From bugzilla at redhat.com Wed May 4 15:10:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 4 May 2005 11:10 -0400 Subject: [RHSA-2005:381-01] Low: nasm security update Message-ID: <200505041510.j44FAVZ17239@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: nasm security update Advisory ID: RHSA-2005:381-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-381.html Issue date: 2005-05-04 Updated on: 2005-05-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1287 CAN-2005-1194 - --------------------------------------------------------------------- 1. Summary: An updated nasm package that fixes multiple security issues is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: NASM is an 80x86 assembler. Two stack based buffer overflow bugs have been found in nasm. An attacker could create an ASM file in such a way that when compiled by a victim, could execute arbitrary code on their machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2004-1287 and CAN-2005-1194 to these issues. All users of nasm are advised to upgrade to this updated package, which contains backported fixes for these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 143081 - CAN-2004-1287 Bernstein class reports buffer overflow in nasm 152962 - CAN-2005-1194 Buffer overflow in the ieee_putascii() function 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/nasm-0.98-8.EL21.src.rpm 0e391e76be6291247278180dbe31289f nasm-0.98-8.EL21.src.rpm i386: 7a21c7596d6ee53189a7718c89a6d00c nasm-0.98-8.EL21.i386.rpm bcad7b119dc701210cd58c73dda3a7d8 nasm-doc-0.98-8.EL21.i386.rpm c1dcee8fa30b706271ee943a47d5311f nasm-rdoff-0.98-8.EL21.i386.rpm ia64: 1fc19e048f0e18e172dc660f8e878981 nasm-0.98-8.EL21.ia64.rpm 14d54bd30637be9be60a15b46789a5d4 nasm-doc-0.98-8.EL21.ia64.rpm 79b480ab6b977aac93ca46c5d42b63c5 nasm-rdoff-0.98-8.EL21.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/nasm-0.98-8.EL21.src.rpm 0e391e76be6291247278180dbe31289f nasm-0.98-8.EL21.src.rpm ia64: 1fc19e048f0e18e172dc660f8e878981 nasm-0.98-8.EL21.ia64.rpm 14d54bd30637be9be60a15b46789a5d4 nasm-doc-0.98-8.EL21.ia64.rpm 79b480ab6b977aac93ca46c5d42b63c5 nasm-rdoff-0.98-8.EL21.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/nasm-0.98-8.EL21.src.rpm 0e391e76be6291247278180dbe31289f nasm-0.98-8.EL21.src.rpm i386: 7a21c7596d6ee53189a7718c89a6d00c nasm-0.98-8.EL21.i386.rpm bcad7b119dc701210cd58c73dda3a7d8 nasm-doc-0.98-8.EL21.i386.rpm c1dcee8fa30b706271ee943a47d5311f nasm-rdoff-0.98-8.EL21.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/nasm-0.98-8.EL21.src.rpm 0e391e76be6291247278180dbe31289f nasm-0.98-8.EL21.src.rpm i386: 7a21c7596d6ee53189a7718c89a6d00c nasm-0.98-8.EL21.i386.rpm bcad7b119dc701210cd58c73dda3a7d8 nasm-doc-0.98-8.EL21.i386.rpm c1dcee8fa30b706271ee943a47d5311f nasm-rdoff-0.98-8.EL21.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/nasm-0.98.35-3.EL3.src.rpm 5f61d41a8564a3ebe59d9d0c1339a31d nasm-0.98.35-3.EL3.src.rpm i386: e98eac750aa8bab598e85f6ce641395b nasm-0.98.35-3.EL3.i386.rpm ia64: b3ce384b524ecb0fa1ed268f78f8ab9e nasm-0.98.35-3.EL3.ia64.rpm ppc: 567ebac5174d054b7bb2806ba375d396 nasm-0.98.35-3.EL3.ppc.rpm s390: f95d693302a3fb516d195d71f106337f nasm-0.98.35-3.EL3.s390.rpm s390x: 5cf1c6de3faf209d2578797b88df9aee nasm-0.98.35-3.EL3.s390x.rpm x86_64: 60bf4a4633c4a2ecae073b4e171904c2 nasm-0.98.35-3.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/nasm-0.98.35-3.EL3.src.rpm 5f61d41a8564a3ebe59d9d0c1339a31d nasm-0.98.35-3.EL3.src.rpm i386: e98eac750aa8bab598e85f6ce641395b nasm-0.98.35-3.EL3.i386.rpm x86_64: 60bf4a4633c4a2ecae073b4e171904c2 nasm-0.98.35-3.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/nasm-0.98.35-3.EL3.src.rpm 5f61d41a8564a3ebe59d9d0c1339a31d nasm-0.98.35-3.EL3.src.rpm i386: e98eac750aa8bab598e85f6ce641395b nasm-0.98.35-3.EL3.i386.rpm ia64: b3ce384b524ecb0fa1ed268f78f8ab9e nasm-0.98.35-3.EL3.ia64.rpm x86_64: 60bf4a4633c4a2ecae073b4e171904c2 nasm-0.98.35-3.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/nasm-0.98.35-3.EL3.src.rpm 5f61d41a8564a3ebe59d9d0c1339a31d nasm-0.98.35-3.EL3.src.rpm i386: e98eac750aa8bab598e85f6ce641395b nasm-0.98.35-3.EL3.i386.rpm ia64: b3ce384b524ecb0fa1ed268f78f8ab9e nasm-0.98.35-3.EL3.ia64.rpm x86_64: 60bf4a4633c4a2ecae073b4e171904c2 nasm-0.98.35-3.EL3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/nasm-0.98.38-3.EL4.src.rpm 43683b7db10b468e90659bb8f0090943 nasm-0.98.38-3.EL4.src.rpm i386: ec47b92aff6517cb06dcd0a920327d58 nasm-0.98.38-3.EL4.i386.rpm 7f0a211d2a8425226e30a07a3885458f nasm-doc-0.98.38-3.EL4.i386.rpm e58d181c2745c48249e07dbefe0bedbd nasm-rdoff-0.98.38-3.EL4.i386.rpm ia64: 305bc728323df4b766708ab0b4106034 nasm-0.98.38-3.EL4.ia64.rpm 58ccaac93f41e3d55c606f3dbbb4bddb nasm-doc-0.98.38-3.EL4.ia64.rpm 98f07827890b67656c05c75d65e27d16 nasm-rdoff-0.98.38-3.EL4.ia64.rpm ppc: 832c5c9949a2579e528a3a22a34ce55c nasm-0.98.38-3.EL4.ppc.rpm 4f7b21a69a5990f61282972b09081acc nasm-doc-0.98.38-3.EL4.ppc.rpm a9ff73e7360a81d9e2a3ce17747df06e nasm-rdoff-0.98.38-3.EL4.ppc.rpm s390: e7dc55bde0bca7bc25b68e2d96d3b49c nasm-0.98.38-3.EL4.s390.rpm cf0cb48e144a4c0e8f3b6518b437763b nasm-doc-0.98.38-3.EL4.s390.rpm 17a92ff7a05026fa1e2331153f1023c0 nasm-rdoff-0.98.38-3.EL4.s390.rpm s390x: 30ba9ad41ff9588918403244e87d84e1 nasm-0.98.38-3.EL4.s390x.rpm a6c2e7bfb5c9ccb8f266d4010b5931b6 nasm-doc-0.98.38-3.EL4.s390x.rpm 88f4f1c6ad49ef338956e8f2d9265e7e nasm-rdoff-0.98.38-3.EL4.s390x.rpm x86_64: b5bb239b599138d9a95b3c2ae8547f4c nasm-0.98.38-3.EL4.x86_64.rpm 5e1747bc627c8669a87b8c5ebbd65a6c nasm-doc-0.98.38-3.EL4.x86_64.rpm 06e5212f11ddd1c2607894bcc472932c nasm-rdoff-0.98.38-3.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/nasm-0.98.38-3.EL4.src.rpm 43683b7db10b468e90659bb8f0090943 nasm-0.98.38-3.EL4.src.rpm i386: ec47b92aff6517cb06dcd0a920327d58 nasm-0.98.38-3.EL4.i386.rpm 7f0a211d2a8425226e30a07a3885458f nasm-doc-0.98.38-3.EL4.i386.rpm e58d181c2745c48249e07dbefe0bedbd nasm-rdoff-0.98.38-3.EL4.i386.rpm x86_64: b5bb239b599138d9a95b3c2ae8547f4c nasm-0.98.38-3.EL4.x86_64.rpm 5e1747bc627c8669a87b8c5ebbd65a6c nasm-doc-0.98.38-3.EL4.x86_64.rpm 06e5212f11ddd1c2607894bcc472932c nasm-rdoff-0.98.38-3.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/nasm-0.98.38-3.EL4.src.rpm 43683b7db10b468e90659bb8f0090943 nasm-0.98.38-3.EL4.src.rpm i386: ec47b92aff6517cb06dcd0a920327d58 nasm-0.98.38-3.EL4.i386.rpm 7f0a211d2a8425226e30a07a3885458f nasm-doc-0.98.38-3.EL4.i386.rpm e58d181c2745c48249e07dbefe0bedbd nasm-rdoff-0.98.38-3.EL4.i386.rpm ia64: 305bc728323df4b766708ab0b4106034 nasm-0.98.38-3.EL4.ia64.rpm 58ccaac93f41e3d55c606f3dbbb4bddb nasm-doc-0.98.38-3.EL4.ia64.rpm 98f07827890b67656c05c75d65e27d16 nasm-rdoff-0.98.38-3.EL4.ia64.rpm x86_64: b5bb239b599138d9a95b3c2ae8547f4c nasm-0.98.38-3.EL4.x86_64.rpm 5e1747bc627c8669a87b8c5ebbd65a6c nasm-doc-0.98.38-3.EL4.x86_64.rpm 06e5212f11ddd1c2607894bcc472932c nasm-rdoff-0.98.38-3.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/nasm-0.98.38-3.EL4.src.rpm 43683b7db10b468e90659bb8f0090943 nasm-0.98.38-3.EL4.src.rpm i386: ec47b92aff6517cb06dcd0a920327d58 nasm-0.98.38-3.EL4.i386.rpm 7f0a211d2a8425226e30a07a3885458f nasm-doc-0.98.38-3.EL4.i386.rpm e58d181c2745c48249e07dbefe0bedbd nasm-rdoff-0.98.38-3.EL4.i386.rpm ia64: 305bc728323df4b766708ab0b4106034 nasm-0.98.38-3.EL4.ia64.rpm 58ccaac93f41e3d55c606f3dbbb4bddb nasm-doc-0.98.38-3.EL4.ia64.rpm 98f07827890b67656c05c75d65e27d16 nasm-rdoff-0.98.38-3.EL4.ia64.rpm x86_64: b5bb239b599138d9a95b3c2ae8547f4c nasm-0.98.38-3.EL4.x86_64.rpm 5e1747bc627c8669a87b8c5ebbd65a6c nasm-doc-0.98.38-3.EL4.x86_64.rpm 06e5212f11ddd1c2607894bcc472932c nasm-rdoff-0.98.38-3.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://tigger.uic.edu/~jlongs2/holes/nasm.txt http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1287 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1194 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCeOXYXlSAg2UNWIIRArzAAKCqyatv1on8MXu7z9SpbIZDV+7DiQCgtoka mRpKKrT1Rxhwfix1hDce9kg= =+V/J -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 4 15:11:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 4 May 2005 11:11 -0400 Subject: [RHSA-2005:397-01] Moderate: evolution security update Message-ID: <200505041511.j44FBEZ17326@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution security update Advisory ID: RHSA-2005:397-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-397.html Issue date: 2005-05-04 Updated on: 2005-05-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0102 CAN-2005-0806 - --------------------------------------------------------------------- 1. Summary: Updated evolution packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Evolution is a GNOME-based collection of personal information management (PIM) tools. A bug was found in the way Evolution displays mail messages. It is possible that an attacker could create a specially crafted mail message that when opened by a victim causes Evolution to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0806 to this issue. A bug was also found in Evolution's helper program camel-lock-helper. This bug could allow a local attacker to gain root privileges if camel-lock-helper has been built to execute with elevated privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0102 to this issue. On Red Hat Enterprise Linux, camel-lock-helper is not built to execute with elevated privileges by default. Please note however that if users have rebuilt Evolution from the source RPM, as the root user, camel-lock-helper may be given elevated privileges. All users of evolution should upgrade to these updated packages, which include backported fixes to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 155377 - CAN-2005-0806 DoS from mail message 155375 - CAN-2005-0102 Integer overflow in camel-lock-helper 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/evolution-2.0.2-16.src.rpm 7199f9973d2322f6944d40b34b8b721f evolution-2.0.2-16.src.rpm i386: 12ca8975d0442585c2dcb7ae9b0532a1 evolution-2.0.2-16.i386.rpm 50c722a5e6c7e637c475e399ee9b784e evolution-devel-2.0.2-16.i386.rpm ia64: d9164876fee713cf14ed6285dca9492e evolution-2.0.2-16.ia64.rpm 7b759b3d8bdfcf0540dc5cf2a51e0f70 evolution-devel-2.0.2-16.ia64.rpm ppc: 3a859ff90bcb1d3096256980c6b172d4 evolution-2.0.2-16.ppc.rpm 878500ead39500f01b39b125b2e86272 evolution-devel-2.0.2-16.ppc.rpm s390: c4c696265eedc4979fbd22d3e3d5123e evolution-2.0.2-16.s390.rpm e98c29f7d744487dbf16cd96f5fd902e evolution-devel-2.0.2-16.s390.rpm s390x: a1f24e7fb0397188e3eb1c8ed223fedc evolution-2.0.2-16.s390x.rpm fb50f6307af05cbc9805923d32ea3165 evolution-devel-2.0.2-16.s390x.rpm x86_64: ed223d5740a48e3106687add70ac7088 evolution-2.0.2-16.x86_64.rpm 3a967912a29e8c3269c10fd636aadc04 evolution-devel-2.0.2-16.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/evolution-2.0.2-16.src.rpm 7199f9973d2322f6944d40b34b8b721f evolution-2.0.2-16.src.rpm i386: 12ca8975d0442585c2dcb7ae9b0532a1 evolution-2.0.2-16.i386.rpm 50c722a5e6c7e637c475e399ee9b784e evolution-devel-2.0.2-16.i386.rpm x86_64: ed223d5740a48e3106687add70ac7088 evolution-2.0.2-16.x86_64.rpm 3a967912a29e8c3269c10fd636aadc04 evolution-devel-2.0.2-16.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/evolution-2.0.2-16.src.rpm 7199f9973d2322f6944d40b34b8b721f evolution-2.0.2-16.src.rpm i386: 12ca8975d0442585c2dcb7ae9b0532a1 evolution-2.0.2-16.i386.rpm 50c722a5e6c7e637c475e399ee9b784e evolution-devel-2.0.2-16.i386.rpm ia64: d9164876fee713cf14ed6285dca9492e evolution-2.0.2-16.ia64.rpm 7b759b3d8bdfcf0540dc5cf2a51e0f70 evolution-devel-2.0.2-16.ia64.rpm x86_64: ed223d5740a48e3106687add70ac7088 evolution-2.0.2-16.x86_64.rpm 3a967912a29e8c3269c10fd636aadc04 evolution-devel-2.0.2-16.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/evolution-2.0.2-16.src.rpm 7199f9973d2322f6944d40b34b8b721f evolution-2.0.2-16.src.rpm i386: 12ca8975d0442585c2dcb7ae9b0532a1 evolution-2.0.2-16.i386.rpm 50c722a5e6c7e637c475e399ee9b784e evolution-devel-2.0.2-16.i386.rpm ia64: d9164876fee713cf14ed6285dca9492e evolution-2.0.2-16.ia64.rpm 7b759b3d8bdfcf0540dc5cf2a51e0f70 evolution-devel-2.0.2-16.ia64.rpm x86_64: ed223d5740a48e3106687add70ac7088 evolution-2.0.2-16.x86_64.rpm 3a967912a29e8c3269c10fd636aadc04 evolution-devel-2.0.2-16.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0806 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCeOX4XlSAg2UNWIIRAq4gAJ9UedaPgBWrY76h/XYVNuBxNrnzYgCgmbHy v0fd1xOdLHF/9zWzIF6V19I= =sp7a -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 4 15:11:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 4 May 2005 11:11 -0400 Subject: [RHSA-2005:406-01] Moderate: PHP security update Message-ID: <200505041511.j44FBoZ17336@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: PHP security update Advisory ID: RHSA-2005:406-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-406.html Issue date: 2005-05-04 Updated on: 2005-05-04 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1392 CAN-2005-0524 CAN-2005-0525 CAN-2005-1042 CAN-2005-1043 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix various security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was found in the way PHP processes IFF and JPEG images. It is possible to cause PHP to consume CPU resources for a short period of time by supplying a carefully crafted IFF or JPEG image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0524 and CAN-2005-0525 to these issues. A buffer overflow bug was also found in the way PHP processes EXIF image headers. It is possible for an attacker to construct an image file in such a way it could execute arbitrary instructions when processed by PHP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1042 to this issue. A denial of service bug was found in the way PHP processes EXIF image headers. It is possible for an attacker to cause PHP to enter an infinite loop for a short period of time by supplying a carefully crafted image file to PHP for processing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1043 to this issue. Several bug fixes are also included in this update: - - some performance issues in the unserialize() function have been fixed - - the behaviour of the interpreter when handling integer overflow during conversion of a floating variable to an integer has been reverted to match the behaviour used upstream; the integer will now be wrapped rather than truncated - - a fix for the virtual() function in the Apache httpd module which would flush the response prematurely - - the hard-coded default "safe mode" setting is now "disabled" rather than "enabled"; to match the default /etc/php.ini setting - - in the curl extension, safe mode was not enforced for 'file:///' URL lookups (CAN-2004-1392). Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 153140 - CAN-2005-0524 PHP getimagesize() Multiple Denial of Service Vulnerabilities CAN-2005-0525 154021 - CAN-2005-1042 PHP exif buffer overflow 154025 - CAN-2005-1043 PHP exif infinite stack recursion 153108 - Error in configure prevents php SRPM rebuild on x86_64 w/ mssql module 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.6.src.rpm d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm i386: e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm 388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm 68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm 161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm 6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm 7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm 42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm ia64: ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm 5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm 8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm 8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm 702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm 4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm 5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm ppc: ede8214fb515e266ad136e0b1b09e32d php-4.3.9-3.6.ppc.rpm eef46e64ddfc55cfbf7222097db2a7cc php-devel-4.3.9-3.6.ppc.rpm 46f381bc8a436d716f85929cae872d1e php-domxml-4.3.9-3.6.ppc.rpm a4150d0a17884105b01fa3d22d0d7167 php-gd-4.3.9-3.6.ppc.rpm a370de5427bae762e7df6b82fb6be871 php-imap-4.3.9-3.6.ppc.rpm 7ae574dea5a63d621b58cea3adff2389 php-ldap-4.3.9-3.6.ppc.rpm 4782b4e5bc81da7a38f6afd33b30fff4 php-mbstring-4.3.9-3.6.ppc.rpm ac87e3535affd8cc4d2df68e6459cadf php-mysql-4.3.9-3.6.ppc.rpm dbf229c34dcd81904992f9e8c8850c8b php-ncurses-4.3.9-3.6.ppc.rpm 5323449a1500ce2967dea7b6c1071b99 php-odbc-4.3.9-3.6.ppc.rpm 6f71d37033929f5a365953dac0061d44 php-pear-4.3.9-3.6.ppc.rpm a5b319e2e00b379bf4046a34fa97ee0b php-pgsql-4.3.9-3.6.ppc.rpm d2f65ab2a6d501c92192924a6c07a7fe php-snmp-4.3.9-3.6.ppc.rpm 5bf06ac7bc707b606f6692ff991cef12 php-xmlrpc-4.3.9-3.6.ppc.rpm s390: 510fa9fa6249b9da36e0e642a4b4c65b php-4.3.9-3.6.s390.rpm ba5b1804681cd24b7db772775fbba22e php-devel-4.3.9-3.6.s390.rpm 8cc4e9be48f3ef0571b3354bcaffbd95 php-domxml-4.3.9-3.6.s390.rpm 625509481232205bdb863e1e6e22afae php-gd-4.3.9-3.6.s390.rpm 7983b29819c09a252e47172190c80d81 php-imap-4.3.9-3.6.s390.rpm 567ec382643db941f83abf8f16edc6c0 php-ldap-4.3.9-3.6.s390.rpm 05d4f05fc4c4094a06f1b8207f9ad89d php-mbstring-4.3.9-3.6.s390.rpm d53ffa2d6e0923e7166c8022bbc30a4d php-mysql-4.3.9-3.6.s390.rpm a89757eeb6436209123b2036d749a764 php-ncurses-4.3.9-3.6.s390.rpm c682bf5b7279171e62f8d87cb70be19d php-odbc-4.3.9-3.6.s390.rpm 45384794b6a55f3d1b8a3ea21df42426 php-pear-4.3.9-3.6.s390.rpm da312b4db79a2f9afe110e2fcbc56192 php-pgsql-4.3.9-3.6.s390.rpm 085d9f402800236a472f019735a11f50 php-snmp-4.3.9-3.6.s390.rpm c605a266583b2df2f1c1c91dafb83754 php-xmlrpc-4.3.9-3.6.s390.rpm s390x: 902564cdf58b6cb0f89cd5f38623a8ab php-4.3.9-3.6.s390x.rpm e080ca24c93f9a18dbb38e9d24d3611d php-devel-4.3.9-3.6.s390x.rpm 86985195834fed37a74cce10dc27e5f0 php-domxml-4.3.9-3.6.s390x.rpm f957b6e31cd779e40af80ec2df8edd80 php-gd-4.3.9-3.6.s390x.rpm c07157fa45efa675c4d5a0756556744e php-imap-4.3.9-3.6.s390x.rpm 7f294299196a582156b00e024203db11 php-ldap-4.3.9-3.6.s390x.rpm 8945c474ccb0d4bd9c075b70a35d4f61 php-mbstring-4.3.9-3.6.s390x.rpm 37ea59a51039caa0598b499386dcb9e8 php-mysql-4.3.9-3.6.s390x.rpm fab10b9b14e2198173f05bc558707426 php-ncurses-4.3.9-3.6.s390x.rpm 01b6987c00cd409792ed892edf6af0e9 php-odbc-4.3.9-3.6.s390x.rpm 3859d5435c30ecbf81a91a475c7cc884 php-pear-4.3.9-3.6.s390x.rpm 8aca4a1314205f0d5b27d750f5b81aaf php-pgsql-4.3.9-3.6.s390x.rpm 03367720dabc350dd390ce9381009978 php-snmp-4.3.9-3.6.s390x.rpm bcef904a595e3426e89a811d95e1e2cf php-xmlrpc-4.3.9-3.6.s390x.rpm x86_64: 36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm 4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm 24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm 0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm 4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm 7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm 4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm 4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm 0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm 191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.6.src.rpm d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm i386: e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm 388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm 68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm 161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm 6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm 7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm 42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm x86_64: 36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm 4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm 24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm 0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm 4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm 7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm 4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm 4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm 0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm 191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.6.src.rpm d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm i386: e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm 388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm 68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm 161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm 6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm 7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm 42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm ia64: ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm 5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm 8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm 8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm 702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm 4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm 5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm x86_64: 36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm 4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm 24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm 0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm 4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm 7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm 4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm 4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm 0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm 191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.6.src.rpm d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm i386: e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm 388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm 68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm 161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm 6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm 7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm 42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm ia64: ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm 5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm 8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm 8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm 702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm 4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm 5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm x86_64: 36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm 4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm 24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm 0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm 4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm 7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm 4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm 4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm 0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm 191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCeOYjXlSAg2UNWIIRAlEVAKCVtuXFRU6A2mtzdru/UrT7eBDyuQCgioRE dmKBGxYBwFLcRfmw7oTYQw8= =OTXb -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 11 13:59:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 May 2005 09:59 -0400 Subject: [RHSA-2005:421-02] Moderate: tcpdump security update Message-ID: <200505111359.j4BDxcZ13812@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: tcpdump security update Advisory ID: RHSA-2005:421-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-421.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1278 CAN-2005-1279 CAN-2005-1280 - --------------------------------------------------------------------- 1. Summary: Updated tcpdump packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. These updated packages also add support for output files larger than 2 GB, add support for some new VLAN IDs, and fix message parsing on 64bit architectures. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Tcpdump is a command-line tool for monitoring network traffic. Several denial of service bugs were found in the way tcpdump processes certain network packets. It is possible for an attacker to inject a carefully crafted packet onto the network, crashing a running tcpdump session. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280 to these issues. Additionally, the tcpdump utility can now write a file larger than 2 GB, parse some new VLAN IDs, and parse messages on 64bit architectures. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/tcpdump-3.7.2-7.E3.5.src.rpm 0897eea910400bb6459e95fc0251f058 tcpdump-3.7.2-7.E3.5.src.rpm i386: 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm e7e937cc53ff8f4e9a2d089425f3a061 tcpdump-3.7.2-7.E3.5.i386.rpm ia64: b6103f68b3992ddf6bc0fe747f81cbbe libpcap-0.7.2-7.E3.5.ia64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm c09ea94decbff9547a93fd5b0565ed29 tcpdump-3.7.2-7.E3.5.ia64.rpm ppc: 2758662cc702f6a4410a60d1601a153a libpcap-0.7.2-7.E3.5.ppc.rpm 7a568efb8187cfc7c6b559161cf9e18c libpcap-0.7.2-7.E3.5.ppc64.rpm 07c067ffd17e53819cefd8456e7a7509 tcpdump-3.7.2-7.E3.5.ppc.rpm s390: e3ef1f0253d92389bdd051cba0ddaae9 libpcap-0.7.2-7.E3.5.s390.rpm 37a66b594884b745c7bada003825aef9 tcpdump-3.7.2-7.E3.5.s390.rpm s390x: 69a4d6ad073863c16b4b5ca0a083fbfc libpcap-0.7.2-7.E3.5.s390x.rpm e3ef1f0253d92389bdd051cba0ddaae9 libpcap-0.7.2-7.E3.5.s390.rpm 368c077fe312d95ce20e350fd5a6704d tcpdump-3.7.2-7.E3.5.s390x.rpm x86_64: 157bceaebd99a87bd8dc797d1d509f33 libpcap-0.7.2-7.E3.5.x86_64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm 9bda0e806e916b7dab298317097a3325 tcpdump-3.7.2-7.E3.5.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/tcpdump-3.7.2-7.E3.5.src.rpm 0897eea910400bb6459e95fc0251f058 tcpdump-3.7.2-7.E3.5.src.rpm i386: 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm e7e937cc53ff8f4e9a2d089425f3a061 tcpdump-3.7.2-7.E3.5.i386.rpm x86_64: 157bceaebd99a87bd8dc797d1d509f33 libpcap-0.7.2-7.E3.5.x86_64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm 9bda0e806e916b7dab298317097a3325 tcpdump-3.7.2-7.E3.5.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/tcpdump-3.7.2-7.E3.5.src.rpm 0897eea910400bb6459e95fc0251f058 tcpdump-3.7.2-7.E3.5.src.rpm i386: 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm e7e937cc53ff8f4e9a2d089425f3a061 tcpdump-3.7.2-7.E3.5.i386.rpm ia64: b6103f68b3992ddf6bc0fe747f81cbbe libpcap-0.7.2-7.E3.5.ia64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm c09ea94decbff9547a93fd5b0565ed29 tcpdump-3.7.2-7.E3.5.ia64.rpm x86_64: 157bceaebd99a87bd8dc797d1d509f33 libpcap-0.7.2-7.E3.5.x86_64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm 9bda0e806e916b7dab298317097a3325 tcpdump-3.7.2-7.E3.5.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/tcpdump-3.7.2-7.E3.5.src.rpm 0897eea910400bb6459e95fc0251f058 tcpdump-3.7.2-7.E3.5.src.rpm i386: 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm e7e937cc53ff8f4e9a2d089425f3a061 tcpdump-3.7.2-7.E3.5.i386.rpm ia64: b6103f68b3992ddf6bc0fe747f81cbbe libpcap-0.7.2-7.E3.5.ia64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm c09ea94decbff9547a93fd5b0565ed29 tcpdump-3.7.2-7.E3.5.ia64.rpm x86_64: 9bda0e806e916b7dab298317097a3325 tcpdump-3.7.2-7.E3.5.x86_64.rpm 157bceaebd99a87bd8dc797d1d509f33 libpcap-0.7.2-7.E3.5.x86_64.rpm 04f8be96da43ac855e7105a959d99b28 libpcap-0.7.2-7.E3.5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCgg+fXlSAg2UNWIIRAm5RAKCuNXLMMogGhhoNIBlQ/9MYeKJNuwCbBzqO gMgnTzMPPY/EUdgOn+8xPdk= =JtoH -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 11 14:00:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 May 2005 10:00 -0400 Subject: [RHSA-2005:417-02] Moderate: tcpdump security update Message-ID: <200505111400.j4BE0KZ13953@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: tcpdump security update Advisory ID: RHSA-2005:417-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-417.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1278 CAN-2005-1279 CAN-2005-1280 - --------------------------------------------------------------------- 1. Summary: Updated tcpdump packages that fix several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. This updated package also adds support for output files larger than 2 GB. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Tcpdump is a command-line tool for monitoring network traffic. Several denial of service bugs were found in the way tcpdump processes certain network packets. It is possible for an attacker to inject a carefully crafted packet onto the network, crashing a running tcpdump session. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1278, CAN-2005-1279, and CAN-2005-1280 to these issues. The tcpdump utility can now write a file larger than 2 GB. Users of tcpdump are advised to upgrade to these erratum packages, which contain backported security patches and are not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tcpdump-3.8.2-9.RHEL4.src.rpm 5607e37bf75aaeddd33f7d233dd2ad17 tcpdump-3.8.2-9.RHEL4.src.rpm i386: bcfb4c02e3dbd05c9511f83ffb40c8e3 arpwatch-2.1a13-9.RHEL4.i386.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm f082d8a0b865dbbddb562135a75da872 tcpdump-3.8.2-9.RHEL4.i386.rpm ia64: c946c22b1dd85ebdd683ba32a0b90c81 arpwatch-2.1a13-9.RHEL4.ia64.rpm 077d5e776765be59d99622d68e2cf961 libpcap-0.8.3-9.RHEL4.ia64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm 79a99b5c9945b2bcdd15c25f18868a3f tcpdump-3.8.2-9.RHEL4.ia64.rpm ppc: 75881a67766b2b6691d5226e171fdc10 arpwatch-2.1a13-9.RHEL4.ppc.rpm b4a41e93577c6f82f149431977ef61e5 libpcap-0.8.3-9.RHEL4.ppc.rpm a14f89e586397f85008157fa19878911 libpcap-0.8.3-9.RHEL4.ppc64.rpm 9420bb4d746827512ee887401312440a tcpdump-3.8.2-9.RHEL4.ppc.rpm s390: 7ea94c620e5af6e475b4b27f26e470f2 arpwatch-2.1a13-9.RHEL4.s390.rpm 1976770e47c521297f649f1b42e49898 libpcap-0.8.3-9.RHEL4.s390.rpm e7da5aebbed8819f14b5879e11c2be6e tcpdump-3.8.2-9.RHEL4.s390.rpm s390x: 7cfc13ab028787fa75ad5e8247d1880c arpwatch-2.1a13-9.RHEL4.s390x.rpm 4a86ff37bfc19be6081f382660a92cdc libpcap-0.8.3-9.RHEL4.s390x.rpm 1976770e47c521297f649f1b42e49898 libpcap-0.8.3-9.RHEL4.s390.rpm 13d794d2c859d3ea562487b88e216f1a tcpdump-3.8.2-9.RHEL4.s390x.rpm x86_64: 3e4d6ad57987ee2e4a720aa5b918b2bc arpwatch-2.1a13-9.RHEL4.x86_64.rpm 40625ce1034b70ad65e98b7e848da5b1 libpcap-0.8.3-9.RHEL4.x86_64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm ffa76b9f0547a5b0390b8cc8b4acd84e tcpdump-3.8.2-9.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tcpdump-3.8.2-9.RHEL4.src.rpm 5607e37bf75aaeddd33f7d233dd2ad17 tcpdump-3.8.2-9.RHEL4.src.rpm i386: bcfb4c02e3dbd05c9511f83ffb40c8e3 arpwatch-2.1a13-9.RHEL4.i386.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm f082d8a0b865dbbddb562135a75da872 tcpdump-3.8.2-9.RHEL4.i386.rpm x86_64: 3e4d6ad57987ee2e4a720aa5b918b2bc arpwatch-2.1a13-9.RHEL4.x86_64.rpm 40625ce1034b70ad65e98b7e848da5b1 libpcap-0.8.3-9.RHEL4.x86_64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm ffa76b9f0547a5b0390b8cc8b4acd84e tcpdump-3.8.2-9.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tcpdump-3.8.2-9.RHEL4.src.rpm 5607e37bf75aaeddd33f7d233dd2ad17 tcpdump-3.8.2-9.RHEL4.src.rpm i386: bcfb4c02e3dbd05c9511f83ffb40c8e3 arpwatch-2.1a13-9.RHEL4.i386.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm f082d8a0b865dbbddb562135a75da872 tcpdump-3.8.2-9.RHEL4.i386.rpm ia64: c946c22b1dd85ebdd683ba32a0b90c81 arpwatch-2.1a13-9.RHEL4.ia64.rpm 077d5e776765be59d99622d68e2cf961 libpcap-0.8.3-9.RHEL4.ia64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm 79a99b5c9945b2bcdd15c25f18868a3f tcpdump-3.8.2-9.RHEL4.ia64.rpm x86_64: 3e4d6ad57987ee2e4a720aa5b918b2bc arpwatch-2.1a13-9.RHEL4.x86_64.rpm 40625ce1034b70ad65e98b7e848da5b1 libpcap-0.8.3-9.RHEL4.x86_64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm ffa76b9f0547a5b0390b8cc8b4acd84e tcpdump-3.8.2-9.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tcpdump-3.8.2-9.RHEL4.src.rpm 5607e37bf75aaeddd33f7d233dd2ad17 tcpdump-3.8.2-9.RHEL4.src.rpm i386: bcfb4c02e3dbd05c9511f83ffb40c8e3 arpwatch-2.1a13-9.RHEL4.i386.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm f082d8a0b865dbbddb562135a75da872 tcpdump-3.8.2-9.RHEL4.i386.rpm ia64: c946c22b1dd85ebdd683ba32a0b90c81 arpwatch-2.1a13-9.RHEL4.ia64.rpm 077d5e776765be59d99622d68e2cf961 libpcap-0.8.3-9.RHEL4.ia64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm 79a99b5c9945b2bcdd15c25f18868a3f tcpdump-3.8.2-9.RHEL4.ia64.rpm x86_64: 3e4d6ad57987ee2e4a720aa5b918b2bc arpwatch-2.1a13-9.RHEL4.x86_64.rpm 40625ce1034b70ad65e98b7e848da5b1 libpcap-0.8.3-9.RHEL4.x86_64.rpm 0aa35520fbc89c6b3838e23c20559a74 libpcap-0.8.3-9.RHEL4.i386.rpm ffa76b9f0547a5b0390b8cc8b4acd84e tcpdump-3.8.2-9.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1279 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1280 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCgg/fXlSAg2UNWIIRAkBrAJ9ZqFhTPwLt0yhRHL8oA8fOLSE6pACggp67 pnSGUEeldP5wLioUbkdIrPY= =RoTY -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 11 14:00:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 May 2005 10:00 -0400 Subject: [RHSA-2005:429-01] Critical: gaim security update Message-ID: <200505111400.j4BE0uZ13970@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: gaim security update Advisory ID: RHSA-2005:429-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-429.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1261 CAN-2005-1262 - --------------------------------------------------------------------- 1. Summary: An updated gaim package that fixes two security issues is now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way gaim processes a message containing a URL. A remote attacker could send a carefully crafted message resulting in the execution of arbitrary code on a victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1261 to this issue. A bug was found in the way gaim handles malformed MSN messages. A remote attacker could send a carefully crafted MSN message causing gaim to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1262 to this issue. Users of Gaim are advised to upgrade to this updated package which contains backported patches and is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gaim-1.2.1-6.el3.src.rpm bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm ppc: 742c7971f07ba2a83af5023ac4283f02 gaim-1.2.1-6.el3.ppc.rpm s390: 987db3f09037b9f8deeaaafd51fe76c3 gaim-1.2.1-6.el3.s390.rpm s390x: 16d7c8d5fe4dd0f99f1bd6418f3e03c7 gaim-1.2.1-6.el3.s390x.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gaim-1.2.1-6.el3.src.rpm bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gaim-1.2.1-6.el3.src.rpm bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gaim-1.2.1-6.el3.src.rpm bc81df1e2393d51d607dbdd5ebcd6254 gaim-1.2.1-6.el3.src.rpm i386: 83ef867ebf9618418bbde568a3599830 gaim-1.2.1-6.el3.i386.rpm ia64: 4a93e8e28ddfc147277773480c90a706 gaim-1.2.1-6.el3.ia64.rpm x86_64: 76c553295cbee1bb7f5369cf54e1115b gaim-1.2.1-6.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gaim-1.2.1-6.el4.src.rpm 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm ppc: f596381eb4b924a8b43df623ac2011ae gaim-1.2.1-6.el4.ppc.rpm s390: c72eb22cda05c6f23caabc458a6b3132 gaim-1.2.1-6.el4.s390.rpm s390x: 6a64c4e6cd546fd98d2ee0f44c04f6bb gaim-1.2.1-6.el4.s390x.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gaim-1.2.1-6.el4.src.rpm 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gaim-1.2.1-6.el4.src.rpm 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gaim-1.2.1-6.el4.src.rpm 8bcd80b9e9aad765a1596378c4d08626 gaim-1.2.1-6.el4.src.rpm i386: 136094a6e2717de5ac02826cd91d493c gaim-1.2.1-6.el4.i386.rpm ia64: 84e2bde6e30fb3da72651f3a3b3a1a91 gaim-1.2.1-6.el4.ia64.rpm x86_64: d835d342a18973c499c3444a46db9cba gaim-1.2.1-6.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1261 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1262 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCghABXlSAg2UNWIIRArbjAKCt2uF9g1PpLYtE3GLMS4oH+UBtOACdEFQN SY4SHLMd8NvcG2ee49d8RAw= =KOW+ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 11 14:01:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 May 2005 10:01 -0400 Subject: [RHSA-2005:432-01] Critical: gaim security update Message-ID: <200505111401.j4BE1MZ14087@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: gaim security update Advisory ID: RHSA-2005:432-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-432.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0472 CAN-2005-1261 - --------------------------------------------------------------------- 1. Summary: An updated gaim package that fixes security issues is now available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The Gaim application is a multi-protocol instant messaging client. A stack based buffer overflow bug was found in the way gaim processes a message containing a URL. A remote attacker could send a carefully crafted message resulting in the execution of arbitrary code on a victim's machine. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1261 to this issue. A bug in the way Gaim processes SNAC packets was discovered. It is possible that a remote attacker could send a specially crafted SNAC packet to a Gaim client, causing the client to stop responding. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0472 to this issue. Users of Gaim are advised to upgrade to this updated package which contains gaim version 0.59.9 with backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gaim-0.59.9-4.el2.src.rpm f01435d610c70ca301e25da9790e73a1 gaim-0.59.9-4.el2.src.rpm i386: dd0961f496e0be18e79c1893e5b061f4 gaim-0.59.9-4.el2.i386.rpm ia64: 5f32a394431f368a7c9e049f4ebb7494 gaim-0.59.9-4.el2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gaim-0.59.9-4.el2.src.rpm f01435d610c70ca301e25da9790e73a1 gaim-0.59.9-4.el2.src.rpm ia64: 5f32a394431f368a7c9e049f4ebb7494 gaim-0.59.9-4.el2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gaim-0.59.9-4.el2.src.rpm f01435d610c70ca301e25da9790e73a1 gaim-0.59.9-4.el2.src.rpm i386: dd0961f496e0be18e79c1893e5b061f4 gaim-0.59.9-4.el2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gaim-0.59.9-4.el2.src.rpm f01435d610c70ca301e25da9790e73a1 gaim-0.59.9-4.el2.src.rpm i386: dd0961f496e0be18e79c1893e5b061f4 gaim-0.59.9-4.el2.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0472 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1261 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCghAlXlSAg2UNWIIRAvLAAJ0crOdy/+ouX3Mjbe7iDUQrnAvduwCgkyyr zyLsDCSOD5DO61enEYGer8Y= =Qcfl -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 11 15:29:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 May 2005 11:29 -0400 Subject: [RHSA-2005:412-01] Moderate: openmotif security update Message-ID: <200505111529.j4BFTgZ19221@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: openmotif security update Advisory ID: RHSA-2005:412-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-412.html Issue date: 2005-05-11 Updated on: 2005-05-11 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0605 - --------------------------------------------------------------------- 1. Summary: Updated openmotif packages that fix a flaw in the Xpm image library are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenMotif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm, which is used to decode XPM (X PixMap) images. A vulnerable version of this library was found within OpenMotif. An attacker could create a carefully crafted XPM file which would cause an application to crash or potentially execute arbitrary code if opened by a victim. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. Users of OpenMotif are advised to upgrade to these erratum packages, which contains a backported security patch to the embedded libXpm library. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/openmotif-2.1.30-13.21AS.5.src.rpm fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm i386: 82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm ia64: 23a97afe7a12979b59436b7331e737e2 openmotif-2.1.30-13.21AS.5.ia64.rpm 435170af1e8f72455a9a3ea0b99d991d openmotif-devel-2.1.30-13.21AS.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/openmotif-2.1.30-13.21AS.5.src.rpm fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm ia64: 23a97afe7a12979b59436b7331e737e2 openmotif-2.1.30-13.21AS.5.ia64.rpm 435170af1e8f72455a9a3ea0b99d991d openmotif-devel-2.1.30-13.21AS.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/openmotif-2.1.30-13.21AS.5.src.rpm fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm i386: 82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/openmotif-2.1.30-13.21AS.5.src.rpm fc696f8839bf611ea0f3ea23fa2abbc1 openmotif-2.1.30-13.21AS.5.src.rpm i386: 82d4d85be0efd5e4611dcfd31cb2c782 openmotif-2.1.30-13.21AS.5.i386.rpm a635c37af852402dd36090c8c4b74097 openmotif-devel-2.1.30-13.21AS.5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openmotif-2.2.3-5.RHEL3.2.src.rpm 3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openmotif21-2.1.30-9.RHEL3.6.src.rpm fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm i386: 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm ia64: ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm 0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm ppc: aa579c6cd9b990c200649c8e486080a6 openmotif-2.2.3-5.RHEL3.2.ppc.rpm b20b1e8f68630389cb394bfb7c40155f openmotif-2.2.3-5.RHEL3.2.ppc64.rpm 5ce626584cb7aa546f5fcd10f6c56a19 openmotif-devel-2.2.3-5.RHEL3.2.ppc.rpm s390: 08b1bea796c5d86b014b567edb5087cc openmotif-2.2.3-5.RHEL3.2.s390.rpm cc2134a36b90a4359698f6c1999c1425 openmotif-devel-2.2.3-5.RHEL3.2.s390.rpm s390x: bd621dc1992af0815be37a0f63d446e8 openmotif-2.2.3-5.RHEL3.2.s390x.rpm 08b1bea796c5d86b014b567edb5087cc openmotif-2.2.3-5.RHEL3.2.s390.rpm 86c61331a3388af93c39cd5e823595cd openmotif-devel-2.2.3-5.RHEL3.2.s390x.rpm x86_64: 72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm 20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openmotif-2.2.3-5.RHEL3.2.src.rpm 3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openmotif21-2.1.30-9.RHEL3.6.src.rpm fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm i386: 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm x86_64: 72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm 20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openmotif-2.2.3-5.RHEL3.2.src.rpm 3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openmotif21-2.1.30-9.RHEL3.6.src.rpm fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm i386: 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm ia64: 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm 0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm x86_64: 72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm 20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openmotif-2.2.3-5.RHEL3.2.src.rpm 3cd7bf76e1135f650e80ca6522412c69 openmotif-2.2.3-5.RHEL3.2.src.rpm ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openmotif21-2.1.30-9.RHEL3.6.src.rpm fc9c3cdfe2888fbb732ebe1e2a4af65f openmotif21-2.1.30-9.RHEL3.6.src.rpm i386: 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm c2bdacac09caeb13bc916b9e6213b24f openmotif-devel-2.2.3-5.RHEL3.2.i386.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm ia64: ab4961edbf87f51127e6f491a4da9eea openmotif-2.2.3-5.RHEL3.2.ia64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm ee6f6ea8384e1d6e75e31a30167a44e0 openmotif-devel-2.2.3-5.RHEL3.2.ia64.rpm 0a0454015608b488ddb3c55d3278a14e openmotif21-2.1.30-9.RHEL3.6.ia64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm x86_64: 72999fcdd0aa116594141125f1758bcc openmotif-2.2.3-5.RHEL3.2.x86_64.rpm 47c7fb4596b78c973deb7c2988808f96 openmotif-2.2.3-5.RHEL3.2.i386.rpm 20dfdd4cb2f316fd525dbeff39546260 openmotif-devel-2.2.3-5.RHEL3.2.x86_64.rpm 901cfdff883c390159e7510c7beb108d openmotif21-2.1.30-9.RHEL3.6.i386.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openmotif-2.2.3-9.RHEL4.1.src.rpm 33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openmotif21-2.1.30-11.RHEL4.4.src.rpm 36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm i386: 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm ia64: 908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm 8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm 776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm ppc: c332f25632c26bf2b5d55960bc93f9c1 openmotif-2.2.3-9.RHEL4.1.ppc.rpm 4f98953c059ffe207e12159128927006 openmotif-2.2.3-9.RHEL4.1.ppc64.rpm 5c96da3bcfbc5cfd01a60bc0a3ee8e0c openmotif-devel-2.2.3-9.RHEL4.1.ppc.rpm s390: 4f764a6ad8dc046b16b578c71a9dd733 openmotif-2.2.3-9.RHEL4.1.s390.rpm e9f3bd11e16b08fb2d87d052f90923bc openmotif-devel-2.2.3-9.RHEL4.1.s390.rpm s390x: 4e2615987a0ab95371f0d979db6eff0d openmotif-2.2.3-9.RHEL4.1.s390x.rpm 4f764a6ad8dc046b16b578c71a9dd733 openmotif-2.2.3-9.RHEL4.1.s390.rpm 52affcfcf476d51deaa3fd775aa5646b openmotif-devel-2.2.3-9.RHEL4.1.s390x.rpm x86_64: bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openmotif-2.2.3-9.RHEL4.1.src.rpm 33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openmotif21-2.1.30-11.RHEL4.4.src.rpm 36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm i386: 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm x86_64: bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openmotif-2.2.3-9.RHEL4.1.src.rpm 33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openmotif21-2.1.30-11.RHEL4.4.src.rpm 36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm i386: 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm ia64: 908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm 8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm 776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm x86_64: bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openmotif-2.2.3-9.RHEL4.1.src.rpm 33a7a4ad7fe6ec6960f4ec09972954c8 openmotif-2.2.3-9.RHEL4.1.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openmotif21-2.1.30-11.RHEL4.4.src.rpm 36c7d95bc2d6cedec3ada3eeb575def1 openmotif21-2.1.30-11.RHEL4.4.src.rpm i386: 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm d7eade810dfacc7de2ab529600974405 openmotif-devel-2.2.3-9.RHEL4.1.i386.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm ia64: 908695c253844642ad38070cf17f7a58 openmotif-2.2.3-9.RHEL4.1.ia64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm 8168147910ce21b4bc5f89dfb22dae83 openmotif-devel-2.2.3-9.RHEL4.1.ia64.rpm 776371f184502bcf8b28d73701e580d5 openmotif21-2.1.30-11.RHEL4.4.ia64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm x86_64: bc3cfce66bea5a3b3900b4e7d07b3b90 openmotif-2.2.3-9.RHEL4.1.x86_64.rpm 023cc76d475a1a73f62103b8179ad27e openmotif-2.2.3-9.RHEL4.1.i386.rpm e657eee7a31222a98c1f6b5da0c2d234 openmotif-devel-2.2.3-9.RHEL4.1.x86_64.rpm 47fa2a0391dd9117626c946888bbc675 openmotif21-2.1.30-11.RHEL4.4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCgiTMXlSAg2UNWIIRAt9GAKC8Ncb1F30EJgunFRD6eNQKCIKS1wCeOEOW 4YCiWKEBFaKb0gc1Y4+Q/y4= =v9b2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 17 14:37:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 May 2005 10:37 -0400 Subject: [RHSA-2005:371-01] Moderate: ncpfs security update Message-ID: <200505171437.j4HEbDZ02150@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ncpfs security update Advisory ID: RHSA-2005:371-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-371.html Issue date: 2005-05-17 Updated on: 2005-05-17 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0013 - --------------------------------------------------------------------- 1. Summary: An updated ncpfs package is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 3. Problem description: Ncpfs is a file system that understands the Novell NetWare(TM) NCP protocol. A bug was found in the way ncpfs handled file permissions. ncpfs did not sufficiently check if the file owner matched the user attempting to access the file, potentially violating the file permissions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0013 to this issue. All users of ncpfs are advised to upgrade to this updated package, which contains backported fixes for this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ncpfs-2.2.0.18-6.EL2.src.rpm 97fc82b06243d3344766a6c83d7ce2cc ncpfs-2.2.0.18-6.EL2.src.rpm i386: 8000785605e0093e0a51689a63fa56c9 ipxutils-2.2.0.18-6.EL2.i386.rpm d38e5b535f4fc5a14d456a13b22c0532 ncpfs-2.2.0.18-6.EL2.i386.rpm ia64: 1a46f4110cccbcebfc679f1371774c88 ipxutils-2.2.0.18-6.EL2.ia64.rpm 4e5a20f0012d01b177762ed8c557105f ncpfs-2.2.0.18-6.EL2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ncpfs-2.2.0.18-6.EL2.src.rpm 97fc82b06243d3344766a6c83d7ce2cc ncpfs-2.2.0.18-6.EL2.src.rpm ia64: 1a46f4110cccbcebfc679f1371774c88 ipxutils-2.2.0.18-6.EL2.ia64.rpm 4e5a20f0012d01b177762ed8c557105f ncpfs-2.2.0.18-6.EL2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ncpfs-2.2.0.18-6.EL2.src.rpm 97fc82b06243d3344766a6c83d7ce2cc ncpfs-2.2.0.18-6.EL2.src.rpm i386: 8000785605e0093e0a51689a63fa56c9 ipxutils-2.2.0.18-6.EL2.i386.rpm d38e5b535f4fc5a14d456a13b22c0532 ncpfs-2.2.0.18-6.EL2.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0013 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCigGHXlSAg2UNWIIRAtl7AKCOfSLuoLuVYgw5H3iBbsClu32O8wCeMhFr kjOtpDzSbnsvvSRmSM0k5BY= =mihg -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 17 14:37:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 May 2005 10:37 -0400 Subject: [RHSA-2005:393-01] Important: kdelibs security update Message-ID: <200505171437.j4HEbmZ02165@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kdelibs security update Advisory ID: RHSA-2005:393-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-393.html Issue date: 2005-05-17 Updated on: 2005-05-17 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1046 - --------------------------------------------------------------------- 1. Summary: Updated kdelibs packages that fix a flaw in kimgio input validation are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: KDE is a graphical desktop environment for the X Window System. Konqueror is the file manager for the K Desktop Environment. A source code audit performed by the KDE security team discovered several vulnerabilities in the PCX and other image file format readers. A buffer overflow was found in the kimgio library for KDE 3.4.0. An attacker could create a carefully crafted PCX image in such a way that it would cause kimgio to execute arbitrary code when processing the image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1046 to this issue. All users of kdelibs should upgrade to these updated packages, which contain a backported security patch to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-3.10.src.rpm bce4c06fafe21d3efe6861baccdb336f kdelibs-3.3.1-3.10.src.rpm i386: f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 663a4623ae7b79383c901ddd604f40c1 kdelibs-devel-3.3.1-3.10.i386.rpm ia64: d71ca353358cc55e8b095909b33a384a kdelibs-3.3.1-3.10.ia64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 6a6aee95de4b0e2c648cb333230e956c kdelibs-devel-3.3.1-3.10.ia64.rpm ppc: 08f0b8a2dd54fcc21fd32bd713b10625 kdelibs-3.3.1-3.10.ppc.rpm 2a5859b0b379c8cd5019e312afb75d13 kdelibs-3.3.1-3.10.ppc64.rpm 933042fd45c59372b1ed3dab95cb8608 kdelibs-devel-3.3.1-3.10.ppc.rpm s390: 7528c1d9e4bd655f1dbb29b0f784bd03 kdelibs-3.3.1-3.10.s390.rpm 6cbfdb4ed57dd476416a4626b234878a kdelibs-devel-3.3.1-3.10.s390.rpm s390x: d6c32e2c18773a37c24c0764c26ff8da kdelibs-3.3.1-3.10.s390x.rpm 7528c1d9e4bd655f1dbb29b0f784bd03 kdelibs-3.3.1-3.10.s390.rpm 9f7ad40ee12f4fdf898320d61943108d kdelibs-devel-3.3.1-3.10.s390x.rpm x86_64: d732485d3f1c19f0caa1e3c93acacd1d kdelibs-3.3.1-3.10.x86_64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 84cba787f9f5c96b6ef205a269864d26 kdelibs-devel-3.3.1-3.10.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-3.10.src.rpm bce4c06fafe21d3efe6861baccdb336f kdelibs-3.3.1-3.10.src.rpm i386: f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 663a4623ae7b79383c901ddd604f40c1 kdelibs-devel-3.3.1-3.10.i386.rpm x86_64: d732485d3f1c19f0caa1e3c93acacd1d kdelibs-3.3.1-3.10.x86_64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 84cba787f9f5c96b6ef205a269864d26 kdelibs-devel-3.3.1-3.10.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-3.10.src.rpm bce4c06fafe21d3efe6861baccdb336f kdelibs-3.3.1-3.10.src.rpm i386: f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 663a4623ae7b79383c901ddd604f40c1 kdelibs-devel-3.3.1-3.10.i386.rpm ia64: d71ca353358cc55e8b095909b33a384a kdelibs-3.3.1-3.10.ia64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 6a6aee95de4b0e2c648cb333230e956c kdelibs-devel-3.3.1-3.10.ia64.rpm x86_64: d732485d3f1c19f0caa1e3c93acacd1d kdelibs-3.3.1-3.10.x86_64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 84cba787f9f5c96b6ef205a269864d26 kdelibs-devel-3.3.1-3.10.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-3.10.src.rpm bce4c06fafe21d3efe6861baccdb336f kdelibs-3.3.1-3.10.src.rpm i386: 663a4623ae7b79383c901ddd604f40c1 kdelibs-devel-3.3.1-3.10.i386.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm ia64: d71ca353358cc55e8b095909b33a384a kdelibs-3.3.1-3.10.ia64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 6a6aee95de4b0e2c648cb333230e956c kdelibs-devel-3.3.1-3.10.ia64.rpm x86_64: d732485d3f1c19f0caa1e3c93acacd1d kdelibs-3.3.1-3.10.x86_64.rpm f3fd454b5cc31b9b64160fef728f8e2b kdelibs-3.3.1-3.10.i386.rpm 84cba787f9f5c96b6ef205a269864d26 kdelibs-devel-3.3.1-3.10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://bugs.kde.org/102328 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1046 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCigGrXlSAg2UNWIIRApwfAJ905MdXP+GK6F0sR89GpCT+fcwqRgCfQpRU 90EW8PBtQmu4kOXT/sSiZBw= =lwzS -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 17 14:38:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 May 2005 10:38 -0400 Subject: [RHSA-2005:408-01] Moderate: cyrus-imapd security update Message-ID: <200505171438.j4HEcQZ02174@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: cyrus-imapd security update Advisory ID: RHSA-2005:408-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-408.html Issue date: 2005-05-17 Updated on: 2005-05-17 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0546 - --------------------------------------------------------------------- 1. Summary: Updated cyrus-imapd packages that fix several buffer overflow security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The cyrus-imapd package contains the core of the Cyrus IMAP server. Several buffer overflow bugs were found in cyrus-imapd. It is possible that an authenticated malicious user could cause the imap server to crash. Additionally, a peer news admin could potentially execute arbitrary code on the imap server when news is received using the fetchnews command. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0546 to this issue. Users of cyrus-imapd are advised to upgrade to these updated packages, which contain cyrus-imapd version 2.2.12 to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm 4b3fa71b394dbd0e8c87a29c5a56b286 cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm i386: 68c478ca17ecb402c8d6044a08fbbf97 cyrus-imapd-2.2.12-3.RHEL4.1.i386.rpm b0e73a633a3f420cb7c1b3201bbb6ab4 cyrus-imapd-devel-2.2.12-3.RHEL4.1.i386.rpm 0b417a838fde38c48e118bbae7adb5de cyrus-imapd-murder-2.2.12-3.RHEL4.1.i386.rpm 60d37f09e9b5db67a90b26d899eef10e cyrus-imapd-nntp-2.2.12-3.RHEL4.1.i386.rpm 125973b27ff9c214fdcade6adfbbab4c cyrus-imapd-utils-2.2.12-3.RHEL4.1.i386.rpm adf11c07b7572a803fba0694b10a9bf3 perl-Cyrus-2.2.12-3.RHEL4.1.i386.rpm ia64: 47e38551bf642b9f3c950e4d73014963 cyrus-imapd-2.2.12-3.RHEL4.1.ia64.rpm 4c7ca20e0b41290767236bc7cebced40 cyrus-imapd-devel-2.2.12-3.RHEL4.1.ia64.rpm 892adc82d6b337d5b838de06b31f6005 cyrus-imapd-murder-2.2.12-3.RHEL4.1.ia64.rpm 2d15fe37eaa0e6e82294b2fb4448824c cyrus-imapd-nntp-2.2.12-3.RHEL4.1.ia64.rpm e7d894fce5d9dfe8f17fcdbbd80280ee cyrus-imapd-utils-2.2.12-3.RHEL4.1.ia64.rpm 0d5ce4154308b7ad7796c9517c1b6fcd perl-Cyrus-2.2.12-3.RHEL4.1.ia64.rpm ppc: 0cf0e912e3d10a013f875ca75f6ed117 cyrus-imapd-2.2.12-3.RHEL4.1.ppc.rpm 76e6a47a7b15caf6bdf770d8c8e9ceb2 cyrus-imapd-devel-2.2.12-3.RHEL4.1.ppc.rpm c70639b4245a12ccc5d7d81cbe8a8262 cyrus-imapd-murder-2.2.12-3.RHEL4.1.ppc.rpm 9aa309aef2579944259cb7ffe8245488 cyrus-imapd-nntp-2.2.12-3.RHEL4.1.ppc.rpm f1c85a497a0e80e1ceaa146b2e78a742 cyrus-imapd-utils-2.2.12-3.RHEL4.1.ppc.rpm cc16c62094b302d9411f3be1ee38ab09 perl-Cyrus-2.2.12-3.RHEL4.1.ppc.rpm s390: f7dc2f55144bb5f4fc608811f80323a0 cyrus-imapd-2.2.12-3.RHEL4.1.s390.rpm f1b97671e20f3af01272f848b42f254e cyrus-imapd-devel-2.2.12-3.RHEL4.1.s390.rpm 00103a5a070125fd21b8e474bf321ec1 cyrus-imapd-murder-2.2.12-3.RHEL4.1.s390.rpm e49e2d04a077d8f7478eb0f0d43fe91e cyrus-imapd-nntp-2.2.12-3.RHEL4.1.s390.rpm 0918d048e49457ece8c2e772a0ff2a2b cyrus-imapd-utils-2.2.12-3.RHEL4.1.s390.rpm 9dcb24d38c2bc3f5506a742e526f2ebc perl-Cyrus-2.2.12-3.RHEL4.1.s390.rpm s390x: 45b6b8d9c21885c76263dc59b3b8e612 cyrus-imapd-2.2.12-3.RHEL4.1.s390x.rpm 624f870b32646960b4b02b0b38395f0c cyrus-imapd-devel-2.2.12-3.RHEL4.1.s390x.rpm 3785bb0f2410fbecdd19b0c4d006ad19 cyrus-imapd-murder-2.2.12-3.RHEL4.1.s390x.rpm 3b5acbdc0b46d079e033ecb1c7f5702c cyrus-imapd-nntp-2.2.12-3.RHEL4.1.s390x.rpm 27a4e0d1eb725896dad32f01bd29ed58 cyrus-imapd-utils-2.2.12-3.RHEL4.1.s390x.rpm 2f229a87ffcf945db5fece6ef5f1882b perl-Cyrus-2.2.12-3.RHEL4.1.s390x.rpm x86_64: 66c83d5825b3487300365d4d5d6f65f9 cyrus-imapd-2.2.12-3.RHEL4.1.x86_64.rpm bae570996e911c09e130cfafbd006ae7 cyrus-imapd-devel-2.2.12-3.RHEL4.1.x86_64.rpm a665893a93037f024419f31b0647d684 cyrus-imapd-murder-2.2.12-3.RHEL4.1.x86_64.rpm 723ffd10890a8c6ca91496a3d0f66511 cyrus-imapd-nntp-2.2.12-3.RHEL4.1.x86_64.rpm 03b502fd34bc8a1c3bcfcc4d7b987dfb cyrus-imapd-utils-2.2.12-3.RHEL4.1.x86_64.rpm f785bfaab819a7fba7ecee0313c85dba perl-Cyrus-2.2.12-3.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm 4b3fa71b394dbd0e8c87a29c5a56b286 cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm i386: 68c478ca17ecb402c8d6044a08fbbf97 cyrus-imapd-2.2.12-3.RHEL4.1.i386.rpm b0e73a633a3f420cb7c1b3201bbb6ab4 cyrus-imapd-devel-2.2.12-3.RHEL4.1.i386.rpm 0b417a838fde38c48e118bbae7adb5de cyrus-imapd-murder-2.2.12-3.RHEL4.1.i386.rpm 60d37f09e9b5db67a90b26d899eef10e cyrus-imapd-nntp-2.2.12-3.RHEL4.1.i386.rpm 125973b27ff9c214fdcade6adfbbab4c cyrus-imapd-utils-2.2.12-3.RHEL4.1.i386.rpm adf11c07b7572a803fba0694b10a9bf3 perl-Cyrus-2.2.12-3.RHEL4.1.i386.rpm x86_64: 66c83d5825b3487300365d4d5d6f65f9 cyrus-imapd-2.2.12-3.RHEL4.1.x86_64.rpm bae570996e911c09e130cfafbd006ae7 cyrus-imapd-devel-2.2.12-3.RHEL4.1.x86_64.rpm a665893a93037f024419f31b0647d684 cyrus-imapd-murder-2.2.12-3.RHEL4.1.x86_64.rpm 723ffd10890a8c6ca91496a3d0f66511 cyrus-imapd-nntp-2.2.12-3.RHEL4.1.x86_64.rpm 03b502fd34bc8a1c3bcfcc4d7b987dfb cyrus-imapd-utils-2.2.12-3.RHEL4.1.x86_64.rpm f785bfaab819a7fba7ecee0313c85dba perl-Cyrus-2.2.12-3.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm 4b3fa71b394dbd0e8c87a29c5a56b286 cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm i386: 68c478ca17ecb402c8d6044a08fbbf97 cyrus-imapd-2.2.12-3.RHEL4.1.i386.rpm b0e73a633a3f420cb7c1b3201bbb6ab4 cyrus-imapd-devel-2.2.12-3.RHEL4.1.i386.rpm 0b417a838fde38c48e118bbae7adb5de cyrus-imapd-murder-2.2.12-3.RHEL4.1.i386.rpm 60d37f09e9b5db67a90b26d899eef10e cyrus-imapd-nntp-2.2.12-3.RHEL4.1.i386.rpm 125973b27ff9c214fdcade6adfbbab4c cyrus-imapd-utils-2.2.12-3.RHEL4.1.i386.rpm adf11c07b7572a803fba0694b10a9bf3 perl-Cyrus-2.2.12-3.RHEL4.1.i386.rpm ia64: 47e38551bf642b9f3c950e4d73014963 cyrus-imapd-2.2.12-3.RHEL4.1.ia64.rpm 4c7ca20e0b41290767236bc7cebced40 cyrus-imapd-devel-2.2.12-3.RHEL4.1.ia64.rpm 892adc82d6b337d5b838de06b31f6005 cyrus-imapd-murder-2.2.12-3.RHEL4.1.ia64.rpm 2d15fe37eaa0e6e82294b2fb4448824c cyrus-imapd-nntp-2.2.12-3.RHEL4.1.ia64.rpm e7d894fce5d9dfe8f17fcdbbd80280ee cyrus-imapd-utils-2.2.12-3.RHEL4.1.ia64.rpm 0d5ce4154308b7ad7796c9517c1b6fcd perl-Cyrus-2.2.12-3.RHEL4.1.ia64.rpm x86_64: 66c83d5825b3487300365d4d5d6f65f9 cyrus-imapd-2.2.12-3.RHEL4.1.x86_64.rpm bae570996e911c09e130cfafbd006ae7 cyrus-imapd-devel-2.2.12-3.RHEL4.1.x86_64.rpm a665893a93037f024419f31b0647d684 cyrus-imapd-murder-2.2.12-3.RHEL4.1.x86_64.rpm 723ffd10890a8c6ca91496a3d0f66511 cyrus-imapd-nntp-2.2.12-3.RHEL4.1.x86_64.rpm 03b502fd34bc8a1c3bcfcc4d7b987dfb cyrus-imapd-utils-2.2.12-3.RHEL4.1.x86_64.rpm f785bfaab819a7fba7ecee0313c85dba perl-Cyrus-2.2.12-3.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm 4b3fa71b394dbd0e8c87a29c5a56b286 cyrus-imapd-2.2.12-3.RHEL4.1.src.rpm i386: 68c478ca17ecb402c8d6044a08fbbf97 cyrus-imapd-2.2.12-3.RHEL4.1.i386.rpm b0e73a633a3f420cb7c1b3201bbb6ab4 cyrus-imapd-devel-2.2.12-3.RHEL4.1.i386.rpm 0b417a838fde38c48e118bbae7adb5de cyrus-imapd-murder-2.2.12-3.RHEL4.1.i386.rpm 60d37f09e9b5db67a90b26d899eef10e cyrus-imapd-nntp-2.2.12-3.RHEL4.1.i386.rpm 125973b27ff9c214fdcade6adfbbab4c cyrus-imapd-utils-2.2.12-3.RHEL4.1.i386.rpm adf11c07b7572a803fba0694b10a9bf3 perl-Cyrus-2.2.12-3.RHEL4.1.i386.rpm ia64: 47e38551bf642b9f3c950e4d73014963 cyrus-imapd-2.2.12-3.RHEL4.1.ia64.rpm 4c7ca20e0b41290767236bc7cebced40 cyrus-imapd-devel-2.2.12-3.RHEL4.1.ia64.rpm 892adc82d6b337d5b838de06b31f6005 cyrus-imapd-murder-2.2.12-3.RHEL4.1.ia64.rpm 2d15fe37eaa0e6e82294b2fb4448824c cyrus-imapd-nntp-2.2.12-3.RHEL4.1.ia64.rpm e7d894fce5d9dfe8f17fcdbbd80280ee cyrus-imapd-utils-2.2.12-3.RHEL4.1.ia64.rpm 0d5ce4154308b7ad7796c9517c1b6fcd perl-Cyrus-2.2.12-3.RHEL4.1.ia64.rpm x86_64: 66c83d5825b3487300365d4d5d6f65f9 cyrus-imapd-2.2.12-3.RHEL4.1.x86_64.rpm bae570996e911c09e130cfafbd006ae7 cyrus-imapd-devel-2.2.12-3.RHEL4.1.x86_64.rpm a665893a93037f024419f31b0647d684 cyrus-imapd-murder-2.2.12-3.RHEL4.1.x86_64.rpm 723ffd10890a8c6ca91496a3d0f66511 cyrus-imapd-nntp-2.2.12-3.RHEL4.1.x86_64.rpm 03b502fd34bc8a1c3bcfcc4d7b987dfb cyrus-imapd-utils-2.2.12-3.RHEL4.1.x86_64.rpm f785bfaab819a7fba7ecee0313c85dba perl-Cyrus-2.2.12-3.RHEL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0546 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCigHPXlSAg2UNWIIRAlY5AJ9Vy0ESYWQQFjEL3Fcpc2v8wcnJKQCgtapz ZAVvd04w1pc+FwnrDJjnRkA= =ZppM -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 18 15:00:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 May 2005 11:00 -0400 Subject: [RHSA-2005:074-01] Low: rsh security update Message-ID: <200505181500.j4IF0IZ08309@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: rsh security update Advisory ID: RHSA-2005:074-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-074.html Issue date: 2005-05-18 Updated on: 2005-05-18 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-0175 - --------------------------------------------------------------------- 1. Summary: Updated rsh packages that fix various bugs and a theoretical security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The rsh package contains a set of programs that allow users to run commands on remote machines, login to other machines, and copy files between machines, using the rsh, rlogin, and rcp commands. All three of these commands use rhosts-style authentication. The rcp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses rcp to copy files from a malicious server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0175 to this issue. These updated packages also address the following bugs: The rexec command failed with "Invalid Argument", because the code used sigaction() as an unsupported signal. The rlogind server reported "SIGCHLD set to SIG_IGN but calls wait()" message to the system log because the original BSD code was ported incorrectly to linux. The rexecd server did not function on systems where client hostnames were not in the DNS service, because server code called gethostbyaddr() for each new connection. The rcp command incorrectly used the "errno" variable and produced erroneous error messages. The rexecd command ignored settings in the /etc/security/limits file, because the PAM session was incorrectly initialized. The rexec command prompted for username and password regardless of the ~/.netrc configuration file contents. This updated package contains a patch that no longer skips the ~/.netrc file. All users of rsh should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rsh-0.17-17.6.src.rpm 9db33654428c9f2a68ae4fc3d3538b45 rsh-0.17-17.6.src.rpm i386: d3c9d0998a481654e6aa70bae6d81284 rsh-0.17-17.6.i386.rpm 458e22f5bbb542402ff7f1d5b31d8efc rsh-server-0.17-17.6.i386.rpm ia64: 0ef714b4988d67746492c7fcc94c6505 rsh-0.17-17.6.ia64.rpm c5ffc16936049d313396840c1340b190 rsh-server-0.17-17.6.ia64.rpm ppc: b95b84629007515d08ebdb9dbfc3ef2f rsh-0.17-17.6.ppc.rpm fb95ecdabcdf4a94d3438d86c66fa10c rsh-server-0.17-17.6.ppc.rpm s390: 3aeade4296a8fbef841988fa0931a627 rsh-0.17-17.6.s390.rpm b974c6cfe31f0baa9863d543d4fbbc6c rsh-server-0.17-17.6.s390.rpm s390x: 40007c9ed95ad284c2d6863bff54a69c rsh-0.17-17.6.s390x.rpm 63df1e561f4ccd2d0a088e3c419e1647 rsh-server-0.17-17.6.s390x.rpm x86_64: d5a8b840af161bf40970e8d51b5be791 rsh-0.17-17.6.x86_64.rpm bc656e79fc3002249f5eb17d4993f67b rsh-server-0.17-17.6.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rsh-0.17-17.6.src.rpm 9db33654428c9f2a68ae4fc3d3538b45 rsh-0.17-17.6.src.rpm i386: d3c9d0998a481654e6aa70bae6d81284 rsh-0.17-17.6.i386.rpm 458e22f5bbb542402ff7f1d5b31d8efc rsh-server-0.17-17.6.i386.rpm x86_64: d5a8b840af161bf40970e8d51b5be791 rsh-0.17-17.6.x86_64.rpm bc656e79fc3002249f5eb17d4993f67b rsh-server-0.17-17.6.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rsh-0.17-17.6.src.rpm 9db33654428c9f2a68ae4fc3d3538b45 rsh-0.17-17.6.src.rpm i386: d3c9d0998a481654e6aa70bae6d81284 rsh-0.17-17.6.i386.rpm 458e22f5bbb542402ff7f1d5b31d8efc rsh-server-0.17-17.6.i386.rpm ia64: 0ef714b4988d67746492c7fcc94c6505 rsh-0.17-17.6.ia64.rpm c5ffc16936049d313396840c1340b190 rsh-server-0.17-17.6.ia64.rpm x86_64: d5a8b840af161bf40970e8d51b5be791 rsh-0.17-17.6.x86_64.rpm bc656e79fc3002249f5eb17d4993f67b rsh-server-0.17-17.6.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rsh-0.17-17.6.src.rpm 9db33654428c9f2a68ae4fc3d3538b45 rsh-0.17-17.6.src.rpm i386: d3c9d0998a481654e6aa70bae6d81284 rsh-0.17-17.6.i386.rpm 458e22f5bbb542402ff7f1d5b31d8efc rsh-server-0.17-17.6.i386.rpm ia64: 0ef714b4988d67746492c7fcc94c6505 rsh-0.17-17.6.ia64.rpm c5ffc16936049d313396840c1340b190 rsh-server-0.17-17.6.ia64.rpm x86_64: d5a8b840af161bf40970e8d51b5be791 rsh-0.17-17.6.x86_64.rpm bc656e79fc3002249f5eb17d4993f67b rsh-server-0.17-17.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCi1h2XlSAg2UNWIIRAtTfAJ9zQ0XP7Qu5H6yFQl9EttN5x7vleACgxGOE bIIhkSqPwsIeprtg9vFDKuM= =ST+E -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 18 15:00:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 May 2005 11:00 -0400 Subject: [RHSA-2005:106-01] Low: openssh security update Message-ID: <200505181500.j4IF0iZ08346@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openssh security update Advisory ID: RHSA-2005:106-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-106.html Issue date: 2005-05-18 Updated on: 2005-05-18 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-0175 - --------------------------------------------------------------------- 1. Summary: Updated openssh packages that fix a potential security vulnerability and various other bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH replaces rlogin and rsh, and provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over a secure channel. Public key authentication can be used for "passwordless" access to servers. The scp protocol allows a server to instruct a client to write to arbitrary files outside of the current directory. This could potentially cause a security issue if a user uses scp to copy files from a malicious server. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0175 to this issue. These updated packages also correct the following bugs: On systems where direct ssh access for the root user was disabled by configuration (setting "PermitRootLogin no"), attempts to guess the root password could be judged as sucessful or unsucessful by observing a delay. On systems where the privilege separation feature was turned on, the user resource limits were not correctly set if the configuration specified to raise them above the defaults. It was also not possible to change an expired password. Users of openssh should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssh-3.6.1p2-33.30.4.src.rpm 7b60311a6205015c1424255894ca4543 openssh-3.6.1p2-33.30.4.src.rpm i386: 0632bc50698ebced00b31dbbfc077e76 openssh-3.6.1p2-33.30.4.i386.rpm c4bee6055d508780f44a928f707a2942 openssh-askpass-3.6.1p2-33.30.4.i386.rpm 5f5a04f9ca345ac8a5344754eddd02c6 openssh-askpass-gnome-3.6.1p2-33.30.4.i386.rpm eac41215547b25b22bc3d9a04544e39b openssh-clients-3.6.1p2-33.30.4.i386.rpm c2f2365016bfb9edf13a2480c6d15c34 openssh-server-3.6.1p2-33.30.4.i386.rpm ia64: cc138291b474a67970caa97bfad1c9b4 openssh-3.6.1p2-33.30.4.ia64.rpm dbad4a3430f94fa2be8563feec3f1ff3 openssh-askpass-3.6.1p2-33.30.4.ia64.rpm cfbb0ef73bf3a47f54a99511748bd907 openssh-askpass-gnome-3.6.1p2-33.30.4.ia64.rpm f4a09d1562bec81d463a5067dc61d9f1 openssh-clients-3.6.1p2-33.30.4.ia64.rpm 1e333c07f46051095636411a3bb590db openssh-server-3.6.1p2-33.30.4.ia64.rpm ppc: cc038b17c27936940e3819b17bf11956 openssh-3.6.1p2-33.30.4.ppc.rpm 79bef55a16572ac51b81cdb39b14a01e openssh-askpass-3.6.1p2-33.30.4.ppc.rpm 96505d5f6b55d00f17dd2c4b053bed8e openssh-askpass-gnome-3.6.1p2-33.30.4.ppc.rpm 935fafdfab1cf6a2b7479c4f0d8c6275 openssh-clients-3.6.1p2-33.30.4.ppc.rpm 1e61209b257a8463aff9b5a58ce69bf5 openssh-server-3.6.1p2-33.30.4.ppc.rpm s390: e083bf6bdb36b498b49813b39da29cda openssh-3.6.1p2-33.30.4.s390.rpm ee6c07b7c35db92766b9988d89c29822 openssh-askpass-3.6.1p2-33.30.4.s390.rpm b32f9f334ed9f3f6060ebfa5ea85ac2c openssh-askpass-gnome-3.6.1p2-33.30.4.s390.rpm c6b895eb572e105ff777536f4c476079 openssh-clients-3.6.1p2-33.30.4.s390.rpm 4d0442b0e84c30d69046543d214e41df openssh-server-3.6.1p2-33.30.4.s390.rpm s390x: e27813586fe755d41cfe7ac09ca7e645 openssh-3.6.1p2-33.30.4.s390x.rpm 8f3087efbde89ed9512c44a335686da0 openssh-askpass-3.6.1p2-33.30.4.s390x.rpm f14783534ab464aa5086548846b9a19c openssh-askpass-gnome-3.6.1p2-33.30.4.s390x.rpm f044e71865f218b35558163fe81b3791 openssh-clients-3.6.1p2-33.30.4.s390x.rpm 975d8accdeae65a76420ac99d44b5644 openssh-server-3.6.1p2-33.30.4.s390x.rpm x86_64: 82a0cd578d39f1063764c4552e2a20a0 openssh-3.6.1p2-33.30.4.x86_64.rpm 6ca6fdf9cbd4dcfda939b0034fd173c5 openssh-askpass-3.6.1p2-33.30.4.x86_64.rpm 22e7c2186dba1af27e4c593f5c78df3b openssh-askpass-gnome-3.6.1p2-33.30.4.x86_64.rpm e7ddaf24841bcdfae67e01d7be62bfcd openssh-clients-3.6.1p2-33.30.4.x86_64.rpm cb07647a04a3c4e1727f302da26102be openssh-server-3.6.1p2-33.30.4.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssh-3.6.1p2-33.30.4.src.rpm 7b60311a6205015c1424255894ca4543 openssh-3.6.1p2-33.30.4.src.rpm i386: 0632bc50698ebced00b31dbbfc077e76 openssh-3.6.1p2-33.30.4.i386.rpm c4bee6055d508780f44a928f707a2942 openssh-askpass-3.6.1p2-33.30.4.i386.rpm 5f5a04f9ca345ac8a5344754eddd02c6 openssh-askpass-gnome-3.6.1p2-33.30.4.i386.rpm eac41215547b25b22bc3d9a04544e39b openssh-clients-3.6.1p2-33.30.4.i386.rpm c2f2365016bfb9edf13a2480c6d15c34 openssh-server-3.6.1p2-33.30.4.i386.rpm x86_64: 82a0cd578d39f1063764c4552e2a20a0 openssh-3.6.1p2-33.30.4.x86_64.rpm 6ca6fdf9cbd4dcfda939b0034fd173c5 openssh-askpass-3.6.1p2-33.30.4.x86_64.rpm 22e7c2186dba1af27e4c593f5c78df3b openssh-askpass-gnome-3.6.1p2-33.30.4.x86_64.rpm e7ddaf24841bcdfae67e01d7be62bfcd openssh-clients-3.6.1p2-33.30.4.x86_64.rpm cb07647a04a3c4e1727f302da26102be openssh-server-3.6.1p2-33.30.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssh-3.6.1p2-33.30.4.src.rpm 7b60311a6205015c1424255894ca4543 openssh-3.6.1p2-33.30.4.src.rpm i386: 0632bc50698ebced00b31dbbfc077e76 openssh-3.6.1p2-33.30.4.i386.rpm c4bee6055d508780f44a928f707a2942 openssh-askpass-3.6.1p2-33.30.4.i386.rpm 5f5a04f9ca345ac8a5344754eddd02c6 openssh-askpass-gnome-3.6.1p2-33.30.4.i386.rpm eac41215547b25b22bc3d9a04544e39b openssh-clients-3.6.1p2-33.30.4.i386.rpm c2f2365016bfb9edf13a2480c6d15c34 openssh-server-3.6.1p2-33.30.4.i386.rpm ia64: cc138291b474a67970caa97bfad1c9b4 openssh-3.6.1p2-33.30.4.ia64.rpm dbad4a3430f94fa2be8563feec3f1ff3 openssh-askpass-3.6.1p2-33.30.4.ia64.rpm cfbb0ef73bf3a47f54a99511748bd907 openssh-askpass-gnome-3.6.1p2-33.30.4.ia64.rpm f4a09d1562bec81d463a5067dc61d9f1 openssh-clients-3.6.1p2-33.30.4.ia64.rpm 1e333c07f46051095636411a3bb590db openssh-server-3.6.1p2-33.30.4.ia64.rpm x86_64: 82a0cd578d39f1063764c4552e2a20a0 openssh-3.6.1p2-33.30.4.x86_64.rpm 6ca6fdf9cbd4dcfda939b0034fd173c5 openssh-askpass-3.6.1p2-33.30.4.x86_64.rpm 22e7c2186dba1af27e4c593f5c78df3b openssh-askpass-gnome-3.6.1p2-33.30.4.x86_64.rpm e7ddaf24841bcdfae67e01d7be62bfcd openssh-clients-3.6.1p2-33.30.4.x86_64.rpm cb07647a04a3c4e1727f302da26102be openssh-server-3.6.1p2-33.30.4.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssh-3.6.1p2-33.30.4.src.rpm 7b60311a6205015c1424255894ca4543 openssh-3.6.1p2-33.30.4.src.rpm i386: 0632bc50698ebced00b31dbbfc077e76 openssh-3.6.1p2-33.30.4.i386.rpm c4bee6055d508780f44a928f707a2942 openssh-askpass-3.6.1p2-33.30.4.i386.rpm 5f5a04f9ca345ac8a5344754eddd02c6 openssh-askpass-gnome-3.6.1p2-33.30.4.i386.rpm eac41215547b25b22bc3d9a04544e39b openssh-clients-3.6.1p2-33.30.4.i386.rpm c2f2365016bfb9edf13a2480c6d15c34 openssh-server-3.6.1p2-33.30.4.i386.rpm ia64: cc138291b474a67970caa97bfad1c9b4 openssh-3.6.1p2-33.30.4.ia64.rpm dbad4a3430f94fa2be8563feec3f1ff3 openssh-askpass-3.6.1p2-33.30.4.ia64.rpm cfbb0ef73bf3a47f54a99511748bd907 openssh-askpass-gnome-3.6.1p2-33.30.4.ia64.rpm f4a09d1562bec81d463a5067dc61d9f1 openssh-clients-3.6.1p2-33.30.4.ia64.rpm 1e333c07f46051095636411a3bb590db openssh-server-3.6.1p2-33.30.4.ia64.rpm x86_64: 82a0cd578d39f1063764c4552e2a20a0 openssh-3.6.1p2-33.30.4.x86_64.rpm 6ca6fdf9cbd4dcfda939b0034fd173c5 openssh-askpass-3.6.1p2-33.30.4.x86_64.rpm 22e7c2186dba1af27e4c593f5c78df3b openssh-askpass-gnome-3.6.1p2-33.30.4.x86_64.rpm e7ddaf24841bcdfae67e01d7be62bfcd openssh-clients-3.6.1p2-33.30.4.x86_64.rpm cb07647a04a3c4e1727f302da26102be openssh-server-3.6.1p2-33.30.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0175 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD4DBQFCi1iRXlSAg2UNWIIRApTfAJ9jD1aIDdnq8kvTBfZ84igEs6Du3gCWI9Ya LuuLMWGZEr4wPM0CmHEnjw== =MLZe -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 18 15:01:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 May 2005 11:01 -0400 Subject: [RHSA-2005:256-01] Low: glibc security update Message-ID: <200505181501.j4IF1hZ08487@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: glibc security update Advisory ID: RHSA-2005:256-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-256.html Issue date: 2005-05-18 Updated on: 2005-05-18 Product: Red Hat Enterprise Linux CVE Names: CAN-2004-1453 - --------------------------------------------------------------------- 1. Summary: Updated glibc packages that address several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The GNU libc packages (known as glibc) contain the standard C libraries used by applications. It was discovered that the use of LD_DEBUG, LD_SHOW_AUXV, and LD_DYNAMIC_WEAK were not restricted for a setuid program. A local user could utilize this flaw to gain information, such as the list of symbols used by the program. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1453 to this issue. This erratum addresses the following bugs in the GNU C Library: - - fix stack alignment in IA-32 clone - - fix double free in globfree - - fix fnmatch to avoid jumping based on unitialized memory read - - fix fseekpos after ungetc - - fix TZ env var handling if the variable ends with + or - - - avoid depending on values read from unitialized memory in strtold on certain architectures - - fix mapping alignment computation in dl-load - - fix i486+ strncat inline assembly - - make gethostid/sethostid work on bi-arch platforms - - fix ppc64 getcontext/swapcontext - - fix pthread_exit if called after pthread_create, but before the created thread actually started - - fix return values for tgamma (+-0) - - fix handling of very long lines in /etc/hosts - - avoid page aliasing of thread stacks on AMD64 - - avoid busy loop in malloc if concurrent with fork - - allow putenv and setenv in shared library constructors - - fix restoring of CCR in swapcontext and getcontext on ppc64 - - avoid using sigaction (SIGPIPE, ...) in syslog implementation All users of glibc should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/glibc-2.3.2-95.33.src.rpm 4a1413dc1c2ed5b8ca1e888b52903e67 glibc-2.3.2-95.33.src.rpm i386: 38ef6d71c603777043518faea84cd874 glibc-2.3.2-95.33.i386.rpm 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 0302f8c9b5f0b2744717807ccda6598b glibc-common-2.3.2-95.33.i386.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm ec241ce78161f57869cfa58df5c5410f glibc-headers-2.3.2-95.33.i386.rpm d247178d94b2937561d3884e32ae8960 glibc-profile-2.3.2-95.33.i386.rpm 7990834ace1bee4cb9c1e1765103634f glibc-utils-2.3.2-95.33.i386.rpm c9d4066b03f2f2118df532571d504e4a nptl-devel-2.3.2-95.33.i686.rpm 38cca3ff70eaeff0aa83e499ebe73eaa nscd-2.3.2-95.33.i386.rpm ia64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 6d12bba3d1c0bc2ebc3e4a02074b15d1 glibc-2.3.2-95.33.ia64.rpm 2e18ed0272e15c13093679e74bd78e5c glibc-common-2.3.2-95.33.ia64.rpm 9fbcce4346a0b3d23c421075e36e248b glibc-devel-2.3.2-95.33.ia64.rpm 5566025583809acfb59cb5fe820938cf glibc-headers-2.3.2-95.33.ia64.rpm eb4749108e37bb64e92bd2b0d0602491 glibc-profile-2.3.2-95.33.ia64.rpm 8e199502eff82035cb7f60121c3e8138 glibc-utils-2.3.2-95.33.ia64.rpm 0caad865faec13eb2458d17e253c2459 nptl-devel-2.3.2-95.33.ia64.rpm a906bb0fb6da2e05943e91df60b6b783 nscd-2.3.2-95.33.ia64.rpm ppc: e371706a931feba91830114dbddd1d75 glibc-2.3.2-95.33.ppc.rpm 3c55ebba55390761b4e0dc58365c08a0 glibc-2.3.2-95.33.ppc64.rpm dcb1b22bbab420fc950bef4ed8d55877 glibc-common-2.3.2-95.33.ppc.rpm aa75138b5398edaf88ad671396cb9f15 glibc-devel-2.3.2-95.33.ppc.rpm 77abdbe55868b56d4af9529aeff63867 glibc-devel-2.3.2-95.33.ppc64.rpm a1fcd7679333f9af278eb75eceb75e5f glibc-headers-2.3.2-95.33.ppc.rpm 2cbe56648dc78d56ed4e60e872d01eef glibc-profile-2.3.2-95.33.ppc.rpm b817f639be83755de942286f8a875d27 glibc-utils-2.3.2-95.33.ppc.rpm b095e5fd9a4686141e72edb7d083254e nptl-devel-2.3.2-95.33.ppc.rpm 3f56dc2125f5858cdaee562b02b34026 nscd-2.3.2-95.33.ppc.rpm s390: fd6fdefb17fc147dcc01b7a182b9672b glibc-2.3.2-95.33.s390.rpm 53410dd06ca536c36a3767cf82222595 glibc-common-2.3.2-95.33.s390.rpm 83d89ee1e793c2e3ff07c742c65b4594 glibc-devel-2.3.2-95.33.s390.rpm 4140d0f0a79d5dc58e3141b392c4957f glibc-headers-2.3.2-95.33.s390.rpm ad6740e96b8dc68a24aa8befff0bae58 glibc-profile-2.3.2-95.33.s390.rpm 4aba46e3004b3a721f48fcc59ac2ac27 glibc-utils-2.3.2-95.33.s390.rpm c3e18cc9d359550505db4665127b5798 nptl-devel-2.3.2-95.33.s390.rpm 8e2af3b191f065d20c47e0c615c30fae nscd-2.3.2-95.33.s390.rpm s390x: fd6fdefb17fc147dcc01b7a182b9672b glibc-2.3.2-95.33.s390.rpm 7f339ea1ed69d3b780a894a2b83e6152 glibc-2.3.2-95.33.s390x.rpm 05e7d69d388a22dae7dbdbf46d6f32ae glibc-common-2.3.2-95.33.s390x.rpm 83d89ee1e793c2e3ff07c742c65b4594 glibc-devel-2.3.2-95.33.s390.rpm 2391d733a6d27cd09a78287160bfbaf1 glibc-devel-2.3.2-95.33.s390x.rpm 82397049423e2357a093d213b760b890 glibc-headers-2.3.2-95.33.s390x.rpm 11f5c4174c624e58fcf1ab342f0ec00e glibc-profile-2.3.2-95.33.s390x.rpm 1abfbc7084c7ca4c4b3a12df7b66e82a glibc-utils-2.3.2-95.33.s390x.rpm bbe1b463227faaf2ef8c103cf45aa4c8 nptl-devel-2.3.2-95.33.s390x.rpm 88123fc399010ddc0a675ab6fe90b9c2 nscd-2.3.2-95.33.s390x.rpm x86_64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 9ebc75909e0d49284158edaf91fc2d20 glibc-2.3.2-95.33.x86_64.rpm dba7ee37a032608a35c6ec4a7cc60bcc glibc-common-2.3.2-95.33.x86_64.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm 38fbdec566deb4298fff7ce41785c181 glibc-devel-2.3.2-95.33.x86_64.rpm 28ca3cea3f3bc8a45f98aaa04320957a glibc-headers-2.3.2-95.33.x86_64.rpm fe6eb8bcf9be423d44028ddefb71eadd glibc-profile-2.3.2-95.33.x86_64.rpm ed513dd77e497c9b8292e065f32d8b42 glibc-utils-2.3.2-95.33.x86_64.rpm a342fc180d66b16b44000b4c636c208f nptl-devel-2.3.2-95.33.x86_64.rpm eee89fd6a1ec4bc3cc146291fd796ec5 nscd-2.3.2-95.33.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/glibc-2.3.2-95.33.src.rpm 4a1413dc1c2ed5b8ca1e888b52903e67 glibc-2.3.2-95.33.src.rpm i386: 38ef6d71c603777043518faea84cd874 glibc-2.3.2-95.33.i386.rpm 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 0302f8c9b5f0b2744717807ccda6598b glibc-common-2.3.2-95.33.i386.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm ec241ce78161f57869cfa58df5c5410f glibc-headers-2.3.2-95.33.i386.rpm d247178d94b2937561d3884e32ae8960 glibc-profile-2.3.2-95.33.i386.rpm 7990834ace1bee4cb9c1e1765103634f glibc-utils-2.3.2-95.33.i386.rpm c9d4066b03f2f2118df532571d504e4a nptl-devel-2.3.2-95.33.i686.rpm 38cca3ff70eaeff0aa83e499ebe73eaa nscd-2.3.2-95.33.i386.rpm x86_64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 9ebc75909e0d49284158edaf91fc2d20 glibc-2.3.2-95.33.x86_64.rpm dba7ee37a032608a35c6ec4a7cc60bcc glibc-common-2.3.2-95.33.x86_64.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm 38fbdec566deb4298fff7ce41785c181 glibc-devel-2.3.2-95.33.x86_64.rpm 28ca3cea3f3bc8a45f98aaa04320957a glibc-headers-2.3.2-95.33.x86_64.rpm fe6eb8bcf9be423d44028ddefb71eadd glibc-profile-2.3.2-95.33.x86_64.rpm ed513dd77e497c9b8292e065f32d8b42 glibc-utils-2.3.2-95.33.x86_64.rpm a342fc180d66b16b44000b4c636c208f nptl-devel-2.3.2-95.33.x86_64.rpm eee89fd6a1ec4bc3cc146291fd796ec5 nscd-2.3.2-95.33.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/glibc-2.3.2-95.33.src.rpm 4a1413dc1c2ed5b8ca1e888b52903e67 glibc-2.3.2-95.33.src.rpm i386: 38ef6d71c603777043518faea84cd874 glibc-2.3.2-95.33.i386.rpm 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 0302f8c9b5f0b2744717807ccda6598b glibc-common-2.3.2-95.33.i386.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm ec241ce78161f57869cfa58df5c5410f glibc-headers-2.3.2-95.33.i386.rpm d247178d94b2937561d3884e32ae8960 glibc-profile-2.3.2-95.33.i386.rpm 7990834ace1bee4cb9c1e1765103634f glibc-utils-2.3.2-95.33.i386.rpm c9d4066b03f2f2118df532571d504e4a nptl-devel-2.3.2-95.33.i686.rpm 38cca3ff70eaeff0aa83e499ebe73eaa nscd-2.3.2-95.33.i386.rpm ia64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 6d12bba3d1c0bc2ebc3e4a02074b15d1 glibc-2.3.2-95.33.ia64.rpm 2e18ed0272e15c13093679e74bd78e5c glibc-common-2.3.2-95.33.ia64.rpm 9fbcce4346a0b3d23c421075e36e248b glibc-devel-2.3.2-95.33.ia64.rpm 5566025583809acfb59cb5fe820938cf glibc-headers-2.3.2-95.33.ia64.rpm eb4749108e37bb64e92bd2b0d0602491 glibc-profile-2.3.2-95.33.ia64.rpm 8e199502eff82035cb7f60121c3e8138 glibc-utils-2.3.2-95.33.ia64.rpm 0caad865faec13eb2458d17e253c2459 nptl-devel-2.3.2-95.33.ia64.rpm a906bb0fb6da2e05943e91df60b6b783 nscd-2.3.2-95.33.ia64.rpm x86_64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 9ebc75909e0d49284158edaf91fc2d20 glibc-2.3.2-95.33.x86_64.rpm dba7ee37a032608a35c6ec4a7cc60bcc glibc-common-2.3.2-95.33.x86_64.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm 38fbdec566deb4298fff7ce41785c181 glibc-devel-2.3.2-95.33.x86_64.rpm 28ca3cea3f3bc8a45f98aaa04320957a glibc-headers-2.3.2-95.33.x86_64.rpm fe6eb8bcf9be423d44028ddefb71eadd glibc-profile-2.3.2-95.33.x86_64.rpm ed513dd77e497c9b8292e065f32d8b42 glibc-utils-2.3.2-95.33.x86_64.rpm a342fc180d66b16b44000b4c636c208f nptl-devel-2.3.2-95.33.x86_64.rpm eee89fd6a1ec4bc3cc146291fd796ec5 nscd-2.3.2-95.33.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/glibc-2.3.2-95.33.src.rpm 4a1413dc1c2ed5b8ca1e888b52903e67 glibc-2.3.2-95.33.src.rpm i386: 38ef6d71c603777043518faea84cd874 glibc-2.3.2-95.33.i386.rpm 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 0302f8c9b5f0b2744717807ccda6598b glibc-common-2.3.2-95.33.i386.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm ec241ce78161f57869cfa58df5c5410f glibc-headers-2.3.2-95.33.i386.rpm d247178d94b2937561d3884e32ae8960 glibc-profile-2.3.2-95.33.i386.rpm 7990834ace1bee4cb9c1e1765103634f glibc-utils-2.3.2-95.33.i386.rpm c9d4066b03f2f2118df532571d504e4a nptl-devel-2.3.2-95.33.i686.rpm 38cca3ff70eaeff0aa83e499ebe73eaa nscd-2.3.2-95.33.i386.rpm ia64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 6d12bba3d1c0bc2ebc3e4a02074b15d1 glibc-2.3.2-95.33.ia64.rpm 2e18ed0272e15c13093679e74bd78e5c glibc-common-2.3.2-95.33.ia64.rpm 9fbcce4346a0b3d23c421075e36e248b glibc-devel-2.3.2-95.33.ia64.rpm 5566025583809acfb59cb5fe820938cf glibc-headers-2.3.2-95.33.ia64.rpm eb4749108e37bb64e92bd2b0d0602491 glibc-profile-2.3.2-95.33.ia64.rpm 8e199502eff82035cb7f60121c3e8138 glibc-utils-2.3.2-95.33.ia64.rpm 0caad865faec13eb2458d17e253c2459 nptl-devel-2.3.2-95.33.ia64.rpm a906bb0fb6da2e05943e91df60b6b783 nscd-2.3.2-95.33.ia64.rpm x86_64: 8562f124d7c9c80d16624e5b5aa354d2 glibc-2.3.2-95.33.i686.rpm 9ebc75909e0d49284158edaf91fc2d20 glibc-2.3.2-95.33.x86_64.rpm dba7ee37a032608a35c6ec4a7cc60bcc glibc-common-2.3.2-95.33.x86_64.rpm 270e236cd536d673b46da7080170aea3 glibc-devel-2.3.2-95.33.i386.rpm 38fbdec566deb4298fff7ce41785c181 glibc-devel-2.3.2-95.33.x86_64.rpm 28ca3cea3f3bc8a45f98aaa04320957a glibc-headers-2.3.2-95.33.x86_64.rpm fe6eb8bcf9be423d44028ddefb71eadd glibc-profile-2.3.2-95.33.x86_64.rpm ed513dd77e497c9b8292e065f32d8b42 glibc-utils-2.3.2-95.33.x86_64.rpm a342fc180d66b16b44000b4c636c208f nptl-devel-2.3.2-95.33.x86_64.rpm eee89fd6a1ec4bc3cc146291fd796ec5 nscd-2.3.2-95.33.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1453 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCi1jLXlSAg2UNWIIRAo+7AJ0YeHI4QvrheuUrFgsenFIn7PJ5GQCeOHUp pDwR4g6l04abkDFS16xzxwc= =zHL2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 18 15:02:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 May 2005 11:02 -0400 Subject: [RHSA-2005:275-01] Low: ia32el security update Message-ID: <200505181502.j4IF2FZ08514@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: ia32el security update Advisory ID: RHSA-2005:275-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-275.html Issue date: 2005-05-18 Updated on: 2005-05-18 Product: Red Hat Enterprise Linux Extras CVE Names: CAN-2004-1072 - --------------------------------------------------------------------- 1. Summary: An updated ia32el package that fixes several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - ia64 Red Hat Enterprise Linux ES version 3 Extras - ia64 Red Hat Enterprise Linux WS version 3 Extras - ia64 3. Problem description: The ia32el package contains IA-32 Execution Layer platform which allows emulation of IA-32 binaries on IA-64. A flaw was found in the binfmt_elf loader of the Linux kernel which also affects the IA-32 Execution Layer. A local user could create an interpreter name string that is not NULL terminated, leading to a denial of service (crash). The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-1072 to this issue. This update also addresses the following issues: - -- Fixed execve to invoke ia32 interpreter - -- Credential fixes - -- Fixed a bug causing ibm-jvm to fail - -- Other minor bug fixes Please refer to the package release notes for detailed information about these changes. All users of ia32el should upgrade to this updated package, which resolves these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: SRPMS: ftp://updates.redhat.com/enterprise/3AS-LACD/en/os/SRPMS/ia32el-1.2-2.EL3.1.src.rpm 0a300b374292c20a6945d3a55d1f30dc ia32el-1.2-2.EL3.1.src.rpm ia64: de3aa390822b8db030bfd200655a3858 ia32el-1.2-2.EL3.1.ia64.rpm Red Hat Enterprise Linux ES version 3 Extras: SRPMS: ftp://updates.redhat.com/enterprise/3ES-LACD/en/os/SRPMS/ia32el-1.2-2.EL3.1.src.rpm 0a300b374292c20a6945d3a55d1f30dc ia32el-1.2-2.EL3.1.src.rpm ia64: de3aa390822b8db030bfd200655a3858 ia32el-1.2-2.EL3.1.ia64.rpm Red Hat Enterprise Linux WS version 3 Extras: SRPMS: ftp://updates.redhat.com/enterprise/3WS-LACD/en/os/SRPMS/ia32el-1.2-2.EL3.1.src.rpm 0a300b374292c20a6945d3a55d1f30dc ia32el-1.2-2.EL3.1.src.rpm ia64: de3aa390822b8db030bfd200655a3858 ia32el-1.2-2.EL3.1.ia64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1072 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCi1jnXlSAg2UNWIIRAvZ2AKCx+AeF+i652yozKKFNKupGBmi6fwCfd/G+ IXpU1XQzOQctoJamnUqPQS0= =Xb0N -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 18 15:02:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 May 2005 11:02 -0400 Subject: [RHSA-2005:294-01] Updated kernel packages available for Red Hat Enterprise Linux 3 Update 5 Message-ID: <200505181502.j4IF2mZ08528@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated kernel packages available for Red Hat Enterprise Linux 3 Update 5 Advisory ID: RHSA-2005:294-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-294.html Issue date: 2005-05-18 Updated on: 2005-05-18 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:293 CVE Names: CAN-2005-0757 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the fifth regular update. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the fifth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include: - support for 2-TB partitions on block devices - support for new disk, network, and USB devices - support for clustered APIC mode on AMD64 NUMA systems - netdump support on AMD64, Intel EM64T, Itanium, and ppc64 systems - diskdump support on sym53c8xx and SATA piix/promise adapters - NMI switch support on AMD64 and Intel EM64T systems There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. Some key areas affected by these fixes include the kernel's networking, SATA, TTY, and USB subsystems, as well as the architecture-dependent handling under the ia64, ppc64, and x86_64 directories. Scalability improvements were made primarily in the memory management and file system areas. A flaw in offset handling in the xattr file system code backported to Red Hat Enterprise Linux 3 was fixed. On 64-bit systems, a user who can access an ext3 extended-attribute-enabled file system could cause a denial of service (system crash). This issue is rated as having a moderate security impact (CAN-2005-0757). The following device drivers have been upgraded to new versions: 3c59x ------ LK1.1.18 3w-9xxx ---- 2.24.00.011fw (new in Update 5) 3w-xxxx ---- 1.02.00.037 8139too ---- (upstream 2.4.29) b44 -------- 0.95 cciss ------ v2.4.54.RH1 e100 ------- 3.3.6-k2 e1000 ------ 5.6.10.1-k2 lpfcdfc ---- 1.0.13 (new in Update 5) tg3 -------- 3.22RH Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-32.EL.src.rpm d5420415832273a5518afd0b5e3d7a47 kernel-2.4.21-32.EL.src.rpm i386: 8992dd4ed1397d860a1ae85dfc7b2dbd kernel-2.4.21-32.EL.athlon.rpm 7cd1f101f584fc58a804320ab0a55455 kernel-2.4.21-32.EL.i686.rpm bb1a35656242fb6e15e0a0051af10799 kernel-BOOT-2.4.21-32.EL.i386.rpm aa69d228a91a1f045f920b42360f3c11 kernel-doc-2.4.21-32.EL.i386.rpm c7488ce800ccef31568e8b8dda1f405e kernel-hugemem-2.4.21-32.EL.i686.rpm d1479b65b4a6aac62cf97ec4870cf1c1 kernel-hugemem-unsupported-2.4.21-32.EL.i686.rpm 5d86be94c356e79de1ed971fa4a0ac75 kernel-smp-2.4.21-32.EL.athlon.rpm 28fac40c22db6db1a7b14a903dc8533b kernel-smp-2.4.21-32.EL.i686.rpm 55fd4b598560907990a420ce99932f57 kernel-smp-unsupported-2.4.21-32.EL.athlon.rpm 36ffa544956f7a7b98d2f97a31c1fe99 kernel-smp-unsupported-2.4.21-32.EL.i686.rpm ed0102588582ffe0dcf59b12d6d5826c kernel-source-2.4.21-32.EL.i386.rpm 6110eda2670195aacb0bac8f8e378d33 kernel-unsupported-2.4.21-32.EL.athlon.rpm ac92f37920c8e99fbab7b9d36e1ca565 kernel-unsupported-2.4.21-32.EL.i686.rpm ia64: b073901a18678b5fb31d38031aa68b8c kernel-2.4.21-32.EL.ia64.rpm 25fab30ddaeca594c1aa81a6c809bec9 kernel-doc-2.4.21-32.EL.ia64.rpm 5303ff75aa0208dd98a17fb684dd102e kernel-source-2.4.21-32.EL.ia64.rpm a98dd1aa4a42edfbf8d750398f7bf0da kernel-unsupported-2.4.21-32.EL.ia64.rpm ppc: 58bf58e0cea36b6bbe06b41bd1c09153 kernel-2.4.21-32.EL.ppc64iseries.rpm 41e8d849240559fa694a636bd826537a kernel-2.4.21-32.EL.ppc64pseries.rpm 8397f50f3ec6f1e889090895e7eb66fb kernel-doc-2.4.21-32.EL.ppc64.rpm 9444e6fd23671724e861b06bc555bae5 kernel-source-2.4.21-32.EL.ppc64.rpm 6590395e036ae1832f1b55790d8d0821 kernel-unsupported-2.4.21-32.EL.ppc64iseries.rpm 07417ced420144cdb932ec66125a0b57 kernel-unsupported-2.4.21-32.EL.ppc64pseries.rpm s390: d06b1ae5b6556386c443e8c94b6fc4c8 kernel-2.4.21-32.EL.s390.rpm 53da0a3fe4e89213f9e26fb97b016ea6 kernel-doc-2.4.21-32.EL.s390.rpm 0fe7cf2c4c26154847d210a4a6667793 kernel-source-2.4.21-32.EL.s390.rpm e6aee965886f221e431b40c846bb4bbe kernel-unsupported-2.4.21-32.EL.s390.rpm s390x: 4a3f013bae04963eafc67c6a7d26919d kernel-2.4.21-32.EL.s390x.rpm c5d899ad8ca24d2bcba1fd529c612754 kernel-doc-2.4.21-32.EL.s390x.rpm c4b13e1642a7f61e02b9ca587fc1752a kernel-source-2.4.21-32.EL.s390x.rpm 9075beed557f713bacc0711eb59f7d31 kernel-unsupported-2.4.21-32.EL.s390x.rpm x86_64: a2e8ed1142c8e49b63121abdaa4f07d4 kernel-2.4.21-32.EL.ia32e.rpm 3bed6796650f2feecbbdf18dc922c36e kernel-2.4.21-32.EL.x86_64.rpm 789238cb24bc8f775df251814d719859 kernel-doc-2.4.21-32.EL.x86_64.rpm 2fdd45ff58088a3eaaeb8b2b63fbcfa3 kernel-smp-2.4.21-32.EL.x86_64.rpm 9e441aabd0c66dfdc307f68bfe132a0f kernel-smp-unsupported-2.4.21-32.EL.x86_64.rpm 55d4e2e890d1a86c0824aff16e374d82 kernel-source-2.4.21-32.EL.x86_64.rpm 3c1f18d57e43ea15a1294266a9b59ed4 kernel-unsupported-2.4.21-32.EL.ia32e.rpm cfb343332b2d03f4df3504104531c7e2 kernel-unsupported-2.4.21-32.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-32.EL.src.rpm d5420415832273a5518afd0b5e3d7a47 kernel-2.4.21-32.EL.src.rpm i386: 8992dd4ed1397d860a1ae85dfc7b2dbd kernel-2.4.21-32.EL.athlon.rpm 7cd1f101f584fc58a804320ab0a55455 kernel-2.4.21-32.EL.i686.rpm bb1a35656242fb6e15e0a0051af10799 kernel-BOOT-2.4.21-32.EL.i386.rpm aa69d228a91a1f045f920b42360f3c11 kernel-doc-2.4.21-32.EL.i386.rpm c7488ce800ccef31568e8b8dda1f405e kernel-hugemem-2.4.21-32.EL.i686.rpm d1479b65b4a6aac62cf97ec4870cf1c1 kernel-hugemem-unsupported-2.4.21-32.EL.i686.rpm 5d86be94c356e79de1ed971fa4a0ac75 kernel-smp-2.4.21-32.EL.athlon.rpm 28fac40c22db6db1a7b14a903dc8533b kernel-smp-2.4.21-32.EL.i686.rpm 55fd4b598560907990a420ce99932f57 kernel-smp-unsupported-2.4.21-32.EL.athlon.rpm 36ffa544956f7a7b98d2f97a31c1fe99 kernel-smp-unsupported-2.4.21-32.EL.i686.rpm ed0102588582ffe0dcf59b12d6d5826c kernel-source-2.4.21-32.EL.i386.rpm 6110eda2670195aacb0bac8f8e378d33 kernel-unsupported-2.4.21-32.EL.athlon.rpm ac92f37920c8e99fbab7b9d36e1ca565 kernel-unsupported-2.4.21-32.EL.i686.rpm x86_64: a2e8ed1142c8e49b63121abdaa4f07d4 kernel-2.4.21-32.EL.ia32e.rpm 3bed6796650f2feecbbdf18dc922c36e kernel-2.4.21-32.EL.x86_64.rpm 789238cb24bc8f775df251814d719859 kernel-doc-2.4.21-32.EL.x86_64.rpm 2fdd45ff58088a3eaaeb8b2b63fbcfa3 kernel-smp-2.4.21-32.EL.x86_64.rpm 9e441aabd0c66dfdc307f68bfe132a0f kernel-smp-unsupported-2.4.21-32.EL.x86_64.rpm 55d4e2e890d1a86c0824aff16e374d82 kernel-source-2.4.21-32.EL.x86_64.rpm 3c1f18d57e43ea15a1294266a9b59ed4 kernel-unsupported-2.4.21-32.EL.ia32e.rpm cfb343332b2d03f4df3504104531c7e2 kernel-unsupported-2.4.21-32.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-32.EL.src.rpm d5420415832273a5518afd0b5e3d7a47 kernel-2.4.21-32.EL.src.rpm i386: 8992dd4ed1397d860a1ae85dfc7b2dbd kernel-2.4.21-32.EL.athlon.rpm 7cd1f101f584fc58a804320ab0a55455 kernel-2.4.21-32.EL.i686.rpm bb1a35656242fb6e15e0a0051af10799 kernel-BOOT-2.4.21-32.EL.i386.rpm aa69d228a91a1f045f920b42360f3c11 kernel-doc-2.4.21-32.EL.i386.rpm c7488ce800ccef31568e8b8dda1f405e kernel-hugemem-2.4.21-32.EL.i686.rpm d1479b65b4a6aac62cf97ec4870cf1c1 kernel-hugemem-unsupported-2.4.21-32.EL.i686.rpm 5d86be94c356e79de1ed971fa4a0ac75 kernel-smp-2.4.21-32.EL.athlon.rpm 28fac40c22db6db1a7b14a903dc8533b kernel-smp-2.4.21-32.EL.i686.rpm 55fd4b598560907990a420ce99932f57 kernel-smp-unsupported-2.4.21-32.EL.athlon.rpm 36ffa544956f7a7b98d2f97a31c1fe99 kernel-smp-unsupported-2.4.21-32.EL.i686.rpm ed0102588582ffe0dcf59b12d6d5826c kernel-source-2.4.21-32.EL.i386.rpm 6110eda2670195aacb0bac8f8e378d33 kernel-unsupported-2.4.21-32.EL.athlon.rpm ac92f37920c8e99fbab7b9d36e1ca565 kernel-unsupported-2.4.21-32.EL.i686.rpm ia64: b073901a18678b5fb31d38031aa68b8c kernel-2.4.21-32.EL.ia64.rpm 25fab30ddaeca594c1aa81a6c809bec9 kernel-doc-2.4.21-32.EL.ia64.rpm 5303ff75aa0208dd98a17fb684dd102e kernel-source-2.4.21-32.EL.ia64.rpm a98dd1aa4a42edfbf8d750398f7bf0da kernel-unsupported-2.4.21-32.EL.ia64.rpm x86_64: a2e8ed1142c8e49b63121abdaa4f07d4 kernel-2.4.21-32.EL.ia32e.rpm 3bed6796650f2feecbbdf18dc922c36e kernel-2.4.21-32.EL.x86_64.rpm 789238cb24bc8f775df251814d719859 kernel-doc-2.4.21-32.EL.x86_64.rpm 2fdd45ff58088a3eaaeb8b2b63fbcfa3 kernel-smp-2.4.21-32.EL.x86_64.rpm 9e441aabd0c66dfdc307f68bfe132a0f kernel-smp-unsupported-2.4.21-32.EL.x86_64.rpm 55d4e2e890d1a86c0824aff16e374d82 kernel-source-2.4.21-32.EL.x86_64.rpm 3c1f18d57e43ea15a1294266a9b59ed4 kernel-unsupported-2.4.21-32.EL.ia32e.rpm cfb343332b2d03f4df3504104531c7e2 kernel-unsupported-2.4.21-32.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-32.EL.src.rpm d5420415832273a5518afd0b5e3d7a47 kernel-2.4.21-32.EL.src.rpm i386: 8992dd4ed1397d860a1ae85dfc7b2dbd kernel-2.4.21-32.EL.athlon.rpm 7cd1f101f584fc58a804320ab0a55455 kernel-2.4.21-32.EL.i686.rpm bb1a35656242fb6e15e0a0051af10799 kernel-BOOT-2.4.21-32.EL.i386.rpm aa69d228a91a1f045f920b42360f3c11 kernel-doc-2.4.21-32.EL.i386.rpm c7488ce800ccef31568e8b8dda1f405e kernel-hugemem-2.4.21-32.EL.i686.rpm d1479b65b4a6aac62cf97ec4870cf1c1 kernel-hugemem-unsupported-2.4.21-32.EL.i686.rpm 5d86be94c356e79de1ed971fa4a0ac75 kernel-smp-2.4.21-32.EL.athlon.rpm 28fac40c22db6db1a7b14a903dc8533b kernel-smp-2.4.21-32.EL.i686.rpm 55fd4b598560907990a420ce99932f57 kernel-smp-unsupported-2.4.21-32.EL.athlon.rpm 36ffa544956f7a7b98d2f97a31c1fe99 kernel-smp-unsupported-2.4.21-32.EL.i686.rpm ed0102588582ffe0dcf59b12d6d5826c kernel-source-2.4.21-32.EL.i386.rpm 6110eda2670195aacb0bac8f8e378d33 kernel-unsupported-2.4.21-32.EL.athlon.rpm ac92f37920c8e99fbab7b9d36e1ca565 kernel-unsupported-2.4.21-32.EL.i686.rpm ia64: b073901a18678b5fb31d38031aa68b8c kernel-2.4.21-32.EL.ia64.rpm 25fab30ddaeca594c1aa81a6c809bec9 kernel-doc-2.4.21-32.EL.ia64.rpm 5303ff75aa0208dd98a17fb684dd102e kernel-source-2.4.21-32.EL.ia64.rpm a98dd1aa4a42edfbf8d750398f7bf0da kernel-unsupported-2.4.21-32.EL.ia64.rpm x86_64: a2e8ed1142c8e49b63121abdaa4f07d4 kernel-2.4.21-32.EL.ia32e.rpm 3bed6796650f2feecbbdf18dc922c36e kernel-2.4.21-32.EL.x86_64.rpm 789238cb24bc8f775df251814d719859 kernel-doc-2.4.21-32.EL.x86_64.rpm 2fdd45ff58088a3eaaeb8b2b63fbcfa3 kernel-smp-2.4.21-32.EL.x86_64.rpm 9e441aabd0c66dfdc307f68bfe132a0f kernel-smp-unsupported-2.4.21-32.EL.x86_64.rpm 55d4e2e890d1a86c0824aff16e374d82 kernel-source-2.4.21-32.EL.x86_64.rpm 3c1f18d57e43ea15a1294266a9b59ed4 kernel-unsupported-2.4.21-32.EL.ia32e.rpm cfb343332b2d03f4df3504104531c7e2 kernel-unsupported-2.4.21-32.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0757 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCi1kDXlSAg2UNWIIRAqomAKCXoGvQrphxB8ebKBJwpODpaosOHACeLlo2 hAJRQ2ZFwDROzBKCUe41/9w= =/ACP -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 19 16:38:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 May 2005 12:38 -0400 Subject: [RHSA-2005:238-01] Low: evolution security update Message-ID: <200505191638.j4JGckV24591@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: evolution security update Advisory ID: RHSA-2005:238-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-238.html Issue date: 2005-05-19 Updated on: 2005-05-19 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0102 - --------------------------------------------------------------------- 1. Summary: Updated evolution packages that fix various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: Evolution is the GNOME collection of personal information management (PIM) tools. Evolution includes a mailer, calendar, contact manager, and communication facility. The tools which make up Evolution are tightly integrated with one another and act as a seamless personal information management tool. A bug was found in Evolution's helper program camel-lock-helper. This bug could allow a local attacker to gain root privileges if camel-lock-helper has been built to execute with elevated privileges. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0102 to this issue. On Red Hat Enterprise Linux, camel-lock-helper is not built to execute with elevated privileges by default. Please note however that if users have rebuilt Evolution from the source RPM, as the root user, camel-lock-helper may be given elevated privileges. Additionally, these updated packages address the following issues: - -- If evolution ran during a GNOME session, the evolution-wombat process did not exit when the user logged out of the desktop. - -- For folders marked for Offline Synchronization: if a user moved a message from a Local Folder to an IMAP folder while in Offline mode, the message was not present in either folder after returning to Online mode. This update fixes this problem. Email messages that have been lost this way may still be present in the following path: ~/evolution/<NAME_OF_MAIL_STORE>/ \ <path-to-folder-via-subfolder-directories>/ \ <temporary-uid-of-message> If this bug has affected you it may be possible to recover data by examining the contents of this directory. All users of evolution should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm i386: c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm 381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm ia64: 5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm ppc: 27164ca33b130009bbc1666d386d5063 evolution-1.4.5-14.ppc.rpm 2709252c915bd4d4eec045d27bca1f43 evolution-devel-1.4.5-14.ppc.rpm s390: 804000f88b5019f7947575316272ad3c evolution-1.4.5-14.s390.rpm 68ff7ce189ace01df821534d532e2aff evolution-devel-1.4.5-14.s390.rpm s390x: eb3758e2fb713493c51b0175de6cf038 evolution-1.4.5-14.s390x.rpm a7d5d6a7e1150aed4aaf3970080e0d15 evolution-devel-1.4.5-14.s390x.rpm x86_64: 3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm 7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm i386: c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm 381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm x86_64: 3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm 7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm i386: c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm 381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm ia64: 5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm x86_64: 3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm 7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/evolution-1.4.5-14.src.rpm 00ca55085916b5be09835fc2fdd8f115 evolution-1.4.5-14.src.rpm i386: c16eac86838d8fa7a244a5946f2b48ad evolution-1.4.5-14.i386.rpm 381646f69a1f9005d2437eb565bc9fea evolution-devel-1.4.5-14.i386.rpm ia64: 5a5988450fa8474d12a2907ba2ffd0d5 evolution-1.4.5-14.ia64.rpm cb572702db3115e1302751cdfd421cfe evolution-devel-1.4.5-14.ia64.rpm x86_64: 3cb477f8d7f834e2cdbdfdc97b4acb33 evolution-1.4.5-14.x86_64.rpm 7e19acc7c0720c8c08fd1a111fb2b774 evolution-devel-1.4.5-14.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0102 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCjMEAXlSAg2UNWIIRAordAJ9g2T9HmQoyUVEi6zkyHflJcewGVwCdH1Jy 9yuKTBNqqDfYJbHB9wbcFl0= =3yDd -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 23 09:56:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 23 May 2005 05:56 -0400 Subject: [RHSA-2005:434-01] Important: firefox security update Message-ID: <200505230956.j4N9uvV27509@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: firefox security update Advisory ID: RHSA-2005:434-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-434.html Issue date: 2005-05-23 Updated on: 2005-05-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1476 CAN-2005-1477 CAN-2005-1531 CAN-2005-1532 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix various security bugs are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. Several bugs were found in the way Firefox executes javascript code. Javascript executed from a web page should run with a restricted access level, preventing dangerous actions. It is possible that a malicious web page could execute javascript code with elevated privileges, allowing access to protected data and functions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1476, CAN-2005-1477, CAN-2005-1531, and CAN-2005-1532 to these issues. Please note that the effects of CAN-2005-1477 are mitigated by the default setup, which allows only the Mozilla Update site to attempt installation of Firefox extensions. The Mozilla Update site has been modified to prevent this attack from working. If other URLs have been manually added to the whitelist, it may be possible to execute this attack. Users of Firefox are advised to upgrade to this updated package which contains Firefox version 1.0.4 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.0.4-1.4.1.src.rpm 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm i386: b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm ia64: bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm ppc: 71dbb17fce1828eb3f46114d05272fa8 firefox-1.0.4-1.4.1.ppc.rpm s390: 534c7d82c927c24aae9f37acbcdcd4ea firefox-1.0.4-1.4.1.s390.rpm s390x: dbdfe11ecc3482691f0674a83ccbb82e firefox-1.0.4-1.4.1.s390x.rpm x86_64: 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.0.4-1.4.1.src.rpm 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm i386: b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm x86_64: 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.0.4-1.4.1.src.rpm 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm i386: b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm ia64: bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm x86_64: 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.0.4-1.4.1.src.rpm 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm i386: b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm ia64: bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm x86_64: 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://www.mozilla.org/projects/security/known-vulnerabilities.html#firefox1.0.4 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1477 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1531 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1532 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCkajcXlSAg2UNWIIRApH1AJ9OefzL6lxylJg57TZPNGbj+E82QACfaU98 76klb2Vt019J+fseTtF8+nQ= =Q/I8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 23 09:57:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 23 May 2005 05:57 -0400 Subject: [RHSA-2005:435-01] Important: mozilla security update Message-ID: <200505230957.j4N9vZV27527@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mozilla security update Advisory ID: RHSA-2005:435-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-435.html Issue date: 2005-05-23 Updated on: 2005-05-23 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1476 CAN-2005-1477 CAN-2005-1531 CAN-2005-1532 - --------------------------------------------------------------------- 1. Summary: Updated mozilla packages that fix various security bugs are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several bugs were found in the way Mozilla executes javascript code. Javascript executed from a web page should run with a restricted access level, preventing dangerous actions. It is possible that a malicious web page could execute javascript code with elevated privileges, allowing access to protected data and functions. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1476, CAN-2005-1477, CAN-2005-1531, and CAN-2005-1532 to these issues. Users of Mozilla are advised to upgrade to this updated package, which contains Mozilla version 1.7.8 to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.14-1.2.5.src.rpm 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.7.8-1.1.2.1.src.rpm 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm i386: 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8-1.1.2.1.i386.rpm ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8-1.1.2.1.i386.rpm 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8-1.1.2.1.i386.rpm 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8-1.1.2.1.i386.rpm 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8-1.1.2.1.i386.rpm ia64: 61864d5181a383178f1d04a45a934bcf galeon-1.2.14-1.2.5.ia64.rpm 200b07850adcbd520797ef5df5303d05 mozilla-1.7.8-1.1.2.1.ia64.rpm b43bcd118155d74a52f23ec119a5608d mozilla-chat-1.7.8-1.1.2.1.ia64.rpm 03464e784fdb548b406f79f82d05041d mozilla-devel-1.7.8-1.1.2.1.ia64.rpm 9db5e619a99bd1bffc58240c493f9f3d mozilla-dom-inspector-1.7.8-1.1.2.1.ia64.rpm edb91fd591647b55c671bfd5ac4f32b9 mozilla-js-debugger-1.7.8-1.1.2.1.ia64.rpm 9114877d323cf0c40ca88853b68019f0 mozilla-mail-1.7.8-1.1.2.1.ia64.rpm bc433f7c6ad1ac40d0ee6cbbc4145834 mozilla-nspr-1.7.8-1.1.2.1.ia64.rpm 0b72848a620aff45e07a357c329ca278 mozilla-nspr-devel-1.7.8-1.1.2.1.ia64.rpm 0a60c2f6e40b8417f94930e1448ee70f mozilla-nss-1.7.8-1.1.2.1.ia64.rpm e54f185c50c77d66aa4a2c1c8502856a mozilla-nss-devel-1.7.8-1.1.2.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.14-1.2.5.src.rpm 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.7.8-1.1.2.1.src.rpm 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm ia64: 61864d5181a383178f1d04a45a934bcf galeon-1.2.14-1.2.5.ia64.rpm 200b07850adcbd520797ef5df5303d05 mozilla-1.7.8-1.1.2.1.ia64.rpm b43bcd118155d74a52f23ec119a5608d mozilla-chat-1.7.8-1.1.2.1.ia64.rpm 03464e784fdb548b406f79f82d05041d mozilla-devel-1.7.8-1.1.2.1.ia64.rpm 9db5e619a99bd1bffc58240c493f9f3d mozilla-dom-inspector-1.7.8-1.1.2.1.ia64.rpm edb91fd591647b55c671bfd5ac4f32b9 mozilla-js-debugger-1.7.8-1.1.2.1.ia64.rpm 9114877d323cf0c40ca88853b68019f0 mozilla-mail-1.7.8-1.1.2.1.ia64.rpm bc433f7c6ad1ac40d0ee6cbbc4145834 mozilla-nspr-1.7.8-1.1.2.1.ia64.rpm 0b72848a620aff45e07a357c329ca278 mozilla-nspr-devel-1.7.8-1.1.2.1.ia64.rpm 0a60c2f6e40b8417f94930e1448ee70f mozilla-nss-1.7.8-1.1.2.1.ia64.rpm e54f185c50c77d66aa4a2c1c8502856a mozilla-nss-devel-1.7.8-1.1.2.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.14-1.2.5.src.rpm 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.7.8-1.1.2.1.src.rpm 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm i386: 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8-1.1.2.1.i386.rpm ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8-1.1.2.1.i386.rpm 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8-1.1.2.1.i386.rpm 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8-1.1.2.1.i386.rpm 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8-1.1.2.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.14-1.2.5.src.rpm 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.7.8-1.1.2.1.src.rpm 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm i386: 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8-1.1.2.1.i386.rpm ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8-1.1.2.1.i386.rpm 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8-1.1.2.1.i386.rpm 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8-1.1.2.1.i386.rpm 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8-1.1.2.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.7.8-1.1.3.1.src.rpm 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm i386: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8-1.1.3.1.i386.rpm efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8-1.1.3.1.i386.rpm f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8-1.1.3.1.i386.rpm e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8-1.1.3.1.i386.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8-1.1.3.1.i386.rpm ia64: 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8-1.1.3.1.ia64.rpm 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8-1.1.3.1.ia64.rpm 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8-1.1.3.1.ia64.rpm 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8-1.1.3.1.ia64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8-1.1.3.1.ia64.rpm ppc: 51486da061be3df29c0aa420e9b5f553 mozilla-1.7.8-1.1.3.1.ppc.rpm 8dee68f395cc5d45d9f6dfae78659359 mozilla-chat-1.7.8-1.1.3.1.ppc.rpm aa09512e7e5233a28186422a069b9ec7 mozilla-devel-1.7.8-1.1.3.1.ppc.rpm cda5ef2aad64e367fc85dec9afbe1d8e mozilla-dom-inspector-1.7.8-1.1.3.1.ppc.rpm 2ece04da6170a66e7cea5b93c7f55912 mozilla-js-debugger-1.7.8-1.1.3.1.ppc.rpm b80b2cdfc27e7d6107cf0cb9af996460 mozilla-mail-1.7.8-1.1.3.1.ppc.rpm 00085d74dfca25be9ac51078158e4877 mozilla-nspr-1.7.8-1.1.3.1.ppc.rpm adbdd30e4ceee4e59338b92b06f5ce7c mozilla-nspr-devel-1.7.8-1.1.3.1.ppc.rpm 55a383f7c0b17d3d5431ef1aedf89a1b mozilla-nss-1.7.8-1.1.3.1.ppc.rpm 8b4ebe25085a97642aff951673ec28bb mozilla-nss-devel-1.7.8-1.1.3.1.ppc.rpm s390: 82b7172c9610ebe197d52dfaee7ae207 mozilla-1.7.8-1.1.3.1.s390.rpm 146653bf0d1a5fc2152b8aaa1beba1a6 mozilla-chat-1.7.8-1.1.3.1.s390.rpm e29e4f9ac31b1d60f123d35cdad8fe3a mozilla-devel-1.7.8-1.1.3.1.s390.rpm 4f91d82644edc7a10f73a1769a259490 mozilla-dom-inspector-1.7.8-1.1.3.1.s390.rpm 5ac66a74c6703abe2743eefe61819c43 mozilla-js-debugger-1.7.8-1.1.3.1.s390.rpm a3b3bef3af3c3942ba58e8e4a45315a1 mozilla-mail-1.7.8-1.1.3.1.s390.rpm b3357a38291d9867c0f403bd3c422407 mozilla-nspr-1.7.8-1.1.3.1.s390.rpm 967396c66f5d721e467a695e0b72f225 mozilla-nspr-devel-1.7.8-1.1.3.1.s390.rpm 45afcd8c8e9410f155e84714b267ce74 mozilla-nss-1.7.8-1.1.3.1.s390.rpm 3169b9780ab37d297ec54850cf85472c mozilla-nss-devel-1.7.8-1.1.3.1.s390.rpm s390x: 13a4b63a58a2f6aef9de6789be39a265 mozilla-1.7.8-1.1.3.1.s390x.rpm 77b20dba51693af117be14701ea4c516 mozilla-chat-1.7.8-1.1.3.1.s390x.rpm c99294f8cd3a1390970976570c2c7172 mozilla-devel-1.7.8-1.1.3.1.s390x.rpm fa390fc47946d90c919e4bf5854a9bf4 mozilla-dom-inspector-1.7.8-1.1.3.1.s390x.rpm c0191f2e376c4faa89e1c682213bf96a mozilla-js-debugger-1.7.8-1.1.3.1.s390x.rpm 8c0b644dc7ca3faba14ce8ad4c1e75d8 mozilla-mail-1.7.8-1.1.3.1.s390x.rpm b3357a38291d9867c0f403bd3c422407 mozilla-nspr-1.7.8-1.1.3.1.s390.rpm 006ee76e1ce19fafd8d8c0d65959f2cf mozilla-nspr-1.7.8-1.1.3.1.s390x.rpm 40cbc254ad75b1c20f636f4548cddd39 mozilla-nspr-devel-1.7.8-1.1.3.1.s390x.rpm 45afcd8c8e9410f155e84714b267ce74 mozilla-nss-1.7.8-1.1.3.1.s390.rpm 379022eebd17ae809e8dd68bde90300b mozilla-nss-1.7.8-1.1.3.1.s390x.rpm d3d8f8a76471ab03e8d190ac0607c118 mozilla-nss-devel-1.7.8-1.1.3.1.s390x.rpm x86_64: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8-1.1.3.1.x86_64.rpm 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8-1.1.3.1.x86_64.rpm 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8-1.1.3.1.x86_64.rpm 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8-1.1.3.1.x86_64.rpm 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8-1.1.3.1.x86_64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8-1.1.3.1.x86_64.rpm 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8-1.1.3.1.x86_64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8-1.1.3.1.x86_64.rpm 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8-1.1.3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla-1.7.8-1.1.3.1.src.rpm 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm i386: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8-1.1.3.1.i386.rpm efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8-1.1.3.1.i386.rpm f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8-1.1.3.1.i386.rpm e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8-1.1.3.1.i386.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8-1.1.3.1.i386.rpm x86_64: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8-1.1.3.1.x86_64.rpm 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8-1.1.3.1.x86_64.rpm 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8-1.1.3.1.x86_64.rpm 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8-1.1.3.1.x86_64.rpm 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8-1.1.3.1.x86_64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8-1.1.3.1.x86_64.rpm 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8-1.1.3.1.x86_64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8-1.1.3.1.x86_64.rpm 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.7.8-1.1.3.1.src.rpm 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm i386: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8-1.1.3.1.i386.rpm efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8-1.1.3.1.i386.rpm f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8-1.1.3.1.i386.rpm e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8-1.1.3.1.i386.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8-1.1.3.1.i386.rpm ia64: 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8-1.1.3.1.ia64.rpm 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8-1.1.3.1.ia64.rpm 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8-1.1.3.1.ia64.rpm 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8-1.1.3.1.ia64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8-1.1.3.1.ia64.rpm x86_64: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8-1.1.3.1.x86_64.rpm 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8-1.1.3.1.x86_64.rpm 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8-1.1.3.1.x86_64.rpm 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8-1.1.3.1.x86_64.rpm 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8-1.1.3.1.x86_64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8-1.1.3.1.x86_64.rpm 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8-1.1.3.1.x86_64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8-1.1.3.1.x86_64.rpm 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.7.8-1.1.3.1.src.rpm 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm i386: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8-1.1.3.1.i386.rpm efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8-1.1.3.1.i386.rpm f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8-1.1.3.1.i386.rpm e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8-1.1.3.1.i386.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8-1.1.3.1.i386.rpm ia64: 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8-1.1.3.1.ia64.rpm 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8-1.1.3.1.ia64.rpm 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8-1.1.3.1.ia64.rpm 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8-1.1.3.1.ia64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8-1.1.3.1.ia64.rpm x86_64: 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8-1.1.3.1.x86_64.rpm 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8-1.1.3.1.x86_64.rpm 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8-1.1.3.1.x86_64.rpm 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8-1.1.3.1.x86_64.rpm 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8-1.1.3.1.x86_64.rpm fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8-1.1.3.1.x86_64.rpm 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8-1.1.3.1.x86_64.rpm c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8-1.1.3.1.x86_64.rpm 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8-1.1.3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.8-1.4.1.src.rpm 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm i386: dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8-1.4.1.i386.rpm 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8-1.4.1.i386.rpm d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8-1.4.1.i386.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8-1.4.1.i386.rpm ia64: 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8-1.4.1.ia64.rpm b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8-1.4.1.ia64.rpm 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8-1.4.1.ia64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8-1.4.1.ia64.rpm ppc: 2d0ea4c5d29148795bd5974528257351 mozilla-1.7.8-1.4.1.ppc.rpm 4aa1dbc524c9ecbe6e5b0ead50251927 mozilla-chat-1.7.8-1.4.1.ppc.rpm 5bcde544238baa8ad32a8911abb32333 mozilla-devel-1.7.8-1.4.1.ppc.rpm 72d505634e89088069edb1985a5eb518 mozilla-dom-inspector-1.7.8-1.4.1.ppc.rpm f4c7cd5bdab5018fa5e3efd141a2ca90 mozilla-js-debugger-1.7.8-1.4.1.ppc.rpm 3b764580bc001d4253bd795b7de6fbdc mozilla-mail-1.7.8-1.4.1.ppc.rpm 51e600e9a644602bb5ba3f970cf6925a mozilla-nspr-1.7.8-1.4.1.ppc.rpm 17bdd36692be6f227e821647fc5e7081 mozilla-nspr-devel-1.7.8-1.4.1.ppc.rpm 17e79b168acbfb72ba77fa43f9c1695e mozilla-nss-1.7.8-1.4.1.ppc.rpm b2ca4fc22c6164e1f0546126e25c2e57 mozilla-nss-devel-1.7.8-1.4.1.ppc.rpm s390: fad7c1234ae215e431d1b8e973f3dc1f mozilla-1.7.8-1.4.1.s390.rpm 2178467656f39ff9002be8fdea6f8938 mozilla-chat-1.7.8-1.4.1.s390.rpm 57e6a4822a984f25ddfed3854c65b2c1 mozilla-devel-1.7.8-1.4.1.s390.rpm 2279127971239551d7ff4c2072d41db8 mozilla-dom-inspector-1.7.8-1.4.1.s390.rpm db16d2a48f70f1ad9ddc5f28d9c28370 mozilla-js-debugger-1.7.8-1.4.1.s390.rpm 30db877e85657fd4e7b554aafc35f72f mozilla-mail-1.7.8-1.4.1.s390.rpm 7adb114f5b80bd3407c3afc742ed7b66 mozilla-nspr-1.7.8-1.4.1.s390.rpm 9f7c32eeb619d0019b7f1b32f94d281a mozilla-nspr-devel-1.7.8-1.4.1.s390.rpm d4d02c2cc32fb3cc8837eb9e0c4a05f0 mozilla-nss-1.7.8-1.4.1.s390.rpm a45785de20ac5b6a20317e9eed3c4873 mozilla-nss-devel-1.7.8-1.4.1.s390.rpm s390x: 3b5f3e56cd8a1b1176ca9e9c233522fb mozilla-1.7.8-1.4.1.s390x.rpm bd2b99f5299218180313b240f375810d mozilla-chat-1.7.8-1.4.1.s390x.rpm 26d008e9620dff8fa4bebb0d777251f8 mozilla-devel-1.7.8-1.4.1.s390x.rpm 31f47c9400501e72954185e6590bb457 mozilla-dom-inspector-1.7.8-1.4.1.s390x.rpm 69e96a3267d2f008c61a15472df8778b mozilla-js-debugger-1.7.8-1.4.1.s390x.rpm 5d5f9bf030348d9c5000553f1c6c110c mozilla-mail-1.7.8-1.4.1.s390x.rpm 7adb114f5b80bd3407c3afc742ed7b66 mozilla-nspr-1.7.8-1.4.1.s390.rpm b7c14ac8c529ad6fcaeb322f91746d6f mozilla-nspr-1.7.8-1.4.1.s390x.rpm 167501844983a2a20846ca59dea78344 mozilla-nspr-devel-1.7.8-1.4.1.s390x.rpm d4d02c2cc32fb3cc8837eb9e0c4a05f0 mozilla-nss-1.7.8-1.4.1.s390.rpm 19c855aa2f3b4e3b63d5bc17d32e0736 mozilla-nss-1.7.8-1.4.1.s390x.rpm 171ed14c08f0031224677c807b2340a6 mozilla-nss-devel-1.7.8-1.4.1.s390x.rpm x86_64: cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8-1.4.1.x86_64.rpm 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8-1.4.1.x86_64.rpm b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8-1.4.1.x86_64.rpm 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8-1.4.1.x86_64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8-1.4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla-1.7.8-1.4.1.src.rpm 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm i386: dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8-1.4.1.i386.rpm 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8-1.4.1.i386.rpm d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8-1.4.1.i386.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8-1.4.1.i386.rpm x86_64: cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8-1.4.1.x86_64.rpm 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8-1.4.1.x86_64.rpm b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8-1.4.1.x86_64.rpm 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8-1.4.1.x86_64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8-1.4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.8-1.4.1.src.rpm 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm i386: dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8-1.4.1.i386.rpm 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8-1.4.1.i386.rpm d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8-1.4.1.i386.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8-1.4.1.i386.rpm ia64: 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8-1.4.1.ia64.rpm b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8-1.4.1.ia64.rpm 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8-1.4.1.ia64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8-1.4.1.ia64.rpm x86_64: cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8-1.4.1.x86_64.rpm 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8-1.4.1.x86_64.rpm b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8-1.4.1.x86_64.rpm 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8-1.4.1.x86_64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8-1.4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.8-1.4.1.src.rpm 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm i386: dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8-1.4.1.i386.rpm 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8-1.4.1.i386.rpm d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8-1.4.1.i386.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8-1.4.1.i386.rpm ia64: 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8-1.4.1.ia64.rpm b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8-1.4.1.ia64.rpm 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8-1.4.1.ia64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8-1.4.1.ia64.rpm x86_64: cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8-1.4.1.x86_64.rpm 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8-1.4.1.x86_64.rpm b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8-1.4.1.x86_64.rpm 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8-1.4.1.x86_64.rpm 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8-1.4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 6. References: http://www.mozilla.org/projects/security/known-vulnerabilities.html#mozilla1.7.8 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1476 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1477 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1531 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1532 7. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCkakDXlSAg2UNWIIRAu/2AKCoEk5lUvqSZqgJG9HK7iH1+eKPHQCfSRBK 9XtnMTGC9vr5fraszLKV1Hs= =PlQo -----END PGP SIGNATURE----- From av at picasso.dr.avaya.com Mon May 23 15:35:23 2005 From: av at picasso.dr.avaya.com (av at picasso.dr.avaya.com) Date: Mon, 23 May 2005 09:35:23 -0600 Subject: [avaya.com #1005] [RHSA-2005:434-01] Important: firefox security update In-Reply-To: Message-ID: This alert is a duplicate of ticket 1006. One ASA will be issued for both tickets. Jason Shirk > [bugzilla at redhat.com - Mon May 23 04:03:43 2005]: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - > --------------------------------------------------------------------- > Red Hat Security Advisory > > Synopsis: Important: firefox security update > Advisory ID: RHSA-2005:434-01 > Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-434.html > Issue date: 2005-05-23 > Updated on: 2005-05-23 > Product: Red Hat Enterprise Linux > CVE Names: CAN-2005-1476 CAN-2005-1477 CAN-2005-1531 CAN- 2005- > 1532 > - > --------------------------------------------------------------------- > > 1. Summary: > > Updated firefox packages that fix various security bugs are now > available. > > This update has been rated as having important security impact by the > Red > Hat Security Response Team. > > 2. Relevant releases/architectures: > > Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, > x86_64 > Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 > Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 > Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 > > 3. Problem description: > > Mozilla Firefox is an open source Web browser. > > Several bugs were found in the way Firefox executes javascript code. > Javascript executed from a web page should run with a restricted > access > level, preventing dangerous actions. It is possible that a malicious > web > page could execute javascript code with elevated privileges, allowing > access to protected data and functions. The Common Vulnerabilities and > Exposures project (cve.mitre.org) has assigned the names CAN-2005- > 1476, > CAN-2005-1477, CAN-2005-1531, and CAN-2005-1532 to these issues. > > Please note that the effects of CAN-2005-1477 are mitigated by the > default > setup, which allows only the Mozilla Update site to attempt > installation of > Firefox extensions. The Mozilla Update site has been modified to > prevent > this attack from working. If other URLs have been manually added to > the > whitelist, it may be possible to execute this attack. > > Users of Firefox are advised to upgrade to this updated package which > contains Firefox version 1.0.4 which is not vulnerable to these > issues. > > 4. Solution: > > Before applying this update, make sure all previously released errata > relevant to your system have been applied. > > This update is available via Red Hat Network. To use Red Hat Network, > launch the Red Hat Update Agent with the following command: > > up2date > > This will start an interactive process that will result in the > appropriate > RPMs being upgraded on your system. > > 5. RPMs required: > > Red Hat Enterprise Linux AS version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.0.4- > 1.4.1.src.rpm > 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm > > i386: > b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm > > ia64: > bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm > > ppc: > 71dbb17fce1828eb3f46114d05272fa8 firefox-1.0.4-1.4.1.ppc.rpm > > s390: > 534c7d82c927c24aae9f37acbcdcd4ea firefox-1.0.4-1.4.1.s390.rpm > > s390x: > dbdfe11ecc3482691f0674a83ccbb82e firefox-1.0.4-1.4.1.s390x.rpm > > x86_64: > 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm > > Red Hat Enterprise Linux Desktop version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox- > 1.0.4-1.4.1.src.rpm > 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm > > i386: > b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm > > x86_64: > 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm > > Red Hat Enterprise Linux ES version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.0.4- > 1.4.1.src.rpm > 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm > > i386: > b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm > > ia64: > bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm > > x86_64: > 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm > > Red Hat Enterprise Linux WS version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.0.4- > 1.4.1.src.rpm > 4f9b4bd723aba8d5293d00aac34c1b86 firefox-1.0.4-1.4.1.src.rpm > > i386: > b68ad59036bb0b74fea8c5d53ea39438 firefox-1.0.4-1.4.1.i386.rpm > > ia64: > bfa8af9ed21d9a3827f866b841a783cc firefox-1.0.4-1.4.1.ia64.rpm > > x86_64: > 33a6987f34b973610f9dab1a0efb59ed firefox-1.0.4-1.4.1.x86_64.rpm > > These packages are GPG signed by Red Hat for security. Our key and > details on how to verify the signature are available from > https://www.redhat.com/security/team/key/#package > > 6. References: > > http://www.mozilla.org/projects/security/known- > vulnerabilities.html#firefox1.0.4 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1476 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1477 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1531 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1532 > > 7. Contact: > > The Red Hat security contact is . More contact > details at https://www.redhat.com/security/team/contact/ > > Copyright 2005 Red Hat, Inc. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQFCkajcXlSAg2UNWIIRApH1AJ9OefzL6lxylJg57TZPNGbj+E82QACfaU98 > 76klb2Vt019J+fseTtF8+nQ= > =Q/I8 > -----END PGP SIGNATURE----- > > > > From av at picasso.dr.avaya.com Mon May 23 15:37:22 2005 From: av at picasso.dr.avaya.com (av at picasso.dr.avaya.com) Date: Mon, 23 May 2005 09:37:22 -0600 Subject: [avaya.com #1006] [RHSA-2005:435-01] Important: mozilla security update In-Reply-To: Message-ID: Firefox and Mozilla are not installed on any Avaya Platform. One ASA will result. Jason Shirk > [bugzilla at redhat.com - Mon May 23 04:03:54 2005]: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - > --------------------------------------------------------------------- > Red Hat Security Advisory > > Synopsis: Important: mozilla security update > Advisory ID: RHSA-2005:435-01 > Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-435.html > Issue date: 2005-05-23 > Updated on: 2005-05-23 > Product: Red Hat Enterprise Linux > CVE Names: CAN-2005-1476 CAN-2005-1477 CAN-2005-1531 CAN- 2005- > 1532 > - > --------------------------------------------------------------------- > > 1. Summary: > > Updated mozilla packages that fix various security bugs are now > available. > > This update has been rated as having important security impact by the > Red > Hat Security Response Team. > > 2. Relevant releases/architectures: > > Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 > Red Hat Linux Advanced Workstation 2.1 - ia64 > Red Hat Enterprise Linux ES version 2.1 - i386 > Red Hat Enterprise Linux WS version 2.1 - i386 > Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, > x86_64 > Red Hat Desktop version 3 - i386, x86_64 > Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 > Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 > Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, > x86_64 > Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 > Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 > Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 > > 3. Problem description: > > Mozilla is an open source Web browser, advanced email and newsgroup > client, > IRC chat client, and HTML editor. > > Several bugs were found in the way Mozilla executes javascript code. > Javascript executed from a web page should run with a restricted > access > level, preventing dangerous actions. It is possible that a malicious > web > page could execute javascript code with elevated privileges, allowing > access to protected data and functions. The Common Vulnerabilities and > Exposures project (cve.mitre.org) has assigned the names CAN-2005- > 1476, > CAN-2005-1477, CAN-2005-1531, and CAN-2005-1532 to these issues. > > Users of Mozilla are advised to upgrade to this updated package, which > contains Mozilla version 1.7.8 to correct these issues. > > 4. Solution: > > Before applying this update, make sure all previously released errata > relevant to your system have been applied. > > This update is available via Red Hat Network. To use Red Hat Network, > launch the Red Hat Update Agent with the following command: > > up2date > > This will start an interactive process that will result in the > appropriate > RPMs being upgraded on your system. > > 5. RPMs required: > > Red Hat Enterprise Linux AS (Advanced Server) version 2.1: > > SRPMS: > ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/galeon-1.2.14- > 1.2.5.src.rpm > 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm > ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mozilla-1.7.8- > 1.1.2.1.src.rpm > 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm > > i386: > 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm > 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm > d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm > c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8- 1.1.2.1.i386.rpm > ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8- > 1.1.2.1.i386.rpm > 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8- > 1.1.2.1.i386.rpm > 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm > 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm > 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8- > 1.1.2.1.i386.rpm > 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm > 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8- > 1.1.2.1.i386.rpm > > ia64: > 61864d5181a383178f1d04a45a934bcf galeon-1.2.14-1.2.5.ia64.rpm > 200b07850adcbd520797ef5df5303d05 mozilla-1.7.8-1.1.2.1.ia64.rpm > b43bcd118155d74a52f23ec119a5608d mozilla-chat-1.7.8-1.1.2.1.ia64.rpm > 03464e784fdb548b406f79f82d05041d mozilla-devel-1.7.8- 1.1.2.1.ia64.rpm > 9db5e619a99bd1bffc58240c493f9f3d mozilla-dom-inspector-1.7.8- > 1.1.2.1.ia64.rpm > edb91fd591647b55c671bfd5ac4f32b9 mozilla-js-debugger-1.7.8- > 1.1.2.1.ia64.rpm > 9114877d323cf0c40ca88853b68019f0 mozilla-mail-1.7.8-1.1.2.1.ia64.rpm > bc433f7c6ad1ac40d0ee6cbbc4145834 mozilla-nspr-1.7.8-1.1.2.1.ia64.rpm > 0b72848a620aff45e07a357c329ca278 mozilla-nspr-devel-1.7.8- > 1.1.2.1.ia64.rpm > 0a60c2f6e40b8417f94930e1448ee70f mozilla-nss-1.7.8-1.1.2.1.ia64.rpm > e54f185c50c77d66aa4a2c1c8502856a mozilla-nss-devel-1.7.8- > 1.1.2.1.ia64.rpm > > Red Hat Linux Advanced Workstation 2.1: > > SRPMS: > ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/galeon-1.2.14- > 1.2.5.src.rpm > 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm > ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mozilla-1.7.8- > 1.1.2.1.src.rpm > 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm > > ia64: > 61864d5181a383178f1d04a45a934bcf galeon-1.2.14-1.2.5.ia64.rpm > 200b07850adcbd520797ef5df5303d05 mozilla-1.7.8-1.1.2.1.ia64.rpm > b43bcd118155d74a52f23ec119a5608d mozilla-chat-1.7.8-1.1.2.1.ia64.rpm > 03464e784fdb548b406f79f82d05041d mozilla-devel-1.7.8- 1.1.2.1.ia64.rpm > 9db5e619a99bd1bffc58240c493f9f3d mozilla-dom-inspector-1.7.8- > 1.1.2.1.ia64.rpm > edb91fd591647b55c671bfd5ac4f32b9 mozilla-js-debugger-1.7.8- > 1.1.2.1.ia64.rpm > 9114877d323cf0c40ca88853b68019f0 mozilla-mail-1.7.8-1.1.2.1.ia64.rpm > bc433f7c6ad1ac40d0ee6cbbc4145834 mozilla-nspr-1.7.8-1.1.2.1.ia64.rpm > 0b72848a620aff45e07a357c329ca278 mozilla-nspr-devel-1.7.8- > 1.1.2.1.ia64.rpm > 0a60c2f6e40b8417f94930e1448ee70f mozilla-nss-1.7.8-1.1.2.1.ia64.rpm > e54f185c50c77d66aa4a2c1c8502856a mozilla-nss-devel-1.7.8- > 1.1.2.1.ia64.rpm > > Red Hat Enterprise Linux ES version 2.1: > > SRPMS: > ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/galeon-1.2.14- > 1.2.5.src.rpm > 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm > ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mozilla-1.7.8- > 1.1.2.1.src.rpm > 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm > > i386: > 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm > 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm > d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm > c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8- 1.1.2.1.i386.rpm > ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8- > 1.1.2.1.i386.rpm > 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8- > 1.1.2.1.i386.rpm > 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm > 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm > 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8- > 1.1.2.1.i386.rpm > 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm > 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8- > 1.1.2.1.i386.rpm > > Red Hat Enterprise Linux WS version 2.1: > > SRPMS: > ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/galeon-1.2.14- > 1.2.5.src.rpm > 4af4ef3c2227af8f776425c9d1bbc281 galeon-1.2.14-1.2.5.src.rpm > ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mozilla-1.7.8- > 1.1.2.1.src.rpm > 8a34bfad0cf67f237dff6361157ae06e mozilla-1.7.8-1.1.2.1.src.rpm > > i386: > 0d57746e65417719999e5829f5551ce8 galeon-1.2.14-1.2.5.i386.rpm > 6b5e9c8e06ada5a63ce0fae0709bdf5e mozilla-1.7.8-1.1.2.1.i386.rpm > d489fab35d5b56b3d3ac195ca8f95722 mozilla-chat-1.7.8-1.1.2.1.i386.rpm > c700e7769c9f726d9fee71e2a92ead3f mozilla-devel-1.7.8- 1.1.2.1.i386.rpm > ad0afbfd7d41d05d60e47c4af636738f mozilla-dom-inspector-1.7.8- > 1.1.2.1.i386.rpm > 2e9a40b46f34782810704a8e961c92b2 mozilla-js-debugger-1.7.8- > 1.1.2.1.i386.rpm > 172f647e7eb962ee1659afa9c60c4791 mozilla-mail-1.7.8-1.1.2.1.i386.rpm > 0fb9e6b246e579b41c41644ebacc8d32 mozilla-nspr-1.7.8-1.1.2.1.i386.rpm > 6ed8d6aba58e45a3458524562117e62d mozilla-nspr-devel-1.7.8- > 1.1.2.1.i386.rpm > 46d3552771e8425c08b878b8eceb61df mozilla-nss-1.7.8-1.1.2.1.i386.rpm > 66930f01ee46e52b8d91ac42c59c50e6 mozilla-nss-devel-1.7.8- > 1.1.2.1.i386.rpm > > Red Hat Enterprise Linux AS version 3: > > SRPMS: > ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mozilla-1.7.8- > 1.1.3.1.src.rpm > 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm > > i386: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm > 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8- 1.1.3.1.i386.rpm > efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8- > 1.1.3.1.i386.rpm > f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8- > 1.1.3.1.i386.rpm > e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8- > 1.1.3.1.i386.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8- > 1.1.3.1.i386.rpm > > ia64: > 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm > 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm > b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8- 1.1.3.1.ia64.rpm > 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8- > 1.1.3.1.ia64.rpm > 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8- > 1.1.3.1.ia64.rpm > 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm > f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8- > 1.1.3.1.ia64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm > c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8- > 1.1.3.1.ia64.rpm > > ppc: > 51486da061be3df29c0aa420e9b5f553 mozilla-1.7.8-1.1.3.1.ppc.rpm > 8dee68f395cc5d45d9f6dfae78659359 mozilla-chat-1.7.8-1.1.3.1.ppc.rpm > aa09512e7e5233a28186422a069b9ec7 mozilla-devel-1.7.8-1.1.3.1.ppc.rpm > cda5ef2aad64e367fc85dec9afbe1d8e mozilla-dom-inspector-1.7.8- > 1.1.3.1.ppc.rpm > 2ece04da6170a66e7cea5b93c7f55912 mozilla-js-debugger-1.7.8- > 1.1.3.1.ppc.rpm > b80b2cdfc27e7d6107cf0cb9af996460 mozilla-mail-1.7.8-1.1.3.1.ppc.rpm > 00085d74dfca25be9ac51078158e4877 mozilla-nspr-1.7.8-1.1.3.1.ppc.rpm > adbdd30e4ceee4e59338b92b06f5ce7c mozilla-nspr-devel-1.7.8- > 1.1.3.1.ppc.rpm > 55a383f7c0b17d3d5431ef1aedf89a1b mozilla-nss-1.7.8-1.1.3.1.ppc.rpm > 8b4ebe25085a97642aff951673ec28bb mozilla-nss-devel-1.7.8- > 1.1.3.1.ppc.rpm > > s390: > 82b7172c9610ebe197d52dfaee7ae207 mozilla-1.7.8-1.1.3.1.s390.rpm > 146653bf0d1a5fc2152b8aaa1beba1a6 mozilla-chat-1.7.8-1.1.3.1.s390.rpm > e29e4f9ac31b1d60f123d35cdad8fe3a mozilla-devel-1.7.8- 1.1.3.1.s390.rpm > 4f91d82644edc7a10f73a1769a259490 mozilla-dom-inspector-1.7.8- > 1.1.3.1.s390.rpm > 5ac66a74c6703abe2743eefe61819c43 mozilla-js-debugger-1.7.8- > 1.1.3.1.s390.rpm > a3b3bef3af3c3942ba58e8e4a45315a1 mozilla-mail-1.7.8-1.1.3.1.s390.rpm > b3357a38291d9867c0f403bd3c422407 mozilla-nspr-1.7.8-1.1.3.1.s390.rpm > 967396c66f5d721e467a695e0b72f225 mozilla-nspr-devel-1.7.8- > 1.1.3.1.s390.rpm > 45afcd8c8e9410f155e84714b267ce74 mozilla-nss-1.7.8-1.1.3.1.s390.rpm > 3169b9780ab37d297ec54850cf85472c mozilla-nss-devel-1.7.8- > 1.1.3.1.s390.rpm > > s390x: > 13a4b63a58a2f6aef9de6789be39a265 mozilla-1.7.8-1.1.3.1.s390x.rpm > 77b20dba51693af117be14701ea4c516 mozilla-chat-1.7.8- 1.1.3.1.s390x.rpm > c99294f8cd3a1390970976570c2c7172 mozilla-devel-1.7.8- > 1.1.3.1.s390x.rpm > fa390fc47946d90c919e4bf5854a9bf4 mozilla-dom-inspector-1.7.8- > 1.1.3.1.s390x.rpm > c0191f2e376c4faa89e1c682213bf96a mozilla-js-debugger-1.7.8- > 1.1.3.1.s390x.rpm > 8c0b644dc7ca3faba14ce8ad4c1e75d8 mozilla-mail-1.7.8- 1.1.3.1.s390x.rpm > b3357a38291d9867c0f403bd3c422407 mozilla-nspr-1.7.8-1.1.3.1.s390.rpm > 006ee76e1ce19fafd8d8c0d65959f2cf mozilla-nspr-1.7.8- 1.1.3.1.s390x.rpm > 40cbc254ad75b1c20f636f4548cddd39 mozilla-nspr-devel-1.7.8- > 1.1.3.1.s390x.rpm > 45afcd8c8e9410f155e84714b267ce74 mozilla-nss-1.7.8-1.1.3.1.s390.rpm > 379022eebd17ae809e8dd68bde90300b mozilla-nss-1.7.8-1.1.3.1.s390x.rpm > d3d8f8a76471ab03e8d190ac0607c118 mozilla-nss-devel-1.7.8- > 1.1.3.1.s390x.rpm > > x86_64: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm > 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8- > 1.1.3.1.x86_64.rpm > 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8- > 1.1.3.1.x86_64.rpm > 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8- > 1.1.3.1.x86_64.rpm > 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8- > 1.1.3.1.x86_64.rpm > 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8- > 1.1.3.1.x86_64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8- > 1.1.3.1.x86_64.rpm > 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8- > 1.1.3.1.x86_64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8- 1.1.3.1.x86_64.rpm > 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8- > 1.1.3.1.x86_64.rpm > > Red Hat Desktop version 3: > > SRPMS: > ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mozilla- > 1.7.8-1.1.3.1.src.rpm > 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm > > i386: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm > 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8- 1.1.3.1.i386.rpm > efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8- > 1.1.3.1.i386.rpm > f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8- > 1.1.3.1.i386.rpm > e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8- > 1.1.3.1.i386.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8- > 1.1.3.1.i386.rpm > > x86_64: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm > 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8- > 1.1.3.1.x86_64.rpm > 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8- > 1.1.3.1.x86_64.rpm > 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8- > 1.1.3.1.x86_64.rpm > 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8- > 1.1.3.1.x86_64.rpm > 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8- > 1.1.3.1.x86_64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8- > 1.1.3.1.x86_64.rpm > 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8- > 1.1.3.1.x86_64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8- 1.1.3.1.x86_64.rpm > 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8- > 1.1.3.1.x86_64.rpm > > Red Hat Enterprise Linux ES version 3: > > SRPMS: > ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mozilla-1.7.8- > 1.1.3.1.src.rpm > 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm > > i386: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm > 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8- 1.1.3.1.i386.rpm > efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8- > 1.1.3.1.i386.rpm > f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8- > 1.1.3.1.i386.rpm > e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8- > 1.1.3.1.i386.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8- > 1.1.3.1.i386.rpm > > ia64: > 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm > 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm > b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8- 1.1.3.1.ia64.rpm > 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8- > 1.1.3.1.ia64.rpm > 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8- > 1.1.3.1.ia64.rpm > 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm > f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8- > 1.1.3.1.ia64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm > c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8- > 1.1.3.1.ia64.rpm > > x86_64: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm > 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8- > 1.1.3.1.x86_64.rpm > 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8- > 1.1.3.1.x86_64.rpm > 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8- > 1.1.3.1.x86_64.rpm > 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8- > 1.1.3.1.x86_64.rpm > 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8- > 1.1.3.1.x86_64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8- > 1.1.3.1.x86_64.rpm > 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8- > 1.1.3.1.x86_64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8- 1.1.3.1.x86_64.rpm > 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8- > 1.1.3.1.x86_64.rpm > > Red Hat Enterprise Linux WS version 3: > > SRPMS: > ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mozilla-1.7.8- > 1.1.3.1.src.rpm > 3dc5aeab418a1defa6bbc4bb442338d8 mozilla-1.7.8-1.1.3.1.src.rpm > > i386: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > ce3a9c2b7880084c94e76ccef28ce64b mozilla-chat-1.7.8-1.1.3.1.i386.rpm > 0b11fb477e6e6f7b375b03db705a8195 mozilla-devel-1.7.8- 1.1.3.1.i386.rpm > efb75d10b662a39126ec600b794f3f1e mozilla-dom-inspector-1.7.8- > 1.1.3.1.i386.rpm > f5230481c55138d42959a368eee0dbaf mozilla-js-debugger-1.7.8- > 1.1.3.1.i386.rpm > e8d6887bbd2938a9c0ba49d1943e26d4 mozilla-mail-1.7.8-1.1.3.1.i386.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 3a3d8f63fb8bf1919e16330b86f200fa mozilla-nspr-devel-1.7.8- > 1.1.3.1.i386.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > ae7d32f41c0608c574bc5da9bcdbb31d mozilla-nss-devel-1.7.8- > 1.1.3.1.i386.rpm > > ia64: > 3da634df2d209c52baab5109fd4a7414 mozilla-1.7.8-1.1.3.1.ia64.rpm > 88beb68f5cbee8b6c6be7a5f59820831 mozilla-chat-1.7.8-1.1.3.1.ia64.rpm > b54b805f7285279c750e8d9976a1bbb7 mozilla-devel-1.7.8- 1.1.3.1.ia64.rpm > 919f5501862aef75aad8cce3fd01946a mozilla-dom-inspector-1.7.8- > 1.1.3.1.ia64.rpm > 1d59302416938a8bed27829f0090e56e mozilla-js-debugger-1.7.8- > 1.1.3.1.ia64.rpm > 7694d70e7371b64c73cd5a0072c6e7d6 mozilla-mail-1.7.8-1.1.3.1.ia64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 375c321030eb255a7d5dae9b5dbd575b mozilla-nspr-1.7.8-1.1.3.1.ia64.rpm > f3de5b126bf6a683e920f1de924ed504 mozilla-nspr-devel-1.7.8- > 1.1.3.1.ia64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 7f4a1a1a7c24e794ee147f371aa1ef84 mozilla-nss-1.7.8-1.1.3.1.ia64.rpm > c9cbcc7c6ec7df8996d1621360edc53b mozilla-nss-devel-1.7.8- > 1.1.3.1.ia64.rpm > > x86_64: > 870ac68a360eca871a301e71a0fd4987 mozilla-1.7.8-1.1.3.1.i386.rpm > 7b7bc3bba5742bc6c3cb3fd643f0c5ab mozilla-1.7.8-1.1.3.1.x86_64.rpm > 906b61a5b213022c7220eacacb81205a mozilla-chat-1.7.8- > 1.1.3.1.x86_64.rpm > 53817ff1c1fcb16fb82ab5bcb3f6c828 mozilla-devel-1.7.8- > 1.1.3.1.x86_64.rpm > 4755d1c7c53b5153f02ecc500107042e mozilla-dom-inspector-1.7.8- > 1.1.3.1.x86_64.rpm > 5d3c16ace40af1f8a9542552a37919b9 mozilla-js-debugger-1.7.8- > 1.1.3.1.x86_64.rpm > 5b92cb2a18bb433fb90b54ae388c82b7 mozilla-mail-1.7.8- > 1.1.3.1.x86_64.rpm > fb9c5334077e22a664547e7aca56134d mozilla-nspr-1.7.8-1.1.3.1.i386.rpm > 1c411ee9205d1a7280bc0048abcb1a13 mozilla-nspr-1.7.8- > 1.1.3.1.x86_64.rpm > 6860ba3fa84f06c98cbb3ee2947f2259 mozilla-nspr-devel-1.7.8- > 1.1.3.1.x86_64.rpm > c4a5e58156cc27f79340fb3197df2aa5 mozilla-nss-1.7.8-1.1.3.1.i386.rpm > 701829d151a0c27f34a8abe156d83ed3 mozilla-nss-1.7.8- 1.1.3.1.x86_64.rpm > 01008a68cf53a2ed6ee31bcc5b5f06b1 mozilla-nss-devel-1.7.8- > 1.1.3.1.x86_64.rpm > > Red Hat Enterprise Linux AS version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mozilla-1.7.8- > 1.4.1.src.rpm > 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm > > i386: > dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm > 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm > 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm > 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8- > 1.4.1.i386.rpm > 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8- > 1.4.1.i386.rpm > d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8- > 1.4.1.i386.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8- > 1.4.1.i386.rpm > > ia64: > 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm > 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm > 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm > 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8- > 1.4.1.ia64.rpm > b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8- > 1.4.1.ia64.rpm > 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm > e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8- > 1.4.1.ia64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm > f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8- > 1.4.1.ia64.rpm > > ppc: > 2d0ea4c5d29148795bd5974528257351 mozilla-1.7.8-1.4.1.ppc.rpm > 4aa1dbc524c9ecbe6e5b0ead50251927 mozilla-chat-1.7.8-1.4.1.ppc.rpm > 5bcde544238baa8ad32a8911abb32333 mozilla-devel-1.7.8-1.4.1.ppc.rpm > 72d505634e89088069edb1985a5eb518 mozilla-dom-inspector-1.7.8- > 1.4.1.ppc.rpm > f4c7cd5bdab5018fa5e3efd141a2ca90 mozilla-js-debugger-1.7.8- > 1.4.1.ppc.rpm > 3b764580bc001d4253bd795b7de6fbdc mozilla-mail-1.7.8-1.4.1.ppc.rpm > 51e600e9a644602bb5ba3f970cf6925a mozilla-nspr-1.7.8-1.4.1.ppc.rpm > 17bdd36692be6f227e821647fc5e7081 mozilla-nspr-devel-1.7.8- > 1.4.1.ppc.rpm > 17e79b168acbfb72ba77fa43f9c1695e mozilla-nss-1.7.8-1.4.1.ppc.rpm > b2ca4fc22c6164e1f0546126e25c2e57 mozilla-nss-devel-1.7.8- > 1.4.1.ppc.rpm > > s390: > fad7c1234ae215e431d1b8e973f3dc1f mozilla-1.7.8-1.4.1.s390.rpm > 2178467656f39ff9002be8fdea6f8938 mozilla-chat-1.7.8-1.4.1.s390.rpm > 57e6a4822a984f25ddfed3854c65b2c1 mozilla-devel-1.7.8-1.4.1.s390.rpm > 2279127971239551d7ff4c2072d41db8 mozilla-dom-inspector-1.7.8- > 1.4.1.s390.rpm > db16d2a48f70f1ad9ddc5f28d9c28370 mozilla-js-debugger-1.7.8- > 1.4.1.s390.rpm > 30db877e85657fd4e7b554aafc35f72f mozilla-mail-1.7.8-1.4.1.s390.rpm > 7adb114f5b80bd3407c3afc742ed7b66 mozilla-nspr-1.7.8-1.4.1.s390.rpm > 9f7c32eeb619d0019b7f1b32f94d281a mozilla-nspr-devel-1.7.8- > 1.4.1.s390.rpm > d4d02c2cc32fb3cc8837eb9e0c4a05f0 mozilla-nss-1.7.8-1.4.1.s390.rpm > a45785de20ac5b6a20317e9eed3c4873 mozilla-nss-devel-1.7.8- > 1.4.1.s390.rpm > > s390x: > 3b5f3e56cd8a1b1176ca9e9c233522fb mozilla-1.7.8-1.4.1.s390x.rpm > bd2b99f5299218180313b240f375810d mozilla-chat-1.7.8-1.4.1.s390x.rpm > 26d008e9620dff8fa4bebb0d777251f8 mozilla-devel-1.7.8-1.4.1.s390x.rpm > 31f47c9400501e72954185e6590bb457 mozilla-dom-inspector-1.7.8- > 1.4.1.s390x.rpm > 69e96a3267d2f008c61a15472df8778b mozilla-js-debugger-1.7.8- > 1.4.1.s390x.rpm > 5d5f9bf030348d9c5000553f1c6c110c mozilla-mail-1.7.8-1.4.1.s390x.rpm > 7adb114f5b80bd3407c3afc742ed7b66 mozilla-nspr-1.7.8-1.4.1.s390.rpm > b7c14ac8c529ad6fcaeb322f91746d6f mozilla-nspr-1.7.8-1.4.1.s390x.rpm > 167501844983a2a20846ca59dea78344 mozilla-nspr-devel-1.7.8- > 1.4.1.s390x.rpm > d4d02c2cc32fb3cc8837eb9e0c4a05f0 mozilla-nss-1.7.8-1.4.1.s390.rpm > 19c855aa2f3b4e3b63d5bc17d32e0736 mozilla-nss-1.7.8-1.4.1.s390x.rpm > 171ed14c08f0031224677c807b2340a6 mozilla-nss-devel-1.7.8- > 1.4.1.s390x.rpm > > x86_64: > cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm > bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm > 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8- 1.4.1.x86_64.rpm > 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8- > 1.4.1.x86_64.rpm > b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8- > 1.4.1.x86_64.rpm > 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm > 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8- > 1.4.1.x86_64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm > a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8- > 1.4.1.x86_64.rpm > > Red Hat Enterprise Linux Desktop version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mozilla- > 1.7.8-1.4.1.src.rpm > 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm > > i386: > dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm > 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm > 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm > 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8- > 1.4.1.i386.rpm > 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8- > 1.4.1.i386.rpm > d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8- > 1.4.1.i386.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8- > 1.4.1.i386.rpm > > x86_64: > cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm > bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm > 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8- 1.4.1.x86_64.rpm > 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8- > 1.4.1.x86_64.rpm > b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8- > 1.4.1.x86_64.rpm > 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm > 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8- > 1.4.1.x86_64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm > a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8- > 1.4.1.x86_64.rpm > > Red Hat Enterprise Linux ES version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mozilla-1.7.8- > 1.4.1.src.rpm > 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm > > i386: > dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm > 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm > 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm > 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8- > 1.4.1.i386.rpm > 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8- > 1.4.1.i386.rpm > d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8- > 1.4.1.i386.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8- > 1.4.1.i386.rpm > > ia64: > 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm > 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm > 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm > 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8- > 1.4.1.ia64.rpm > b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8- > 1.4.1.ia64.rpm > 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm > e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8- > 1.4.1.ia64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm > f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8- > 1.4.1.ia64.rpm > > x86_64: > cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm > bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm > 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8- 1.4.1.x86_64.rpm > 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8- > 1.4.1.x86_64.rpm > b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8- > 1.4.1.x86_64.rpm > 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm > 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8- > 1.4.1.x86_64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm > a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8- > 1.4.1.x86_64.rpm > > Red Hat Enterprise Linux WS version 4: > > SRPMS: > ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mozilla-1.7.8- > 1.4.1.src.rpm > 7c0ab7bbbeb54462283a7c5039449faf mozilla-1.7.8-1.4.1.src.rpm > > i386: > dc6db084224c84bf44f7dd3786718e7f mozilla-1.7.8-1.4.1.i386.rpm > 7c5ff5f358a6e4484ba8272dda210207 mozilla-chat-1.7.8-1.4.1.i386.rpm > 662e74c40eb1437afdbb471f55828865 mozilla-devel-1.7.8-1.4.1.i386.rpm > 1123f6d31ee1f9c39a46302885547565 mozilla-dom-inspector-1.7.8- > 1.4.1.i386.rpm > 6a2ce8f9815d41e71d0a901d12dca5a0 mozilla-js-debugger-1.7.8- > 1.4.1.i386.rpm > d728d457697717de417ec9122cf1f75a mozilla-mail-1.7.8-1.4.1.i386.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 342e82120afdd018ea16f6cd4d3f184e mozilla-nspr-devel-1.7.8- > 1.4.1.i386.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 2ac29a35775d5d7c72551c8b504e8921 mozilla-nss-devel-1.7.8- > 1.4.1.i386.rpm > > ia64: > 96ff587d24938b8c122f7127637742f0 mozilla-1.7.8-1.4.1.ia64.rpm > 3da4736e13dc6221c88008fd9d635afe mozilla-chat-1.7.8-1.4.1.ia64.rpm > 53a3c89bcf79ea44870177e5cd6f4654 mozilla-devel-1.7.8-1.4.1.ia64.rpm > 086a20518bb04a165ea5f046805becb6 mozilla-dom-inspector-1.7.8- > 1.4.1.ia64.rpm > b05caa2abfe35e8b024f198c0aee9112 mozilla-js-debugger-1.7.8- > 1.4.1.ia64.rpm > 79e98c5021cc6cdb0b7d669da37829af mozilla-mail-1.7.8-1.4.1.ia64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 79a170662136cfb29bcc3c6cd9f8f03a mozilla-nspr-1.7.8-1.4.1.ia64.rpm > e5fc5775a9cfa4761b639e851dbf6a6b mozilla-nspr-devel-1.7.8- > 1.4.1.ia64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > 99daac3861be9be82d36a2b8c9c04725 mozilla-nss-1.7.8-1.4.1.ia64.rpm > f2ad813457f9d05073f49d43a9841614 mozilla-nss-devel-1.7.8- > 1.4.1.ia64.rpm > > x86_64: > cb725ffc3ebc44576f34b504e9bc08e3 mozilla-1.7.8-1.4.1.x86_64.rpm > bcf98f82ec91984e36f3a3e03c119c64 mozilla-chat-1.7.8-1.4.1.x86_64.rpm > 4440d5337292437d632c90c5cb8d11e3 mozilla-devel-1.7.8- 1.4.1.x86_64.rpm > 33b4c9f2f75c04e9d62ab2cd99f5f070 mozilla-dom-inspector-1.7.8- > 1.4.1.x86_64.rpm > b410714912918550ae0e0dfa31f32af1 mozilla-js-debugger-1.7.8- > 1.4.1.x86_64.rpm > 13440bbd30a7496a25befd498f97e514 mozilla-mail-1.7.8-1.4.1.x86_64.rpm > 0b76648ada634831fc5fa155e28bf952 mozilla-nspr-1.7.8-1.4.1.i386.rpm > 2c4f86c21a9418902cf49dd7898ec145 mozilla-nspr-1.7.8-1.4.1.x86_64.rpm > 3e965da1928ce249f86d9aee8b54168c mozilla-nspr-devel-1.7.8- > 1.4.1.x86_64.rpm > 60196c54459dce73d25f0a64cf88a028 mozilla-nss-1.7.8-1.4.1.i386.rpm > df75dc7c767a195caafcce176320e90f mozilla-nss-1.7.8-1.4.1.x86_64.rpm > a93e63fce629b8735597b23daa7e4ef6 mozilla-nss-devel-1.7.8- > 1.4.1.x86_64.rpm > > These packages are GPG signed by Red Hat for security. Our key and > details on how to verify the signature are available from > https://www.redhat.com/security/team/key/#package > > 6. References: > > http://www.mozilla.org/projects/security/known- > vulnerabilities.html#mozilla1.7.8 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1476 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1477 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1531 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1532 > > 7. Contact: > > The Red Hat security contact is . More contact > details at https://www.redhat.com/security/team/contact/ > > Copyright 2005 Red Hat, Inc. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (GNU/Linux) > > iD8DBQFCkakDXlSAg2UNWIIRAu/2AKCoEk5lUvqSZqgJG9HK7iH1+eKPHQCfSRBK > 9XtnMTGC9vr5fraszLKV1Hs= > =PlQo > -----END PGP SIGNATURE----- > > > > From bugzilla at redhat.com Tue May 24 17:31:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 24 May 2005 13:31 -0400 Subject: [RHSA-2005:427-01] Moderate: ethereal security update Message-ID: <200505241731.j4OHV8V29511@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ethereal security update Advisory ID: RHSA-2005:427-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-427.html Issue date: 2005-05-24 Updated on: 2005-05-24 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-1456 CAN-2005-1457 CAN-2005-1458 CAN-2005-1459 CAN-2005-1460 CAN-2005-1461 CAN-2005-1462 CAN-2005-1463 CAN-2005-1464 CAN-2005-1465 CAN-2005-1466 CAN-2005-1467 CAN-2005-1468 CAN-2005-1469 CAN-2005-1470 - --------------------------------------------------------------------- 1. Summary: Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The ethereal package is a program for monitoring network traffic. A number of security flaws have been discovered in Ethereal. On a system where Ethereal is running, a remote attacker could send malicious packets to trigger these flaws and cause Ethereal to crash or potentially execute arbitrary code. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-1456, CAN-2005-1457, CAN-2005-1458, CAN-2005-1459, CAN-2005-1460, CAN-2005-1461, CAN-2005-1462, CAN-2005-1463, CAN-2005-1464, CAN-2005-1465, CAN-2005-1466, CAN-2005-1467, CAN-2005-1468, CAN-2005-1469, and CAN-2005-1470 to these issues. Users of ethereal should upgrade to these updated packages, which contain version 0.10.11 which is not vulnerable to these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 156911 - multiple ethereal security issues 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ethereal-0.10.11-1.AS21.1.src.rpm 0b21799c49fc8c2cecf89d1b4cf8344f ethereal-0.10.11-1.AS21.1.src.rpm i386: d073461de6033a9b54868983f1e8a57f ethereal-0.10.11-1.AS21.1.i386.rpm 6fbab843d5b9db3dbf20dd51a5326bc5 ethereal-gnome-0.10.11-1.AS21.1.i386.rpm ia64: a998856f27fc440f36c4f06f3fba73a6 ethereal-0.10.11-1.AS21.1.ia64.rpm 196cc361800f73d8cd417470b8382784 ethereal-gnome-0.10.11-1.AS21.1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ethereal-0.10.11-1.AS21.1.src.rpm 0b21799c49fc8c2cecf89d1b4cf8344f ethereal-0.10.11-1.AS21.1.src.rpm ia64: a998856f27fc440f36c4f06f3fba73a6 ethereal-0.10.11-1.AS21.1.ia64.rpm 196cc361800f73d8cd417470b8382784 ethereal-gnome-0.10.11-1.AS21.1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ethereal-0.10.11-1.AS21.1.src.rpm 0b21799c49fc8c2cecf89d1b4cf8344f ethereal-0.10.11-1.AS21.1.src.rpm i386: d073461de6033a9b54868983f1e8a57f ethereal-0.10.11-1.AS21.1.i386.rpm 6fbab843d5b9db3dbf20dd51a5326bc5 ethereal-gnome-0.10.11-1.AS21.1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ethereal-0.10.11-1.AS21.1.src.rpm 0b21799c49fc8c2cecf89d1b4cf8344f ethereal-0.10.11-1.AS21.1.src.rpm i386: d073461de6033a9b54868983f1e8a57f ethereal-0.10.11-1.AS21.1.i386.rpm 6fbab843d5b9db3dbf20dd51a5326bc5 ethereal-gnome-0.10.11-1.AS21.1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ethereal-0.10.11-1.EL3.1.src.rpm 2bc945fb2b41cd50103a5a6d5d06b8a9 ethereal-0.10.11-1.EL3.1.src.rpm i386: 7ae09e2aa199a2a9481c06b92d231e1d ethereal-0.10.11-1.EL3.1.i386.rpm a715b1bfbb2e5eb8b9404c732b560383 ethereal-gnome-0.10.11-1.EL3.1.i386.rpm ia64: 8c838c44496eac706a84564e3214d86c ethereal-0.10.11-1.EL3.1.ia64.rpm 7018e509f29c7932ff54360d6636556c ethereal-gnome-0.10.11-1.EL3.1.ia64.rpm ppc: 6108eb261f27496e93e114da49155136 ethereal-0.10.11-1.EL3.1.ppc.rpm d7ae48638b139142c9c99cb3d2848636 ethereal-gnome-0.10.11-1.EL3.1.ppc.rpm s390: ba40ab1703aa6279fb8805a8ba9c9440 ethereal-0.10.11-1.EL3.1.s390.rpm 2df76ee89a7a835fab203736a8dcd132 ethereal-gnome-0.10.11-1.EL3.1.s390.rpm s390x: 7f1a798128a574d46874cf7c4d6fd252 ethereal-0.10.11-1.EL3.1.s390x.rpm 7f3243e9939635e20fed82fe47806605 ethereal-gnome-0.10.11-1.EL3.1.s390x.rpm x86_64: 305b213ec8ce371cbb63659cfeeeacc8 ethereal-0.10.11-1.EL3.1.x86_64.rpm d94093e389d30ee9647e16d0f419b3f6 ethereal-gnome-0.10.11-1.EL3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ethereal-0.10.11-1.EL3.1.src.rpm 2bc945fb2b41cd50103a5a6d5d06b8a9 ethereal-0.10.11-1.EL3.1.src.rpm i386: 7ae09e2aa199a2a9481c06b92d231e1d ethereal-0.10.11-1.EL3.1.i386.rpm a715b1bfbb2e5eb8b9404c732b560383 ethereal-gnome-0.10.11-1.EL3.1.i386.rpm x86_64: 305b213ec8ce371cbb63659cfeeeacc8 ethereal-0.10.11-1.EL3.1.x86_64.rpm d94093e389d30ee9647e16d0f419b3f6 ethereal-gnome-0.10.11-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ethereal-0.10.11-1.EL3.1.src.rpm 2bc945fb2b41cd50103a5a6d5d06b8a9 ethereal-0.10.11-1.EL3.1.src.rpm i386: 7ae09e2aa199a2a9481c06b92d231e1d ethereal-0.10.11-1.EL3.1.i386.rpm a715b1bfbb2e5eb8b9404c732b560383 ethereal-gnome-0.10.11-1.EL3.1.i386.rpm ia64: 8c838c44496eac706a84564e3214d86c ethereal-0.10.11-1.EL3.1.ia64.rpm 7018e509f29c7932ff54360d6636556c ethereal-gnome-0.10.11-1.EL3.1.ia64.rpm x86_64: 305b213ec8ce371cbb63659cfeeeacc8 ethereal-0.10.11-1.EL3.1.x86_64.rpm d94093e389d30ee9647e16d0f419b3f6 ethereal-gnome-0.10.11-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ethereal-0.10.11-1.EL3.1.src.rpm 2bc945fb2b41cd50103a5a6d5d06b8a9 ethereal-0.10.11-1.EL3.1.src.rpm i386: 7ae09e2aa199a2a9481c06b92d231e1d ethereal-0.10.11-1.EL3.1.i386.rpm a715b1bfbb2e5eb8b9404c732b560383 ethereal-gnome-0.10.11-1.EL3.1.i386.rpm ia64: 8c838c44496eac706a84564e3214d86c ethereal-0.10.11-1.EL3.1.ia64.rpm 7018e509f29c7932ff54360d6636556c ethereal-gnome-0.10.11-1.EL3.1.ia64.rpm x86_64: 305b213ec8ce371cbb63659cfeeeacc8 ethereal-0.10.11-1.EL3.1.x86_64.rpm d94093e389d30ee9647e16d0f419b3f6 ethereal-gnome-0.10.11-1.EL3.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ethereal-0.10.11-1.EL4.1.src.rpm 31827231cfd39c1f58c507b5f6b18f0a ethereal-0.10.11-1.EL4.1.src.rpm i386: 242ac3e7bf5c4ce383846f0da2c75bb3 ethereal-0.10.11-1.EL4.1.i386.rpm fd29b49e9fd1fed6fea304f5bce3c635 ethereal-gnome-0.10.11-1.EL4.1.i386.rpm ia64: a681b93f9a5fdf707fbeb45f5388ab60 ethereal-0.10.11-1.EL4.1.ia64.rpm 865a6db98828885c06f2830647d717c8 ethereal-gnome-0.10.11-1.EL4.1.ia64.rpm ppc: 871b6520758e58526df3cd6dc0089002 ethereal-0.10.11-1.EL4.1.ppc.rpm 8ff35168d4a835a3170df2dd30ee9385 ethereal-gnome-0.10.11-1.EL4.1.ppc.rpm s390: c88c44f2d1c04d4287b69ae59671f364 ethereal-0.10.11-1.EL4.1.s390.rpm ddd61e3d6dee74355a57cee01181b4a8 ethereal-gnome-0.10.11-1.EL4.1.s390.rpm s390x: 6dab852b08c392fffe26cb57372910ec ethereal-0.10.11-1.EL4.1.s390x.rpm 1fb0433a4c4be9d7fd16f05236a65396 ethereal-gnome-0.10.11-1.EL4.1.s390x.rpm x86_64: 29c7d4f991b56f5ce0f11c4a7967049b ethereal-0.10.11-1.EL4.1.x86_64.rpm 4ae4f5ccd3fc44ff5fe29563702178fb ethereal-gnome-0.10.11-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ethereal-0.10.11-1.EL4.1.src.rpm 31827231cfd39c1f58c507b5f6b18f0a ethereal-0.10.11-1.EL4.1.src.rpm i386: 242ac3e7bf5c4ce383846f0da2c75bb3 ethereal-0.10.11-1.EL4.1.i386.rpm fd29b49e9fd1fed6fea304f5bce3c635 ethereal-gnome-0.10.11-1.EL4.1.i386.rpm x86_64: 29c7d4f991b56f5ce0f11c4a7967049b ethereal-0.10.11-1.EL4.1.x86_64.rpm 4ae4f5ccd3fc44ff5fe29563702178fb ethereal-gnome-0.10.11-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ethereal-0.10.11-1.EL4.1.src.rpm 31827231cfd39c1f58c507b5f6b18f0a ethereal-0.10.11-1.EL4.1.src.rpm i386: 242ac3e7bf5c4ce383846f0da2c75bb3 ethereal-0.10.11-1.EL4.1.i386.rpm fd29b49e9fd1fed6fea304f5bce3c635 ethereal-gnome-0.10.11-1.EL4.1.i386.rpm ia64: a681b93f9a5fdf707fbeb45f5388ab60 ethereal-0.10.11-1.EL4.1.ia64.rpm 865a6db98828885c06f2830647d717c8 ethereal-gnome-0.10.11-1.EL4.1.ia64.rpm x86_64: 29c7d4f991b56f5ce0f11c4a7967049b ethereal-0.10.11-1.EL4.1.x86_64.rpm 4ae4f5ccd3fc44ff5fe29563702178fb ethereal-gnome-0.10.11-1.EL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ethereal-0.10.11-1.EL4.1.src.rpm 31827231cfd39c1f58c507b5f6b18f0a ethereal-0.10.11-1.EL4.1.src.rpm i386: 242ac3e7bf5c4ce383846f0da2c75bb3 ethereal-0.10.11-1.EL4.1.i386.rpm fd29b49e9fd1fed6fea304f5bce3c635 ethereal-gnome-0.10.11-1.EL4.1.i386.rpm ia64: a681b93f9a5fdf707fbeb45f5388ab60 ethereal-0.10.11-1.EL4.1.ia64.rpm 865a6db98828885c06f2830647d717c8 ethereal-gnome-0.10.11-1.EL4.1.ia64.rpm x86_64: 29c7d4f991b56f5ce0f11c4a7967049b ethereal-0.10.11-1.EL4.1.x86_64.rpm 4ae4f5ccd3fc44ff5fe29563702178fb ethereal-gnome-0.10.11-1.EL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.ethereal.com/appnotes/enpa-sa-00019.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1458 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1459 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1460 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1461 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1462 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1463 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1466 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1467 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1468 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1469 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1470 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCk2S+XlSAg2UNWIIRAtB6AJwN19kf1wFkz5AOJWz5uyUzzZXpAACgtYJI Lf63kKmwnKj1fs0NCN4Ua/8= =uy82 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 24 17:31:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 24 May 2005 13:31 -0400 Subject: [RHSA-2005:473-01] Moderate: lesstif security update Message-ID: <200505241731.j4OHVcV29582@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: lesstif security update Advisory ID: RHSA-2005:473-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-473.html Issue date: 2005-05-24 Updated on: 2005-05-24 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0605 - --------------------------------------------------------------------- 1. Summary: Updated lesstif packages that fix flaws in the Xpm library are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having Moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: LessTif provides libraries which implement the Motif industry standard graphical user interface. An integer overflow flaw was found in libXpm; a vulnerable version of this library is found within LessTif. An attacker could create a malicious XPM file that would execute arbitrary code if opened by a victim using an application linked to LessTif. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0605 to this issue. Users of LessTif should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 151639 - CAN-2005-0605 libxpm issue 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/lesstif-0.93.15-4.AS21.5.src.rpm 7b5ee802f327c22fce16b650ba42d342 lesstif-0.93.15-4.AS21.5.src.rpm i386: fd6f014454e38484f8b8a132815fa98d lesstif-0.93.15-4.AS21.5.i386.rpm 5e2bd51a9cc7f072c1e86eb626433778 lesstif-devel-0.93.15-4.AS21.5.i386.rpm ia64: 3e9206ddb2075980ce8a4a14ee3c3e32 lesstif-0.93.15-4.AS21.5.ia64.rpm 648dd67531a7b677869f0306e9334fb4 lesstif-devel-0.93.15-4.AS21.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/lesstif-0.93.15-4.AS21.5.src.rpm 7b5ee802f327c22fce16b650ba42d342 lesstif-0.93.15-4.AS21.5.src.rpm ia64: 3e9206ddb2075980ce8a4a14ee3c3e32 lesstif-0.93.15-4.AS21.5.ia64.rpm 648dd67531a7b677869f0306e9334fb4 lesstif-devel-0.93.15-4.AS21.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/lesstif-0.93.15-4.AS21.5.src.rpm 7b5ee802f327c22fce16b650ba42d342 lesstif-0.93.15-4.AS21.5.src.rpm i386: fd6f014454e38484f8b8a132815fa98d lesstif-0.93.15-4.AS21.5.i386.rpm 5e2bd51a9cc7f072c1e86eb626433778 lesstif-devel-0.93.15-4.AS21.5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/lesstif-0.93.15-4.AS21.5.src.rpm 7b5ee802f327c22fce16b650ba42d342 lesstif-0.93.15-4.AS21.5.src.rpm i386: fd6f014454e38484f8b8a132815fa98d lesstif-0.93.15-4.AS21.5.i386.rpm 5e2bd51a9cc7f072c1e86eb626433778 lesstif-devel-0.93.15-4.AS21.5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0605 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFCk2TwXlSAg2UNWIIRAuWOAKC4y3XGJWF5r3CDlgjASN6V6aI8HwCeNiAP Rrq/GIzFdZocb6MWAlcESI4= =OSbz -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 25 16:47:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 May 2005 12:47 -0400 Subject: [RHSA-2005:413-01] Important: ImageMagick security update Message-ID: <200505251647.j4PGllV03007@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: ImageMagick security update Advisory ID: RHSA-2005:413-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-413.html Issue date: 2005-05-25 Updated on: 2005-05-25 Product: Red Hat Enterprise Linux - --------------------------------------------------------------------- 1. Summary: Updated ImageMagick packages that fix a buffer overflow issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: ImageMagick(TM) is an image display and manipulation tool for the X Window System which can read and write multiple image formats. A heap based buffer overflow bug was found in the way ImageMagick parses PNM files. An attacker could execute arbitrary code on a victim's machine if they were able to trick the victim into opening a specially crafted PNM file. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1275 to this issue. Users of ImageMagick should upgrade to these updated packages, which contain a backported patch, and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 155953 - ImageMagick PNM heap overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ImageMagick-5.5.6-14.src.rpm da0b49cdf98cb5e29f5173055160c939 ImageMagick-5.5.6-14.src.rpm i386: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 8427543707cbdcc9cda8e57ef8bf812e ImageMagick-c++-devel-5.5.6-14.i386.rpm 070a9f37b3763ee49af8f376496143ed ImageMagick-devel-5.5.6-14.i386.rpm a147f6b274f13330eaf4f1bdf369f004 ImageMagick-perl-5.5.6-14.i386.rpm ia64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 04eaac66bf3627d48be55a4da85659b9 ImageMagick-5.5.6-14.ia64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 13cf4e0824d50af8b8c4ab33b1430fdf ImageMagick-c++-5.5.6-14.ia64.rpm 1b9d3c586a98a4e6a93877401a42dd44 ImageMagick-c++-devel-5.5.6-14.ia64.rpm bcb5689b37f19468a5f2172bfc50cc31 ImageMagick-devel-5.5.6-14.ia64.rpm 311ffedc040b6c5482b7f6bb6cc63c9e ImageMagick-perl-5.5.6-14.ia64.rpm ppc: 61a882a1ddc43197c44d8d807cebf87e ImageMagick-5.5.6-14.ppc.rpm dde736a8747a93350ce8b9b353efc045 ImageMagick-5.5.6-14.ppc64.rpm 2d52336caaee183028cb16b20355e211 ImageMagick-c++-5.5.6-14.ppc.rpm 7338bc1e2d2643643a303d1bc281b2e5 ImageMagick-c++-5.5.6-14.ppc64.rpm f1706007d999b409a388abe831654304 ImageMagick-c++-devel-5.5.6-14.ppc.rpm 03c49c0f386233a7bd3ca3246183b829 ImageMagick-devel-5.5.6-14.ppc.rpm 6f11c4e4e528afad0a31a520cb0f5c6e ImageMagick-perl-5.5.6-14.ppc.rpm s390: 8b249cd0988f22bad64ccc71547e4173 ImageMagick-5.5.6-14.s390.rpm 260dd0e80f5754210442a5a922a880dd ImageMagick-c++-5.5.6-14.s390.rpm e45c1f6c0efcc5f0496f5242b5a3ad7e ImageMagick-c++-devel-5.5.6-14.s390.rpm 31d0312826495ad73bd9c18437460798 ImageMagick-devel-5.5.6-14.s390.rpm 9b1a819b54830642d5d782643119f440 ImageMagick-perl-5.5.6-14.s390.rpm s390x: 8b249cd0988f22bad64ccc71547e4173 ImageMagick-5.5.6-14.s390.rpm db045788fbb9b484851461dc669dc1c7 ImageMagick-5.5.6-14.s390x.rpm 260dd0e80f5754210442a5a922a880dd ImageMagick-c++-5.5.6-14.s390.rpm c4d3572cc9850c59c7628a6c90cf4b4f ImageMagick-c++-5.5.6-14.s390x.rpm f53ece28b83e8ffec6443e814ea3e60c ImageMagick-c++-devel-5.5.6-14.s390x.rpm 85770ab54225df2d09fb59f09541ff98 ImageMagick-devel-5.5.6-14.s390x.rpm b87f2ea0d97e4de04f2e6680474cecb8 ImageMagick-perl-5.5.6-14.s390x.rpm x86_64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 265bb9d8e2bbe6bfae7ba5283fa09919 ImageMagick-5.5.6-14.x86_64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 769f3c85dce9f011b4f44d50cc559b46 ImageMagick-c++-5.5.6-14.x86_64.rpm d967904cba9c7c4a904e56a4bd9c0b61 ImageMagick-c++-devel-5.5.6-14.x86_64.rpm 122c25aa446c3d832ef2bb00eb26987b ImageMagick-devel-5.5.6-14.x86_64.rpm 4fcaf8d863a871b13eaecffb5f21c88a ImageMagick-perl-5.5.6-14.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ImageMagick-5.5.6-14.src.rpm da0b49cdf98cb5e29f5173055160c939 ImageMagick-5.5.6-14.src.rpm i386: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 8427543707cbdcc9cda8e57ef8bf812e ImageMagick-c++-devel-5.5.6-14.i386.rpm 070a9f37b3763ee49af8f376496143ed ImageMagick-devel-5.5.6-14.i386.rpm a147f6b274f13330eaf4f1bdf369f004 ImageMagick-perl-5.5.6-14.i386.rpm x86_64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 265bb9d8e2bbe6bfae7ba5283fa09919 ImageMagick-5.5.6-14.x86_64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 769f3c85dce9f011b4f44d50cc559b46 ImageMagick-c++-5.5.6-14.x86_64.rpm d967904cba9c7c4a904e56a4bd9c0b61 ImageMagick-c++-devel-5.5.6-14.x86_64.rpm 122c25aa446c3d832ef2bb00eb26987b ImageMagick-devel-5.5.6-14.x86_64.rpm 4fcaf8d863a871b13eaecffb5f21c88a ImageMagick-perl-5.5.6-14.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ImageMagick-5.5.6-14.src.rpm da0b49cdf98cb5e29f5173055160c939 ImageMagick-5.5.6-14.src.rpm i386: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 8427543707cbdcc9cda8e57ef8bf812e ImageMagick-c++-devel-5.5.6-14.i386.rpm 070a9f37b3763ee49af8f376496143ed ImageMagick-devel-5.5.6-14.i386.rpm a147f6b274f13330eaf4f1bdf369f004 ImageMagick-perl-5.5.6-14.i386.rpm ia64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 04eaac66bf3627d48be55a4da85659b9 ImageMagick-5.5.6-14.ia64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 13cf4e0824d50af8b8c4ab33b1430fdf ImageMagick-c++-5.5.6-14.ia64.rpm 1b9d3c586a98a4e6a93877401a42dd44 ImageMagick-c++-devel-5.5.6-14.ia64.rpm bcb5689b37f19468a5f2172bfc50cc31 ImageMagick-devel-5.5.6-14.ia64.rpm 311ffedc040b6c5482b7f6bb6cc63c9e ImageMagick-perl-5.5.6-14.ia64.rpm x86_64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 265bb9d8e2bbe6bfae7ba5283fa09919 ImageMagick-5.5.6-14.x86_64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 769f3c85dce9f011b4f44d50cc559b46 ImageMagick-c++-5.5.6-14.x86_64.rpm d967904cba9c7c4a904e56a4bd9c0b61 ImageMagick-c++-devel-5.5.6-14.x86_64.rpm 122c25aa446c3d832ef2bb00eb26987b ImageMagick-devel-5.5.6-14.x86_64.rpm 4fcaf8d863a871b13eaecffb5f21c88a ImageMagick-perl-5.5.6-14.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ImageMagick-5.5.6-14.src.rpm da0b49cdf98cb5e29f5173055160c939 ImageMagick-5.5.6-14.src.rpm i386: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 8427543707cbdcc9cda8e57ef8bf812e ImageMagick-c++-devel-5.5.6-14.i386.rpm 070a9f37b3763ee49af8f376496143ed ImageMagick-devel-5.5.6-14.i386.rpm a147f6b274f13330eaf4f1bdf369f004 ImageMagick-perl-5.5.6-14.i386.rpm ia64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 04eaac66bf3627d48be55a4da85659b9 ImageMagick-5.5.6-14.ia64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 13cf4e0824d50af8b8c4ab33b1430fdf ImageMagick-c++-5.5.6-14.ia64.rpm 1b9d3c586a98a4e6a93877401a42dd44 ImageMagick-c++-devel-5.5.6-14.ia64.rpm bcb5689b37f19468a5f2172bfc50cc31 ImageMagick-devel-5.5.6-14.ia64.rpm 311ffedc040b6c5482b7f6bb6cc63c9e ImageMagick-perl-5.5.6-14.ia64.rpm x86_64: cec301ae8b013d54d6446caef945fddb ImageMagick-5.5.6-14.i386.rpm 265bb9d8e2bbe6bfae7ba5283fa09919 ImageMagick-5.5.6-14.x86_64.rpm c8a33dda1f2a235eb933e9f3c1883cc2 ImageMagick-c++-5.5.6-14.i386.rpm 769f3c85dce9f011b4f44d50cc559b46 ImageMagick-c++-5.5.6-14.x86_64.rpm d967904cba9c7c4a904e56a4bd9c0b61 ImageMagick-c++-devel-5.5.6-14.x86_64.rpm 122c25aa446c3d832ef2bb00eb26987b ImageMagick-devel-5.5.6-14.x86_64.rpm 4fcaf8d863a871b13eaecffb5f21c88a ImageMagick-perl-5.5.6-14.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-11.src.rpm 654598df8ce20d97758403a8b1c6f533 ImageMagick-6.0.7.1-11.src.rpm i386: e901b7ab437561e7da8a97bae82ec1d3 ImageMagick-6.0.7.1-11.i386.rpm e6203e5faa28c0b01b2c77fe020af7fa ImageMagick-c++-6.0.7.1-11.i386.rpm 01d202ef44b2437e5068ceedd6ddc57c ImageMagick-c++-devel-6.0.7.1-11.i386.rpm d06927257fadba8bddcdbe529aa5fd4c ImageMagick-devel-6.0.7.1-11.i386.rpm b727c595bdf5369f037e5310fbe32d52 ImageMagick-perl-6.0.7.1-11.i386.rpm ia64: 5101a577cf65831572388147bb300414 ImageMagick-6.0.7.1-11.ia64.rpm 74021628bf35c269163f910011d6179e ImageMagick-c++-6.0.7.1-11.ia64.rpm 9915d9290c163be04823e33ce7657b40 ImageMagick-c++-devel-6.0.7.1-11.ia64.rpm ea3311125b829a021bdbe1b905e15d56 ImageMagick-devel-6.0.7.1-11.ia64.rpm ad10bac3b682af14db196c53f68681ec ImageMagick-perl-6.0.7.1-11.ia64.rpm ppc: 69353fd54da027ea07f25980c3ce0d89 ImageMagick-6.0.7.1-11.ppc.rpm c0ce1b96e65429e8a8c2d0bc18e096ad ImageMagick-c++-6.0.7.1-11.ppc.rpm e47a22ced559637dd65ae48d0ea4bd94 ImageMagick-c++-devel-6.0.7.1-11.ppc.rpm 9bb71a4406621cade0cb8170b5a9b671 ImageMagick-devel-6.0.7.1-11.ppc.rpm c16ba0ddbc52bb5e79a7640e486704b9 ImageMagick-perl-6.0.7.1-11.ppc.rpm s390: c66d6d3557835a4f8759bcaaae283b61 ImageMagick-6.0.7.1-11.s390.rpm fe50719d170010c9d389ce15d0a0e3fe ImageMagick-c++-6.0.7.1-11.s390.rpm 89f4a1a0ad454633b41654a717655b07 ImageMagick-c++-devel-6.0.7.1-11.s390.rpm 088f61ea3fd8733c00844ec4660c3940 ImageMagick-devel-6.0.7.1-11.s390.rpm fa51ebe0d878e5079fa76e786bddc9c6 ImageMagick-perl-6.0.7.1-11.s390.rpm s390x: cc0d06a7e8de3d95b37b000bc9cb15b2 ImageMagick-6.0.7.1-11.s390x.rpm 6f823f887bd8b673630b2519081d31a7 ImageMagick-c++-6.0.7.1-11.s390x.rpm a20512111f65942066441db7a11597df ImageMagick-c++-devel-6.0.7.1-11.s390x.rpm 1cc6804b0b87aabfc2c01366c015c496 ImageMagick-devel-6.0.7.1-11.s390x.rpm 30fcc8201ae8a66fd6a72ec4f37b2883 ImageMagick-perl-6.0.7.1-11.s390x.rpm x86_64: 75e1b60756dd17941aaf9a82c3ec85e8 ImageMagick-6.0.7.1-11.x86_64.rpm 918ba19e29a73f71247486e85da5f4a6 ImageMagick-c++-6.0.7.1-11.x86_64.rpm 4e4fadbb45bb05886c6e1c07ae257181 ImageMagick-c++-devel-6.0.7.1-11.x86_64.rpm 6bc4e66b410483242dea505f74019623 ImageMagick-devel-6.0.7.1-11.x86_64.rpm 497384b120f49f464823cf252240674f ImageMagick-perl-6.0.7.1-11.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-11.src.rpm 654598df8ce20d97758403a8b1c6f533 ImageMagick-6.0.7.1-11.src.rpm i386: e901b7ab437561e7da8a97bae82ec1d3 ImageMagick-6.0.7.1-11.i386.rpm e6203e5faa28c0b01b2c77fe020af7fa ImageMagick-c++-6.0.7.1-11.i386.rpm 01d202ef44b2437e5068ceedd6ddc57c ImageMagick-c++-devel-6.0.7.1-11.i386.rpm d06927257fadba8bddcdbe529aa5fd4c ImageMagick-devel-6.0.7.1-11.i386.rpm b727c595bdf5369f037e5310fbe32d52 ImageMagick-perl-6.0.7.1-11.i386.rpm x86_64: 75e1b60756dd17941aaf9a82c3ec85e8 ImageMagick-6.0.7.1-11.x86_64.rpm 918ba19e29a73f71247486e85da5f4a6 ImageMagick-c++-6.0.7.1-11.x86_64.rpm 4e4fadbb45bb05886c6e1c07ae257181 ImageMagick-c++-devel-6.0.7.1-11.x86_64.rpm 6bc4e66b410483242dea505f74019623 ImageMagick-devel-6.0.7.1-11.x86_64.rpm 497384b120f49f464823cf252240674f ImageMagick-perl-6.0.7.1-11.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-11.src.rpm 654598df8ce20d97758403a8b1c6f533 ImageMagick-6.0.7.1-11.src.rpm i386: e901b7ab437561e7da8a97bae82ec1d3 ImageMagick-6.0.7.1-11.i386.rpm e6203e5faa28c0b01b2c77fe020af7fa ImageMagick-c++-6.0.7.1-11.i386.rpm 01d202ef44b2437e5068ceedd6ddc57c ImageMagick-c++-devel-6.0.7.1-11.i386.rpm d06927257fadba8bddcdbe529aa5fd4c ImageMagick-devel-6.0.7.1-11.i386.rpm b727c595bdf5369f037e5310fbe32d52 ImageMagick-perl-6.0.7.1-11.i386.rpm ia64: 5101a577cf65831572388147bb300414 ImageMagick-6.0.7.1-11.ia64.rpm 74021628bf35c269163f910011d6179e ImageMagick-c++-6.0.7.1-11.ia64.rpm 9915d9290c163be04823e33ce7657b40 ImageMagick-c++-devel-6.0.7.1-11.ia64.rpm ea3311125b829a021bdbe1b905e15d56 ImageMagick-devel-6.0.7.1-11.ia64.rpm ad10bac3b682af14db196c53f68681ec ImageMagick-perl-6.0.7.1-11.ia64.rpm x86_64: 75e1b60756dd17941aaf9a82c3ec85e8 ImageMagick-6.0.7.1-11.x86_64.rpm 918ba19e29a73f71247486e85da5f4a6 ImageMagick-c++-6.0.7.1-11.x86_64.rpm 4e4fadbb45bb05886c6e1c07ae257181 ImageMagick-c++-devel-6.0.7.1-11.x86_64.rpm 6bc4e66b410483242dea505f74019623 ImageMagick-devel-6.0.7.1-11.x86_64.rpm 497384b120f49f464823cf252240674f ImageMagick-perl-6.0.7.1-11.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-11.src.rpm 654598df8ce20d97758403a8b1c6f533 ImageMagick-6.0.7.1-11.src.rpm i386: e901b7ab437561e7da8a97bae82ec1d3 ImageMagick-6.0.7.1-11.i386.rpm e6203e5faa28c0b01b2c77fe020af7fa ImageMagick-c++-6.0.7.1-11.i386.rpm 01d202ef44b2437e5068ceedd6ddc57c ImageMagick-c++-devel-6.0.7.1-11.i386.rpm d06927257fadba8bddcdbe529aa5fd4c ImageMagick-devel-6.0.7.1-11.i386.rpm b727c595bdf5369f037e5310fbe32d52 ImageMagick-perl-6.0.7.1-11.i386.rpm ia64: 5101a577cf65831572388147bb300414 ImageMagick-6.0.7.1-11.ia64.rpm 74021628bf35c269163f910011d6179e ImageMagick-c++-6.0.7.1-11.ia64.rpm 9915d9290c163be04823e33ce7657b40 ImageMagick-c++-devel-6.0.7.1-11.ia64.rpm ea3311125b829a021bdbe1b905e15d56 ImageMagick-devel-6.0.7.1-11.ia64.rpm ad10bac3b682af14db196c53f68681ec ImageMagick-perl-6.0.7.1-11.ia64.rpm x86_64: 75e1b60756dd17941aaf9a82c3ec85e8 ImageMagick-6.0.7.1-11.x86_64.rpm 918ba19e29a73f71247486e85da5f4a6 ImageMagick-c++-6.0.7.1-11.x86_64.rpm 4e4fadbb45bb05886c6e1c07ae257181 ImageMagick-c++-devel-6.0.7.1-11.x86_64.rpm 6bc4e66b410483242dea505f74019623 ImageMagick-devel-6.0.7.1-11.x86_64.rpm 497384b120f49f464823cf252240674f ImageMagick-perl-6.0.7.1-11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.overflow.pl/adv/imheapoverflow.txt 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFClKwlXlSAg2UNWIIRAsTsAJ9cWqMRZoe9jnwhUSBFVo13b38XKQCdGQiB 80lgwJbekGwaUezsUozfiyQ= =gKEQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 25 16:48:00 2005 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 25 May 2005 12:48 -0400 Subject: [RHSA-2005:472-01] Important: kernel security update Message-ID: <200505251648.j4PGmDV03023@lacrosse.corp.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2005:472-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-472.html Issue date: 2005-05-25 Updated on: 2005-05-25 Product: Red Hat Enterprise Linux Obsoletes: RHSA-2005:294 CVE Names: CAN-2004-0491 CAN-2005-0176 CAN-2005-1263 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the three security issues described below as well as an important fix for a problem that could lead to data corruption on x86-architecture SMP systems with greater than 4GB of memory through heavy usage of multi-threaded applications. A flaw between execve() syscall handling and core dumping of ELF-format executables allowed local unprivileged users to cause a denial of service (system crash) or possibly gain privileges. The Common Vulnerabilities and Exposures project has assigned the name CAN-2005-1263 to this issue. A flaw in shared memory locking allowed local unprivileged users to lock and unlock regions of shared memory segments they did not own (CAN-2005-0176). A flaw in the locking of SysV IPC shared memory regions allowed local unprivileged users to bypass their RLIMIT_MEMLOCK resource limit (CAN-2004-0491). Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. Please also consult the RHEL3 Update 5 advisory RHSA-2005:294 for the complete list of features added and bugs fixed in U5, which was released only a week prior to this security update. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 126411 - CAN-2004-0491 mlock accounting issue 141394 - Memory corruption with kernel 2.4.21-27.EL 141905 - kernel 2.4.21-25.ELsmp panic (kscand) 142802 - CAN-2005-0176 unlock someone elses ipc memory 149087 - Kernel panic regression in 2.4.21-27.0.2.ELsmp 157451 - CAN-2005-1263 Linux kernel ELF core dump crash vulnerability 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-32.0.1.EL.src.rpm a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm ppc: 3285b1097d83b39e8f5bd0c7442a38c7 kernel-2.4.21-32.0.1.EL.ppc64iseries.rpm aee706eb7afbfb0d104b32414321c0fe kernel-2.4.21-32.0.1.EL.ppc64pseries.rpm 0df4f27241d864aa97b8c6b65c192754 kernel-doc-2.4.21-32.0.1.EL.ppc64.rpm 94093bba6dd19f9beb125d326e9dea80 kernel-source-2.4.21-32.0.1.EL.ppc64.rpm dc4619039c6c145024d865b5ede767c5 kernel-unsupported-2.4.21-32.0.1.EL.ppc64iseries.rpm 8e14770d84fa176a9c28ab613fc06d5d kernel-unsupported-2.4.21-32.0.1.EL.ppc64pseries.rpm s390: 330adcf820bea66ce0467dfebddff8e7 kernel-2.4.21-32.0.1.EL.s390.rpm bf35c7665526c46bacdc8cab8794742c kernel-doc-2.4.21-32.0.1.EL.s390.rpm 2cf9a00e21b35478deb826f039fdb481 kernel-source-2.4.21-32.0.1.EL.s390.rpm 18f80bb172a141ee13489eaf59027b3b kernel-unsupported-2.4.21-32.0.1.EL.s390.rpm s390x: c0e8287dcfec54dab6737d157809d4b6 kernel-2.4.21-32.0.1.EL.s390x.rpm 4ae8efce1828b68781e3e38b8046a219 kernel-doc-2.4.21-32.0.1.EL.s390x.rpm c7268b452f1688334a2b0c8402b50cd8 kernel-source-2.4.21-32.0.1.EL.s390x.rpm 0634145d1338a4233703ee91f06300e1 kernel-unsupported-2.4.21-32.0.1.EL.s390x.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-32.0.1.EL.src.rpm a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-32.0.1.EL.src.rpm a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-32.0.1.EL.src.rpm a3294ea2b31db1bf71ede79779154f38 kernel-2.4.21-32.0.1.EL.src.rpm i386: f30e36f4f0ab84d2e769e93829aa2d20 kernel-2.4.21-32.0.1.EL.athlon.rpm 8f7eec82049385001ae13568757a1bfa kernel-2.4.21-32.0.1.EL.i686.rpm 8a8c57c90c0a9f5c34f967a4e21248f9 kernel-BOOT-2.4.21-32.0.1.EL.i386.rpm c758821e238e5071adf2882b0bf57753 kernel-doc-2.4.21-32.0.1.EL.i386.rpm 8393b9131dce3de5227d38ab93330a0e kernel-hugemem-2.4.21-32.0.1.EL.i686.rpm f4a85b153deaf0e452a8588592838a99 kernel-hugemem-unsupported-2.4.21-32.0.1.EL.i686.rpm c779afc884615fd6acc4a808db06ac41 kernel-smp-2.4.21-32.0.1.EL.athlon.rpm 074d57f89eae848e55970fb792b760bb kernel-smp-2.4.21-32.0.1.EL.i686.rpm 616020364fcea7e7096bd62801e79fc4 kernel-smp-unsupported-2.4.21-32.0.1.EL.athlon.rpm c3334ea418483f996ebeeb162ed70cef kernel-smp-unsupported-2.4.21-32.0.1.EL.i686.rpm cddaf98d731e7f56a3de6d99d526368c kernel-source-2.4.21-32.0.1.EL.i386.rpm 3eda75e78526882c03fd1dc10547aeed kernel-unsupported-2.4.21-32.0.1.EL.athlon.rpm b472ffdcda9b6f22464a16065380dfb9 kernel-unsupported-2.4.21-32.0.1.EL.i686.rpm ia64: c10a00a0548076ea502106afac33e63a kernel-2.4.21-32.0.1.EL.ia64.rpm 0ba08af2b5d5f5b1c00250e6d350e793 kernel-doc-2.4.21-32.0.1.EL.ia64.rpm d275d6c615cb3412e45aa4d78ace1749 kernel-source-2.4.21-32.0.1.EL.ia64.rpm d678c9224c56f5bc1e83cdaddf90b419 kernel-unsupported-2.4.21-32.0.1.EL.ia64.rpm x86_64: d532f04df3c0564483d86dd4e1705096 kernel-2.4.21-32.0.1.EL.ia32e.rpm 8a2779b71f5d106f65a45857f0632755 kernel-2.4.21-32.0.1.EL.x86_64.rpm e5c7ea7acd1a1f66ce323d709ad193e9 kernel-doc-2.4.21-32.0.1.EL.x86_64.rpm bc742330f75227eb12797af9ff926f47 kernel-smp-2.4.21-32.0.1.EL.x86_64.rpm c1f5b201f8f558e8630e849f6d51e596 kernel-smp-unsupported-2.4.21-32.0.1.EL.x86_64.rpm 1d6e7647f79c50e46dd536ace43fa781 kernel-source-2.4.21-32.0.1.EL.x86_64.rpm 8520b785bb89fb1d2727e5d3dabd90d1 kernel-unsupported-2.4.21-32.0.1.EL.ia32e.rpm cf1d9a17cd60efea252f414a537b7feb kernel-unsupported-2.4.21-32.0.1.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0176 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1263 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFClKxCXlSAg2UNWIIRAhroAKC5RHQEpcg1ZdXSk0eYIpL4K1w6oACfSnNV XqD12d6EUy9q8u4IgHecVgY= =pp6T -----END PGP SIGNATURE-----