilla-js-debugger-1.4.4-1.3.5.ppc.rpm 0343e582869923b903ed7ae8d56e017a mozilla-mail-1.4.4-1.3.5.ppc.rpm ab2df03107e250927edfc3cba6691545 mozilla-nspr-1.4.4-1.3.5.ppc.rpm b2da2cdfeb834c96805884424791100e mozilla-nspr-devel-1.4.4-1.3.5.ppc.rpm ec1ecbe8ca70613e62bfdbbedf079baf mozilla-nss-1.4.4-1.3.5.ppc.rpm ba0a5df973bc99840589cddfb616e8ad mozilla-nss-devel-1.4.4-1.3.5.ppc.rpm s390: 69c69d46957f35f9569ffbed352e14f6 mozilla-1.4.4-1.3.5.s390.rpm 63180be7a03aad0ca5522eadb7ff1400 mozilla-chat-1.4.4-1.3.5.s390.rpm b9610f2d1ff6aa38c02cfaad1470f83e mozilla-devel-1.4.4-1.3.5.s390.rpm 13113afec61e781a5b610e2a04456297 mozilla-dom-inspector-1.4.4-1.3.5.s390.rpm 5a30f4a136abc86024480c40dfadeb6a mozilla-js-debugger-1.4.4-1.3.5.s390.rpm c1f3021e4a7c3dcd2acda6a7e5887c54 mozilla-mail-1.4.4-1.3.5.s390.rpm d324540741c273908a4a00936dbd59b1 mozilla-nspr-1.4.4-1.3.5.s390.rpm e2d51cbdc8f6fdbf514c1a5be547c8df mozilla-nspr-devel-1.4.4-1.3.5.s390.rpm 9db13f5be1e758119e136db280f71527 mozilla-nss-1.4.4-1.3.5.s390.rpm d947f511e8a48536fd2b06ee53a4cabb mozilla-nss-devel-1.4.4-1.3.5.s390.rpm s390x: ff3936f6df6c69f5125ed9f2b2030cc5 mozilla-1.4.4-1.3.5.s390x.rpm a462bb974a53dd44a3e894b6b343ac7e mozilla-chat-1.4.4-1.3.5.s390x.rpm ff84589153c55746448ea1bf219f27ce mozilla-devel-1.4.4-1.3.5.s390x.rpm 99bf1ba3f5a7ecdb5723f0d8e869414b mozilla-dom-inspector-1.4.4-1.3.5.s390x.rpm 407ddbbeb04586281f8ffcdbba602d0b mozilla-js-debugger-1.4.4-1.3.5.s390x.rpm 4472d0efc6042c1ef09219f3952eb942 mozilla-mail-1.4.4-1.3.5.s390x.rpm c9b3244b5f18e625cbcd5e8e78c4a655 mozilla-nspr-1.4.4-1.3.5.s390x.rpm d324540741c273908a4a00936dbd59b1 mozilla-nspr-1.4.4-1.3.5.s390.rpm 090e7e4d9e68ee705d8f91e31bfd82b3 mozilla-nspr-devel-1.4.4-1.3.5.s390x.rpm 8d903c5aa0038c9c241eac3e37e99335 mozilla-nss-1.4.4-1.3.5.s390x.rpm 9db13f5be1e758119e136db280f71527 mozilla-nss-1.4.4-1.3.5.s390.rpm dcc2b2d9dc3499d7235eed6473c6a7fb mozilla-nss-devel-1.4.4-1.3.5.s390x.rpm x86_64: d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm 7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm 663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm 747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm 72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm 56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm i386: d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm 750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm 98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm 02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm x86_64: d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm 7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm 663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm 747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm 72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm 56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm i386: d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm 750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm 98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm 02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm ia64: 0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm 44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm 482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm 532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm 80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm 604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm x86_64: d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm 7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm 663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm 747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm 72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.4.4-1.3.5.src.rpm 56deb276290446e580ffd03b99f00a36 mozilla-1.4.4-1.3.5.src.rpm i386: d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 324e811245840ab2ec24307a4d0e7256 mozilla-chat-1.4.4-1.3.5.i386.rpm 750a4982a9eb9094a65ada2c00caa4a1 mozilla-devel-1.4.4-1.3.5.i386.rpm 98b5256945b2da77115f9a1332222b2e mozilla-dom-inspector-1.4.4-1.3.5.i386.rpm 02de930daf3662e48bbe40fef64ede15 mozilla-js-debugger-1.4.4-1.3.5.i386.rpm bc76919e0e6cbbb9d6e3af1d8890ffa9 mozilla-mail-1.4.4-1.3.5.i386.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 0a92c035db2cabb1d9bcdf6d14e766ac mozilla-nspr-devel-1.4.4-1.3.5.i386.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 17510499ca4880110cfdb82924a791a7 mozilla-nss-devel-1.4.4-1.3.5.i386.rpm ia64: 0d7d91dad11ae959d141d18ea19b079c mozilla-1.4.4-1.3.5.ia64.rpm fbd29b9381da91a7425c4c1534d7726f mozilla-chat-1.4.4-1.3.5.ia64.rpm 44edbce53caa6cd7e182232209c5d40b mozilla-devel-1.4.4-1.3.5.ia64.rpm 482435ed8f2a040e2ec0326909fae3c3 mozilla-dom-inspector-1.4.4-1.3.5.ia64.rpm 532d2fd41430b9455bc3188be7c637c2 mozilla-js-debugger-1.4.4-1.3.5.ia64.rpm 80db174298676c72b910f8c81c2405c3 mozilla-mail-1.4.4-1.3.5.ia64.rpm f40ffd6e3a1aeee6879ddf049060b151 mozilla-nspr-1.4.4-1.3.5.ia64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 03ca5f59bac9685b1eed7870c9f3a5a1 mozilla-nspr-devel-1.4.4-1.3.5.ia64.rpm 604b09728acd2bd90c2331cefd1b6ed0 mozilla-nss-1.4.4-1.3.5.ia64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm d328d20773f0af370f89a0113844557d mozilla-nss-devel-1.4.4-1.3.5.ia64.rpm x86_64: d7497f99749a268d76820f09af460174 mozilla-1.4.4-1.3.5.x86_64.rpm d3b673160835e792151148f10fda5ed6 mozilla-1.4.4-1.3.5.i386.rpm 3315e273014d7dc28d8363e4e140eca6 mozilla-chat-1.4.4-1.3.5.x86_64.rpm 7841d99372a61f3432a98745f707dff9 mozilla-devel-1.4.4-1.3.5.x86_64.rpm c7b97fae2a4427bca52878168c0bac31 mozilla-dom-inspector-1.4.4-1.3.5.x86_64.rpm f2377c82623e615338b916d1e18d2138 mozilla-js-debugger-1.4.4-1.3.5.x86_64.rpm 663be710f1808de2112010ae65018f61 mozilla-mail-1.4.4-1.3.5.x86_64.rpm 747dc266316d11a04692801353e41ac5 mozilla-nspr-1.4.4-1.3.5.x86_64.rpm 2ed41ea030dad2f34bf005ab71d1f7a7 mozilla-nspr-1.4.4-1.3.5.i386.rpm 94a2afad4561d6d18271bfe4d9b1f1db mozilla-nspr-devel-1.4.4-1.3.5.x86_64.rpm 72005829614f14512916a5e4e1044cff mozilla-nss-1.4.4-1.3.5.x86_64.rpm 140ff2ec99a45e891adfa52c799a1a79 mozilla-nss-1.4.4-1.3.5.i386.rpm 6c7c2e51226bde6c1484290e21ed1e14 mozilla-nss-devel-1.4.4-1.3.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0141 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0147 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0149 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0232 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQcQtXlSAg2UNWIIRAg9mAJ0T+nLXBdRjgJfJYTwUQxx4pVsA7ACeMzDk FsQmZHXhbe4lHygqQLwEqwo= =nd1R -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 19:32:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 14:32 -0500 Subject: [RHSA-2005:335-01] Critical: mozilla security update Message-ID: <200503231932.j2NJWRZ17718@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: mozilla security update Advisory ID: RHSA-2005:335-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-335.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1380 CAN-2005-0141 CAN-2005-0142 CAN-2005-0143 CAN-2005-0144 CAN-2005-0146 CAN-2005-0149 CAN-2005-0399 CAN-2005-0401 - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. A buffer overflow bug was found in the way Mozilla processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Mozilla responds to proxy auth requests. It is possible for a malicious webserver to steal credentials from a victims browser by issuing a 407 proxy authentication request. (CAN-2005-0147) A bug was found in the way Mozilla displays dialog windows. It is possible that a malicious web page which is being displayed in a background tab could present the user with a dialog window appearing to come from the active page. (CAN-2004-1380) A bug was found in the way Mozilla Mail handles cookies when loading content over HTTP regardless of the user's preference. It is possible that a particular user could be tracked through the use of malicious mail messages which load content over HTTP. (CAN-2005-0149) A flaw was found in the way Firefox displays international domain names. It is possible for an attacker to display a valid URL, tricking the user into thinking they are viewing a legitimate webpage when they are not. (CAN-2005-0233) A bug was found in the way Firefox handles pop-up windows. It is possible for a malicious website to control the content in an unrelated site's pop-up window. (CAN-2004-1156) A bug was found in the way Mozilla saves temporary files. Temporary files are saved with world readable permissions, which could allow a local malicious user to view potentially sensitive data. (CAN-2005-0142) A bug was found in the way Mozilla handles synthetic middle click events. It is possible for a malicious web page to steal the contents of a victims clipboard. (CAN-2005-0146) A bug was found in the way Mozilla processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. (CAN-2005-0401) A bug was found in the way Mozilla loads links in a new tab which are middle clicked. A malicious web page could read local files or modify privileged chrom settings. (CAN-2005-0141) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can use a view-source URL targetted at a secure page, while loading an insecure page, yet the secure site icon shows the previous secure state. (CAN-2005-0144) A bug was found in the way Mozilla displays the secure site icon. A malicious web page can display the secure site icon by loading a binary file from a secured site. (CAN-2005-0143) A bug was found in the way Firefox displays the download dialog window. A malicious site can obfuscate the content displayed in the source field, tricking a user into thinking they are downloading content from a trusted source. (CAN-2005-0585) Users of Mozilla are advised to upgrade to this updated package which contains Mozilla version 1.7.6 to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 142508 - 144228 - 146188 - CAN-2005-0141 multiple mozilla issues CAN-2004-1316 CAN-2005-0142 CAN-2005-0143 CAN-2005-0144 CAN-2004-1380 CAN-2004-1381 CAN-2005-0146 CAN-2005-0147 CAN-2005-0149 147397 - homograph spoofing 150866 - 151730 - 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/devhelp-0.9.2-2.4.3.src.rpm ef655aef074fe9d1bb2d4275e18a30c3 devhelp-0.9.2-2.4.3.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/evolution-2.0.2-14.src.rpm 796caefedf5087511b137f14512aafa3 evolution-2.0.2-14.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.6-1.4.1.src.rpm 2822baa29d8d22062fd1e314fec1c084 mozilla-1.7.6-1.4.1.src.rpm i386: c4a062574f5620e321f81c47b6c78913 devhelp-0.9.2-2.4.3.i386.rpm 7de6b81d78f3dba752a3c06d664777b8 devhelp-devel-0.9.2-2.4.3.i386.rpm 5e224cefdc65509b24fd29728caecc6b evolution-2.0.2-14.i386.rpm b02187784c02324afd1723c24f2d17ab evolution-devel-2.0.2-14.i386.rpm a7838d2c5ad3eb580b4a2157e2d0aac5 mozilla-1.7.6-1.4.1.i386.rpm b7dd0f25824fd1a9e0cf160553e75cec mozilla-chat-1.7.6-1.4.1.i386.rpm c88d27f8741cc22d794fa76ca001bcf2 mozilla-devel-1.7.6-1.4.1.i386.rpm ef0444924c443bf1ef63efb291b15017 mozilla-dom-inspector-1.7.6-1.4.1.i386.rpm 3c523a0ae96a601b0c3014a8b3cdec3d mozilla-js-debugger-1.7.6-1.4.1.i386.rpm aa4ee2f37944777f5c6f2128bfe4051f mozilla-mail-1.7.6-1.4.1.i386.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm 2319f305324b19e2a343e946b0cb6909 mozilla-nspr-devel-1.7.6-1.4.1.i386.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 3fc1fdb6ceed5740a428047652faee3c mozilla-nss-devel-1.7.6-1.4.1.i386.rpm ia64: 36b554c9d5d4f2520c885e2c8b05786a evolution-2.0.2-14.ia64.rpm 2edbcadc3c88a51ad077bae90d9b116f evolution-devel-2.0.2-14.ia64.rpm bb6ffe8c693c6009597f2cffdbdfa115 mozilla-1.7.6-1.4.1.ia64.rpm 034d4270363faaf097bca06360c25e5b mozilla-chat-1.7.6-1.4.1.ia64.rpm f5e5865fd0bd8c22ccde7316815deef4 mozilla-devel-1.7.6-1.4.1.ia64.rpm 6614e0cffaa568c1afb300a3c95d82cb mozilla-dom-inspector-1.7.6-1.4.1.ia64.rpm 128a218e1765ef3b93f9bc76a808768f mozilla-js-debugger-1.7.6-1.4.1.ia64.rpm d3aec46e412923de975ca9444125b568 mozilla-mail-1.7.6-1.4.1.ia64.rpm 4b552fed5eb33993350562b7e2d1963b mozilla-nspr-1.7.6-1.4.1.ia64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm cdca5118d08f05bb29a26ad854d13c77 mozilla-nspr-devel-1.7.6-1.4.1.ia64.rpm 630b9e378acc232bf9c0001f80ac0918 mozilla-nss-1.7.6-1.4.1.ia64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 441e53acf432bbd125f71b6da1830ed7 mozilla-nss-devel-1.7.6-1.4.1.ia64.rpm ppc: b080555e3af4b61bbd4687093b1cc94c devhelp-0.9.2-2.4.3.ppc.rpm 9e2f3f5f8ce57636f797ebc5c1de5406 devhelp-devel-0.9.2-2.4.3.ppc.rpm f743d2ff927f9304b6fa8ebf7f4670ac evolution-2.0.2-14.ppc.rpm 5c652488e5e4fd37d6542d2da9b64d35 evolution-devel-2.0.2-14.ppc.rpm ca8a8ad82aca60da1a95e1f54b08899b mozilla-1.7.6-1.4.1.ppc.rpm 2eec8a5422770fe7f35fe89d598571a2 mozilla-chat-1.7.6-1.4.1.ppc.rpm 5efaf95c9cd4ac44ebde3c6405b293cb mozilla-devel-1.7.6-1.4.1.ppc.rpm fb39503b07ebf91540be47f4efa8949d mozilla-dom-inspector-1.7.6-1.4.1.ppc.rpm 6e42d70993bde8d68019ec87d7be6049 mozilla-js-debugger-1.7.6-1.4.1.ppc.rpm b80b956d16eccaef17a4a351e9c44512 mozilla-mail-1.7.6-1.4.1.ppc.rpm 7f0d47ec94e5c85beaa96944e89f5fe8 mozilla-nspr-1.7.6-1.4.1.ppc.rpm d71529511834bdbdd606ee0fa4455543 mozilla-nspr-devel-1.7.6-1.4.1.ppc.rpm f4e2a91859a1808c0ea2731c6d776654 mozilla-nss-1.7.6-1.4.1.ppc.rpm c9affd85ff05952f9351314417ba68ab mozilla-nss-devel-1.7.6-1.4.1.ppc.rpm s390: be028cead30042d2d0a6ccfb3b1acd60 evolution-2.0.2-14.s390.rpm f753f3408222e3c3505b51551bbabf15 evolution-devel-2.0.2-14.s390.rpm 6a2768f0e8dfadb73f91e725da238fa4 mozilla-1.7.6-1.4.1.s390.rpm b816dbdda317776c96119267fbf72fbf mozilla-chat-1.7.6-1.4.1.s390.rpm 6aa47533e291b1a11f5d2df9c5d6e3fc mozilla-devel-1.7.6-1.4.1.s390.rpm 0589218bfb8df65d70fc84e5f82ae094 mozilla-dom-inspector-1.7.6-1.4.1.s390.rpm 156b9cb6a790554cdede32f4e95a1f2a mozilla-js-debugger-1.7.6-1.4.1.s390.rpm 0808078b09f3066189b504b594f4c9a7 mozilla-mail-1.7.6-1.4.1.s390.rpm b6a56eedf837d24b952fa5398f43abc5 mozilla-nspr-1.7.6-1.4.1.s390.rpm 8f45563bfe7df84230204f23a92e2c30 mozilla-nspr-devel-1.7.6-1.4.1.s390.rpm ee14089af4fac8e42c1265dfce8a0d16 mozilla-nss-1.7.6-1.4.1.s390.rpm 0b13dd9da58f22a3e54ec99f7b7f165f mozilla-nss-devel-1.7.6-1.4.1.s390.rpm s390x: ecca54c1461b85910609fc149d32b7f5 evolution-2.0.2-14.s390x.rpm d922cf9a4f01be35ab40da5e1a1bacbd evolution-devel-2.0.2-14.s390x.rpm bab0d846cb27f006b26f9539fb23858f mozilla-1.7.6-1.4.1.s390x.rpm 62045b915cf20d7df0f189ac71a714c7 mozilla-chat-1.7.6-1.4.1.s390x.rpm 4a828b4ce571b106c7431782df7b7301 mozilla-devel-1.7.6-1.4.1.s390x.rpm 23c2b0a864a2afa8bb833bd58e901cef mozilla-dom-inspector-1.7.6-1.4.1.s390x.rpm 380384518578ab1aab19d52d55718c72 mozilla-js-debugger-1.7.6-1.4.1.s390x.rpm 7e82eab7a3aa4fa93c3885af7d918de8 mozilla-mail-1.7.6-1.4.1.s390x.rpm fe60363934e4aeeb063a5e74e133b3e6 mozilla-nspr-1.7.6-1.4.1.s390x.rpm b6a56eedf837d24b952fa5398f43abc5 mozilla-nspr-1.7.6-1.4.1.s390.rpm 527e7c92da0bcfe40d493a04aa4cc6a6 mozilla-nspr-devel-1.7.6-1.4.1.s390x.rpm 19bd01a9c77355bbd3868364faa53e3f mozilla-nss-1.7.6-1.4.1.s390x.rpm ee14089af4fac8e42c1265dfce8a0d16 mozilla-nss-1.7.6-1.4.1.s390.rpm 7d73d9a7d0de4a4df5a1734a47b8a1b1 mozilla-nss-devel-1.7.6-1.4.1.s390x.rpm x86_64: 5a7a6b72629d066a3830f59fb04593a2 devhelp-0.9.2-2.4.3.x86_64.rpm 895f1fd3c661b98e803a923884c2effc devhelp-devel-0.9.2-2.4.3.x86_64.rpm 28f97d232c0bf557426da1a8bbcc9be4 evolution-2.0.2-14.x86_64.rpm 3f54339b8b1a8837af14fa3937e67c09 evolution-devel-2.0.2-14.x86_64.rpm 01309838e0abdfa4b89b649fa945e80b mozilla-1.7.6-1.4.1.x86_64.rpm 00782ab9ca7504c15deb016246fc7581 mozilla-chat-1.7.6-1.4.1.x86_64.rpm fa881165f821dc8b2f613cc10c48b81b mozilla-devel-1.7.6-1.4.1.x86_64.rpm d17299423d61ccd0dd7ccb8c771677de mozilla-dom-inspector-1.7.6-1.4.1.x86_64.rpm 58dd6924cc0596a5a6380518b660f5e7 mozilla-js-debugger-1.7.6-1.4.1.x86_64.rpm 51bc9b4fb28fe0e076137d7f31360eee mozilla-mail-1.7.6-1.4.1.x86_64.rpm e897cf784cb23d147d6fdb0acb33d309 mozilla-nspr-1.7.6-1.4.1.x86_64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm aa28118dc28d21f47f2d61f8601595e7 mozilla-nspr-devel-1.7.6-1.4.1.x86_64.rpm 341cafa4e39a9e0cb2919e2a1800fed5 mozilla-nss-1.7.6-1.4.1.x86_64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 19166638b89d32e156c333bed457888a mozilla-nss-devel-1.7.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/devhelp-0.9.2-2.4.3.src.rpm ef655aef074fe9d1bb2d4275e18a30c3 devhelp-0.9.2-2.4.3.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/evolution-2.0.2-14.src.rpm 796caefedf5087511b137f14512aafa3 evolution-2.0.2-14.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.6-1.4.1.src.rpm 2822baa29d8d22062fd1e314fec1c084 mozilla-1.7.6-1.4.1.src.rpm i386: c4a062574f5620e321f81c47b6c78913 devhelp-0.9.2-2.4.3.i386.rpm 7de6b81d78f3dba752a3c06d664777b8 devhelp-devel-0.9.2-2.4.3.i386.rpm 5e224cefdc65509b24fd29728caecc6b evolution-2.0.2-14.i386.rpm b02187784c02324afd1723c24f2d17ab evolution-devel-2.0.2-14.i386.rpm a7838d2c5ad3eb580b4a2157e2d0aac5 mozilla-1.7.6-1.4.1.i386.rpm b7dd0f25824fd1a9e0cf160553e75cec mozilla-chat-1.7.6-1.4.1.i386.rpm c88d27f8741cc22d794fa76ca001bcf2 mozilla-devel-1.7.6-1.4.1.i386.rpm ef0444924c443bf1ef63efb291b15017 mozilla-dom-inspector-1.7.6-1.4.1.i386.rpm 3c523a0ae96a601b0c3014a8b3cdec3d mozilla-js-debugger-1.7.6-1.4.1.i386.rpm aa4ee2f37944777f5c6f2128bfe4051f mozilla-mail-1.7.6-1.4.1.i386.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm 2319f305324b19e2a343e946b0cb6909 mozilla-nspr-devel-1.7.6-1.4.1.i386.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 3fc1fdb6ceed5740a428047652faee3c mozilla-nss-devel-1.7.6-1.4.1.i386.rpm x86_64: 5a7a6b72629d066a3830f59fb04593a2 devhelp-0.9.2-2.4.3.x86_64.rpm 895f1fd3c661b98e803a923884c2effc devhelp-devel-0.9.2-2.4.3.x86_64.rpm 28f97d232c0bf557426da1a8bbcc9be4 evolution-2.0.2-14.x86_64.rpm 3f54339b8b1a8837af14fa3937e67c09 evolution-devel-2.0.2-14.x86_64.rpm 01309838e0abdfa4b89b649fa945e80b mozilla-1.7.6-1.4.1.x86_64.rpm 00782ab9ca7504c15deb016246fc7581 mozilla-chat-1.7.6-1.4.1.x86_64.rpm fa881165f821dc8b2f613cc10c48b81b mozilla-devel-1.7.6-1.4.1.x86_64.rpm d17299423d61ccd0dd7ccb8c771677de mozilla-dom-inspector-1.7.6-1.4.1.x86_64.rpm 58dd6924cc0596a5a6380518b660f5e7 mozilla-js-debugger-1.7.6-1.4.1.x86_64.rpm 51bc9b4fb28fe0e076137d7f31360eee mozilla-mail-1.7.6-1.4.1.x86_64.rpm e897cf784cb23d147d6fdb0acb33d309 mozilla-nspr-1.7.6-1.4.1.x86_64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm aa28118dc28d21f47f2d61f8601595e7 mozilla-nspr-devel-1.7.6-1.4.1.x86_64.rpm 341cafa4e39a9e0cb2919e2a1800fed5 mozilla-nss-1.7.6-1.4.1.x86_64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 19166638b89d32e156c333bed457888a mozilla-nss-devel-1.7.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/devhelp-0.9.2-2.4.3.src.rpm ef655aef074fe9d1bb2d4275e18a30c3 devhelp-0.9.2-2.4.3.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/evolution-2.0.2-14.src.rpm 796caefedf5087511b137f14512aafa3 evolution-2.0.2-14.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.6-1.4.1.src.rpm 2822baa29d8d22062fd1e314fec1c084 mozilla-1.7.6-1.4.1.src.rpm i386: c4a062574f5620e321f81c47b6c78913 devhelp-0.9.2-2.4.3.i386.rpm 7de6b81d78f3dba752a3c06d664777b8 devhelp-devel-0.9.2-2.4.3.i386.rpm 5e224cefdc65509b24fd29728caecc6b evolution-2.0.2-14.i386.rpm b02187784c02324afd1723c24f2d17ab evolution-devel-2.0.2-14.i386.rpm a7838d2c5ad3eb580b4a2157e2d0aac5 mozilla-1.7.6-1.4.1.i386.rpm b7dd0f25824fd1a9e0cf160553e75cec mozilla-chat-1.7.6-1.4.1.i386.rpm c88d27f8741cc22d794fa76ca001bcf2 mozilla-devel-1.7.6-1.4.1.i386.rpm ef0444924c443bf1ef63efb291b15017 mozilla-dom-inspector-1.7.6-1.4.1.i386.rpm 3c523a0ae96a601b0c3014a8b3cdec3d mozilla-js-debugger-1.7.6-1.4.1.i386.rpm aa4ee2f37944777f5c6f2128bfe4051f mozilla-mail-1.7.6-1.4.1.i386.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm 2319f305324b19e2a343e946b0cb6909 mozilla-nspr-devel-1.7.6-1.4.1.i386.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 3fc1fdb6ceed5740a428047652faee3c mozilla-nss-devel-1.7.6-1.4.1.i386.rpm ia64: 36b554c9d5d4f2520c885e2c8b05786a evolution-2.0.2-14.ia64.rpm 2edbcadc3c88a51ad077bae90d9b116f evolution-devel-2.0.2-14.ia64.rpm bb6ffe8c693c6009597f2cffdbdfa115 mozilla-1.7.6-1.4.1.ia64.rpm 034d4270363faaf097bca06360c25e5b mozilla-chat-1.7.6-1.4.1.ia64.rpm f5e5865fd0bd8c22ccde7316815deef4 mozilla-devel-1.7.6-1.4.1.ia64.rpm 6614e0cffaa568c1afb300a3c95d82cb mozilla-dom-inspector-1.7.6-1.4.1.ia64.rpm 128a218e1765ef3b93f9bc76a808768f mozilla-js-debugger-1.7.6-1.4.1.ia64.rpm d3aec46e412923de975ca9444125b568 mozilla-mail-1.7.6-1.4.1.ia64.rpm 4b552fed5eb33993350562b7e2d1963b mozilla-nspr-1.7.6-1.4.1.ia64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm cdca5118d08f05bb29a26ad854d13c77 mozilla-nspr-devel-1.7.6-1.4.1.ia64.rpm 630b9e378acc232bf9c0001f80ac0918 mozilla-nss-1.7.6-1.4.1.ia64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 441e53acf432bbd125f71b6da1830ed7 mozilla-nss-devel-1.7.6-1.4.1.ia64.rpm x86_64: 5a7a6b72629d066a3830f59fb04593a2 devhelp-0.9.2-2.4.3.x86_64.rpm 895f1fd3c661b98e803a923884c2effc devhelp-devel-0.9.2-2.4.3.x86_64.rpm 28f97d232c0bf557426da1a8bbcc9be4 evolution-2.0.2-14.x86_64.rpm 3f54339b8b1a8837af14fa3937e67c09 evolution-devel-2.0.2-14.x86_64.rpm 01309838e0abdfa4b89b649fa945e80b mozilla-1.7.6-1.4.1.x86_64.rpm 00782ab9ca7504c15deb016246fc7581 mozilla-chat-1.7.6-1.4.1.x86_64.rpm fa881165f821dc8b2f613cc10c48b81b mozilla-devel-1.7.6-1.4.1.x86_64.rpm d17299423d61ccd0dd7ccb8c771677de mozilla-dom-inspector-1.7.6-1.4.1.x86_64.rpm 58dd6924cc0596a5a6380518b660f5e7 mozilla-js-debugger-1.7.6-1.4.1.x86_64.rpm 51bc9b4fb28fe0e076137d7f31360eee mozilla-mail-1.7.6-1.4.1.x86_64.rpm e897cf784cb23d147d6fdb0acb33d309 mozilla-nspr-1.7.6-1.4.1.x86_64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm aa28118dc28d21f47f2d61f8601595e7 mozilla-nspr-devel-1.7.6-1.4.1.x86_64.rpm 341cafa4e39a9e0cb2919e2a1800fed5 mozilla-nss-1.7.6-1.4.1.x86_64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 19166638b89d32e156c333bed457888a mozilla-nss-devel-1.7.6-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/devhelp-0.9.2-2.4.3.src.rpm ef655aef074fe9d1bb2d4275e18a30c3 devhelp-0.9.2-2.4.3.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/evolution-2.0.2-14.src.rpm 796caefedf5087511b137f14512aafa3 evolution-2.0.2-14.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.6-1.4.1.src.rpm 2822baa29d8d22062fd1e314fec1c084 mozilla-1.7.6-1.4.1.src.rpm i386: c4a062574f5620e321f81c47b6c78913 devhelp-0.9.2-2.4.3.i386.rpm 7de6b81d78f3dba752a3c06d664777b8 devhelp-devel-0.9.2-2.4.3.i386.rpm 5e224cefdc65509b24fd29728caecc6b evolution-2.0.2-14.i386.rpm b02187784c02324afd1723c24f2d17ab evolution-devel-2.0.2-14.i386.rpm a7838d2c5ad3eb580b4a2157e2d0aac5 mozilla-1.7.6-1.4.1.i386.rpm b7dd0f25824fd1a9e0cf160553e75cec mozilla-chat-1.7.6-1.4.1.i386.rpm c88d27f8741cc22d794fa76ca001bcf2 mozilla-devel-1.7.6-1.4.1.i386.rpm ef0444924c443bf1ef63efb291b15017 mozilla-dom-inspector-1.7.6-1.4.1.i386.rpm 3c523a0ae96a601b0c3014a8b3cdec3d mozilla-js-debugger-1.7.6-1.4.1.i386.rpm aa4ee2f37944777f5c6f2128bfe4051f mozilla-mail-1.7.6-1.4.1.i386.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm 2319f305324b19e2a343e946b0cb6909 mozilla-nspr-devel-1.7.6-1.4.1.i386.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 3fc1fdb6ceed5740a428047652faee3c mozilla-nss-devel-1.7.6-1.4.1.i386.rpm ia64: 36b554c9d5d4f2520c885e2c8b05786a evolution-2.0.2-14.ia64.rpm 2edbcadc3c88a51ad077bae90d9b116f evolution-devel-2.0.2-14.ia64.rpm bb6ffe8c693c6009597f2cffdbdfa115 mozilla-1.7.6-1.4.1.ia64.rpm 034d4270363faaf097bca06360c25e5b mozilla-chat-1.7.6-1.4.1.ia64.rpm f5e5865fd0bd8c22ccde7316815deef4 mozilla-devel-1.7.6-1.4.1.ia64.rpm 6614e0cffaa568c1afb300a3c95d82cb mozilla-dom-inspector-1.7.6-1.4.1.ia64.rpm 128a218e1765ef3b93f9bc76a808768f mozilla-js-debugger-1.7.6-1.4.1.ia64.rpm d3aec46e412923de975ca9444125b568 mozilla-mail-1.7.6-1.4.1.ia64.rpm 4b552fed5eb33993350562b7e2d1963b mozilla-nspr-1.7.6-1.4.1.ia64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm cdca5118d08f05bb29a26ad854d13c77 mozilla-nspr-devel-1.7.6-1.4.1.ia64.rpm 630b9e378acc232bf9c0001f80ac0918 mozilla-nss-1.7.6-1.4.1.ia64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 441e53acf432bbd125f71b6da1830ed7 mozilla-nss-devel-1.7.6-1.4.1.ia64.rpm x86_64: 5a7a6b72629d066a3830f59fb04593a2 devhelp-0.9.2-2.4.3.x86_64.rpm 895f1fd3c661b98e803a923884c2effc devhelp-devel-0.9.2-2.4.3.x86_64.rpm 28f97d232c0bf557426da1a8bbcc9be4 evolution-2.0.2-14.x86_64.rpm 3f54339b8b1a8837af14fa3937e67c09 evolution-devel-2.0.2-14.x86_64.rpm 01309838e0abdfa4b89b649fa945e80b mozilla-1.7.6-1.4.1.x86_64.rpm 00782ab9ca7504c15deb016246fc7581 mozilla-chat-1.7.6-1.4.1.x86_64.rpm fa881165f821dc8b2f613cc10c48b81b mozilla-devel-1.7.6-1.4.1.x86_64.rpm d17299423d61ccd0dd7ccb8c771677de mozilla-dom-inspector-1.7.6-1.4.1.x86_64.rpm 58dd6924cc0596a5a6380518b660f5e7 mozilla-js-debugger-1.7.6-1.4.1.x86_64.rpm 51bc9b4fb28fe0e076137d7f31360eee mozilla-mail-1.7.6-1.4.1.x86_64.rpm e897cf784cb23d147d6fdb0acb33d309 mozilla-nspr-1.7.6-1.4.1.x86_64.rpm 7eea7a8e4316fe594d23022962b3aa36 mozilla-nspr-1.7.6-1.4.1.i386.rpm aa28118dc28d21f47f2d61f8601595e7 mozilla-nspr-devel-1.7.6-1.4.1.x86_64.rpm 341cafa4e39a9e0cb2919e2a1800fed5 mozilla-nss-1.7.6-1.4.1.x86_64.rpm ab3c087c54396503607d4f5cadb49e12 mozilla-nss-1.7.6-1.4.1.i386.rpm 19166638b89d32e156c333bed457888a mozilla-nss-devel-1.7.6-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1380 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0141 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0143 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0144 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0146 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0149 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0401 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQcRCXlSAg2UNWIIRAgndAKDBSEUWIb++fF5Vo4McyLCcia4cEACgxN7B +SeKSB2012ttbFp6NE7Dx54= =mCW0 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 19:32:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 14:32 -0500 Subject: [RHSA-2005:336-01] Critical: firefox security update Message-ID: <200503231932.j2NJWkZ17727@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2005:336-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-336.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0399 CAN-2005-0401 CAN-2005-0402 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. A buffer overflow bug was found in the way Firefox processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the way Firefox processes XUL content. If a malicious web page can trick a user into dragging an object, it is possible to load malicious XUL content. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0401 to this issue. A bug was found in the way Firefox bookmarks content to the sidebar. If a user can be tricked into bookmarking a malicious web page into the sidebar panel, that page could execute arbitrary programs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0402 to this issue. Users of Firefox are advised to upgrade to this updated package which contains Firefox version 1.0.2 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150877 - 151153 - 151714 - 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.0.2-1.4.1.src.rpm b4d2d6699d60086f14232a1d1c58b027 firefox-1.0.2-1.4.1.src.rpm i386: 08057be5ef2e887f407eef14c3b871f2 firefox-1.0.2-1.4.1.i386.rpm ia64: d8006388e5625a9baf65fa0bd6a7fc16 firefox-1.0.2-1.4.1.ia64.rpm ppc: 661a3b104b9a4e5ddd04dcd56113a365 firefox-1.0.2-1.4.1.ppc.rpm s390: 36441f3878cd58dd420c8ecb9774bb97 firefox-1.0.2-1.4.1.s390.rpm s390x: e2c20602640075d8f4424cb88fcf9145 firefox-1.0.2-1.4.1.s390x.rpm x86_64: f922c5283e24f14d0ac5128bb58f85d1 firefox-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.0.2-1.4.1.src.rpm b4d2d6699d60086f14232a1d1c58b027 firefox-1.0.2-1.4.1.src.rpm i386: 08057be5ef2e887f407eef14c3b871f2 firefox-1.0.2-1.4.1.i386.rpm x86_64: f922c5283e24f14d0ac5128bb58f85d1 firefox-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.0.2-1.4.1.src.rpm b4d2d6699d60086f14232a1d1c58b027 firefox-1.0.2-1.4.1.src.rpm i386: 08057be5ef2e887f407eef14c3b871f2 firefox-1.0.2-1.4.1.i386.rpm ia64: d8006388e5625a9baf65fa0bd6a7fc16 firefox-1.0.2-1.4.1.ia64.rpm x86_64: f922c5283e24f14d0ac5128bb58f85d1 firefox-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.0.2-1.4.1.src.rpm b4d2d6699d60086f14232a1d1c58b027 firefox-1.0.2-1.4.1.src.rpm i386: 08057be5ef2e887f407eef14c3b871f2 firefox-1.0.2-1.4.1.i386.rpm ia64: d8006388e5625a9baf65fa0bd6a7fc16 firefox-1.0.2-1.4.1.ia64.rpm x86_64: f922c5283e24f14d0ac5128bb58f85d1 firefox-1.0.2-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0401 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0402 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQcRXXlSAg2UNWIIRArYAAKCbFlu9WfrSjhj0vXD9z2xbTIbvbACeMH0Z 5Hfe9lYJXrLCmCqm8SGdJhU= =vBa6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 23 19:33:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Mar 2005 14:33 -0500 Subject: [RHSA-2005:337-01] Critical: thunderbird security update Message-ID: <200503231933.j2NJX2Z17743@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: thunderbird security update Advisory ID: RHSA-2005:337-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-337.html Issue date: 2005-03-23 Updated on: 2005-03-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0399 CAN-2005-0255 - --------------------------------------------------------------------- 1. Summary: Updated thunderbird packages that fix various bugs are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Thunderbird is a standalone mail and newsgroup client. A buffer overflow bug was found in the way Thunderbird processes GIF images. It is possible for an attacker to create a specially crafted GIF image, which when viewed by a victim will execute arbitrary code as the victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0399 to this issue. A bug was found in the Thunderbird string handling functions. If a malicious website is able to exhaust a system's memory, it becomes possible to execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0255 to this issue. Users of Thunderbird are advised to upgrade to this updated package which contains Thunderbird version 1.0.2 and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 149883 - CAN-2005-0255 Memory overwrite in string library 150874 - 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.0.2-1.4.1.src.rpm 4fd64e091c9b224ac6b1ec2e2389b3b8 thunderbird-1.0.2-1.4.1.src.rpm i386: 6230f646a97610ffcf4a8470111fe784 thunderbird-1.0.2-1.4.1.i386.rpm ia64: 88982e22b690d581824e061b56993d9d thunderbird-1.0.2-1.4.1.ia64.rpm ppc: 2ed876ea1f24b2d93c7957a4b7aa1e62 thunderbird-1.0.2-1.4.1.ppc.rpm s390: eeade6a2ae621d08642e9e1caed4ec98 thunderbird-1.0.2-1.4.1.s390.rpm s390x: 61b8c77a40e9004ab401b938f59a96fd thunderbird-1.0.2-1.4.1.s390x.rpm x86_64: 51e710c26670142b1b973fa96624b1fb thunderbird-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.0.2-1.4.1.src.rpm 4fd64e091c9b224ac6b1ec2e2389b3b8 thunderbird-1.0.2-1.4.1.src.rpm i386: 6230f646a97610ffcf4a8470111fe784 thunderbird-1.0.2-1.4.1.i386.rpm x86_64: 51e710c26670142b1b973fa96624b1fb thunderbird-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.0.2-1.4.1.src.rpm 4fd64e091c9b224ac6b1ec2e2389b3b8 thunderbird-1.0.2-1.4.1.src.rpm i386: 6230f646a97610ffcf4a8470111fe784 thunderbird-1.0.2-1.4.1.i386.rpm ia64: 88982e22b690d581824e061b56993d9d thunderbird-1.0.2-1.4.1.ia64.rpm x86_64: 51e710c26670142b1b973fa96624b1fb thunderbird-1.0.2-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.0.2-1.4.1.src.rpm 4fd64e091c9b224ac6b1ec2e2389b3b8 thunderbird-1.0.2-1.4.1.src.rpm i386: 6230f646a97610ffcf4a8470111fe784 thunderbird-1.0.2-1.4.1.i386.rpm ia64: 88982e22b690d581824e061b56993d9d thunderbird-1.0.2-1.4.1.ia64.rpm x86_64: 51e710c26670142b1b973fa96624b1fb thunderbird-1.0.2-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0399 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0255 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCQcRoXlSAg2UNWIIRArbwAJ0UVlLmoeYdu19S4aTOCMlqEFTcXQCfTzk3 mwJ+o5TtRS7EbSDIv3G6yoE= =vHKX -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 28 19:51:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 28 Mar 2005 14:51 -0500 Subject: [RHSA-2005:304-01] Moderate: grip security update Message-ID: <200503281951.j2SJpPZ23460@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: grip security update Advisory ID: RHSA-2005:304-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-304.html Issue date: 2005-03-28 Updated on: 2005-03-28 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0706 - --------------------------------------------------------------------- 1. Summary: A new grip package is available that fixes a remote buffer overflow. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: Grip is a GTK+ based front-end for CD rippers (such as cdparanoia and cdda2wav) and Ogg Vorbis encoders. Dean Brettle discovered a buffer overflow bug in the way grip handles data returned by CDDB servers. It is possible that if a user connects to a malicious CDDB server, an attacker could execute arbitrary code on the victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0706 to this issue. Users of grip should upgrade to this updated package, which contains a backported patch, and is not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150712 - CAN-2005-0706 Buffer overflow in grip 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/grip-2.96-1.3.src.rpm cf1dc608404752a9a5b61a422f3cb508 grip-2.96-1.3.src.rpm i386: 4bf449365661b5cadc1f0a9c6c0bc3a7 grip-2.96-1.3.i386.rpm ia64: 6d2c64d58783feb49c895c27a2e9e993 grip-2.96-1.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/grip-2.96-1.3.src.rpm cf1dc608404752a9a5b61a422f3cb508 grip-2.96-1.3.src.rpm ia64: 6d2c64d58783feb49c895c27a2e9e993 grip-2.96-1.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/grip-2.96-1.3.src.rpm cf1dc608404752a9a5b61a422f3cb508 grip-2.96-1.3.src.rpm i386: 4bf449365661b5cadc1f0a9c6c0bc3a7 grip-2.96-1.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/grip-2.96-1.3.src.rpm cf1dc608404752a9a5b61a422f3cb508 grip-2.96-1.3.src.rpm i386: 4bf449365661b5cadc1f0a9c6c0bc3a7 grip-2.96-1.3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSGAtXlSAg2UNWIIRAt2EAKC9FgXuznV3RVXheYi9mn3+scqosACbBeZC +oA9+04zzPSbEtdsC1o7ECk= =PPY9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 28 19:58:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 28 Mar 2005 14:58 -0500 Subject: [RHSA-2005:327-01] Important: telnet security update Message-ID: <200503281958.j2SJwrZ23720@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: telnet security update Advisory ID: RHSA-2005:327-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-327.html Issue date: 2005-03-28 Updated on: 2005-03-28 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0468 CAN-2005-0469 - --------------------------------------------------------------------- 1. Summary: Updated telnet packages that fix two buffer overflow vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The telnet package provides a command line telnet client. The telnet-server package includes a telnet daemon, telnetd, that supports remote login to the host machine. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Additionally, the following bugs have been fixed in these erratum packages for Red Hat Enterprise Linux 2.1 and Red Hat Enterprise Linux 3: - - telnetd could loop on an error in the child side process - - There was a race condition in telnetd on a wtmp lock on some occasions - - The command line in the process table was sometimes too long and caused bad output from the ps command - - The 8-bit binary option was not working Users of telnet should upgrade to this updated package, which contains backported patches to correct these issues. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 126858 - Too long /proc/X/cmdline: bad ps output when piped to less/more 145004 - telnetd cleanup() race condition with syslog in signal handler 145636 - [PATCH] telnetd loops on child IO error 147003 - [RHEL3] telnetd cleanup() race condition with syslog in signal handler 151297 - CAN-2005-0469 slc_add_reply() Buffer Overflow Vulnerability 151301 - CAN-2005-0468 env_opt_add() Buffer Overflow Vulnerability 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/telnet-0.17-20.EL2.3.src.rpm 417f308264da21ba52f490671078437d telnet-0.17-20.EL2.3.src.rpm i386: 9844ce440580371e21adb6e240f7ef32 telnet-0.17-20.EL2.3.i386.rpm 6a8a735c26c81c10fd03d25ed001c89c telnet-server-0.17-20.EL2.3.i386.rpm ia64: 17e5e124770f7772cf0d4c4e24650b87 telnet-0.17-20.EL2.3.ia64.rpm 94149177b916123e92c80bf5412112fc telnet-server-0.17-20.EL2.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/telnet-0.17-20.EL2.3.src.rpm 417f308264da21ba52f490671078437d telnet-0.17-20.EL2.3.src.rpm ia64: 17e5e124770f7772cf0d4c4e24650b87 telnet-0.17-20.EL2.3.ia64.rpm 94149177b916123e92c80bf5412112fc telnet-server-0.17-20.EL2.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/telnet-0.17-20.EL2.3.src.rpm 417f308264da21ba52f490671078437d telnet-0.17-20.EL2.3.src.rpm i386: 9844ce440580371e21adb6e240f7ef32 telnet-0.17-20.EL2.3.i386.rpm 6a8a735c26c81c10fd03d25ed001c89c telnet-server-0.17-20.EL2.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/telnet-0.17-20.EL2.3.src.rpm 417f308264da21ba52f490671078437d telnet-0.17-20.EL2.3.src.rpm i386: 9844ce440580371e21adb6e240f7ef32 telnet-0.17-20.EL2.3.i386.rpm 6a8a735c26c81c10fd03d25ed001c89c telnet-server-0.17-20.EL2.3.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/telnet-0.17-26.EL3.2.src.rpm 9d246538ceb4ea06807737bf487bf29d telnet-0.17-26.EL3.2.src.rpm i386: a1edb03210ac63b30f6332a2e4227dc9 telnet-0.17-26.EL3.2.i386.rpm 6eea6c08ea68f1ea8a177c63016e9935 telnet-server-0.17-26.EL3.2.i386.rpm ia64: 540dfa1463fb15b035371cb8815c8003 telnet-0.17-26.EL3.2.ia64.rpm cf5ea891b305e4e150b31f012e5bd0b7 telnet-server-0.17-26.EL3.2.ia64.rpm ppc: 004cd42520a5052fbbf6f150ebec5308 telnet-0.17-26.EL3.2.ppc.rpm 5246c393f0b38a64a47efc8b091d3cc3 telnet-server-0.17-26.EL3.2.ppc.rpm s390: feb70dd0f45a9e08d5d49fcb773924f2 telnet-0.17-26.EL3.2.s390.rpm 9290204b8e84f96b024ffe98da834174 telnet-server-0.17-26.EL3.2.s390.rpm s390x: 8d7419651888f9943e82918b73c84b09 telnet-0.17-26.EL3.2.s390x.rpm 6dc6d17c2086c6756a74e9e48552b634 telnet-server-0.17-26.EL3.2.s390x.rpm x86_64: 7d226b52aae9119e23645d3243bd821c telnet-0.17-26.EL3.2.x86_64.rpm d48f86ee42581c351d565aa78d373204 telnet-server-0.17-26.EL3.2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/telnet-0.17-26.EL3.2.src.rpm 9d246538ceb4ea06807737bf487bf29d telnet-0.17-26.EL3.2.src.rpm i386: a1edb03210ac63b30f6332a2e4227dc9 telnet-0.17-26.EL3.2.i386.rpm 6eea6c08ea68f1ea8a177c63016e9935 telnet-server-0.17-26.EL3.2.i386.rpm x86_64: 7d226b52aae9119e23645d3243bd821c telnet-0.17-26.EL3.2.x86_64.rpm d48f86ee42581c351d565aa78d373204 telnet-server-0.17-26.EL3.2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/telnet-0.17-26.EL3.2.src.rpm 9d246538ceb4ea06807737bf487bf29d telnet-0.17-26.EL3.2.src.rpm i386: a1edb03210ac63b30f6332a2e4227dc9 telnet-0.17-26.EL3.2.i386.rpm 6eea6c08ea68f1ea8a177c63016e9935 telnet-server-0.17-26.EL3.2.i386.rpm ia64: 540dfa1463fb15b035371cb8815c8003 telnet-0.17-26.EL3.2.ia64.rpm cf5ea891b305e4e150b31f012e5bd0b7 telnet-server-0.17-26.EL3.2.ia64.rpm x86_64: 7d226b52aae9119e23645d3243bd821c telnet-0.17-26.EL3.2.x86_64.rpm d48f86ee42581c351d565aa78d373204 telnet-server-0.17-26.EL3.2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/telnet-0.17-26.EL3.2.src.rpm 9d246538ceb4ea06807737bf487bf29d telnet-0.17-26.EL3.2.src.rpm i386: a1edb03210ac63b30f6332a2e4227dc9 telnet-0.17-26.EL3.2.i386.rpm 6eea6c08ea68f1ea8a177c63016e9935 telnet-server-0.17-26.EL3.2.i386.rpm ia64: 540dfa1463fb15b035371cb8815c8003 telnet-0.17-26.EL3.2.ia64.rpm cf5ea891b305e4e150b31f012e5bd0b7 telnet-server-0.17-26.EL3.2.ia64.rpm x86_64: 7d226b52aae9119e23645d3243bd821c telnet-0.17-26.EL3.2.x86_64.rpm d48f86ee42581c351d565aa78d373204 telnet-server-0.17-26.EL3.2.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/telnet-0.17-31.EL4.2.src.rpm a3faf4a95d925197b7ec88861a272f68 telnet-0.17-31.EL4.2.src.rpm i386: c03d8fbd5c1a1dfd334263e034626bef telnet-0.17-31.EL4.2.i386.rpm 095477b3fd6797a4dcb71eaa6fe40fb9 telnet-server-0.17-31.EL4.2.i386.rpm ia64: c1eaa58f26e47c3c8370ff2189b78b81 telnet-0.17-31.EL4.2.ia64.rpm 3e47cc360ea07b28c16da6fdfb88c39e telnet-server-0.17-31.EL4.2.ia64.rpm ppc: 22fc96070dc40b3686d23b62f213069c telnet-0.17-31.EL4.2.ppc.rpm 53e773d2752608b0414a8fd0e449c694 telnet-server-0.17-31.EL4.2.ppc.rpm s390: 8336b046ae91cc296a949ce840858489 telnet-0.17-31.EL4.2.s390.rpm 62fa5b57339984f7903c8c6828cf3907 telnet-server-0.17-31.EL4.2.s390.rpm s390x: a9687c4c60aa7ce447b322ad15e491e1 telnet-0.17-31.EL4.2.s390x.rpm 624150f3b2bb179af14f89333549baf8 telnet-server-0.17-31.EL4.2.s390x.rpm x86_64: ba9038dbfdedbf0d064c6b2be18f10e4 telnet-0.17-31.EL4.2.x86_64.rpm 42fc60c48cacc2d40798fc33681bfcd2 telnet-server-0.17-31.EL4.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/telnet-0.17-31.EL4.2.src.rpm a3faf4a95d925197b7ec88861a272f68 telnet-0.17-31.EL4.2.src.rpm i386: c03d8fbd5c1a1dfd334263e034626bef telnet-0.17-31.EL4.2.i386.rpm 095477b3fd6797a4dcb71eaa6fe40fb9 telnet-server-0.17-31.EL4.2.i386.rpm x86_64: ba9038dbfdedbf0d064c6b2be18f10e4 telnet-0.17-31.EL4.2.x86_64.rpm 42fc60c48cacc2d40798fc33681bfcd2 telnet-server-0.17-31.EL4.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/telnet-0.17-31.EL4.2.src.rpm a3faf4a95d925197b7ec88861a272f68 telnet-0.17-31.EL4.2.src.rpm i386: c03d8fbd5c1a1dfd334263e034626bef telnet-0.17-31.EL4.2.i386.rpm 095477b3fd6797a4dcb71eaa6fe40fb9 telnet-server-0.17-31.EL4.2.i386.rpm ia64: c1eaa58f26e47c3c8370ff2189b78b81 telnet-0.17-31.EL4.2.ia64.rpm 3e47cc360ea07b28c16da6fdfb88c39e telnet-server-0.17-31.EL4.2.ia64.rpm x86_64: ba9038dbfdedbf0d064c6b2be18f10e4 telnet-0.17-31.EL4.2.x86_64.rpm 42fc60c48cacc2d40798fc33681bfcd2 telnet-server-0.17-31.EL4.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/telnet-0.17-31.EL4.2.src.rpm a3faf4a95d925197b7ec88861a272f68 telnet-0.17-31.EL4.2.src.rpm i386: c03d8fbd5c1a1dfd334263e034626bef telnet-0.17-31.EL4.2.i386.rpm 095477b3fd6797a4dcb71eaa6fe40fb9 telnet-server-0.17-31.EL4.2.i386.rpm ia64: c1eaa58f26e47c3c8370ff2189b78b81 telnet-0.17-31.EL4.2.ia64.rpm 3e47cc360ea07b28c16da6fdfb88c39e telnet-server-0.17-31.EL4.2.ia64.rpm x86_64: ba9038dbfdedbf0d064c6b2be18f10e4 telnet-0.17-31.EL4.2.x86_64.rpm 42fc60c48cacc2d40798fc33681bfcd2 telnet-server-0.17-31.EL4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSGHdXlSAg2UNWIIRAkEaAJ0QNceqbgMTl4za3MIASMeXhVqfjACfVUkk FK0gYsHIZKVqJoUpluWIhRE= =bT/V -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Mar 28 19:59:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 28 Mar 2005 14:59 -0500 Subject: [RHSA-2005:334-01] Important: mysql security update Message-ID: <200503281959.j2SJxPZ23734@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mysql security update Advisory ID: RHSA-2005:334-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-334.html Issue date: 2005-03-28 Updated on: 2005-03-28 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0709 CAN-2005-0710 CAN-2005-0711 - --------------------------------------------------------------------- 1. Summary: Updated mysql packages that fix several vulnerabilities are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: MySQL is a multi-user, multi-threaded SQL database server. This update fixes several security risks in the MySQL server. Stefano Di Paola discovered two bugs in the way MySQL handles user-defined functions. A user with the ability to create and execute a user defined function could potentially execute arbitrary code on the MySQL server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0709 and CAN-2005-0710 to these issues. Stefano Di Paola also discovered a bug in the way MySQL creates temporary tables. A local user could create a specially crafted symlink which could result in the MySQL server overwriting a file which it has write access to. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-0711 to this issue. All users of the MySQL server are advised to upgrade to these updated packages, which contain fixes for these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150868 - CAN-2005-0711 Insecure temporary file creation with CREATE TEMPORARY TABLE 150871 - CAN-2005-0710 MySQL security attacks via user-defined functions in C (CAN-2005-0709) 151051 - CAN-2005-0710 MySQL security attacks via user-defined functions in C (CAN-2005-0709) 152344 - CAN-2005-0711 Insecure temporary file creation with CREATE TEMPORARY TABLE 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1 mysql-3.23.58-1.72.2.src.rpm i386: c8b10a5e219a0bb25c34a2df1b64bc18 mysql-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819 mysql-devel-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9 mysql-server-3.23.58-1.72.2.i386.rpm ia64: a856bfd608828d4f64d9796917850273 mysql-3.23.58-1.72.2.ia64.rpm 86c85219c9bee00653f7d15c3f7430ee mysql-devel-3.23.58-1.72.2.ia64.rpm 2b001d68cb35af5d79c24796a52ebcf0 mysql-server-3.23.58-1.72.2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1 mysql-3.23.58-1.72.2.src.rpm ia64: a856bfd608828d4f64d9796917850273 mysql-3.23.58-1.72.2.ia64.rpm 86c85219c9bee00653f7d15c3f7430ee mysql-devel-3.23.58-1.72.2.ia64.rpm 2b001d68cb35af5d79c24796a52ebcf0 mysql-server-3.23.58-1.72.2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1 mysql-3.23.58-1.72.2.src.rpm i386: c8b10a5e219a0bb25c34a2df1b64bc18 mysql-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819 mysql-devel-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9 mysql-server-3.23.58-1.72.2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mysql-3.23.58-1.72.2.src.rpm 9f8398d805ce362f80c15408233a9ed1 mysql-3.23.58-1.72.2.src.rpm i386: c8b10a5e219a0bb25c34a2df1b64bc18 mysql-3.23.58-1.72.2.i386.rpm 2cf8e981adf1d3c6563fefa662905819 mysql-devel-3.23.58-1.72.2.i386.rpm eab17f634d6291a172d8da3643d0bbc9 mysql-server-3.23.58-1.72.2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601 mysql-3.23.58-15.RHEL3.1.src.rpm i386: 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e mysql-devel-3.23.58-15.RHEL3.1.i386.rpm ia64: f11140c71bd0153313b568b5a2f3c3ce mysql-3.23.58-15.RHEL3.1.ia64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 16090c803a0ebe16c182225a579238ee mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945 mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm ppc: a81cdaff84d2f09eb83a102917191afe mysql-3.23.58-15.RHEL3.1.ppc.rpm 45af37f982e521565793473f340e5be5 mysql-3.23.58-15.RHEL3.1.ppc64.rpm 59b3a8a7e23532c70d881b475af4bd7d mysql-bench-3.23.58-15.RHEL3.1.ppc.rpm 3cd8cb4cd0915e0bbd96efa890d9bee4 mysql-devel-3.23.58-15.RHEL3.1.ppc.rpm s390: 142b2ed96d26cae6cc4643307909ca91 mysql-3.23.58-15.RHEL3.1.s390.rpm 6562ff7efbe46ecbc1278355653ea7d8 mysql-bench-3.23.58-15.RHEL3.1.s390.rpm 55dc03163e7ffcb5b549ed5865a09d75 mysql-devel-3.23.58-15.RHEL3.1.s390.rpm s390x: 58e2b16cefa1011b037c3eb19abbadd7 mysql-3.23.58-15.RHEL3.1.s390x.rpm 142b2ed96d26cae6cc4643307909ca91 mysql-3.23.58-15.RHEL3.1.s390.rpm 219bc280dfcc231e133fb176cc5d830c mysql-bench-3.23.58-15.RHEL3.1.s390x.rpm fc9aaa8d267db06e32541a474cbfb743 mysql-devel-3.23.58-15.RHEL3.1.s390x.rpm x86_64: 429fb7ce5fc1e0284c9926df6294d8a3 mysql-3.23.58-15.RHEL3.1.x86_64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm b25503c0af603c1d969c45e7b2a2438c mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601 mysql-3.23.58-15.RHEL3.1.src.rpm i386: 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e mysql-devel-3.23.58-15.RHEL3.1.i386.rpm x86_64: 429fb7ce5fc1e0284c9926df6294d8a3 mysql-3.23.58-15.RHEL3.1.x86_64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm b25503c0af603c1d969c45e7b2a2438c mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601 mysql-3.23.58-15.RHEL3.1.src.rpm i386: 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e mysql-devel-3.23.58-15.RHEL3.1.i386.rpm ia64: f11140c71bd0153313b568b5a2f3c3ce mysql-3.23.58-15.RHEL3.1.ia64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 16090c803a0ebe16c182225a579238ee mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945 mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm x86_64: 429fb7ce5fc1e0284c9926df6294d8a3 mysql-3.23.58-15.RHEL3.1.x86_64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm b25503c0af603c1d969c45e7b2a2438c mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mysql-3.23.58-15.RHEL3.1.src.rpm 854563dcb2706dbf0eb417442e4dd601 mysql-3.23.58-15.RHEL3.1.src.rpm i386: 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 84d4de6d6a9fe46cd989d3f28f605a0e mysql-bench-3.23.58-15.RHEL3.1.i386.rpm 0c20117cddfcbcc2ae85b1329cb9dd5e mysql-devel-3.23.58-15.RHEL3.1.i386.rpm ia64: f11140c71bd0153313b568b5a2f3c3ce mysql-3.23.58-15.RHEL3.1.ia64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm 16090c803a0ebe16c182225a579238ee mysql-bench-3.23.58-15.RHEL3.1.ia64.rpm 88f6753a99b5ee4f47a2d10c4861c945 mysql-devel-3.23.58-15.RHEL3.1.ia64.rpm x86_64: 429fb7ce5fc1e0284c9926df6294d8a3 mysql-3.23.58-15.RHEL3.1.x86_64.rpm 6e214b26ef33b2a8af7e94e37af6fc4b mysql-3.23.58-15.RHEL3.1.i386.rpm b25503c0af603c1d969c45e7b2a2438c mysql-bench-3.23.58-15.RHEL3.1.x86_64.rpm 8068983267456132f1c70468521e3dfd mysql-devel-3.23.58-15.RHEL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10 mysql-4.1.10a-1.RHEL4.1.src.rpm i386: 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306 mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da mysql-server-4.1.10a-1.RHEL4.1.i386.rpm ia64: c5e66b2052dddad3f7efa8f5a2548306 mysql-4.1.10a-1.RHEL4.1.ia64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 33db1d591733c449d28795506be1d3ec mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9 mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58 mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm ppc: 5b88ed2db9ae0fd206eaaa103f043a08 mysql-4.1.10a-1.RHEL4.1.ppc.rpm 64fd1fa7bc38b404acccbcc38fdf8211 mysql-4.1.10a-1.RHEL4.1.ppc64.rpm f94c6abe0859ec58e6eceaf05edbfe2b mysql-bench-4.1.10a-1.RHEL4.1.ppc.rpm ee2a0cc6256bc7329789895e199e859a mysql-devel-4.1.10a-1.RHEL4.1.ppc.rpm b5fb67ecd12729f5a473803d12529813 mysql-server-4.1.10a-1.RHEL4.1.ppc.rpm s390: ae44637b61fe5b9c56c7306b396c0bff mysql-4.1.10a-1.RHEL4.1.s390.rpm 5d96344a3dfbd15f42e63d72d9648093 mysql-bench-4.1.10a-1.RHEL4.1.s390.rpm 21c55ea6889bb3a41c42a25f1083d328 mysql-devel-4.1.10a-1.RHEL4.1.s390.rpm 3bff18b1d43eb5ef74be7b08714d2978 mysql-server-4.1.10a-1.RHEL4.1.s390.rpm s390x: 9f406ee647de81c005d89d38760b5574 mysql-4.1.10a-1.RHEL4.1.s390x.rpm ae44637b61fe5b9c56c7306b396c0bff mysql-4.1.10a-1.RHEL4.1.s390.rpm c2c3bb4b29a135ff177c964e167d3a3e mysql-bench-4.1.10a-1.RHEL4.1.s390x.rpm e858acd2e61b4d7e7874b4f49a00308e mysql-devel-4.1.10a-1.RHEL4.1.s390x.rpm 9c12db91656385534ac3a8efdbc5705b mysql-server-4.1.10a-1.RHEL4.1.s390x.rpm x86_64: aa863d0a948e88220b65196997553834 mysql-4.1.10a-1.RHEL4.1.x86_64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 859368a712acb8c2cb9c574c340b641f mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724 mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10 mysql-4.1.10a-1.RHEL4.1.src.rpm i386: 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306 mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da mysql-server-4.1.10a-1.RHEL4.1.i386.rpm x86_64: aa863d0a948e88220b65196997553834 mysql-4.1.10a-1.RHEL4.1.x86_64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 859368a712acb8c2cb9c574c340b641f mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724 mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10 mysql-4.1.10a-1.RHEL4.1.src.rpm i386: 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306 mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da mysql-server-4.1.10a-1.RHEL4.1.i386.rpm ia64: c5e66b2052dddad3f7efa8f5a2548306 mysql-4.1.10a-1.RHEL4.1.ia64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 33db1d591733c449d28795506be1d3ec mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9 mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58 mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm x86_64: aa863d0a948e88220b65196997553834 mysql-4.1.10a-1.RHEL4.1.x86_64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 859368a712acb8c2cb9c574c340b641f mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724 mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mysql-4.1.10a-1.RHEL4.1.src.rpm b6a840faaf98a346425dd9a06c8fec10 mysql-4.1.10a-1.RHEL4.1.src.rpm i386: 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 0187c8af0101368f12335745e860039b mysql-bench-4.1.10a-1.RHEL4.1.i386.rpm 11878e76e63152275d496917c66e9306 mysql-devel-4.1.10a-1.RHEL4.1.i386.rpm 7ebf9d00d246c7da140b57ea998d29da mysql-server-4.1.10a-1.RHEL4.1.i386.rpm ia64: c5e66b2052dddad3f7efa8f5a2548306 mysql-4.1.10a-1.RHEL4.1.ia64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 33db1d591733c449d28795506be1d3ec mysql-bench-4.1.10a-1.RHEL4.1.ia64.rpm 960eaaf9f5cf36e0b0a94ab1ef9c21b9 mysql-devel-4.1.10a-1.RHEL4.1.ia64.rpm 4bf66c5b263eb18988cd969ecebd8e58 mysql-server-4.1.10a-1.RHEL4.1.ia64.rpm x86_64: aa863d0a948e88220b65196997553834 mysql-4.1.10a-1.RHEL4.1.x86_64.rpm 6a7fdca164e9d66223f86902be96a088 mysql-4.1.10a-1.RHEL4.1.i386.rpm 859368a712acb8c2cb9c574c340b641f mysql-bench-4.1.10a-1.RHEL4.1.x86_64.rpm bb6f83b4432b00bbd495a753f340b84a mysql-devel-4.1.10a-1.RHEL4.1.x86_64.rpm ca64d3910c12363a62ec773785f31724 mysql-server-4.1.10a-1.RHEL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0710 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0711 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSGIQXlSAg2UNWIIRAm8lAJ9nbbRlnPdVHA0LBVkox5FsNDq1tgCgrZnn EOc4D/9JB4Yz/901JVzJgfc= =KjGq -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 30 08:31:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 Mar 2005 03:31 -0500 Subject: [RHSA-2005:330-01] Important: krb5 security update Message-ID: <200503300831.j2U8VmZ02745@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: krb5 security update Advisory ID: RHSA-2005:330-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-330.html Issue date: 2005-03-30 Updated on: 2005-03-30 Product: Red Hat Enterprise Linux Keywords: telnet CVE Names: CAN-2005-0468 CAN-2005-0469 - --------------------------------------------------------------------- 1. Summary: Updated krb5 packages which fix two buffer overflow vulnerabilities in the included Kerberos-aware telnet client are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Kerberos is a networked authentication system which uses a trusted third party (a KDC) to authenticate clients and servers to each other. The krb5-workstation package includes a Kerberos-aware telnet client. Two buffer overflow flaws were discovered in the way the telnet client handles messages from a server. An attacker may be able to execute arbitrary code on a victim's machine if the victim can be tricked into connecting to a malicious telnet server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0468 and CAN-2005-0469 to these issues. Users of krb5 should update to these erratum packages which contain a backported patch to correct this issue. Red Hat would like to thank iDEFENSE for their responsible disclosure of this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 151267 - 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/krb5-1.2.2-34.src.rpm d76d469166a335ebdbd60c201280114e krb5-1.2.2-34.src.rpm i386: 5a864d57b0e04534006b809215e5b2a1 krb5-devel-1.2.2-34.i386.rpm 2353b8f37263fbe2b3a36659517760fc krb5-libs-1.2.2-34.i386.rpm 605b4b5ffd2a3ee6c05350aaf9d16004 krb5-server-1.2.2-34.i386.rpm d5a304cd4a4f0769630255072ee9c763 krb5-workstation-1.2.2-34.i386.rpm ia64: 8befb0ccf160d23932a924acfb6b3072 krb5-devel-1.2.2-34.ia64.rpm 95b7c9b2048548fbfe1750c4d72a23b7 krb5-libs-1.2.2-34.ia64.rpm 26f1bdaccc93e24e833a2d5f20bbfa09 krb5-server-1.2.2-34.ia64.rpm d98001ff0bb393830e5269e203f3ca48 krb5-workstation-1.2.2-34.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/krb5-1.2.2-34.src.rpm d76d469166a335ebdbd60c201280114e krb5-1.2.2-34.src.rpm ia64: 8befb0ccf160d23932a924acfb6b3072 krb5-devel-1.2.2-34.ia64.rpm 95b7c9b2048548fbfe1750c4d72a23b7 krb5-libs-1.2.2-34.ia64.rpm 26f1bdaccc93e24e833a2d5f20bbfa09 krb5-server-1.2.2-34.ia64.rpm d98001ff0bb393830e5269e203f3ca48 krb5-workstation-1.2.2-34.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/krb5-1.2.2-34.src.rpm d76d469166a335ebdbd60c201280114e krb5-1.2.2-34.src.rpm i386: 5a864d57b0e04534006b809215e5b2a1 krb5-devel-1.2.2-34.i386.rpm 2353b8f37263fbe2b3a36659517760fc krb5-libs-1.2.2-34.i386.rpm 605b4b5ffd2a3ee6c05350aaf9d16004 krb5-server-1.2.2-34.i386.rpm d5a304cd4a4f0769630255072ee9c763 krb5-workstation-1.2.2-34.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/krb5-1.2.2-34.src.rpm d76d469166a335ebdbd60c201280114e krb5-1.2.2-34.src.rpm i386: 5a864d57b0e04534006b809215e5b2a1 krb5-devel-1.2.2-34.i386.rpm 2353b8f37263fbe2b3a36659517760fc krb5-libs-1.2.2-34.i386.rpm 605b4b5ffd2a3ee6c05350aaf9d16004 krb5-server-1.2.2-34.i386.rpm d5a304cd4a4f0769630255072ee9c763 krb5-workstation-1.2.2-34.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/krb5-1.2.7-42.src.rpm 15e292d791e6cd5a788764374c32769e krb5-1.2.7-42.src.rpm i386: 8d2d653de75e0e90d9718043bb9ec2ea krb5-devel-1.2.7-42.i386.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 76a8c1d4048606e96b763b1cfd9e2862 krb5-server-1.2.7-42.i386.rpm 02d15698839a4dca13a692567fdc3701 krb5-workstation-1.2.7-42.i386.rpm ia64: d9486bd1ba6bf58fff0c33b8b54e10d1 krb5-devel-1.2.7-42.ia64.rpm b8f7a412868eb4331b2ac371f2935bed krb5-libs-1.2.7-42.ia64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm e4f4267d02ac27da8963c4770c2d6ab7 krb5-server-1.2.7-42.ia64.rpm a0eb9ccceccb1d777331ab1098ce24b8 krb5-workstation-1.2.7-42.ia64.rpm ppc: 2bfc18ea2b64f042e96f6a7aa3ec769b krb5-devel-1.2.7-42.ppc.rpm 62e0c55d9ee03b661c90689f4c663fa9 krb5-libs-1.2.7-42.ppc.rpm 0001f467b217ae55c103a9f8d8bbe0c4 krb5-libs-1.2.7-42.ppc64.rpm 4ae29ca81df4a7323f4a04dfe7bf422e krb5-server-1.2.7-42.ppc.rpm c28434eb04aa8ba62ae98f384ae96d66 krb5-workstation-1.2.7-42.ppc.rpm s390: 018b6ff9a07097653d1fb0083a8654eb krb5-devel-1.2.7-42.s390.rpm 9c2251b0c061abcec03805bf668654fa krb5-libs-1.2.7-42.s390.rpm e35388af17b751685a02b35be76c83eb krb5-server-1.2.7-42.s390.rpm f8336a07b5429d1c48592dbe9e8b638a krb5-workstation-1.2.7-42.s390.rpm s390x: fc291f78e9ae09ab0500eb772e364b57 krb5-devel-1.2.7-42.s390x.rpm ace1cd33911c12d87ee4616eea5f97d6 krb5-libs-1.2.7-42.s390x.rpm 9c2251b0c061abcec03805bf668654fa krb5-libs-1.2.7-42.s390.rpm b344cc43c163bb08a5b691dcbee69d10 krb5-server-1.2.7-42.s390x.rpm 947cfc0608f6bed2c325d5113188391e krb5-workstation-1.2.7-42.s390x.rpm x86_64: c8f33f385c8b59f8088ba3938820f466 krb5-devel-1.2.7-42.x86_64.rpm 2d13ed5aad4c7910373cfd7399780e18 krb5-libs-1.2.7-42.x86_64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 55efe49040a64af9f4368e1e6c02c758 krb5-server-1.2.7-42.x86_64.rpm a00c82982864a159076c9f7548675ad9 krb5-workstation-1.2.7-42.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/krb5-1.2.7-42.src.rpm 15e292d791e6cd5a788764374c32769e krb5-1.2.7-42.src.rpm i386: 8d2d653de75e0e90d9718043bb9ec2ea krb5-devel-1.2.7-42.i386.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 02d15698839a4dca13a692567fdc3701 krb5-workstation-1.2.7-42.i386.rpm x86_64: c8f33f385c8b59f8088ba3938820f466 krb5-devel-1.2.7-42.x86_64.rpm 2d13ed5aad4c7910373cfd7399780e18 krb5-libs-1.2.7-42.x86_64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm a00c82982864a159076c9f7548675ad9 krb5-workstation-1.2.7-42.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/krb5-1.2.7-42.src.rpm 15e292d791e6cd5a788764374c32769e krb5-1.2.7-42.src.rpm i386: 8d2d653de75e0e90d9718043bb9ec2ea krb5-devel-1.2.7-42.i386.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 76a8c1d4048606e96b763b1cfd9e2862 krb5-server-1.2.7-42.i386.rpm 02d15698839a4dca13a692567fdc3701 krb5-workstation-1.2.7-42.i386.rpm ia64: d9486bd1ba6bf58fff0c33b8b54e10d1 krb5-devel-1.2.7-42.ia64.rpm b8f7a412868eb4331b2ac371f2935bed krb5-libs-1.2.7-42.ia64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm e4f4267d02ac27da8963c4770c2d6ab7 krb5-server-1.2.7-42.ia64.rpm a0eb9ccceccb1d777331ab1098ce24b8 krb5-workstation-1.2.7-42.ia64.rpm x86_64: c8f33f385c8b59f8088ba3938820f466 krb5-devel-1.2.7-42.x86_64.rpm 2d13ed5aad4c7910373cfd7399780e18 krb5-libs-1.2.7-42.x86_64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 55efe49040a64af9f4368e1e6c02c758 krb5-server-1.2.7-42.x86_64.rpm a00c82982864a159076c9f7548675ad9 krb5-workstation-1.2.7-42.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/krb5-1.2.7-42.src.rpm 15e292d791e6cd5a788764374c32769e krb5-1.2.7-42.src.rpm i386: 8d2d653de75e0e90d9718043bb9ec2ea krb5-devel-1.2.7-42.i386.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm 02d15698839a4dca13a692567fdc3701 krb5-workstation-1.2.7-42.i386.rpm ia64: d9486bd1ba6bf58fff0c33b8b54e10d1 krb5-devel-1.2.7-42.ia64.rpm b8f7a412868eb4331b2ac371f2935bed krb5-libs-1.2.7-42.ia64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm a0eb9ccceccb1d777331ab1098ce24b8 krb5-workstation-1.2.7-42.ia64.rpm x86_64: c8f33f385c8b59f8088ba3938820f466 krb5-devel-1.2.7-42.x86_64.rpm 2d13ed5aad4c7910373cfd7399780e18 krb5-libs-1.2.7-42.x86_64.rpm 3f7f0d23cc9447241d17bf92aac52376 krb5-libs-1.2.7-42.i386.rpm a00c82982864a159076c9f7548675ad9 krb5-workstation-1.2.7-42.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/krb5-1.3.4-12.src.rpm 8d598c4fa4404470d6e45978aa47ba6b krb5-1.3.4-12.src.rpm i386: 68457cc2117214ab9b11405b964275db krb5-devel-1.3.4-12.i386.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm dab0e8a818d3df2b028b3c39ba4daa52 krb5-server-1.3.4-12.i386.rpm a12db77933dc920943d6316f7e470ccc krb5-workstation-1.3.4-12.i386.rpm ia64: 1e9eef4e781b54fe954442a427e4fdbe krb5-devel-1.3.4-12.ia64.rpm 56686098f08e0b62bd1445977f7eba6d krb5-libs-1.3.4-12.ia64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ebce3644ac1704157552d51b6a244565 krb5-server-1.3.4-12.ia64.rpm 67c5b06a01aa25b361926bca1c055c03 krb5-workstation-1.3.4-12.ia64.rpm ppc: 261644c24300998a25c57d513fe08c6e krb5-devel-1.3.4-12.ppc.rpm b9663d67bb9b97657d41d870f63b276e krb5-libs-1.3.4-12.ppc.rpm 7248e6793d04613a952422f828fe2cb7 krb5-libs-1.3.4-12.ppc64.rpm 2ea50dcbeb0124a71c1e3489fec583fa krb5-server-1.3.4-12.ppc.rpm 40e4b837e731816630f653bc98e22530 krb5-workstation-1.3.4-12.ppc.rpm s390: 9f759fb193a998a4f88a21ca77f0b1ab krb5-devel-1.3.4-12.s390.rpm cd50ea2c90966a8527e06d77b6c47913 krb5-libs-1.3.4-12.s390.rpm 99668163d062fb8f5bfad4654f444313 krb5-server-1.3.4-12.s390.rpm d94e6fabfc7fd33c9208ce7d374c89e8 krb5-workstation-1.3.4-12.s390.rpm s390x: 5aa3854179039c6cb73145084123a197 krb5-devel-1.3.4-12.s390x.rpm 968f3babf2058bc88b44c5907f029017 krb5-libs-1.3.4-12.s390x.rpm cd50ea2c90966a8527e06d77b6c47913 krb5-libs-1.3.4-12.s390.rpm 7d191831a79c60f99b03c441ca771428 krb5-server-1.3.4-12.s390x.rpm 130b64761b996f24a57ffeb85e637002 krb5-workstation-1.3.4-12.s390x.rpm x86_64: bcf94a851223872e8fcd272a297dc3c2 krb5-devel-1.3.4-12.x86_64.rpm ef7f66e2a911b6c9787ab2e0b87534fc krb5-libs-1.3.4-12.x86_64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ee69869e21701b21cb73092d43e49009 krb5-server-1.3.4-12.x86_64.rpm 2edb7a1bfd9e102ace52fe8e90f84e6c krb5-workstation-1.3.4-12.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/krb5-1.3.4-12.src.rpm 8d598c4fa4404470d6e45978aa47ba6b krb5-1.3.4-12.src.rpm i386: 68457cc2117214ab9b11405b964275db krb5-devel-1.3.4-12.i386.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm dab0e8a818d3df2b028b3c39ba4daa52 krb5-server-1.3.4-12.i386.rpm a12db77933dc920943d6316f7e470ccc krb5-workstation-1.3.4-12.i386.rpm x86_64: bcf94a851223872e8fcd272a297dc3c2 krb5-devel-1.3.4-12.x86_64.rpm ef7f66e2a911b6c9787ab2e0b87534fc krb5-libs-1.3.4-12.x86_64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ee69869e21701b21cb73092d43e49009 krb5-server-1.3.4-12.x86_64.rpm 2edb7a1bfd9e102ace52fe8e90f84e6c krb5-workstation-1.3.4-12.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/krb5-1.3.4-12.src.rpm 8d598c4fa4404470d6e45978aa47ba6b krb5-1.3.4-12.src.rpm i386: 68457cc2117214ab9b11405b964275db krb5-devel-1.3.4-12.i386.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm dab0e8a818d3df2b028b3c39ba4daa52 krb5-server-1.3.4-12.i386.rpm a12db77933dc920943d6316f7e470ccc krb5-workstation-1.3.4-12.i386.rpm ia64: 1e9eef4e781b54fe954442a427e4fdbe krb5-devel-1.3.4-12.ia64.rpm 56686098f08e0b62bd1445977f7eba6d krb5-libs-1.3.4-12.ia64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ebce3644ac1704157552d51b6a244565 krb5-server-1.3.4-12.ia64.rpm 67c5b06a01aa25b361926bca1c055c03 krb5-workstation-1.3.4-12.ia64.rpm x86_64: bcf94a851223872e8fcd272a297dc3c2 krb5-devel-1.3.4-12.x86_64.rpm ef7f66e2a911b6c9787ab2e0b87534fc krb5-libs-1.3.4-12.x86_64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ee69869e21701b21cb73092d43e49009 krb5-server-1.3.4-12.x86_64.rpm 2edb7a1bfd9e102ace52fe8e90f84e6c krb5-workstation-1.3.4-12.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/krb5-1.3.4-12.src.rpm 8d598c4fa4404470d6e45978aa47ba6b krb5-1.3.4-12.src.rpm i386: 68457cc2117214ab9b11405b964275db krb5-devel-1.3.4-12.i386.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm dab0e8a818d3df2b028b3c39ba4daa52 krb5-server-1.3.4-12.i386.rpm a12db77933dc920943d6316f7e470ccc krb5-workstation-1.3.4-12.i386.rpm ia64: 1e9eef4e781b54fe954442a427e4fdbe krb5-devel-1.3.4-12.ia64.rpm 56686098f08e0b62bd1445977f7eba6d krb5-libs-1.3.4-12.ia64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ebce3644ac1704157552d51b6a244565 krb5-server-1.3.4-12.ia64.rpm 67c5b06a01aa25b361926bca1c055c03 krb5-workstation-1.3.4-12.ia64.rpm x86_64: bcf94a851223872e8fcd272a297dc3c2 krb5-devel-1.3.4-12.x86_64.rpm ef7f66e2a911b6c9787ab2e0b87534fc krb5-libs-1.3.4-12.x86_64.rpm 5ee63ae61d91fab567dedb7880fa648e krb5-libs-1.3.4-12.i386.rpm ee69869e21701b21cb73092d43e49009 krb5-server-1.3.4-12.x86_64.rpm 2edb7a1bfd9e102ace52fe8e90f84e6c krb5-workstation-1.3.4-12.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.idefense.com/application/poi/display?id=220&type=vulnerabilities http://www.idefense.com/application/poi/display?id=221&type=vulnerabilities http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0469 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSmPyXlSAg2UNWIIRArq5AJ9IYp7LCvBKvlKzc0cDuNeDLB69zACfX1rC yalv0ezCGAKKLYJdMWBIOqA= =WNbi -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Mar 30 08:32:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 Mar 2005 03:32 -0500 Subject: [RHSA-2005:331-01] Moderate: XFree86 security update Message-ID: <200503300832.j2U8WEZ02772@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: XFree86 security update Advisory ID: RHSA-2005:331-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-331.html Issue date: 2005-03-30 Updated on: 2005-03-30 Product: Red Hat Enterprise Linux Keywords: Xpm Image Loader CVE Names: CAN-2005-0605 - --------------------------------------------------------------------- 1. Summary: Updated XFree86 packages that fix a libXpm integer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: XFree86 is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces (GUIs) such as GNOME and KDE are designed upon. An integer overflow flaw was found in libXpm, which is used by some applications for loading of XPM images. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to the vulnerable library. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. The updated XFree86 packages also address the following minor issues: - - Updated XFree86-4.3.0-keyboard-disable-ioport-access-v3.patch to make warning messages less alarmist. - - Backported XFree86-4.3.0-libX11-stack-overflow.patch from xorg-x11-6.8.1 packaging to fix stack overflow in libX11, which was discovered by new security features of gcc4. Users of XFree86 should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 150038 - CAN-2005-0605 XPM buffer overflow 132885 - libX11 overflows it's own stack 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/XFree86-4.3.0-81.EL.src.rpm ec2126821b38816505d8f9c2c5109f3b XFree86-4.3.0-81.EL.src.rpm i386: b67cc1148558516876da9f3315644287 XFree86-100dpi-fonts-4.3.0-81.EL.i386.rpm e24c002a63924455dc790ca61a10734b XFree86-4.3.0-81.EL.i386.rpm 7b048b1119cd497f763f5adc9dd2c9eb XFree86-75dpi-fonts-4.3.0-81.EL.i386.rpm d5cb187d0ccb828530257ae8fbdfa13a XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.i386.rpm 66f957b40a9f372d21d6d281060c9353 XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.i386.rpm a6c6b586ebe6c58305ca1370411e02dd XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.i386.rpm 56b2e2059128f7780a65ddc0137d7d26 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.i386.rpm 9bf7efccf973689c1ee68511576a4929 XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.i386.rpm 2d27d8fd7d950ad5296375cd08bff11c XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.i386.rpm 6bf4a0df51a9e93c11f89a2c20535812 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.i386.rpm 9414c74b70e12d587be46633a3cf8ea5 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.i386.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 994a60bbc32c0fb5bdcf64685f6a8b2e XFree86-Xnest-4.3.0-81.EL.i386.rpm e0c7f999c12089963927b70293451200 XFree86-Xvfb-4.3.0-81.EL.i386.rpm f732f19be09e7078939733c45a75e88b XFree86-base-fonts-4.3.0-81.EL.i386.rpm 2b736dc772ba5f5b19c36dd93a7a71c1 XFree86-cyrillic-fonts-4.3.0-81.EL.i386.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm fb1ed5d11e281a684a614a6b2d1bc88e XFree86-doc-4.3.0-81.EL.i386.rpm d1ed83c1b06d663d09592dd36ae94b91 XFree86-font-utils-4.3.0-81.EL.i386.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 5fe4b7fa4bc169ea476c23617437a0e1 XFree86-libs-data-4.3.0-81.EL.i386.rpm 9509bc197648a40e5df29f32737d4205 XFree86-sdk-4.3.0-81.EL.i386.rpm 055b3e21b6319ca5934b7635720f455d XFree86-syriac-fonts-4.3.0-81.EL.i386.rpm 24d56880c005d56953fb23a15f1a709c XFree86-tools-4.3.0-81.EL.i386.rpm bf185cf620508fd66b3044bd3823373a XFree86-truetype-fonts-4.3.0-81.EL.i386.rpm ccf0d2ec9b38bbc380d8d8ac7dc55c25 XFree86-twm-4.3.0-81.EL.i386.rpm 1c0ee976ec4e3d76a8e1dbb79c59acf2 XFree86-xauth-4.3.0-81.EL.i386.rpm 5d685dcd9e30c107ef6a0dc391523af1 XFree86-xdm-4.3.0-81.EL.i386.rpm baff2504a8966bde58a4e05ecd6a9f62 XFree86-xfs-4.3.0-81.EL.i386.rpm ia64: eff38c9e011e08dc05c787cfeeab3252 XFree86-100dpi-fonts-4.3.0-81.EL.ia64.rpm ea4763504b816da5ee388f0dc3d491a7 XFree86-4.3.0-81.EL.ia64.rpm b61b1561b208724d608c493620f0dfb1 XFree86-75dpi-fonts-4.3.0-81.EL.ia64.rpm e21c506c9ee271485b6927bdb2c9bd29 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.ia64.rpm 8db0b1ad1fc4f44b751ba702a2f4119e XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.ia64.rpm 6a31deaec3df8de9cd17b0ce1aba2cac XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.ia64.rpm 01fcd66e732a9f9bd4ab4ab5e722fbb6 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.ia64.rpm 479348201265d256309da5ec6144f60f XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1586c2037bfa890f44393ba07234db04 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.ia64.rpm 7ea6f340a071b817521d1038327e6cc6 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1846e4403c6eb22db0b8b4031992715e XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.ia64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 7873be6112cdfbdc4c7fa6b6409be57a XFree86-Mesa-libGL-4.3.0-81.EL.ia64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm e3dcfef59f4b63ebf7894c766e7b3d36 XFree86-Mesa-libGLU-4.3.0-81.EL.ia64.rpm b1455f4fc08b85d62d2ce78d5ae1087a XFree86-Xnest-4.3.0-81.EL.ia64.rpm 70922dec65896050246f1773f394690f XFree86-Xvfb-4.3.0-81.EL.ia64.rpm 8b3128daa455c5320cae2e02919bb52a XFree86-base-fonts-4.3.0-81.EL.ia64.rpm 23a738bd9398089244a7fddd15c9714d XFree86-cyrillic-fonts-4.3.0-81.EL.ia64.rpm e1101dd64624ac1c1c1927c0fa704458 XFree86-devel-4.3.0-81.EL.ia64.rpm 56f9a2616d9f8efc71dda25208de6a4a XFree86-doc-4.3.0-81.EL.ia64.rpm 0ffe254e08749062ea3240cbda9365e6 XFree86-font-utils-4.3.0-81.EL.ia64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 278e3d3c800d5515d230d42f8824e892 XFree86-libs-4.3.0-81.EL.ia64.rpm 69991c08dc1b9ee7ffa9a439209941be XFree86-libs-data-4.3.0-81.EL.ia64.rpm 62cc34773fc58edaec2d557e8a0cf0e6 XFree86-sdk-4.3.0-81.EL.ia64.rpm 6bfce9d8f2a07464763ce37b5fcb20ab XFree86-syriac-fonts-4.3.0-81.EL.ia64.rpm 7cb859fc77814a4062541da0abdf35fd XFree86-tools-4.3.0-81.EL.ia64.rpm a1dc044802e458518e0e5847e02fad1c XFree86-truetype-fonts-4.3.0-81.EL.ia64.rpm c6d7c85e49cbf35ac8fffbbf66cae70e XFree86-twm-4.3.0-81.EL.ia64.rpm 7894c7e8cb8a0f5379a070a2055175ed XFree86-xauth-4.3.0-81.EL.ia64.rpm 1e77c3190903dba5bfefac26e0e51405 XFree86-xdm-4.3.0-81.EL.ia64.rpm 1c3eafddad63af8e117f63667ec6b154 XFree86-xfs-4.3.0-81.EL.ia64.rpm ppc: 3b25f1ae87f4bd2b9c9ef909af1f9f3c XFree86-100dpi-fonts-4.3.0-81.EL.ppc.rpm eb1f8eeb611b2b468fe92ffcb65038bf XFree86-4.3.0-81.EL.ppc.rpm cafab26c9b5d936a3cd6c3eec424d9ea XFree86-75dpi-fonts-4.3.0-81.EL.ppc.rpm dc20c5aeb53ebea8015d9501ed8f4d3b XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.ppc.rpm 86931cc17d480a1428bd084a5a3442ba XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.ppc.rpm d324bf5ff0165f5ff4b40e4c33da3296 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.ppc.rpm 55b1d3aed26cd1999758613a3b13e0b1 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.ppc.rpm c71386b8b575f8ba6b92e6fa8ef7b703 XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.ppc.rpm c0039c99110dba64d3ee84a662888c88 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.ppc.rpm 579c90b532c8f102612dc691acb548c8 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.ppc.rpm 924ca18326c4bb2c93b8069956af4235 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.ppc.rpm 0ddb14b7f88c291e4d39311598bf8b21 XFree86-Mesa-libGL-4.3.0-81.EL.ppc.rpm 67480bec9655bc57fa516fd720decc6a XFree86-Mesa-libGL-4.3.0-81.EL.ppc64.rpm bfca29eae86ff3b4a3b82978ae88bc0e XFree86-Mesa-libGLU-4.3.0-81.EL.ppc.rpm 1d54dddbfcd1f26168d8f38762bbeb7b XFree86-Mesa-libGLU-4.3.0-81.EL.ppc64.rpm 53f360b74a8f32f1950013ce84d06b28 XFree86-Xnest-4.3.0-81.EL.ppc.rpm 3f0d3a0f1fdbe39941af7859fb311a3f XFree86-Xvfb-4.3.0-81.EL.ppc.rpm e5ff28127a9f81468b485aa79255372c XFree86-base-fonts-4.3.0-81.EL.ppc.rpm b8657d150145be769950b3c8df84f9a4 XFree86-cyrillic-fonts-4.3.0-81.EL.ppc.rpm c798c3d4470204dc5dec051a71c1b7ff XFree86-devel-4.3.0-81.EL.ppc.rpm 6a26cb18c92f2723ce069b0167bccffb XFree86-devel-4.3.0-81.EL.ppc64.rpm e0236e95d875ef131d5611f2ce9a6ff3 XFree86-doc-4.3.0-81.EL.ppc.rpm 0bfbf211014cb7ec1b455066d5388b0c XFree86-font-utils-4.3.0-81.EL.ppc.rpm 8fee0641b32b44ea5e3494d46199f293 XFree86-libs-4.3.0-81.EL.ppc.rpm 12eef17e5868de128a6f27f626daa66c XFree86-libs-4.3.0-81.EL.ppc64.rpm bd43c24a78978cbd43611073d75eaa58 XFree86-libs-data-4.3.0-81.EL.ppc.rpm 4840dbd87d69bb7bfcc7e10a744acf75 XFree86-sdk-4.3.0-81.EL.ppc.rpm 8595f504b5d8120eb641f1eb7f3dbdc2 XFree86-syriac-fonts-4.3.0-81.EL.ppc.rpm 5c9d119aaeef7d55d0b8dcf456d0ca35 XFree86-tools-4.3.0-81.EL.ppc.rpm b8e1c659a279755eb101b6b4b81aeafe XFree86-truetype-fonts-4.3.0-81.EL.ppc.rpm d3db9fddc74067d6a4a2bee761bc2877 XFree86-twm-4.3.0-81.EL.ppc.rpm f5b004e1990040018cb6dcdeac601b32 XFree86-xauth-4.3.0-81.EL.ppc.rpm bec1e550d1ee1f1b09ab29ec0dd915d9 XFree86-xdm-4.3.0-81.EL.ppc.rpm bbea558e5a6467bfbce185420c0e0319 XFree86-xfs-4.3.0-81.EL.ppc.rpm s390: 70857d2300d817e35a41eadcfc23b885 XFree86-100dpi-fonts-4.3.0-81.EL.s390.rpm 230d806e22069e57ee264b24189daf46 XFree86-4.3.0-81.EL.s390.rpm f089fc87ca4ed1dc4d7f049a74d7e632 XFree86-75dpi-fonts-4.3.0-81.EL.s390.rpm 43ef577bf6f091061958fc1f5087a7bb XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.s390.rpm 2065845fbdd88637ba8f540cc1c797ab XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.s390.rpm 10ddfc196ade3b1cc61853aeb63dc0a3 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.s390.rpm 4e6faea2dca7315d658c4a192372b25e XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.s390.rpm b22fc1291d7e93b3b72b0b2f50af36ef XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.s390.rpm 6aff791ffd4438cae96bcb9102bea0fb XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.s390.rpm 13c6723abe250b17ebc7feb9b8595578 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.s390.rpm b298f00037770533a291fe23c8b20831 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.s390.rpm 663ebb4a1c3795a13b75c765cbccdd4b XFree86-Mesa-libGL-4.3.0-81.EL.s390.rpm c7bfcba62f40f325a7d8982f728f5f16 XFree86-Mesa-libGLU-4.3.0-81.EL.s390.rpm 1d2a884dcbe95dba5c9bbd7d6f9cbd75 XFree86-Xnest-4.3.0-81.EL.s390.rpm 01fab2ab899ac17a01b7f5c12435c79d XFree86-Xvfb-4.3.0-81.EL.s390.rpm 3fb1523803600ef549ffba79c8c44fe6 XFree86-base-fonts-4.3.0-81.EL.s390.rpm 9492c2a17cd37cf511be8736237a8855 XFree86-cyrillic-fonts-4.3.0-81.EL.s390.rpm aa41ff1ec14d83e74b80f667317b8a1b XFree86-devel-4.3.0-81.EL.s390.rpm 83fb59d3bce96f9e81ad92ea8c7cc339 XFree86-font-utils-4.3.0-81.EL.s390.rpm 4afc7863aeffb3db98f38a19bcc9df78 XFree86-libs-4.3.0-81.EL.s390.rpm 5818131a886218e20b9556052bfd02ef XFree86-libs-data-4.3.0-81.EL.s390.rpm dc0c5ad37c3c74ca898faee576a60991 XFree86-syriac-fonts-4.3.0-81.EL.s390.rpm 95a4b19611fb8607bdcb640f374d1c65 XFree86-tools-4.3.0-81.EL.s390.rpm 148bc2392bfff6a273903ba2c88d8155 XFree86-truetype-fonts-4.3.0-81.EL.s390.rpm 06c770621b5ccec0bfa33ffb23c4e014 XFree86-twm-4.3.0-81.EL.s390.rpm 0d56d31ab7db6ad48822b983f7ed64a2 XFree86-xauth-4.3.0-81.EL.s390.rpm 02ffce3b67a77ddbad16cea3c38568b6 XFree86-xdm-4.3.0-81.EL.s390.rpm 786f10857fff69947af241faeb5de106 XFree86-xfs-4.3.0-81.EL.s390.rpm s390x: c104b9473517eb2f040146a5a300eb7b XFree86-100dpi-fonts-4.3.0-81.EL.s390x.rpm b1cf24674326f064a49c01eab76a9248 XFree86-4.3.0-81.EL.s390x.rpm 6921805860ef5d9288eeeb5ce2fed7ee XFree86-75dpi-fonts-4.3.0-81.EL.s390x.rpm 8c391bd669030e1489cde4b447023596 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.s390x.rpm e1fc519182e5c030c02bc5d7e8c4d6c5 XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.s390x.rpm 356626217a47711879b5489d34a0ada2 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.s390x.rpm 8fa38769da2ce9fd6ca52f1e386bec8a XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.s390x.rpm 4dd2eb449bf7b87d31e8cf162e403b6e XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.s390x.rpm 8a2dcb00338fc084934ec546eecd99d2 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.s390x.rpm 8bd6b37a3c29134d4ec5c4ff1e4f9adf XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.s390x.rpm 1fc2803f8ff4031efb1d0fcc5f6d8649 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.s390x.rpm 663ebb4a1c3795a13b75c765cbccdd4b XFree86-Mesa-libGL-4.3.0-81.EL.s390.rpm def6c62993c4daf1556551481fcdc2b0 XFree86-Mesa-libGL-4.3.0-81.EL.s390x.rpm c7bfcba62f40f325a7d8982f728f5f16 XFree86-Mesa-libGLU-4.3.0-81.EL.s390.rpm 742dee2b51454dc606c5ebd5af37a145 XFree86-Mesa-libGLU-4.3.0-81.EL.s390x.rpm 433300cec1e8937dff4c83b2f8d6c5d9 XFree86-Xnest-4.3.0-81.EL.s390x.rpm 38a2e8df18316a70d4bb64f830cf60e2 XFree86-Xvfb-4.3.0-81.EL.s390x.rpm d7d64bc01bf29a849cf432a95fc1d7e4 XFree86-base-fonts-4.3.0-81.EL.s390x.rpm 3c0a98413a85597b45f10fa579a7d2f0 XFree86-cyrillic-fonts-4.3.0-81.EL.s390x.rpm aa41ff1ec14d83e74b80f667317b8a1b XFree86-devel-4.3.0-81.EL.s390.rpm 981af75419e99b884cb1fcabbf189e90 XFree86-devel-4.3.0-81.EL.s390x.rpm c6757b0efa60bf175cfe26ac8a35f400 XFree86-font-utils-4.3.0-81.EL.s390x.rpm 4afc7863aeffb3db98f38a19bcc9df78 XFree86-libs-4.3.0-81.EL.s390.rpm 0a6f33ef305f7acc06564ec2f02a8444 XFree86-libs-4.3.0-81.EL.s390x.rpm 17e4fa30000af4f104c1adbf289470fb XFree86-libs-data-4.3.0-81.EL.s390x.rpm 199c9f43b46d47f5cdeb3fa74d7c09a9 XFree86-syriac-fonts-4.3.0-81.EL.s390x.rpm c9a2eeb519853fee69789f5d592cc89a XFree86-tools-4.3.0-81.EL.s390x.rpm fe496b85ef87be9e2507619b8532718d XFree86-truetype-fonts-4.3.0-81.EL.s390x.rpm d67bd382d27e554ca24b73a5d3493e3e XFree86-twm-4.3.0-81.EL.s390x.rpm 071a421d2f92b3c9eb6124432059a3af XFree86-xauth-4.3.0-81.EL.s390x.rpm beaa1cc39e8aadfadf5608f3151533fe XFree86-xdm-4.3.0-81.EL.s390x.rpm a18bb230f8edfe7fca219ab5a599b70c XFree86-xfs-4.3.0-81.EL.s390x.rpm x86_64: 82e6b194df172c9f873d77c1fba47681 XFree86-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 021825f0bcef753f491028e2ca68b2e6 XFree86-4.3.0-81.EL.x86_64.rpm 206379e78b9f32d6f15d19c99b301991 XFree86-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0bdaa034664570931e1ea760fb4583d9 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 04111603a8931ae3595d7f2af947431d XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 231e7bfaee4ad3bf7994965f29794d12 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.x86_64.rpm b3e1e9684e2edac756cee91f0f1e6b87 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 3852b1d861d33e13be545377869ccebf XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 616af8acc647bddcc6c9978b5ea8d568 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0dd7344dec5338a612f7c94871542a39 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 81744aba3ccda257d17cda843c15fc98 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 30e0122115e62fb729db7d9859766258 XFree86-Mesa-libGL-4.3.0-81.EL.x86_64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 9cb9ba84d52e1373dfe5fe6fcfb5ddd5 XFree86-Mesa-libGLU-4.3.0-81.EL.x86_64.rpm 008cdb85bf686ee64dd7b74159f5af47 XFree86-Xnest-4.3.0-81.EL.x86_64.rpm 949130dadeba14aa9fc4bbf8d459a5c2 XFree86-Xvfb-4.3.0-81.EL.x86_64.rpm 2c9535cd02509125a35dee842ae86213 XFree86-base-fonts-4.3.0-81.EL.x86_64.rpm c537113f2adca9159b8b8986345c5b5d XFree86-cyrillic-fonts-4.3.0-81.EL.x86_64.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm 1cd39e77d9ee434f0068a7c435a631f1 XFree86-devel-4.3.0-81.EL.x86_64.rpm 8900da5cb03119c7151c1d390bbf2fc5 XFree86-doc-4.3.0-81.EL.x86_64.rpm e106b85549ef99a07e081b884e15909b XFree86-font-utils-4.3.0-81.EL.x86_64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 731ea39e6492f0d6ed4cba6459eeebd1 XFree86-libs-4.3.0-81.EL.x86_64.rpm 8d3df401e904f96a024c37a5f168574a XFree86-libs-data-4.3.0-81.EL.x86_64.rpm 587353b50c18ab94679022416147f8ef XFree86-sdk-4.3.0-81.EL.x86_64.rpm 02ae2bfba6d32ba594729f980155f878 XFree86-syriac-fonts-4.3.0-81.EL.x86_64.rpm 228609032f49b4ba2ec22a08f8b4f5f6 XFree86-tools-4.3.0-81.EL.x86_64.rpm 08fa0ed31bc0bcb7c2be20202f94a346 XFree86-truetype-fonts-4.3.0-81.EL.x86_64.rpm 5708b184403aa0e171fe2ae6db850d1b XFree86-twm-4.3.0-81.EL.x86_64.rpm 2b031866675f0753e1bc06e7a0926803 XFree86-xauth-4.3.0-81.EL.x86_64.rpm c11c625d355bfaf50425398567b0b4c1 XFree86-xdm-4.3.0-81.EL.x86_64.rpm 885a5af754329bf2f467e22b72eb0b56 XFree86-xfs-4.3.0-81.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/XFree86-4.3.0-81.EL.src.rpm ec2126821b38816505d8f9c2c5109f3b XFree86-4.3.0-81.EL.src.rpm i386: b67cc1148558516876da9f3315644287 XFree86-100dpi-fonts-4.3.0-81.EL.i386.rpm e24c002a63924455dc790ca61a10734b XFree86-4.3.0-81.EL.i386.rpm 7b048b1119cd497f763f5adc9dd2c9eb XFree86-75dpi-fonts-4.3.0-81.EL.i386.rpm d5cb187d0ccb828530257ae8fbdfa13a XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.i386.rpm 66f957b40a9f372d21d6d281060c9353 XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.i386.rpm a6c6b586ebe6c58305ca1370411e02dd XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.i386.rpm 56b2e2059128f7780a65ddc0137d7d26 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.i386.rpm 9bf7efccf973689c1ee68511576a4929 XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.i386.rpm 2d27d8fd7d950ad5296375cd08bff11c XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.i386.rpm 6bf4a0df51a9e93c11f89a2c20535812 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.i386.rpm 9414c74b70e12d587be46633a3cf8ea5 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.i386.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 994a60bbc32c0fb5bdcf64685f6a8b2e XFree86-Xnest-4.3.0-81.EL.i386.rpm e0c7f999c12089963927b70293451200 XFree86-Xvfb-4.3.0-81.EL.i386.rpm f732f19be09e7078939733c45a75e88b XFree86-base-fonts-4.3.0-81.EL.i386.rpm 2b736dc772ba5f5b19c36dd93a7a71c1 XFree86-cyrillic-fonts-4.3.0-81.EL.i386.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm fb1ed5d11e281a684a614a6b2d1bc88e XFree86-doc-4.3.0-81.EL.i386.rpm d1ed83c1b06d663d09592dd36ae94b91 XFree86-font-utils-4.3.0-81.EL.i386.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 5fe4b7fa4bc169ea476c23617437a0e1 XFree86-libs-data-4.3.0-81.EL.i386.rpm 9509bc197648a40e5df29f32737d4205 XFree86-sdk-4.3.0-81.EL.i386.rpm 055b3e21b6319ca5934b7635720f455d XFree86-syriac-fonts-4.3.0-81.EL.i386.rpm 24d56880c005d56953fb23a15f1a709c XFree86-tools-4.3.0-81.EL.i386.rpm bf185cf620508fd66b3044bd3823373a XFree86-truetype-fonts-4.3.0-81.EL.i386.rpm ccf0d2ec9b38bbc380d8d8ac7dc55c25 XFree86-twm-4.3.0-81.EL.i386.rpm 1c0ee976ec4e3d76a8e1dbb79c59acf2 XFree86-xauth-4.3.0-81.EL.i386.rpm 5d685dcd9e30c107ef6a0dc391523af1 XFree86-xdm-4.3.0-81.EL.i386.rpm baff2504a8966bde58a4e05ecd6a9f62 XFree86-xfs-4.3.0-81.EL.i386.rpm x86_64: 82e6b194df172c9f873d77c1fba47681 XFree86-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 021825f0bcef753f491028e2ca68b2e6 XFree86-4.3.0-81.EL.x86_64.rpm 206379e78b9f32d6f15d19c99b301991 XFree86-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0bdaa034664570931e1ea760fb4583d9 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 04111603a8931ae3595d7f2af947431d XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 231e7bfaee4ad3bf7994965f29794d12 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.x86_64.rpm b3e1e9684e2edac756cee91f0f1e6b87 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 3852b1d861d33e13be545377869ccebf XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 616af8acc647bddcc6c9978b5ea8d568 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0dd7344dec5338a612f7c94871542a39 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 81744aba3ccda257d17cda843c15fc98 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 30e0122115e62fb729db7d9859766258 XFree86-Mesa-libGL-4.3.0-81.EL.x86_64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 9cb9ba84d52e1373dfe5fe6fcfb5ddd5 XFree86-Mesa-libGLU-4.3.0-81.EL.x86_64.rpm 008cdb85bf686ee64dd7b74159f5af47 XFree86-Xnest-4.3.0-81.EL.x86_64.rpm 949130dadeba14aa9fc4bbf8d459a5c2 XFree86-Xvfb-4.3.0-81.EL.x86_64.rpm 2c9535cd02509125a35dee842ae86213 XFree86-base-fonts-4.3.0-81.EL.x86_64.rpm c537113f2adca9159b8b8986345c5b5d XFree86-cyrillic-fonts-4.3.0-81.EL.x86_64.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm 1cd39e77d9ee434f0068a7c435a631f1 XFree86-devel-4.3.0-81.EL.x86_64.rpm 8900da5cb03119c7151c1d390bbf2fc5 XFree86-doc-4.3.0-81.EL.x86_64.rpm e106b85549ef99a07e081b884e15909b XFree86-font-utils-4.3.0-81.EL.x86_64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 731ea39e6492f0d6ed4cba6459eeebd1 XFree86-libs-4.3.0-81.EL.x86_64.rpm 8d3df401e904f96a024c37a5f168574a XFree86-libs-data-4.3.0-81.EL.x86_64.rpm 587353b50c18ab94679022416147f8ef XFree86-sdk-4.3.0-81.EL.x86_64.rpm 02ae2bfba6d32ba594729f980155f878 XFree86-syriac-fonts-4.3.0-81.EL.x86_64.rpm 228609032f49b4ba2ec22a08f8b4f5f6 XFree86-tools-4.3.0-81.EL.x86_64.rpm 08fa0ed31bc0bcb7c2be20202f94a346 XFree86-truetype-fonts-4.3.0-81.EL.x86_64.rpm 5708b184403aa0e171fe2ae6db850d1b XFree86-twm-4.3.0-81.EL.x86_64.rpm 2b031866675f0753e1bc06e7a0926803 XFree86-xauth-4.3.0-81.EL.x86_64.rpm c11c625d355bfaf50425398567b0b4c1 XFree86-xdm-4.3.0-81.EL.x86_64.rpm 885a5af754329bf2f467e22b72eb0b56 XFree86-xfs-4.3.0-81.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/XFree86-4.3.0-81.EL.src.rpm ec2126821b38816505d8f9c2c5109f3b XFree86-4.3.0-81.EL.src.rpm i386: b67cc1148558516876da9f3315644287 XFree86-100dpi-fonts-4.3.0-81.EL.i386.rpm e24c002a63924455dc790ca61a10734b XFree86-4.3.0-81.EL.i386.rpm 7b048b1119cd497f763f5adc9dd2c9eb XFree86-75dpi-fonts-4.3.0-81.EL.i386.rpm d5cb187d0ccb828530257ae8fbdfa13a XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.i386.rpm 66f957b40a9f372d21d6d281060c9353 XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.i386.rpm a6c6b586ebe6c58305ca1370411e02dd XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.i386.rpm 56b2e2059128f7780a65ddc0137d7d26 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.i386.rpm 9bf7efccf973689c1ee68511576a4929 XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.i386.rpm 2d27d8fd7d950ad5296375cd08bff11c XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.i386.rpm 6bf4a0df51a9e93c11f89a2c20535812 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.i386.rpm 9414c74b70e12d587be46633a3cf8ea5 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.i386.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 994a60bbc32c0fb5bdcf64685f6a8b2e XFree86-Xnest-4.3.0-81.EL.i386.rpm e0c7f999c12089963927b70293451200 XFree86-Xvfb-4.3.0-81.EL.i386.rpm f732f19be09e7078939733c45a75e88b XFree86-base-fonts-4.3.0-81.EL.i386.rpm 2b736dc772ba5f5b19c36dd93a7a71c1 XFree86-cyrillic-fonts-4.3.0-81.EL.i386.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm fb1ed5d11e281a684a614a6b2d1bc88e XFree86-doc-4.3.0-81.EL.i386.rpm d1ed83c1b06d663d09592dd36ae94b91 XFree86-font-utils-4.3.0-81.EL.i386.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 5fe4b7fa4bc169ea476c23617437a0e1 XFree86-libs-data-4.3.0-81.EL.i386.rpm 9509bc197648a40e5df29f32737d4205 XFree86-sdk-4.3.0-81.EL.i386.rpm 055b3e21b6319ca5934b7635720f455d XFree86-syriac-fonts-4.3.0-81.EL.i386.rpm 24d56880c005d56953fb23a15f1a709c XFree86-tools-4.3.0-81.EL.i386.rpm bf185cf620508fd66b3044bd3823373a XFree86-truetype-fonts-4.3.0-81.EL.i386.rpm ccf0d2ec9b38bbc380d8d8ac7dc55c25 XFree86-twm-4.3.0-81.EL.i386.rpm 1c0ee976ec4e3d76a8e1dbb79c59acf2 XFree86-xauth-4.3.0-81.EL.i386.rpm 5d685dcd9e30c107ef6a0dc391523af1 XFree86-xdm-4.3.0-81.EL.i386.rpm baff2504a8966bde58a4e05ecd6a9f62 XFree86-xfs-4.3.0-81.EL.i386.rpm ia64: eff38c9e011e08dc05c787cfeeab3252 XFree86-100dpi-fonts-4.3.0-81.EL.ia64.rpm ea4763504b816da5ee388f0dc3d491a7 XFree86-4.3.0-81.EL.ia64.rpm b61b1561b208724d608c493620f0dfb1 XFree86-75dpi-fonts-4.3.0-81.EL.ia64.rpm e21c506c9ee271485b6927bdb2c9bd29 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.ia64.rpm 8db0b1ad1fc4f44b751ba702a2f4119e XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.ia64.rpm 6a31deaec3df8de9cd17b0ce1aba2cac XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.ia64.rpm 01fcd66e732a9f9bd4ab4ab5e722fbb6 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.ia64.rpm 479348201265d256309da5ec6144f60f XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1586c2037bfa890f44393ba07234db04 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.ia64.rpm 7ea6f340a071b817521d1038327e6cc6 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1846e4403c6eb22db0b8b4031992715e XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.ia64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 7873be6112cdfbdc4c7fa6b6409be57a XFree86-Mesa-libGL-4.3.0-81.EL.ia64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm e3dcfef59f4b63ebf7894c766e7b3d36 XFree86-Mesa-libGLU-4.3.0-81.EL.ia64.rpm b1455f4fc08b85d62d2ce78d5ae1087a XFree86-Xnest-4.3.0-81.EL.ia64.rpm 70922dec65896050246f1773f394690f XFree86-Xvfb-4.3.0-81.EL.ia64.rpm 8b3128daa455c5320cae2e02919bb52a XFree86-base-fonts-4.3.0-81.EL.ia64.rpm 23a738bd9398089244a7fddd15c9714d XFree86-cyrillic-fonts-4.3.0-81.EL.ia64.rpm e1101dd64624ac1c1c1927c0fa704458 XFree86-devel-4.3.0-81.EL.ia64.rpm 56f9a2616d9f8efc71dda25208de6a4a XFree86-doc-4.3.0-81.EL.ia64.rpm 0ffe254e08749062ea3240cbda9365e6 XFree86-font-utils-4.3.0-81.EL.ia64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 278e3d3c800d5515d230d42f8824e892 XFree86-libs-4.3.0-81.EL.ia64.rpm 69991c08dc1b9ee7ffa9a439209941be XFree86-libs-data-4.3.0-81.EL.ia64.rpm 62cc34773fc58edaec2d557e8a0cf0e6 XFree86-sdk-4.3.0-81.EL.ia64.rpm 6bfce9d8f2a07464763ce37b5fcb20ab XFree86-syriac-fonts-4.3.0-81.EL.ia64.rpm 7cb859fc77814a4062541da0abdf35fd XFree86-tools-4.3.0-81.EL.ia64.rpm a1dc044802e458518e0e5847e02fad1c XFree86-truetype-fonts-4.3.0-81.EL.ia64.rpm c6d7c85e49cbf35ac8fffbbf66cae70e XFree86-twm-4.3.0-81.EL.ia64.rpm 7894c7e8cb8a0f5379a070a2055175ed XFree86-xauth-4.3.0-81.EL.ia64.rpm 1e77c3190903dba5bfefac26e0e51405 XFree86-xdm-4.3.0-81.EL.ia64.rpm 1c3eafddad63af8e117f63667ec6b154 XFree86-xfs-4.3.0-81.EL.ia64.rpm x86_64: 82e6b194df172c9f873d77c1fba47681 XFree86-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 021825f0bcef753f491028e2ca68b2e6 XFree86-4.3.0-81.EL.x86_64.rpm 206379e78b9f32d6f15d19c99b301991 XFree86-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0bdaa034664570931e1ea760fb4583d9 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 04111603a8931ae3595d7f2af947431d XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 231e7bfaee4ad3bf7994965f29794d12 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.x86_64.rpm b3e1e9684e2edac756cee91f0f1e6b87 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 3852b1d861d33e13be545377869ccebf XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 616af8acc647bddcc6c9978b5ea8d568 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0dd7344dec5338a612f7c94871542a39 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 81744aba3ccda257d17cda843c15fc98 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 30e0122115e62fb729db7d9859766258 XFree86-Mesa-libGL-4.3.0-81.EL.x86_64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 9cb9ba84d52e1373dfe5fe6fcfb5ddd5 XFree86-Mesa-libGLU-4.3.0-81.EL.x86_64.rpm 008cdb85bf686ee64dd7b74159f5af47 XFree86-Xnest-4.3.0-81.EL.x86_64.rpm 949130dadeba14aa9fc4bbf8d459a5c2 XFree86-Xvfb-4.3.0-81.EL.x86_64.rpm 2c9535cd02509125a35dee842ae86213 XFree86-base-fonts-4.3.0-81.EL.x86_64.rpm c537113f2adca9159b8b8986345c5b5d XFree86-cyrillic-fonts-4.3.0-81.EL.x86_64.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm 1cd39e77d9ee434f0068a7c435a631f1 XFree86-devel-4.3.0-81.EL.x86_64.rpm 8900da5cb03119c7151c1d390bbf2fc5 XFree86-doc-4.3.0-81.EL.x86_64.rpm e106b85549ef99a07e081b884e15909b XFree86-font-utils-4.3.0-81.EL.x86_64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 731ea39e6492f0d6ed4cba6459eeebd1 XFree86-libs-4.3.0-81.EL.x86_64.rpm 8d3df401e904f96a024c37a5f168574a XFree86-libs-data-4.3.0-81.EL.x86_64.rpm 587353b50c18ab94679022416147f8ef XFree86-sdk-4.3.0-81.EL.x86_64.rpm 02ae2bfba6d32ba594729f980155f878 XFree86-syriac-fonts-4.3.0-81.EL.x86_64.rpm 228609032f49b4ba2ec22a08f8b4f5f6 XFree86-tools-4.3.0-81.EL.x86_64.rpm 08fa0ed31bc0bcb7c2be20202f94a346 XFree86-truetype-fonts-4.3.0-81.EL.x86_64.rpm 5708b184403aa0e171fe2ae6db850d1b XFree86-twm-4.3.0-81.EL.x86_64.rpm 2b031866675f0753e1bc06e7a0926803 XFree86-xauth-4.3.0-81.EL.x86_64.rpm c11c625d355bfaf50425398567b0b4c1 XFree86-xdm-4.3.0-81.EL.x86_64.rpm 885a5af754329bf2f467e22b72eb0b56 XFree86-xfs-4.3.0-81.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/XFree86-4.3.0-81.EL.src.rpm ec2126821b38816505d8f9c2c5109f3b XFree86-4.3.0-81.EL.src.rpm i386: b67cc1148558516876da9f3315644287 XFree86-100dpi-fonts-4.3.0-81.EL.i386.rpm e24c002a63924455dc790ca61a10734b XFree86-4.3.0-81.EL.i386.rpm 7b048b1119cd497f763f5adc9dd2c9eb XFree86-75dpi-fonts-4.3.0-81.EL.i386.rpm d5cb187d0ccb828530257ae8fbdfa13a XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.i386.rpm 66f957b40a9f372d21d6d281060c9353 XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.i386.rpm a6c6b586ebe6c58305ca1370411e02dd XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.i386.rpm 56b2e2059128f7780a65ddc0137d7d26 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.i386.rpm 9bf7efccf973689c1ee68511576a4929 XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.i386.rpm 2d27d8fd7d950ad5296375cd08bff11c XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.i386.rpm 6bf4a0df51a9e93c11f89a2c20535812 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.i386.rpm 9414c74b70e12d587be46633a3cf8ea5 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.i386.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 994a60bbc32c0fb5bdcf64685f6a8b2e XFree86-Xnest-4.3.0-81.EL.i386.rpm e0c7f999c12089963927b70293451200 XFree86-Xvfb-4.3.0-81.EL.i386.rpm f732f19be09e7078939733c45a75e88b XFree86-base-fonts-4.3.0-81.EL.i386.rpm 2b736dc772ba5f5b19c36dd93a7a71c1 XFree86-cyrillic-fonts-4.3.0-81.EL.i386.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm fb1ed5d11e281a684a614a6b2d1bc88e XFree86-doc-4.3.0-81.EL.i386.rpm d1ed83c1b06d663d09592dd36ae94b91 XFree86-font-utils-4.3.0-81.EL.i386.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 5fe4b7fa4bc169ea476c23617437a0e1 XFree86-libs-data-4.3.0-81.EL.i386.rpm 9509bc197648a40e5df29f32737d4205 XFree86-sdk-4.3.0-81.EL.i386.rpm 055b3e21b6319ca5934b7635720f455d XFree86-syriac-fonts-4.3.0-81.EL.i386.rpm 24d56880c005d56953fb23a15f1a709c XFree86-tools-4.3.0-81.EL.i386.rpm bf185cf620508fd66b3044bd3823373a XFree86-truetype-fonts-4.3.0-81.EL.i386.rpm ccf0d2ec9b38bbc380d8d8ac7dc55c25 XFree86-twm-4.3.0-81.EL.i386.rpm 1c0ee976ec4e3d76a8e1dbb79c59acf2 XFree86-xauth-4.3.0-81.EL.i386.rpm 5d685dcd9e30c107ef6a0dc391523af1 XFree86-xdm-4.3.0-81.EL.i386.rpm baff2504a8966bde58a4e05ecd6a9f62 XFree86-xfs-4.3.0-81.EL.i386.rpm ia64: eff38c9e011e08dc05c787cfeeab3252 XFree86-100dpi-fonts-4.3.0-81.EL.ia64.rpm ea4763504b816da5ee388f0dc3d491a7 XFree86-4.3.0-81.EL.ia64.rpm b61b1561b208724d608c493620f0dfb1 XFree86-75dpi-fonts-4.3.0-81.EL.ia64.rpm e21c506c9ee271485b6927bdb2c9bd29 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.ia64.rpm 8db0b1ad1fc4f44b751ba702a2f4119e XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.ia64.rpm 6a31deaec3df8de9cd17b0ce1aba2cac XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.ia64.rpm 01fcd66e732a9f9bd4ab4ab5e722fbb6 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.ia64.rpm 479348201265d256309da5ec6144f60f XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1586c2037bfa890f44393ba07234db04 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.ia64.rpm 7ea6f340a071b817521d1038327e6cc6 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.ia64.rpm 1846e4403c6eb22db0b8b4031992715e XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.ia64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 7873be6112cdfbdc4c7fa6b6409be57a XFree86-Mesa-libGL-4.3.0-81.EL.ia64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm e3dcfef59f4b63ebf7894c766e7b3d36 XFree86-Mesa-libGLU-4.3.0-81.EL.ia64.rpm b1455f4fc08b85d62d2ce78d5ae1087a XFree86-Xnest-4.3.0-81.EL.ia64.rpm 70922dec65896050246f1773f394690f XFree86-Xvfb-4.3.0-81.EL.ia64.rpm 8b3128daa455c5320cae2e02919bb52a XFree86-base-fonts-4.3.0-81.EL.ia64.rpm 23a738bd9398089244a7fddd15c9714d XFree86-cyrillic-fonts-4.3.0-81.EL.ia64.rpm e1101dd64624ac1c1c1927c0fa704458 XFree86-devel-4.3.0-81.EL.ia64.rpm 56f9a2616d9f8efc71dda25208de6a4a XFree86-doc-4.3.0-81.EL.ia64.rpm 0ffe254e08749062ea3240cbda9365e6 XFree86-font-utils-4.3.0-81.EL.ia64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 278e3d3c800d5515d230d42f8824e892 XFree86-libs-4.3.0-81.EL.ia64.rpm 69991c08dc1b9ee7ffa9a439209941be XFree86-libs-data-4.3.0-81.EL.ia64.rpm 62cc34773fc58edaec2d557e8a0cf0e6 XFree86-sdk-4.3.0-81.EL.ia64.rpm 6bfce9d8f2a07464763ce37b5fcb20ab XFree86-syriac-fonts-4.3.0-81.EL.ia64.rpm 7cb859fc77814a4062541da0abdf35fd XFree86-tools-4.3.0-81.EL.ia64.rpm a1dc044802e458518e0e5847e02fad1c XFree86-truetype-fonts-4.3.0-81.EL.ia64.rpm c6d7c85e49cbf35ac8fffbbf66cae70e XFree86-twm-4.3.0-81.EL.ia64.rpm 7894c7e8cb8a0f5379a070a2055175ed XFree86-xauth-4.3.0-81.EL.ia64.rpm 1e77c3190903dba5bfefac26e0e51405 XFree86-xdm-4.3.0-81.EL.ia64.rpm 1c3eafddad63af8e117f63667ec6b154 XFree86-xfs-4.3.0-81.EL.ia64.rpm x86_64: 82e6b194df172c9f873d77c1fba47681 XFree86-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 021825f0bcef753f491028e2ca68b2e6 XFree86-4.3.0-81.EL.x86_64.rpm 206379e78b9f32d6f15d19c99b301991 XFree86-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0bdaa034664570931e1ea760fb4583d9 XFree86-ISO8859-14-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 04111603a8931ae3595d7f2af947431d XFree86-ISO8859-14-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 231e7bfaee4ad3bf7994965f29794d12 XFree86-ISO8859-15-100dpi-fonts-4.3.0-81.EL.x86_64.rpm b3e1e9684e2edac756cee91f0f1e6b87 XFree86-ISO8859-15-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 3852b1d861d33e13be545377869ccebf XFree86-ISO8859-2-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 616af8acc647bddcc6c9978b5ea8d568 XFree86-ISO8859-2-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 0dd7344dec5338a612f7c94871542a39 XFree86-ISO8859-9-100dpi-fonts-4.3.0-81.EL.x86_64.rpm 81744aba3ccda257d17cda843c15fc98 XFree86-ISO8859-9-75dpi-fonts-4.3.0-81.EL.x86_64.rpm 705e937660b1379581bcc8534a3119ac XFree86-Mesa-libGL-4.3.0-81.EL.i386.rpm 30e0122115e62fb729db7d9859766258 XFree86-Mesa-libGL-4.3.0-81.EL.x86_64.rpm 56f8899fcf2ccae54061f70e6a78ef92 XFree86-Mesa-libGLU-4.3.0-81.EL.i386.rpm 9cb9ba84d52e1373dfe5fe6fcfb5ddd5 XFree86-Mesa-libGLU-4.3.0-81.EL.x86_64.rpm 008cdb85bf686ee64dd7b74159f5af47 XFree86-Xnest-4.3.0-81.EL.x86_64.rpm 949130dadeba14aa9fc4bbf8d459a5c2 XFree86-Xvfb-4.3.0-81.EL.x86_64.rpm 2c9535cd02509125a35dee842ae86213 XFree86-base-fonts-4.3.0-81.EL.x86_64.rpm c537113f2adca9159b8b8986345c5b5d XFree86-cyrillic-fonts-4.3.0-81.EL.x86_64.rpm d6956e41ae5584ee98ba46f90fe1f27e XFree86-devel-4.3.0-81.EL.i386.rpm 1cd39e77d9ee434f0068a7c435a631f1 XFree86-devel-4.3.0-81.EL.x86_64.rpm 8900da5cb03119c7151c1d390bbf2fc5 XFree86-doc-4.3.0-81.EL.x86_64.rpm e106b85549ef99a07e081b884e15909b XFree86-font-utils-4.3.0-81.EL.x86_64.rpm 0604600a83e8166632150032ceb24a5b XFree86-libs-4.3.0-81.EL.i386.rpm 731ea39e6492f0d6ed4cba6459eeebd1 XFree86-libs-4.3.0-81.EL.x86_64.rpm 8d3df401e904f96a024c37a5f168574a XFree86-libs-data-4.3.0-81.EL.x86_64.rpm 587353b50c18ab94679022416147f8ef XFree86-sdk-4.3.0-81.EL.x86_64.rpm 02ae2bfba6d32ba594729f980155f878 XFree86-syriac-fonts-4.3.0-81.EL.x86_64.rpm 228609032f49b4ba2ec22a08f8b4f5f6 XFree86-tools-4.3.0-81.EL.x86_64.rpm 08fa0ed31bc0bcb7c2be20202f94a346 XFree86-truetype-fonts-4.3.0-81.EL.x86_64.rpm 5708b184403aa0e171fe2ae6db850d1b XFree86-twm-4.3.0-81.EL.x86_64.rpm 2b031866675f0753e1bc06e7a0926803 XFree86-xauth-4.3.0-81.EL.x86_64.rpm c11c625d355bfaf50425398567b0b4c1 XFree86-xdm-4.3.0-81.EL.x86_64.rpm 885a5af754329bf2f467e22b72eb0b56 XFree86-xfs-4.3.0-81.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCSmQIXlSAg2UNWIIRAhtPAKDAq+HmQNFnyLyJoaY3VMYRlMRyjwCfSVx6 X5mCphoGF9/MV/aOJWgJS9o= =U+7q -----END PGP SIGNATURE-----