From bugzilla at redhat.com Mon Jul 3 16:37:21 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Jul 2006 12:37:21 -0400 Subject: [RHSA-2006:0547-01] Moderate: squirrelmail security update Message-ID: <200607031637.k63GbLK7027824@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: squirrelmail security update Advisory ID: RHSA-2006:0547-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0547.html Issue date: 2006-07-03 Updated on: 2006-07-03 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2842 - --------------------------------------------------------------------- 1. Summary: An updated squirrelmail package that fixes a local file disclosure flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - noarch Red Hat Desktop version 3 - noarch Red Hat Enterprise Linux ES version 3 - noarch Red Hat Enterprise Linux WS version 3 - noarch Red Hat Enterprise Linux AS version 4 - noarch Red Hat Enterprise Linux Desktop version 4 - noarch Red Hat Enterprise Linux ES version 4 - noarch Red Hat Enterprise Linux WS version 4 - noarch 3. Problem description: SquirrelMail is a standards-based webmail package written in PHP4. A local file disclosure flaw was found in the way SquirrelMail loads plugins. In SquirrelMail 1.4.6 or earlier, if register_globals is on and magic_quotes_gpc is off, it became possible for an unauthenticated remote user to view the contents of arbitrary local files the web server has read-access to. This configuration is neither default nor safe, and configuring PHP with the register_globals set on is dangerous and not recommended. (CVE-2006-2842) Users of SquirrelMail should upgrade to this erratum package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 194283 - CVE-2006-2842 Squirrelmail file inclusion 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/squirrelmail-1.4.6-7.el3.src.rpm d310bf4a75754f83774a1bad5bc37aa4 squirrelmail-1.4.6-7.el3.src.rpm noarch: 47b5a0299a8e709af48cc45e95c9591a squirrelmail-1.4.6-7.el3.noarch.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/squirrelmail-1.4.6-7.el3.src.rpm d310bf4a75754f83774a1bad5bc37aa4 squirrelmail-1.4.6-7.el3.src.rpm noarch: 47b5a0299a8e709af48cc45e95c9591a squirrelmail-1.4.6-7.el3.noarch.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/squirrelmail-1.4.6-7.el3.src.rpm d310bf4a75754f83774a1bad5bc37aa4 squirrelmail-1.4.6-7.el3.src.rpm noarch: 47b5a0299a8e709af48cc45e95c9591a squirrelmail-1.4.6-7.el3.noarch.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/squirrelmail-1.4.6-7.el3.src.rpm d310bf4a75754f83774a1bad5bc37aa4 squirrelmail-1.4.6-7.el3.src.rpm noarch: 47b5a0299a8e709af48cc45e95c9591a squirrelmail-1.4.6-7.el3.noarch.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/squirrelmail-1.4.6-7.el4.src.rpm 8719b14cfb91fae1539d5b7e9abb26be squirrelmail-1.4.6-7.el4.src.rpm noarch: fda560d56eea306af1bbbf2aff442e6a squirrelmail-1.4.6-7.el4.noarch.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/squirrelmail-1.4.6-7.el4.src.rpm 8719b14cfb91fae1539d5b7e9abb26be squirrelmail-1.4.6-7.el4.src.rpm noarch: fda560d56eea306af1bbbf2aff442e6a squirrelmail-1.4.6-7.el4.noarch.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/squirrelmail-1.4.6-7.el4.src.rpm 8719b14cfb91fae1539d5b7e9abb26be squirrelmail-1.4.6-7.el4.src.rpm noarch: fda560d56eea306af1bbbf2aff442e6a squirrelmail-1.4.6-7.el4.noarch.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/squirrelmail-1.4.6-7.el4.src.rpm 8719b14cfb91fae1539d5b7e9abb26be squirrelmail-1.4.6-7.el4.src.rpm noarch: fda560d56eea306af1bbbf2aff442e6a squirrelmail-1.4.6-7.el4.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2842 http://www.squirrelmail.org/security/issue/2006-06-01 http://www.php.net/register_globals http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEqUe9XlSAg2UNWIIRAs1FAJ0ZdvRxBaRs8x8Ch6+OEMmSKxkk7gCghJGZ 14cfViu8IquGq7/QiezPKnQ= =xr5t -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jul 3 16:37:34 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 3 Jul 2006 12:37:34 -0400 Subject: [RHSA-2006:0573-01] Important: openoffice.org security update Message-ID: <200607031637.k63GbYW4027835@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: openoffice.org security update Advisory ID: RHSA-2006:0573-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0573.html Issue date: 2006-07-03 Updated on: 2006-07-03 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2198 CVE-2006-2199 CVE-2006-3117 - --------------------------------------------------------------------- 1. Summary: Updated openoffice.org packages are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, x86_64 Red Hat Enterprise Linux WS version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, x86_64 Red Hat Enterprise Linux WS version 4 - i386, x86_64 3. Problem description: OpenOffice.org is an office productivity suite that includes desktop applications such as a word processor, spreadsheet, presentation manager, formula editor, and drawing program. A Sun security specialist reported an issue with the application framework. An attacker could put macros into document locations that could cause OpenOffice.org to execute them when the file was opened by a victim. (CVE-2006-2198) A bug was found in the OpenOffice.org Java virtual machine implementation. An attacker could write a carefully crafted Java applet that can break through the "sandbox" and have full access to system resources with the current user privileges. (CVE-2006-2199) A buffer overflow bug was found in the OpenOffice.org file processor. An attacker could create a carefully crafted XML file that could cause OpenOffice.org to write data to an arbitrary location in memory when the file was opened by a victim. (CVE-2006-3117) All users of OpenOffice.org are advised to upgrade to these updated packages, which contain backported fixes for these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 196679 - CVE-2006-2198 various OOo advisories (CVE-2006-2199, CVE-2006-3117) 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openoffice.org-1.1.2-34.2.0.EL3.src.rpm ee0d6ae1f96f016ba73a608dc858bf14 openoffice.org-1.1.2-34.2.0.EL3.src.rpm i386: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm x86_64: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openoffice.org-1.1.2-34.2.0.EL3.src.rpm ee0d6ae1f96f016ba73a608dc858bf14 openoffice.org-1.1.2-34.2.0.EL3.src.rpm i386: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm x86_64: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openoffice.org-1.1.2-34.2.0.EL3.src.rpm ee0d6ae1f96f016ba73a608dc858bf14 openoffice.org-1.1.2-34.2.0.EL3.src.rpm i386: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm x86_64: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openoffice.org-1.1.2-34.2.0.EL3.src.rpm ee0d6ae1f96f016ba73a608dc858bf14 openoffice.org-1.1.2-34.2.0.EL3.src.rpm i386: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm x86_64: 2e662811db76f31ffc23ec85080d74c1 openoffice.org-1.1.2-34.2.0.EL3.i386.rpm 298f962d3cb644e149bc8225a5b3b1a8 openoffice.org-debuginfo-1.1.2-34.2.0.EL3.i386.rpm 0ca0fdf8e2f5435e710b13ed8bf98dc5 openoffice.org-i18n-1.1.2-34.2.0.EL3.i386.rpm d85b636413b81b22034cfad9108afdee openoffice.org-libs-1.1.2-34.2.0.EL3.i386.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openoffice.org-1.1.2-34.6.0.EL4.src.rpm 485fac34ae151f41cd440a8e20db5814 openoffice.org-1.1.2-34.6.0.EL4.src.rpm i386: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm e8bc252c443cc6c3d7587818740ec704 openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm ppc: 0f6c4a335798ffc244abf27da1090ead openoffice.org-1.1.2-34.6.0.EL4.ppc.rpm f2fcfc24d121309c852abf866893326c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.ppc.rpm d61f7c08bf80f71fdcfd8c5304702345 openoffice.org-i18n-1.1.2-34.6.0.EL4.ppc.rpm a040bad5b579ae0ada011ce370d6daf6 openoffice.org-kde-1.1.2-34.6.0.EL4.ppc.rpm c819ebea759936c76670f7c0d34decdc openoffice.org-libs-1.1.2-34.6.0.EL4.ppc.rpm x86_64: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openoffice.org-1.1.2-34.6.0.EL4.src.rpm 485fac34ae151f41cd440a8e20db5814 openoffice.org-1.1.2-34.6.0.EL4.src.rpm i386: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm e8bc252c443cc6c3d7587818740ec704 openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm x86_64: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openoffice.org-1.1.2-34.6.0.EL4.src.rpm 485fac34ae151f41cd440a8e20db5814 openoffice.org-1.1.2-34.6.0.EL4.src.rpm i386: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm e8bc252c443cc6c3d7587818740ec704 openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm x86_64: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openoffice.org-1.1.2-34.6.0.EL4.src.rpm 485fac34ae151f41cd440a8e20db5814 openoffice.org-1.1.2-34.6.0.EL4.src.rpm i386: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm e8bc252c443cc6c3d7587818740ec704 openoffice.org-kde-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm x86_64: 58136d975b1e19a616049245688b6c8f openoffice.org-1.1.2-34.6.0.EL4.i386.rpm 3d71097b63c30f4dcd78fae8c887d09c openoffice.org-debuginfo-1.1.2-34.6.0.EL4.i386.rpm 741aae622743c8f907d12741cb3dc4d0 openoffice.org-i18n-1.1.2-34.6.0.EL4.i386.rpm dc77923685fb1fb7048eb7ce49772dcf openoffice.org-libs-1.1.2-34.6.0.EL4.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2198 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2199 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3117 http://www.openoffice.org/security/bulletin-20060629.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEqUfJXlSAg2UNWIIRAqDVAKClI75mbX6+OiFlEhAwVxyiRJP82ACfaSxB zln+dmLUFHk8C+TeJBiEUa8= =r+nd -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jul 7 13:55:47 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 7 Jul 2006 09:55:47 -0400 Subject: [RHSA-2006:0574-01] Important: kernel security update Message-ID: <200607071355.k67Dtlr6020641@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2006:0574-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0574.html Issue date: 2006-07-07 Updated on: 2006-07-07 Product: Red Hat Enterprise Linux Keywords: nahant kernel update Obsoletes: RHSA-2006:0493 CVE Names: CVE-2006-2451 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix a privilege escalation security issue in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. During security research, Red Hat discovered a behavioral flaw in core dump handling. A local user could create a program that would cause a core file to be dumped into a directory they would not normally have permissions to write to. This could lead to a denial of service (disk consumption), or allow the local user to gain root privileges. (CVE-2006-2451) Prior to applying this update, users can remove the ability to escalate privileges using this flaw by configuring core files to dump to an absolute location. By default, core files are created in the working directory of the faulting application, but this can be overridden by specifying an absolute location for core files in /proc/sys/kernel/core_pattern. To avoid a potential denial of service, a separate partition for the core files should be used. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 195902 - CVE-2006-2451 Possible privilege escalation through prctl() and suid_dumpable 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-34.0.2.EL.src.rpm b1525f16ed6956a8e508c0fb8ab983f6 kernel-2.6.9-34.0.2.EL.src.rpm i386: 8ae13e9c973abf31bfcf95f52107e028 kernel-2.6.9-34.0.2.EL.i686.rpm 572a28ec4bd9f90b4d608ed4d6d886e2 kernel-debuginfo-2.6.9-34.0.2.EL.i686.rpm e79ce53f8235b8f4c305de45fe7cc116 kernel-devel-2.6.9-34.0.2.EL.i686.rpm e5209b44a1786c055847755313e6582c kernel-hugemem-2.6.9-34.0.2.EL.i686.rpm c500bdf3fc096c6fc191d47337f18e4a kernel-hugemem-devel-2.6.9-34.0.2.EL.i686.rpm e38524a2c5721357b021aca299061c54 kernel-smp-2.6.9-34.0.2.EL.i686.rpm fe13001e6d26b0fb8631e731a4c07afc kernel-smp-devel-2.6.9-34.0.2.EL.i686.rpm ia64: d7387284d83394d47ef155ce885a9368 kernel-2.6.9-34.0.2.EL.ia64.rpm 5cd0daf15a572456fbd2fc1e429fcf38 kernel-debuginfo-2.6.9-34.0.2.EL.ia64.rpm ca498a4793f4cffc96dc2028de32878a kernel-devel-2.6.9-34.0.2.EL.ia64.rpm f6ccc44046248a98886f29d8b91996ac kernel-largesmp-2.6.9-34.0.2.EL.ia64.rpm f13fcad7a4596198d0adaaa223812c5e kernel-largesmp-devel-2.6.9-34.0.2.EL.ia64.rpm noarch: dad6fe0fcb7dde0869cb10d08acc1852 kernel-doc-2.6.9-34.0.2.EL.noarch.rpm ppc: 406a55f4303640565cdbcbe2b8b66525 kernel-2.6.9-34.0.2.EL.ppc64.rpm b8239e08291a35fdc08daee5d63a25a1 kernel-2.6.9-34.0.2.EL.ppc64iseries.rpm e3b903880e23cd125dd1653411e379f2 kernel-debuginfo-2.6.9-34.0.2.EL.ppc64.rpm 1ea5cf42e62b8e885e7a5b4abf3a0ae0 kernel-debuginfo-2.6.9-34.0.2.EL.ppc64iseries.rpm 8af7a011ccc78e925c2504c97710d512 kernel-devel-2.6.9-34.0.2.EL.ppc64.rpm 24858a45553903726311f203f58ccf9f kernel-devel-2.6.9-34.0.2.EL.ppc64iseries.rpm a9291ff69f733152d1be0ac45178511f kernel-largesmp-2.6.9-34.0.2.EL.ppc64.rpm b8b522f09d34dbb8b5aed21df3e8f7a5 kernel-largesmp-devel-2.6.9-34.0.2.EL.ppc64.rpm s390: 6626d6fb1bb866151add37580963a1f4 kernel-2.6.9-34.0.2.EL.s390.rpm 9032b5befe7e8530ec09a140eb8f0a4a kernel-debuginfo-2.6.9-34.0.2.EL.s390.rpm fdaac14cebdac84b536de92d5d869f57 kernel-devel-2.6.9-34.0.2.EL.s390.rpm s390x: 7f1bed602022c395bd253ff693df448f kernel-2.6.9-34.0.2.EL.s390x.rpm 3dc8b5298948cf15f770565e39a76bc3 kernel-debuginfo-2.6.9-34.0.2.EL.s390x.rpm 7348ad74dd62ecd9d3f90d862ca20b4f kernel-devel-2.6.9-34.0.2.EL.s390x.rpm x86_64: 7ecb7f19c806cbeeae4017e773ca6b95 kernel-2.6.9-34.0.2.EL.x86_64.rpm c3715718755dd621ecbf136372ec86a9 kernel-debuginfo-2.6.9-34.0.2.EL.x86_64.rpm 3ee909ed41588242f981a9aa78ad926d kernel-devel-2.6.9-34.0.2.EL.x86_64.rpm 40af50e2dfdc81483c667ee80ddc8af5 kernel-largesmp-2.6.9-34.0.2.EL.x86_64.rpm 3063ef4954c21d5da1f5f5eb73bae069 kernel-largesmp-devel-2.6.9-34.0.2.EL.x86_64.rpm b5cebc56b5288571c83d16f881c3e189 kernel-smp-2.6.9-34.0.2.EL.x86_64.rpm 1dca7ae6c082dda381ca77b46b3bfaf4 kernel-smp-devel-2.6.9-34.0.2.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-34.0.2.EL.src.rpm b1525f16ed6956a8e508c0fb8ab983f6 kernel-2.6.9-34.0.2.EL.src.rpm i386: 8ae13e9c973abf31bfcf95f52107e028 kernel-2.6.9-34.0.2.EL.i686.rpm 572a28ec4bd9f90b4d608ed4d6d886e2 kernel-debuginfo-2.6.9-34.0.2.EL.i686.rpm e79ce53f8235b8f4c305de45fe7cc116 kernel-devel-2.6.9-34.0.2.EL.i686.rpm e5209b44a1786c055847755313e6582c kernel-hugemem-2.6.9-34.0.2.EL.i686.rpm c500bdf3fc096c6fc191d47337f18e4a kernel-hugemem-devel-2.6.9-34.0.2.EL.i686.rpm e38524a2c5721357b021aca299061c54 kernel-smp-2.6.9-34.0.2.EL.i686.rpm fe13001e6d26b0fb8631e731a4c07afc kernel-smp-devel-2.6.9-34.0.2.EL.i686.rpm noarch: dad6fe0fcb7dde0869cb10d08acc1852 kernel-doc-2.6.9-34.0.2.EL.noarch.rpm x86_64: 7ecb7f19c806cbeeae4017e773ca6b95 kernel-2.6.9-34.0.2.EL.x86_64.rpm c3715718755dd621ecbf136372ec86a9 kernel-debuginfo-2.6.9-34.0.2.EL.x86_64.rpm 3ee909ed41588242f981a9aa78ad926d kernel-devel-2.6.9-34.0.2.EL.x86_64.rpm 40af50e2dfdc81483c667ee80ddc8af5 kernel-largesmp-2.6.9-34.0.2.EL.x86_64.rpm 3063ef4954c21d5da1f5f5eb73bae069 kernel-largesmp-devel-2.6.9-34.0.2.EL.x86_64.rpm b5cebc56b5288571c83d16f881c3e189 kernel-smp-2.6.9-34.0.2.EL.x86_64.rpm 1dca7ae6c082dda381ca77b46b3bfaf4 kernel-smp-devel-2.6.9-34.0.2.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-34.0.2.EL.src.rpm b1525f16ed6956a8e508c0fb8ab983f6 kernel-2.6.9-34.0.2.EL.src.rpm i386: 8ae13e9c973abf31bfcf95f52107e028 kernel-2.6.9-34.0.2.EL.i686.rpm 572a28ec4bd9f90b4d608ed4d6d886e2 kernel-debuginfo-2.6.9-34.0.2.EL.i686.rpm e79ce53f8235b8f4c305de45fe7cc116 kernel-devel-2.6.9-34.0.2.EL.i686.rpm e5209b44a1786c055847755313e6582c kernel-hugemem-2.6.9-34.0.2.EL.i686.rpm c500bdf3fc096c6fc191d47337f18e4a kernel-hugemem-devel-2.6.9-34.0.2.EL.i686.rpm e38524a2c5721357b021aca299061c54 kernel-smp-2.6.9-34.0.2.EL.i686.rpm fe13001e6d26b0fb8631e731a4c07afc kernel-smp-devel-2.6.9-34.0.2.EL.i686.rpm ia64: d7387284d83394d47ef155ce885a9368 kernel-2.6.9-34.0.2.EL.ia64.rpm 5cd0daf15a572456fbd2fc1e429fcf38 kernel-debuginfo-2.6.9-34.0.2.EL.ia64.rpm ca498a4793f4cffc96dc2028de32878a kernel-devel-2.6.9-34.0.2.EL.ia64.rpm f6ccc44046248a98886f29d8b91996ac kernel-largesmp-2.6.9-34.0.2.EL.ia64.rpm f13fcad7a4596198d0adaaa223812c5e kernel-largesmp-devel-2.6.9-34.0.2.EL.ia64.rpm noarch: dad6fe0fcb7dde0869cb10d08acc1852 kernel-doc-2.6.9-34.0.2.EL.noarch.rpm x86_64: 7ecb7f19c806cbeeae4017e773ca6b95 kernel-2.6.9-34.0.2.EL.x86_64.rpm c3715718755dd621ecbf136372ec86a9 kernel-debuginfo-2.6.9-34.0.2.EL.x86_64.rpm 3ee909ed41588242f981a9aa78ad926d kernel-devel-2.6.9-34.0.2.EL.x86_64.rpm 40af50e2dfdc81483c667ee80ddc8af5 kernel-largesmp-2.6.9-34.0.2.EL.x86_64.rpm 3063ef4954c21d5da1f5f5eb73bae069 kernel-largesmp-devel-2.6.9-34.0.2.EL.x86_64.rpm b5cebc56b5288571c83d16f881c3e189 kernel-smp-2.6.9-34.0.2.EL.x86_64.rpm 1dca7ae6c082dda381ca77b46b3bfaf4 kernel-smp-devel-2.6.9-34.0.2.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-34.0.2.EL.src.rpm b1525f16ed6956a8e508c0fb8ab983f6 kernel-2.6.9-34.0.2.EL.src.rpm i386: 8ae13e9c973abf31bfcf95f52107e028 kernel-2.6.9-34.0.2.EL.i686.rpm 572a28ec4bd9f90b4d608ed4d6d886e2 kernel-debuginfo-2.6.9-34.0.2.EL.i686.rpm e79ce53f8235b8f4c305de45fe7cc116 kernel-devel-2.6.9-34.0.2.EL.i686.rpm e5209b44a1786c055847755313e6582c kernel-hugemem-2.6.9-34.0.2.EL.i686.rpm c500bdf3fc096c6fc191d47337f18e4a kernel-hugemem-devel-2.6.9-34.0.2.EL.i686.rpm e38524a2c5721357b021aca299061c54 kernel-smp-2.6.9-34.0.2.EL.i686.rpm fe13001e6d26b0fb8631e731a4c07afc kernel-smp-devel-2.6.9-34.0.2.EL.i686.rpm ia64: d7387284d83394d47ef155ce885a9368 kernel-2.6.9-34.0.2.EL.ia64.rpm 5cd0daf15a572456fbd2fc1e429fcf38 kernel-debuginfo-2.6.9-34.0.2.EL.ia64.rpm ca498a4793f4cffc96dc2028de32878a kernel-devel-2.6.9-34.0.2.EL.ia64.rpm f6ccc44046248a98886f29d8b91996ac kernel-largesmp-2.6.9-34.0.2.EL.ia64.rpm f13fcad7a4596198d0adaaa223812c5e kernel-largesmp-devel-2.6.9-34.0.2.EL.ia64.rpm noarch: dad6fe0fcb7dde0869cb10d08acc1852 kernel-doc-2.6.9-34.0.2.EL.noarch.rpm x86_64: 7ecb7f19c806cbeeae4017e773ca6b95 kernel-2.6.9-34.0.2.EL.x86_64.rpm c3715718755dd621ecbf136372ec86a9 kernel-debuginfo-2.6.9-34.0.2.EL.x86_64.rpm 3ee909ed41588242f981a9aa78ad926d kernel-devel-2.6.9-34.0.2.EL.x86_64.rpm 40af50e2dfdc81483c667ee80ddc8af5 kernel-largesmp-2.6.9-34.0.2.EL.x86_64.rpm 3063ef4954c21d5da1f5f5eb73bae069 kernel-largesmp-devel-2.6.9-34.0.2.EL.x86_64.rpm b5cebc56b5288571c83d16f881c3e189 kernel-smp-2.6.9-34.0.2.EL.x86_64.rpm 1dca7ae6c082dda381ca77b46b3bfaf4 kernel-smp-devel-2.6.9-34.0.2.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2451 http://kbase.redhat.com/faq/FAQ_52_2890.shtm http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFErmfcXlSAg2UNWIIRAm+ZAKCEe4lEQrIaeB0Hgb6uNhF9Vcp+SwCcD3Hp AbjlWbk9FG2/bc6uLJjC68E= =sHi4 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 12 18:30:04 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Jul 2006 14:30:04 -0400 Subject: [RHSA-2006:0539-01] Important: vixie-cron security update Message-ID: <200607121830.k6CIU4mH000329@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: vixie-cron security update Advisory ID: RHSA-2006:0539-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0539.html Issue date: 2006-07-12 Updated on: 2006-07-12 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2607 - --------------------------------------------------------------------- 1. Summary: Updated vixie-cron packages that fix a privilege escalation issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. A privilege escalation flaw was found in the way Vixie Cron runs programs; vixie-cron does not properly verify an attempt to set the current process user id succeeded. It was possible for a malicious local users who exhausted certain limits to execute arbitrary commands as root via cron. (CVE-2006-2607) All users of vixie-cron should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 193146 - CVE-2006-2607 Jobs start from root when pam_limits enabled 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/vixie-cron-4.1-44.EL4.src.rpm 84ffd65a8877af47400a731ecd1b9ee3 vixie-cron-4.1-44.EL4.src.rpm i386: 96f8e56c7683001feb3f3af160e5d3bc vixie-cron-4.1-44.EL4.i386.rpm 2537c3d0066bfba10e271466e848abfa vixie-cron-debuginfo-4.1-44.EL4.i386.rpm ia64: a8d8d2c094a1d9aa1e8b565633f63491 vixie-cron-4.1-44.EL4.ia64.rpm fbd4dd6bda2c2b4ed0b76b9decc45da8 vixie-cron-debuginfo-4.1-44.EL4.ia64.rpm ppc: abbfe3611ef001871714d508cb12ee78 vixie-cron-4.1-44.EL4.ppc.rpm cfff4b167fa6cf2f1c093c9d990fea1d vixie-cron-debuginfo-4.1-44.EL4.ppc.rpm s390: 13a5b37c0c9c360055a75c3b779603c9 vixie-cron-4.1-44.EL4.s390.rpm 5eddcab5c828098a1fd2e4cdd1c1ddc1 vixie-cron-debuginfo-4.1-44.EL4.s390.rpm s390x: 869131c337de109964f8acb2e720ee33 vixie-cron-4.1-44.EL4.s390x.rpm 32da5254a3b569a351557547fc872556 vixie-cron-debuginfo-4.1-44.EL4.s390x.rpm x86_64: 3d045241d3453e8bc5a6bc260320fbc9 vixie-cron-4.1-44.EL4.x86_64.rpm 2d30b0141ee8e242602fa70f03982713 vixie-cron-debuginfo-4.1-44.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/vixie-cron-4.1-44.EL4.src.rpm 84ffd65a8877af47400a731ecd1b9ee3 vixie-cron-4.1-44.EL4.src.rpm i386: 96f8e56c7683001feb3f3af160e5d3bc vixie-cron-4.1-44.EL4.i386.rpm 2537c3d0066bfba10e271466e848abfa vixie-cron-debuginfo-4.1-44.EL4.i386.rpm x86_64: 3d045241d3453e8bc5a6bc260320fbc9 vixie-cron-4.1-44.EL4.x86_64.rpm 2d30b0141ee8e242602fa70f03982713 vixie-cron-debuginfo-4.1-44.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/vixie-cron-4.1-44.EL4.src.rpm 84ffd65a8877af47400a731ecd1b9ee3 vixie-cron-4.1-44.EL4.src.rpm i386: 96f8e56c7683001feb3f3af160e5d3bc vixie-cron-4.1-44.EL4.i386.rpm 2537c3d0066bfba10e271466e848abfa vixie-cron-debuginfo-4.1-44.EL4.i386.rpm ia64: a8d8d2c094a1d9aa1e8b565633f63491 vixie-cron-4.1-44.EL4.ia64.rpm fbd4dd6bda2c2b4ed0b76b9decc45da8 vixie-cron-debuginfo-4.1-44.EL4.ia64.rpm x86_64: 3d045241d3453e8bc5a6bc260320fbc9 vixie-cron-4.1-44.EL4.x86_64.rpm 2d30b0141ee8e242602fa70f03982713 vixie-cron-debuginfo-4.1-44.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/vixie-cron-4.1-44.EL4.src.rpm 84ffd65a8877af47400a731ecd1b9ee3 vixie-cron-4.1-44.EL4.src.rpm i386: 96f8e56c7683001feb3f3af160e5d3bc vixie-cron-4.1-44.EL4.i386.rpm 2537c3d0066bfba10e271466e848abfa vixie-cron-debuginfo-4.1-44.EL4.i386.rpm ia64: a8d8d2c094a1d9aa1e8b565633f63491 vixie-cron-4.1-44.EL4.ia64.rpm fbd4dd6bda2c2b4ed0b76b9decc45da8 vixie-cron-debuginfo-4.1-44.EL4.ia64.rpm x86_64: 3d045241d3453e8bc5a6bc260320fbc9 vixie-cron-4.1-44.EL4.x86_64.rpm 2d30b0141ee8e242602fa70f03982713 vixie-cron-debuginfo-4.1-44.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.redhat.com/security/updates/classification/#important http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEtT+WXlSAg2UNWIIRAo7eAJ9NBs/rl+s4FfQV0JQ9z3Dx1vOkDQCeL8+i NOOMBXncasrD8r3xrvekXCM= =ZO1e -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 12 18:30:20 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Jul 2006 14:30:20 -0400 Subject: [RHSA-2006:0568-01] Moderate: php security update Message-ID: <200607121830.k6CIUU1W000865@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: php security update Advisory ID: RHSA-2006:0568-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0568.html Issue date: 2006-07-12 Updated on: 2006-07-12 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-1494 CVE-2006-1990 CVE-2006-3017 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A directory traversal vulnerability was found in PHP. Local users could bypass open_basedir restrictions allowing remote attackers to create files in arbitrary directories via the tempnam() function. (CVE-2006-1494) The wordwrap() PHP function did not properly check for integer overflow in the handling of the "break" parameter. An attacker who could control the string passed to the "break" parameter could cause a heap overflow. (CVE-2006-1990) A flaw was found in the zend_hash_del() PHP function. For PHP scripts that rely on the use of the unset() function, a remote attacker could force variable initialization to be bypassed. This would be a security issue particularly for installations that enable the "register_globals" setting. "register_globals" is disabled by default in Red Hat Enterprise Linux. (CVE-2006-3017) Users of PHP should upgrade to these updated packages, which contain backported patches that resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 189591 - CVE-2006-1494 PHP tempname open_basedir issue 190033 - CVE-2006-1990 wordwrap integer overflow 196256 - CVE-2006-3017 zend_hash_del bug 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-33.ent.src.rpm c018cc410c9655f537bbc617ec67ba11 php-4.3.2-33.ent.src.rpm i386: d5c4ee398126667a3d38ca3b3ac9d949 php-4.3.2-33.ent.i386.rpm 193ab3af5edc67f1c99fb955b00102da php-debuginfo-4.3.2-33.ent.i386.rpm d33d058957d18a82d02634e71be9c1ae php-devel-4.3.2-33.ent.i386.rpm 10e154d24fbd4a57731902ce2f038a74 php-imap-4.3.2-33.ent.i386.rpm 8701231a24864316cedeaef756926771 php-ldap-4.3.2-33.ent.i386.rpm 51de6e91de61dbb536089a3f3bc15471 php-mysql-4.3.2-33.ent.i386.rpm c30922c2ff54ae24f6c5efa318ad3f62 php-odbc-4.3.2-33.ent.i386.rpm 87e7856bf30f33d540a2a2e3fc58dd9e php-pgsql-4.3.2-33.ent.i386.rpm ia64: ea9878b8678de65636f76ad6d937603d php-4.3.2-33.ent.ia64.rpm e3cceb5006b0a629eb1026cc79a9d2cc php-debuginfo-4.3.2-33.ent.ia64.rpm bad9909488a7c61e2a5dbf9a6b84e639 php-devel-4.3.2-33.ent.ia64.rpm 8180a9da60367868236a6f0db5d96402 php-imap-4.3.2-33.ent.ia64.rpm 27b9b7b4e0171ca0e9f438819d38f7fd php-ldap-4.3.2-33.ent.ia64.rpm 2635ed5ac5ec737ac18fde4a99ca6807 php-mysql-4.3.2-33.ent.ia64.rpm 9f79cd8ac13ccddcecd140b5fa3d92b2 php-odbc-4.3.2-33.ent.ia64.rpm 59fd4963632105e568292d9fb6a35820 php-pgsql-4.3.2-33.ent.ia64.rpm ppc: 35582367f1958335fe2d13585460e6e1 php-4.3.2-33.ent.ppc.rpm ca1a7b0361440c2157e29331fe6f7f20 php-debuginfo-4.3.2-33.ent.ppc.rpm a24707e275c345129babbd9c734dc848 php-devel-4.3.2-33.ent.ppc.rpm 113ff33af6db3fc10ceaf94f598ef858 php-imap-4.3.2-33.ent.ppc.rpm f69c5b8debe3ee9bbd49bc6763f562b9 php-ldap-4.3.2-33.ent.ppc.rpm d7839788a852cc6a0237aed3b94f64af php-mysql-4.3.2-33.ent.ppc.rpm a62fbd02a3642f3bbbc4df9f970bd6af php-odbc-4.3.2-33.ent.ppc.rpm a8efdd969dc9b1b5ddc2b4fbe6b205a0 php-pgsql-4.3.2-33.ent.ppc.rpm s390: e3e994c07c6e53b1fee13de2ea1d26df php-4.3.2-33.ent.s390.rpm bfca477b7cf692bad01b461bb11db22c php-debuginfo-4.3.2-33.ent.s390.rpm 2a7a2ed6888e1583bc98cf5de0639a8b php-devel-4.3.2-33.ent.s390.rpm a4a4742f2dce74e19d579ccfcb587823 php-imap-4.3.2-33.ent.s390.rpm 0377b6da4e91b804d61567375bfd39fa php-ldap-4.3.2-33.ent.s390.rpm 670c1246c25be44ae0885241624fc084 php-mysql-4.3.2-33.ent.s390.rpm c0c615cb9e9b402cb209bd363d80c8b2 php-odbc-4.3.2-33.ent.s390.rpm 05064d39c5a5e7489511d7a1bc64332d php-pgsql-4.3.2-33.ent.s390.rpm s390x: eee835eb080c99fd6ad6a62eefaeec6a php-4.3.2-33.ent.s390x.rpm 95876dbc895c0c30405a9fa3a58d84c2 php-debuginfo-4.3.2-33.ent.s390x.rpm 88f9c171b9b3ed332222b7d2ee1e7cd6 php-devel-4.3.2-33.ent.s390x.rpm 37983d3e6a850a106dc5e9afd2acbfb9 php-imap-4.3.2-33.ent.s390x.rpm c33c35b1df87c9f716ce1ba1aff110ee php-ldap-4.3.2-33.ent.s390x.rpm e9775947d81ae5d20258b1a16f43533a php-mysql-4.3.2-33.ent.s390x.rpm 53c963377e4bb04ac44e98d48f88be3c php-odbc-4.3.2-33.ent.s390x.rpm 3cdd9b2a3628d9fbe6419f09afb963f2 php-pgsql-4.3.2-33.ent.s390x.rpm x86_64: aba5c8d6b64ce23a3c596d623bbf70ce php-4.3.2-33.ent.x86_64.rpm 8bac277f71bf873c0bcb3684b24a2dd5 php-debuginfo-4.3.2-33.ent.x86_64.rpm a127c84f015c9754238aa6e403890152 php-devel-4.3.2-33.ent.x86_64.rpm fb9c4d54c9ee78f63dcb9378e0b0e761 php-imap-4.3.2-33.ent.x86_64.rpm fbaecf21159a78c9a747c326d38b1c35 php-ldap-4.3.2-33.ent.x86_64.rpm b1492c3d00e6db5a9b727f3643d49608 php-mysql-4.3.2-33.ent.x86_64.rpm 5bf58b38b0d5a66aba0e176a7ffb6ab0 php-odbc-4.3.2-33.ent.x86_64.rpm c83f9932e1d75c913a405e7f062683bc php-pgsql-4.3.2-33.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-33.ent.src.rpm c018cc410c9655f537bbc617ec67ba11 php-4.3.2-33.ent.src.rpm i386: d5c4ee398126667a3d38ca3b3ac9d949 php-4.3.2-33.ent.i386.rpm 193ab3af5edc67f1c99fb955b00102da php-debuginfo-4.3.2-33.ent.i386.rpm d33d058957d18a82d02634e71be9c1ae php-devel-4.3.2-33.ent.i386.rpm 10e154d24fbd4a57731902ce2f038a74 php-imap-4.3.2-33.ent.i386.rpm 8701231a24864316cedeaef756926771 php-ldap-4.3.2-33.ent.i386.rpm 51de6e91de61dbb536089a3f3bc15471 php-mysql-4.3.2-33.ent.i386.rpm c30922c2ff54ae24f6c5efa318ad3f62 php-odbc-4.3.2-33.ent.i386.rpm 87e7856bf30f33d540a2a2e3fc58dd9e php-pgsql-4.3.2-33.ent.i386.rpm x86_64: aba5c8d6b64ce23a3c596d623bbf70ce php-4.3.2-33.ent.x86_64.rpm 8bac277f71bf873c0bcb3684b24a2dd5 php-debuginfo-4.3.2-33.ent.x86_64.rpm a127c84f015c9754238aa6e403890152 php-devel-4.3.2-33.ent.x86_64.rpm fb9c4d54c9ee78f63dcb9378e0b0e761 php-imap-4.3.2-33.ent.x86_64.rpm fbaecf21159a78c9a747c326d38b1c35 php-ldap-4.3.2-33.ent.x86_64.rpm b1492c3d00e6db5a9b727f3643d49608 php-mysql-4.3.2-33.ent.x86_64.rpm 5bf58b38b0d5a66aba0e176a7ffb6ab0 php-odbc-4.3.2-33.ent.x86_64.rpm c83f9932e1d75c913a405e7f062683bc php-pgsql-4.3.2-33.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-33.ent.src.rpm c018cc410c9655f537bbc617ec67ba11 php-4.3.2-33.ent.src.rpm i386: d5c4ee398126667a3d38ca3b3ac9d949 php-4.3.2-33.ent.i386.rpm 193ab3af5edc67f1c99fb955b00102da php-debuginfo-4.3.2-33.ent.i386.rpm d33d058957d18a82d02634e71be9c1ae php-devel-4.3.2-33.ent.i386.rpm 10e154d24fbd4a57731902ce2f038a74 php-imap-4.3.2-33.ent.i386.rpm 8701231a24864316cedeaef756926771 php-ldap-4.3.2-33.ent.i386.rpm 51de6e91de61dbb536089a3f3bc15471 php-mysql-4.3.2-33.ent.i386.rpm c30922c2ff54ae24f6c5efa318ad3f62 php-odbc-4.3.2-33.ent.i386.rpm 87e7856bf30f33d540a2a2e3fc58dd9e php-pgsql-4.3.2-33.ent.i386.rpm ia64: ea9878b8678de65636f76ad6d937603d php-4.3.2-33.ent.ia64.rpm e3cceb5006b0a629eb1026cc79a9d2cc php-debuginfo-4.3.2-33.ent.ia64.rpm bad9909488a7c61e2a5dbf9a6b84e639 php-devel-4.3.2-33.ent.ia64.rpm 8180a9da60367868236a6f0db5d96402 php-imap-4.3.2-33.ent.ia64.rpm 27b9b7b4e0171ca0e9f438819d38f7fd php-ldap-4.3.2-33.ent.ia64.rpm 2635ed5ac5ec737ac18fde4a99ca6807 php-mysql-4.3.2-33.ent.ia64.rpm 9f79cd8ac13ccddcecd140b5fa3d92b2 php-odbc-4.3.2-33.ent.ia64.rpm 59fd4963632105e568292d9fb6a35820 php-pgsql-4.3.2-33.ent.ia64.rpm x86_64: aba5c8d6b64ce23a3c596d623bbf70ce php-4.3.2-33.ent.x86_64.rpm 8bac277f71bf873c0bcb3684b24a2dd5 php-debuginfo-4.3.2-33.ent.x86_64.rpm a127c84f015c9754238aa6e403890152 php-devel-4.3.2-33.ent.x86_64.rpm fb9c4d54c9ee78f63dcb9378e0b0e761 php-imap-4.3.2-33.ent.x86_64.rpm fbaecf21159a78c9a747c326d38b1c35 php-ldap-4.3.2-33.ent.x86_64.rpm b1492c3d00e6db5a9b727f3643d49608 php-mysql-4.3.2-33.ent.x86_64.rpm 5bf58b38b0d5a66aba0e176a7ffb6ab0 php-odbc-4.3.2-33.ent.x86_64.rpm c83f9932e1d75c913a405e7f062683bc php-pgsql-4.3.2-33.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-33.ent.src.rpm c018cc410c9655f537bbc617ec67ba11 php-4.3.2-33.ent.src.rpm i386: d5c4ee398126667a3d38ca3b3ac9d949 php-4.3.2-33.ent.i386.rpm 193ab3af5edc67f1c99fb955b00102da php-debuginfo-4.3.2-33.ent.i386.rpm d33d058957d18a82d02634e71be9c1ae php-devel-4.3.2-33.ent.i386.rpm 10e154d24fbd4a57731902ce2f038a74 php-imap-4.3.2-33.ent.i386.rpm 8701231a24864316cedeaef756926771 php-ldap-4.3.2-33.ent.i386.rpm 51de6e91de61dbb536089a3f3bc15471 php-mysql-4.3.2-33.ent.i386.rpm c30922c2ff54ae24f6c5efa318ad3f62 php-odbc-4.3.2-33.ent.i386.rpm 87e7856bf30f33d540a2a2e3fc58dd9e php-pgsql-4.3.2-33.ent.i386.rpm ia64: ea9878b8678de65636f76ad6d937603d php-4.3.2-33.ent.ia64.rpm e3cceb5006b0a629eb1026cc79a9d2cc php-debuginfo-4.3.2-33.ent.ia64.rpm bad9909488a7c61e2a5dbf9a6b84e639 php-devel-4.3.2-33.ent.ia64.rpm 8180a9da60367868236a6f0db5d96402 php-imap-4.3.2-33.ent.ia64.rpm 27b9b7b4e0171ca0e9f438819d38f7fd php-ldap-4.3.2-33.ent.ia64.rpm 2635ed5ac5ec737ac18fde4a99ca6807 php-mysql-4.3.2-33.ent.ia64.rpm 9f79cd8ac13ccddcecd140b5fa3d92b2 php-odbc-4.3.2-33.ent.ia64.rpm 59fd4963632105e568292d9fb6a35820 php-pgsql-4.3.2-33.ent.ia64.rpm x86_64: aba5c8d6b64ce23a3c596d623bbf70ce php-4.3.2-33.ent.x86_64.rpm 8bac277f71bf873c0bcb3684b24a2dd5 php-debuginfo-4.3.2-33.ent.x86_64.rpm a127c84f015c9754238aa6e403890152 php-devel-4.3.2-33.ent.x86_64.rpm fb9c4d54c9ee78f63dcb9378e0b0e761 php-imap-4.3.2-33.ent.x86_64.rpm fbaecf21159a78c9a747c326d38b1c35 php-ldap-4.3.2-33.ent.x86_64.rpm b1492c3d00e6db5a9b727f3643d49608 php-mysql-4.3.2-33.ent.x86_64.rpm 5bf58b38b0d5a66aba0e176a7ffb6ab0 php-odbc-4.3.2-33.ent.x86_64.rpm c83f9932e1d75c913a405e7f062683bc php-pgsql-4.3.2-33.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.15.src.rpm 8e7fcb8213f940460bed98ea4845b008 php-4.3.9-3.15.src.rpm i386: b3feb153604a4759ea9a7c90dadeade8 php-4.3.9-3.15.i386.rpm 99645c0bb650a1202ef5a6ac4c3dafdf php-debuginfo-4.3.9-3.15.i386.rpm f0cc982f65019dd52aa8e636c08cbf55 php-devel-4.3.9-3.15.i386.rpm 9b29e28848067eed3229d7cc3e586427 php-domxml-4.3.9-3.15.i386.rpm 21203f5cde359468796ef6d58ee90278 php-gd-4.3.9-3.15.i386.rpm 547b30e0bfae2d50914b09e472c2a727 php-imap-4.3.9-3.15.i386.rpm c5a6be773ce7bfd9235b8fdab4b0b39f php-ldap-4.3.9-3.15.i386.rpm 90fba6d1c1a33a2f748411c5edf375ba php-mbstring-4.3.9-3.15.i386.rpm 700ef656f11b712891ca92b2dda910f7 php-mysql-4.3.9-3.15.i386.rpm 49da8fce4fe283f0015b9690d01a6f2d php-ncurses-4.3.9-3.15.i386.rpm d76fb272aa599f28e65bc2848bdadce4 php-odbc-4.3.9-3.15.i386.rpm d12a1760a3a561aabd7778033faaafa7 php-pear-4.3.9-3.15.i386.rpm 3b332648ef656f75e1ac8d91f96967ef php-pgsql-4.3.9-3.15.i386.rpm 96f03c0c5ad3a6106944a39061f6c13f php-snmp-4.3.9-3.15.i386.rpm 96845abc69545864059b172a1a7ff82d php-xmlrpc-4.3.9-3.15.i386.rpm ia64: bb521451c677d32b3824349beb72091a php-4.3.9-3.15.ia64.rpm e2cb7a211227c7d863a833de65efbe7a php-debuginfo-4.3.9-3.15.ia64.rpm 9a854ab664a15e832a9ce7709f96eca4 php-devel-4.3.9-3.15.ia64.rpm d93b129c85b7c2e8e78f0e57d32abcbc php-domxml-4.3.9-3.15.ia64.rpm c8f585dd6f927afe8e2f723fd97643cf php-gd-4.3.9-3.15.ia64.rpm a77f66b188d9f62ffd6e03a041aadd2a php-imap-4.3.9-3.15.ia64.rpm a306d26654b2ad08bd0a11c36fca23a1 php-ldap-4.3.9-3.15.ia64.rpm a42e38ee78744222fdc1a1bb52b61de3 php-mbstring-4.3.9-3.15.ia64.rpm 97076014c9000997a555577b2d1f13ef php-mysql-4.3.9-3.15.ia64.rpm 7fdd2fe3ce37b896f3542d8e3bb62dc9 php-ncurses-4.3.9-3.15.ia64.rpm f5fb5c9e489b3205a77eb43e9d794f59 php-odbc-4.3.9-3.15.ia64.rpm 888b095ced3b5058a5a2ef3f28fdc0bf php-pear-4.3.9-3.15.ia64.rpm 81de692b7a65b49905acbbc15923a969 php-pgsql-4.3.9-3.15.ia64.rpm 248e58b4de5ce83a3a03c177ab7782a9 php-snmp-4.3.9-3.15.ia64.rpm f9fb2eac36fccecea0d95e45680dce7a php-xmlrpc-4.3.9-3.15.ia64.rpm ppc: 4ae4ed5ad7f26a87a8b6ac4b272a12d5 php-4.3.9-3.15.ppc.rpm 4fab4951889558a732f9cabc87dcc8a5 php-debuginfo-4.3.9-3.15.ppc.rpm 93e504a0669cd5a46135d2026d725dea php-devel-4.3.9-3.15.ppc.rpm 39ce65d06617224939f451bedd716091 php-domxml-4.3.9-3.15.ppc.rpm d4b49b4ee7241db76f956360d3a703ec php-gd-4.3.9-3.15.ppc.rpm 53d98aacc4651d08091b0e642cbbbb18 php-imap-4.3.9-3.15.ppc.rpm 19aa451035988c922b68fe7fd711ae47 php-ldap-4.3.9-3.15.ppc.rpm b9b0084f4d2a658afef7f677923b4cc2 php-mbstring-4.3.9-3.15.ppc.rpm 3b93c624d1f2e1cf36dad34a83a339f1 php-mysql-4.3.9-3.15.ppc.rpm 64117e7600fb800b0ee722b72a09aa96 php-ncurses-4.3.9-3.15.ppc.rpm a7ac1643c369601544657a70701c4464 php-odbc-4.3.9-3.15.ppc.rpm f002ab3a25a6f8c2a4d5e7eb8723db7e php-pear-4.3.9-3.15.ppc.rpm 060120ab15e3655fa88c764227305783 php-pgsql-4.3.9-3.15.ppc.rpm 20203aa8a389cbe47ef8ec6ce5b4ffc3 php-snmp-4.3.9-3.15.ppc.rpm 7b7fdb0864f9af8ff98f6ba8e5a25e07 php-xmlrpc-4.3.9-3.15.ppc.rpm s390: b36b0621ec0d19fabe534c17553d11e3 php-4.3.9-3.15.s390.rpm 3db657e3c9f8382aa78a38fa2d0abc75 php-debuginfo-4.3.9-3.15.s390.rpm afcb3bc23dfcbe95b1aa6efb3cc96e95 php-devel-4.3.9-3.15.s390.rpm a311fd4be49635be96c07431d27019b7 php-domxml-4.3.9-3.15.s390.rpm e1740411b92e05e938e236769923d1a1 php-gd-4.3.9-3.15.s390.rpm 3b82e31d824b26c76e5e821c31433c7e php-imap-4.3.9-3.15.s390.rpm ca04837a8f505ab3e4dfa07f3e7f767b php-ldap-4.3.9-3.15.s390.rpm 9b466230f5c2eddc2c10de1eaab3003f php-mbstring-4.3.9-3.15.s390.rpm 699264efb4723e16218f52f198e9efb9 php-mysql-4.3.9-3.15.s390.rpm e49fdce3a6a0863328f8053460467ab1 php-ncurses-4.3.9-3.15.s390.rpm aa4c1b421abb39258b1a47d2a3dc0d0c php-odbc-4.3.9-3.15.s390.rpm a8a31b08ebad23ebd8b4c113eda2eb92 php-pear-4.3.9-3.15.s390.rpm a7ca82081f6ccbd848f9df066e4f5542 php-pgsql-4.3.9-3.15.s390.rpm ebe13bdf4f12fc2c35ba6c633aa896de php-snmp-4.3.9-3.15.s390.rpm 9b05f0df8613ccfc7009d94351752716 php-xmlrpc-4.3.9-3.15.s390.rpm s390x: a4278f9669cccc30ea99bddeffe818e1 php-4.3.9-3.15.s390x.rpm 354064c6ed2deddef764a888b9c0e753 php-debuginfo-4.3.9-3.15.s390x.rpm 572a0f4a2f14b77005f1e21f4581a612 php-devel-4.3.9-3.15.s390x.rpm 8eaeb14f3f78a4c6d4606effe0e48494 php-domxml-4.3.9-3.15.s390x.rpm a9f4b609176f9e3203c35b1191f3345c php-gd-4.3.9-3.15.s390x.rpm c870a007811d74d34c6e1bb3fa675f76 php-imap-4.3.9-3.15.s390x.rpm 8c1fecc0f8c9a0c31e4fe2dcdeeca14c php-ldap-4.3.9-3.15.s390x.rpm 6b8a83936454cf0b9279bb045e5c6fe2 php-mbstring-4.3.9-3.15.s390x.rpm 21a09d060995c5ceb76e006e0544d530 php-mysql-4.3.9-3.15.s390x.rpm 65caaa12a59d196c83b5900903deac9f php-ncurses-4.3.9-3.15.s390x.rpm 726f026c51a187a4ceb4c61572a959d4 php-odbc-4.3.9-3.15.s390x.rpm e29b5fc168e080c4e63588f691750e88 php-pear-4.3.9-3.15.s390x.rpm 328a3493eb37105ef0b88ddc66959734 php-pgsql-4.3.9-3.15.s390x.rpm d58730f86fb8063ca7259a3c8bc2cf1b php-snmp-4.3.9-3.15.s390x.rpm fc7dd30602047765aa171ead439a2146 php-xmlrpc-4.3.9-3.15.s390x.rpm x86_64: eef5025da3ae88d290fc4ea7912f188d php-4.3.9-3.15.x86_64.rpm d70d29f4a8f4de2737446fe166740735 php-debuginfo-4.3.9-3.15.x86_64.rpm cbec1631a86b07709cca28258b4d3103 php-devel-4.3.9-3.15.x86_64.rpm d0bc99f8cf1a936bdd2ebb0f3ca2bf9f php-domxml-4.3.9-3.15.x86_64.rpm 90a8ffe9300be426e39d61716199da8b php-gd-4.3.9-3.15.x86_64.rpm 2ccfc1f616ae13c45217e1a7afe41028 php-imap-4.3.9-3.15.x86_64.rpm 3b4264695e7278eee9fb8411c4e90e96 php-ldap-4.3.9-3.15.x86_64.rpm a729d490b1b75691c10fe26996817096 php-mbstring-4.3.9-3.15.x86_64.rpm 6e43b892dcfa284d83a3f1b00feabaf9 php-mysql-4.3.9-3.15.x86_64.rpm b949131046558d1a6b82c0fab860f0d9 php-ncurses-4.3.9-3.15.x86_64.rpm 9235dce05195d560a3c478796f6783ab php-odbc-4.3.9-3.15.x86_64.rpm bf18f80b06d7cbae0d962ab07f248ba6 php-pear-4.3.9-3.15.x86_64.rpm 9fd490cc180ef31c190e8385d0e0ce89 php-pgsql-4.3.9-3.15.x86_64.rpm 2f9c58c5a667f7f6fae643a2ef4a5380 php-snmp-4.3.9-3.15.x86_64.rpm ea37846f2ae7d14c3fb163f6be22802d php-xmlrpc-4.3.9-3.15.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.15.src.rpm 8e7fcb8213f940460bed98ea4845b008 php-4.3.9-3.15.src.rpm i386: b3feb153604a4759ea9a7c90dadeade8 php-4.3.9-3.15.i386.rpm 99645c0bb650a1202ef5a6ac4c3dafdf php-debuginfo-4.3.9-3.15.i386.rpm f0cc982f65019dd52aa8e636c08cbf55 php-devel-4.3.9-3.15.i386.rpm 9b29e28848067eed3229d7cc3e586427 php-domxml-4.3.9-3.15.i386.rpm 21203f5cde359468796ef6d58ee90278 php-gd-4.3.9-3.15.i386.rpm 547b30e0bfae2d50914b09e472c2a727 php-imap-4.3.9-3.15.i386.rpm c5a6be773ce7bfd9235b8fdab4b0b39f php-ldap-4.3.9-3.15.i386.rpm 90fba6d1c1a33a2f748411c5edf375ba php-mbstring-4.3.9-3.15.i386.rpm 700ef656f11b712891ca92b2dda910f7 php-mysql-4.3.9-3.15.i386.rpm 49da8fce4fe283f0015b9690d01a6f2d php-ncurses-4.3.9-3.15.i386.rpm d76fb272aa599f28e65bc2848bdadce4 php-odbc-4.3.9-3.15.i386.rpm d12a1760a3a561aabd7778033faaafa7 php-pear-4.3.9-3.15.i386.rpm 3b332648ef656f75e1ac8d91f96967ef php-pgsql-4.3.9-3.15.i386.rpm 96f03c0c5ad3a6106944a39061f6c13f php-snmp-4.3.9-3.15.i386.rpm 96845abc69545864059b172a1a7ff82d php-xmlrpc-4.3.9-3.15.i386.rpm x86_64: eef5025da3ae88d290fc4ea7912f188d php-4.3.9-3.15.x86_64.rpm d70d29f4a8f4de2737446fe166740735 php-debuginfo-4.3.9-3.15.x86_64.rpm cbec1631a86b07709cca28258b4d3103 php-devel-4.3.9-3.15.x86_64.rpm d0bc99f8cf1a936bdd2ebb0f3ca2bf9f php-domxml-4.3.9-3.15.x86_64.rpm 90a8ffe9300be426e39d61716199da8b php-gd-4.3.9-3.15.x86_64.rpm 2ccfc1f616ae13c45217e1a7afe41028 php-imap-4.3.9-3.15.x86_64.rpm 3b4264695e7278eee9fb8411c4e90e96 php-ldap-4.3.9-3.15.x86_64.rpm a729d490b1b75691c10fe26996817096 php-mbstring-4.3.9-3.15.x86_64.rpm 6e43b892dcfa284d83a3f1b00feabaf9 php-mysql-4.3.9-3.15.x86_64.rpm b949131046558d1a6b82c0fab860f0d9 php-ncurses-4.3.9-3.15.x86_64.rpm 9235dce05195d560a3c478796f6783ab php-odbc-4.3.9-3.15.x86_64.rpm bf18f80b06d7cbae0d962ab07f248ba6 php-pear-4.3.9-3.15.x86_64.rpm 9fd490cc180ef31c190e8385d0e0ce89 php-pgsql-4.3.9-3.15.x86_64.rpm 2f9c58c5a667f7f6fae643a2ef4a5380 php-snmp-4.3.9-3.15.x86_64.rpm ea37846f2ae7d14c3fb163f6be22802d php-xmlrpc-4.3.9-3.15.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.15.src.rpm 8e7fcb8213f940460bed98ea4845b008 php-4.3.9-3.15.src.rpm i386: b3feb153604a4759ea9a7c90dadeade8 php-4.3.9-3.15.i386.rpm 99645c0bb650a1202ef5a6ac4c3dafdf php-debuginfo-4.3.9-3.15.i386.rpm f0cc982f65019dd52aa8e636c08cbf55 php-devel-4.3.9-3.15.i386.rpm 9b29e28848067eed3229d7cc3e586427 php-domxml-4.3.9-3.15.i386.rpm 21203f5cde359468796ef6d58ee90278 php-gd-4.3.9-3.15.i386.rpm 547b30e0bfae2d50914b09e472c2a727 php-imap-4.3.9-3.15.i386.rpm c5a6be773ce7bfd9235b8fdab4b0b39f php-ldap-4.3.9-3.15.i386.rpm 90fba6d1c1a33a2f748411c5edf375ba php-mbstring-4.3.9-3.15.i386.rpm 700ef656f11b712891ca92b2dda910f7 php-mysql-4.3.9-3.15.i386.rpm 49da8fce4fe283f0015b9690d01a6f2d php-ncurses-4.3.9-3.15.i386.rpm d76fb272aa599f28e65bc2848bdadce4 php-odbc-4.3.9-3.15.i386.rpm d12a1760a3a561aabd7778033faaafa7 php-pear-4.3.9-3.15.i386.rpm 3b332648ef656f75e1ac8d91f96967ef php-pgsql-4.3.9-3.15.i386.rpm 96f03c0c5ad3a6106944a39061f6c13f php-snmp-4.3.9-3.15.i386.rpm 96845abc69545864059b172a1a7ff82d php-xmlrpc-4.3.9-3.15.i386.rpm ia64: bb521451c677d32b3824349beb72091a php-4.3.9-3.15.ia64.rpm e2cb7a211227c7d863a833de65efbe7a php-debuginfo-4.3.9-3.15.ia64.rpm 9a854ab664a15e832a9ce7709f96eca4 php-devel-4.3.9-3.15.ia64.rpm d93b129c85b7c2e8e78f0e57d32abcbc php-domxml-4.3.9-3.15.ia64.rpm c8f585dd6f927afe8e2f723fd97643cf php-gd-4.3.9-3.15.ia64.rpm a77f66b188d9f62ffd6e03a041aadd2a php-imap-4.3.9-3.15.ia64.rpm a306d26654b2ad08bd0a11c36fca23a1 php-ldap-4.3.9-3.15.ia64.rpm a42e38ee78744222fdc1a1bb52b61de3 php-mbstring-4.3.9-3.15.ia64.rpm 97076014c9000997a555577b2d1f13ef php-mysql-4.3.9-3.15.ia64.rpm 7fdd2fe3ce37b896f3542d8e3bb62dc9 php-ncurses-4.3.9-3.15.ia64.rpm f5fb5c9e489b3205a77eb43e9d794f59 php-odbc-4.3.9-3.15.ia64.rpm 888b095ced3b5058a5a2ef3f28fdc0bf php-pear-4.3.9-3.15.ia64.rpm 81de692b7a65b49905acbbc15923a969 php-pgsql-4.3.9-3.15.ia64.rpm 248e58b4de5ce83a3a03c177ab7782a9 php-snmp-4.3.9-3.15.ia64.rpm f9fb2eac36fccecea0d95e45680dce7a php-xmlrpc-4.3.9-3.15.ia64.rpm x86_64: eef5025da3ae88d290fc4ea7912f188d php-4.3.9-3.15.x86_64.rpm d70d29f4a8f4de2737446fe166740735 php-debuginfo-4.3.9-3.15.x86_64.rpm cbec1631a86b07709cca28258b4d3103 php-devel-4.3.9-3.15.x86_64.rpm d0bc99f8cf1a936bdd2ebb0f3ca2bf9f php-domxml-4.3.9-3.15.x86_64.rpm 90a8ffe9300be426e39d61716199da8b php-gd-4.3.9-3.15.x86_64.rpm 2ccfc1f616ae13c45217e1a7afe41028 php-imap-4.3.9-3.15.x86_64.rpm 3b4264695e7278eee9fb8411c4e90e96 php-ldap-4.3.9-3.15.x86_64.rpm a729d490b1b75691c10fe26996817096 php-mbstring-4.3.9-3.15.x86_64.rpm 6e43b892dcfa284d83a3f1b00feabaf9 php-mysql-4.3.9-3.15.x86_64.rpm b949131046558d1a6b82c0fab860f0d9 php-ncurses-4.3.9-3.15.x86_64.rpm 9235dce05195d560a3c478796f6783ab php-odbc-4.3.9-3.15.x86_64.rpm bf18f80b06d7cbae0d962ab07f248ba6 php-pear-4.3.9-3.15.x86_64.rpm 9fd490cc180ef31c190e8385d0e0ce89 php-pgsql-4.3.9-3.15.x86_64.rpm 2f9c58c5a667f7f6fae643a2ef4a5380 php-snmp-4.3.9-3.15.x86_64.rpm ea37846f2ae7d14c3fb163f6be22802d php-xmlrpc-4.3.9-3.15.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.15.src.rpm 8e7fcb8213f940460bed98ea4845b008 php-4.3.9-3.15.src.rpm i386: b3feb153604a4759ea9a7c90dadeade8 php-4.3.9-3.15.i386.rpm 99645c0bb650a1202ef5a6ac4c3dafdf php-debuginfo-4.3.9-3.15.i386.rpm f0cc982f65019dd52aa8e636c08cbf55 php-devel-4.3.9-3.15.i386.rpm 9b29e28848067eed3229d7cc3e586427 php-domxml-4.3.9-3.15.i386.rpm 21203f5cde359468796ef6d58ee90278 php-gd-4.3.9-3.15.i386.rpm 547b30e0bfae2d50914b09e472c2a727 php-imap-4.3.9-3.15.i386.rpm c5a6be773ce7bfd9235b8fdab4b0b39f php-ldap-4.3.9-3.15.i386.rpm 90fba6d1c1a33a2f748411c5edf375ba php-mbstring-4.3.9-3.15.i386.rpm 700ef656f11b712891ca92b2dda910f7 php-mysql-4.3.9-3.15.i386.rpm 49da8fce4fe283f0015b9690d01a6f2d php-ncurses-4.3.9-3.15.i386.rpm d76fb272aa599f28e65bc2848bdadce4 php-odbc-4.3.9-3.15.i386.rpm d12a1760a3a561aabd7778033faaafa7 php-pear-4.3.9-3.15.i386.rpm 3b332648ef656f75e1ac8d91f96967ef php-pgsql-4.3.9-3.15.i386.rpm 96f03c0c5ad3a6106944a39061f6c13f php-snmp-4.3.9-3.15.i386.rpm 96845abc69545864059b172a1a7ff82d php-xmlrpc-4.3.9-3.15.i386.rpm ia64: bb521451c677d32b3824349beb72091a php-4.3.9-3.15.ia64.rpm e2cb7a211227c7d863a833de65efbe7a php-debuginfo-4.3.9-3.15.ia64.rpm 9a854ab664a15e832a9ce7709f96eca4 php-devel-4.3.9-3.15.ia64.rpm d93b129c85b7c2e8e78f0e57d32abcbc php-domxml-4.3.9-3.15.ia64.rpm c8f585dd6f927afe8e2f723fd97643cf php-gd-4.3.9-3.15.ia64.rpm a77f66b188d9f62ffd6e03a041aadd2a php-imap-4.3.9-3.15.ia64.rpm a306d26654b2ad08bd0a11c36fca23a1 php-ldap-4.3.9-3.15.ia64.rpm a42e38ee78744222fdc1a1bb52b61de3 php-mbstring-4.3.9-3.15.ia64.rpm 97076014c9000997a555577b2d1f13ef php-mysql-4.3.9-3.15.ia64.rpm 7fdd2fe3ce37b896f3542d8e3bb62dc9 php-ncurses-4.3.9-3.15.ia64.rpm f5fb5c9e489b3205a77eb43e9d794f59 php-odbc-4.3.9-3.15.ia64.rpm 888b095ced3b5058a5a2ef3f28fdc0bf php-pear-4.3.9-3.15.ia64.rpm 81de692b7a65b49905acbbc15923a969 php-pgsql-4.3.9-3.15.ia64.rpm 248e58b4de5ce83a3a03c177ab7782a9 php-snmp-4.3.9-3.15.ia64.rpm f9fb2eac36fccecea0d95e45680dce7a php-xmlrpc-4.3.9-3.15.ia64.rpm x86_64: eef5025da3ae88d290fc4ea7912f188d php-4.3.9-3.15.x86_64.rpm d70d29f4a8f4de2737446fe166740735 php-debuginfo-4.3.9-3.15.x86_64.rpm cbec1631a86b07709cca28258b4d3103 php-devel-4.3.9-3.15.x86_64.rpm d0bc99f8cf1a936bdd2ebb0f3ca2bf9f php-domxml-4.3.9-3.15.x86_64.rpm 90a8ffe9300be426e39d61716199da8b php-gd-4.3.9-3.15.x86_64.rpm 2ccfc1f616ae13c45217e1a7afe41028 php-imap-4.3.9-3.15.x86_64.rpm 3b4264695e7278eee9fb8411c4e90e96 php-ldap-4.3.9-3.15.x86_64.rpm a729d490b1b75691c10fe26996817096 php-mbstring-4.3.9-3.15.x86_64.rpm 6e43b892dcfa284d83a3f1b00feabaf9 php-mysql-4.3.9-3.15.x86_64.rpm b949131046558d1a6b82c0fab860f0d9 php-ncurses-4.3.9-3.15.x86_64.rpm 9235dce05195d560a3c478796f6783ab php-odbc-4.3.9-3.15.x86_64.rpm bf18f80b06d7cbae0d962ab07f248ba6 php-pear-4.3.9-3.15.x86_64.rpm 9fd490cc180ef31c190e8385d0e0ce89 php-pgsql-4.3.9-3.15.x86_64.rpm 2f9c58c5a667f7f6fae643a2ef4a5380 php-snmp-4.3.9-3.15.x86_64.rpm ea37846f2ae7d14c3fb163f6be22802d php-xmlrpc-4.3.9-3.15.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.php.net/register_globals http://www.redhat.com/security/updates/classification/#moderate http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1990 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3017 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEtT+5XlSAg2UNWIIRAnfZAJ0YJI/Afd/fRLFnoCDAJF30C9FqEQCfQgyx mkcnUakFeD2RzRxIaQCGxLg= =K1Wh -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jul 12 18:30:44 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 12 Jul 2006 14:30:44 -0400 Subject: [RHSA-2006:0577-01] Moderate: mutt security update Message-ID: <200607121830.k6CIUiEh001186@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: mutt security update Advisory ID: RHSA-2006:0577-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0577.html Issue date: 2006-07-12 Updated on: 2006-07-12 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3242 - --------------------------------------------------------------------- 1. Summary: Updated mutt packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mutt is a text-mode mail user agent. A buffer overflow flaw was found in the way Mutt processes an overly long namespace from a malicious imap server. In order to exploit this flaw a user would have to use Mutt to connect to a malicious IMAP server. (CVE-2006-3242) Users of Mutt are advised to upgrade to these erratum packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 197151 - CVE-2006-3242 Mutt IMAP namespace buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/mutt-1.2.5.1-2.rhel21.src.rpm 54b1c502dcc5da91b83593a29e689cda mutt-1.2.5.1-2.rhel21.src.rpm i386: 7c33167f6a99327ea66a7d21158a3759 mutt-1.2.5.1-2.rhel21.i386.rpm ia64: 4f6bb6963b32b2cd7394fa6311251732 mutt-1.2.5.1-2.rhel21.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/mutt-1.2.5.1-2.rhel21.src.rpm 54b1c502dcc5da91b83593a29e689cda mutt-1.2.5.1-2.rhel21.src.rpm ia64: 4f6bb6963b32b2cd7394fa6311251732 mutt-1.2.5.1-2.rhel21.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/mutt-1.2.5.1-2.rhel21.src.rpm 54b1c502dcc5da91b83593a29e689cda mutt-1.2.5.1-2.rhel21.src.rpm i386: 7c33167f6a99327ea66a7d21158a3759 mutt-1.2.5.1-2.rhel21.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/mutt-1.2.5.1-2.rhel21.src.rpm 54b1c502dcc5da91b83593a29e689cda mutt-1.2.5.1-2.rhel21.src.rpm i386: 7c33167f6a99327ea66a7d21158a3759 mutt-1.2.5.1-2.rhel21.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/mutt-1.4.1-3.5.rhel3.src.rpm 888328d8ea84f9d405cf68c1d37a4a62 mutt-1.4.1-3.5.rhel3.src.rpm i386: 74ca0464aeb67b5f8915f796e729cc7a mutt-1.4.1-3.5.rhel3.i386.rpm d0399d260060bbc9237ddadc4ec2c2ff mutt-debuginfo-1.4.1-3.5.rhel3.i386.rpm ia64: a976af2dec5ddafcc17fb3e43516a637 mutt-1.4.1-3.5.rhel3.ia64.rpm 8c8304a6f94d5259082599f039623ca6 mutt-debuginfo-1.4.1-3.5.rhel3.ia64.rpm ppc: 5174f5edc6e767f728c481e3f80c0f4e mutt-1.4.1-3.5.rhel3.ppc.rpm 9f2ce9b3b7926b4f1a2d7d22fbe108fa mutt-debuginfo-1.4.1-3.5.rhel3.ppc.rpm s390: f514ef393a8a4b9e52304c365caadb32 mutt-1.4.1-3.5.rhel3.s390.rpm 2ce47567a5de01bd361a39f09f290f67 mutt-debuginfo-1.4.1-3.5.rhel3.s390.rpm s390x: dedb942b68b8f004959de7726e2cdab4 mutt-1.4.1-3.5.rhel3.s390x.rpm 3999e4d6b52d0f6a8b1a006675ed1668 mutt-debuginfo-1.4.1-3.5.rhel3.s390x.rpm x86_64: 09ae329bd135464f4415383973e3fcbb mutt-1.4.1-3.5.rhel3.x86_64.rpm 30fe875c3ce277643c391a665ae5d53b mutt-debuginfo-1.4.1-3.5.rhel3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/mutt-1.4.1-3.5.rhel3.src.rpm 888328d8ea84f9d405cf68c1d37a4a62 mutt-1.4.1-3.5.rhel3.src.rpm i386: 74ca0464aeb67b5f8915f796e729cc7a mutt-1.4.1-3.5.rhel3.i386.rpm d0399d260060bbc9237ddadc4ec2c2ff mutt-debuginfo-1.4.1-3.5.rhel3.i386.rpm x86_64: 09ae329bd135464f4415383973e3fcbb mutt-1.4.1-3.5.rhel3.x86_64.rpm 30fe875c3ce277643c391a665ae5d53b mutt-debuginfo-1.4.1-3.5.rhel3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/mutt-1.4.1-3.5.rhel3.src.rpm 888328d8ea84f9d405cf68c1d37a4a62 mutt-1.4.1-3.5.rhel3.src.rpm i386: 74ca0464aeb67b5f8915f796e729cc7a mutt-1.4.1-3.5.rhel3.i386.rpm d0399d260060bbc9237ddadc4ec2c2ff mutt-debuginfo-1.4.1-3.5.rhel3.i386.rpm ia64: a976af2dec5ddafcc17fb3e43516a637 mutt-1.4.1-3.5.rhel3.ia64.rpm 8c8304a6f94d5259082599f039623ca6 mutt-debuginfo-1.4.1-3.5.rhel3.ia64.rpm x86_64: 09ae329bd135464f4415383973e3fcbb mutt-1.4.1-3.5.rhel3.x86_64.rpm 30fe875c3ce277643c391a665ae5d53b mutt-debuginfo-1.4.1-3.5.rhel3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/mutt-1.4.1-3.5.rhel3.src.rpm 888328d8ea84f9d405cf68c1d37a4a62 mutt-1.4.1-3.5.rhel3.src.rpm i386: 74ca0464aeb67b5f8915f796e729cc7a mutt-1.4.1-3.5.rhel3.i386.rpm d0399d260060bbc9237ddadc4ec2c2ff mutt-debuginfo-1.4.1-3.5.rhel3.i386.rpm ia64: a976af2dec5ddafcc17fb3e43516a637 mutt-1.4.1-3.5.rhel3.ia64.rpm 8c8304a6f94d5259082599f039623ca6 mutt-debuginfo-1.4.1-3.5.rhel3.ia64.rpm x86_64: 09ae329bd135464f4415383973e3fcbb mutt-1.4.1-3.5.rhel3.x86_64.rpm 30fe875c3ce277643c391a665ae5d53b mutt-debuginfo-1.4.1-3.5.rhel3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mutt-1.4.1-11.rhel4.src.rpm ed0c14b530685c615fceb65d67fe347d mutt-1.4.1-11.rhel4.src.rpm i386: 2865d8ea5a1c818bd25b9a55211b0558 mutt-1.4.1-11.rhel4.i386.rpm 4bfd5e8845113f9b8fce8c067dd3478a mutt-debuginfo-1.4.1-11.rhel4.i386.rpm ia64: ba7a3661e2c31ebc2b478e2546564721 mutt-1.4.1-11.rhel4.ia64.rpm a5f87fd3d059fc31df95fc817e90b2bb mutt-debuginfo-1.4.1-11.rhel4.ia64.rpm ppc: b800a6547047140a6ae9f88427f05b97 mutt-1.4.1-11.rhel4.ppc.rpm e8c55ad3f0e26b9371a11b30771075e1 mutt-debuginfo-1.4.1-11.rhel4.ppc.rpm s390: 9f3b9d6494e32cc82771a0d18bd6e0d0 mutt-1.4.1-11.rhel4.s390.rpm 7b11d7354dd2c10dfe19a59518d940fb mutt-debuginfo-1.4.1-11.rhel4.s390.rpm s390x: ac7d20109b0d477317ac98e60bebd246 mutt-1.4.1-11.rhel4.s390x.rpm 4beef135f74e7810460dffa5c99c28a5 mutt-debuginfo-1.4.1-11.rhel4.s390x.rpm x86_64: 3eb2b23126222c0b13fc9fa74a590a10 mutt-1.4.1-11.rhel4.x86_64.rpm c419956864d1678397927b350f98aed8 mutt-debuginfo-1.4.1-11.rhel4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mutt-1.4.1-11.rhel4.src.rpm ed0c14b530685c615fceb65d67fe347d mutt-1.4.1-11.rhel4.src.rpm i386: 2865d8ea5a1c818bd25b9a55211b0558 mutt-1.4.1-11.rhel4.i386.rpm 4bfd5e8845113f9b8fce8c067dd3478a mutt-debuginfo-1.4.1-11.rhel4.i386.rpm x86_64: 3eb2b23126222c0b13fc9fa74a590a10 mutt-1.4.1-11.rhel4.x86_64.rpm c419956864d1678397927b350f98aed8 mutt-debuginfo-1.4.1-11.rhel4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mutt-1.4.1-11.rhel4.src.rpm ed0c14b530685c615fceb65d67fe347d mutt-1.4.1-11.rhel4.src.rpm i386: 2865d8ea5a1c818bd25b9a55211b0558 mutt-1.4.1-11.rhel4.i386.rpm 4bfd5e8845113f9b8fce8c067dd3478a mutt-debuginfo-1.4.1-11.rhel4.i386.rpm ia64: ba7a3661e2c31ebc2b478e2546564721 mutt-1.4.1-11.rhel4.ia64.rpm a5f87fd3d059fc31df95fc817e90b2bb mutt-debuginfo-1.4.1-11.rhel4.ia64.rpm x86_64: 3eb2b23126222c0b13fc9fa74a590a10 mutt-1.4.1-11.rhel4.x86_64.rpm c419956864d1678397927b350f98aed8 mutt-debuginfo-1.4.1-11.rhel4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mutt-1.4.1-11.rhel4.src.rpm ed0c14b530685c615fceb65d67fe347d mutt-1.4.1-11.rhel4.src.rpm i386: 2865d8ea5a1c818bd25b9a55211b0558 mutt-1.4.1-11.rhel4.i386.rpm 4bfd5e8845113f9b8fce8c067dd3478a mutt-debuginfo-1.4.1-11.rhel4.i386.rpm ia64: ba7a3661e2c31ebc2b478e2546564721 mutt-1.4.1-11.rhel4.ia64.rpm a5f87fd3d059fc31df95fc817e90b2bb mutt-debuginfo-1.4.1-11.rhel4.ia64.rpm x86_64: 3eb2b23126222c0b13fc9fa74a590a10 mutt-1.4.1-11.rhel4.x86_64.rpm c419956864d1678397927b350f98aed8 mutt-debuginfo-1.4.1-11.rhel4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.redhat.com/security/updates/classification/#moderate http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3242 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEtT/RXlSAg2UNWIIRAhlZAJ4mJKMvx9+4CY3D7kvNU2ZKvJ58sgCgthjP AGEVgUXCpZM45PCTMT36MRU= =Z1Y+ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 13 11:58:19 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 13 Jul 2006 07:58:19 -0400 Subject: [RHSA-2006:0579-01] Important: kernel security update Message-ID: <200607131158.k6DBwJan011583@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2006:0579-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0579.html Issue date: 2006-07-13 Updated on: 2006-07-13 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-3055 CVE-2005-3273 CVE-2006-1056 CVE-2006-1342 CVE-2006-1343 CVE-2006-1864 CVE-2006-2071 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (32 bit architectures) This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386 Red Hat Linux Advanced Workstation 2.1 - Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate) * a flaw in ROSE due to missing verification of the ndigis argument of new routes (CVE-2005-3273, moderate) * an info leak on AMD-based x86 systems that allowed a local user to retrieve the floating point exception state of a process run by a different user (CVE-2006-1056, important) * a minor info leak in socket name handling in the network code (CVE-2006-1342, low) * a minor info leak in socket option handling in the network code (CVE-2006-1343, low) * a directory traversal vulnerability in smbfs that allowed a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences (CVE-2006-1864, moderate) * a flaw in the mprotect system call that allowed to give write permission to a readonly attachment of shared memory (CVE-2006-2071, moderate) A performance bug in the NFS implementation that caused clients to frequently pause when sending TCP segments during heavy write loads was also addressed. All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to these updated packages, which contain backported fixes to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 155362 - CVE-2005-3273 ROSE ndigis verification 169262 - CVE-2005-3055 async usb devio oops 186245 - CVE-2006-1342 Small information leak in SO_ORIGINAL_DST and getname() (CVE-2006-1343) 189344 - CVE-2006-1056 FPU Information leak on i386/x86-64 on AMD CPUs 189438 - CVE-2006-1864 smbfs chroot issue 190076 - CVE-2006-2071 mprotect gives write permission to a readonly attachment 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.70.src.rpm 5bb4eb687f9657fbc9270e2ac34bfd43 kernel-2.4.9-e.70.src.rpm i386: a01f8a420613698289df25b15b37c347 kernel-2.4.9-e.70.athlon.rpm 8cc3614816ac844acbd7a6f5939fcbb8 kernel-2.4.9-e.70.i686.rpm b7e4f94752fb561c436bd284bb3bb33b kernel-BOOT-2.4.9-e.70.i386.rpm 31a3335b0203bfa6841751446142dd12 kernel-debug-2.4.9-e.70.i686.rpm 366548fb753d8e153e1099575acb67e1 kernel-doc-2.4.9-e.70.i386.rpm 8a3e9b19eea831131c5d983716e71b5d kernel-enterprise-2.4.9-e.70.i686.rpm b97f9e32f89e35b7da18c1aca2a279c7 kernel-headers-2.4.9-e.70.i386.rpm 909da40944a1664786e7881119735cad kernel-smp-2.4.9-e.70.athlon.rpm 783c75ba154ba2892ba824ea90eb3214 kernel-smp-2.4.9-e.70.i686.rpm 2ef4bbc4b4bf2549ca884e9ad9b5e1f3 kernel-source-2.4.9-e.70.i386.rpm 414c6991ff9f596f4903ab5a74efd47a kernel-summit-2.4.9-e.70.i686.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.9-e.70.src.rpm 5bb4eb687f9657fbc9270e2ac34bfd43 kernel-2.4.9-e.70.src.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.70.src.rpm 5bb4eb687f9657fbc9270e2ac34bfd43 kernel-2.4.9-e.70.src.rpm i386: a01f8a420613698289df25b15b37c347 kernel-2.4.9-e.70.athlon.rpm 8cc3614816ac844acbd7a6f5939fcbb8 kernel-2.4.9-e.70.i686.rpm b7e4f94752fb561c436bd284bb3bb33b kernel-BOOT-2.4.9-e.70.i386.rpm 31a3335b0203bfa6841751446142dd12 kernel-debug-2.4.9-e.70.i686.rpm 366548fb753d8e153e1099575acb67e1 kernel-doc-2.4.9-e.70.i386.rpm b97f9e32f89e35b7da18c1aca2a279c7 kernel-headers-2.4.9-e.70.i386.rpm 909da40944a1664786e7881119735cad kernel-smp-2.4.9-e.70.athlon.rpm 783c75ba154ba2892ba824ea90eb3214 kernel-smp-2.4.9-e.70.i686.rpm 2ef4bbc4b4bf2549ca884e9ad9b5e1f3 kernel-source-2.4.9-e.70.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.70.src.rpm 5bb4eb687f9657fbc9270e2ac34bfd43 kernel-2.4.9-e.70.src.rpm i386: a01f8a420613698289df25b15b37c347 kernel-2.4.9-e.70.athlon.rpm 8cc3614816ac844acbd7a6f5939fcbb8 kernel-2.4.9-e.70.i686.rpm b7e4f94752fb561c436bd284bb3bb33b kernel-BOOT-2.4.9-e.70.i386.rpm 31a3335b0203bfa6841751446142dd12 kernel-debug-2.4.9-e.70.i686.rpm 366548fb753d8e153e1099575acb67e1 kernel-doc-2.4.9-e.70.i386.rpm 8a3e9b19eea831131c5d983716e71b5d kernel-enterprise-2.4.9-e.70.i686.rpm b97f9e32f89e35b7da18c1aca2a279c7 kernel-headers-2.4.9-e.70.i386.rpm 909da40944a1664786e7881119735cad kernel-smp-2.4.9-e.70.athlon.rpm 783c75ba154ba2892ba824ea90eb3214 kernel-smp-2.4.9-e.70.i686.rpm 2ef4bbc4b4bf2549ca884e9ad9b5e1f3 kernel-source-2.4.9-e.70.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3055 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3273 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEtjVWXlSAg2UNWIIRAjjEAKC1f1vKGSEb+tdws0+GgGPZxbZeXQCghn3d WT/cK01CP74XMxCqu4NJdok= =f/Ju -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 13 12:08:19 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 13 Jul 2006 08:08:19 -0400 Subject: [RHSA-2006:0580-01] Moderate: kernel security update Message-ID: <200607131208.k6DC8JJw013753@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kernel security update Advisory ID: RHSA-2006:0580-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0580.html Issue date: 2006-07-13 Updated on: 2006-07-13 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-3055 CVE-2005-3273 CVE-2006-1342 CVE-2006-1343 CVE-2006-1864 CVE-2006-2071 CVE-2006-2444 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix a number of security issues as well as other bugs are now available for Red Hat Enterprise Linux 2.1 (64 bit architectures) This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate) * a flaw in ROSE due to missing verification of the ndigis argument of new routes (CVE-2005-3273, moderate) * a minor info leak in socket name handling in the network code (CVE-2006-1342, low) * a minor info leak in socket option handling in the network code (CVE-2006-1343, low) * a directory traversal vulnerability in smbfs that allowed a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences (CVE-2006-1864, moderate) * a flaw in the mprotect system call that allowed to give write permission to a readonly attachment of shared memory (CVE-2006-2071, moderate) * a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, moderate) All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to these updated packages, which contain backported fixes to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 155363 - CVE-2005-3273 ROSE ndigis verification 169263 - CVE-2005-3055 async usb devio oops (ipf) 186247 - CVE-2006-1342 Small information leak in SO_ORIGINAL_DST and getname() (CVE-2006-1343) 189439 - CVE-2006-1864 smbfs chroot issue 190077 - CVE-2006-2071 mprotect gives write permission to a readonly attachment 192634 - CVE-2006-2444 SNMP NAT netfilter memory corruption 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.18-e.63.src.rpm c61d463283afa0bed053f3161756733b kernel-2.4.18-e.63.src.rpm ia64: 32532fafc62a1f79c87e8a108237eb45 kernel-2.4.18-e.63.ia64.rpm 19dedbf7215f9a415361a7ef3e492e76 kernel-doc-2.4.18-e.63.ia64.rpm 06caba179a589bc80a3dc985a631a235 kernel-smp-2.4.18-e.63.ia64.rpm 02e26e237854382d5df668e8dc65c0b3 kernel-source-2.4.18-e.63.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.18-e.63.src.rpm c61d463283afa0bed053f3161756733b kernel-2.4.18-e.63.src.rpm ia64: 32532fafc62a1f79c87e8a108237eb45 kernel-2.4.18-e.63.ia64.rpm 19dedbf7215f9a415361a7ef3e492e76 kernel-doc-2.4.18-e.63.ia64.rpm 06caba179a589bc80a3dc985a631a235 kernel-smp-2.4.18-e.63.ia64.rpm 02e26e237854382d5df668e8dc65c0b3 kernel-source-2.4.18-e.63.ia64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3055 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3273 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2444 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEtjenXlSAg2UNWIIRAr2fAKCYENRtVU/TknaJeN+xlUyt+oGVlQCfY5aU P+Ld+4Kz7b2CXx3cCBT8GuY= =Ojzg -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 18 10:39:45 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Jul 2006 06:39:45 -0400 Subject: [RHSA-2006:0500-01] Moderate: freetype security update Message-ID: <200607181039.k6IAdjWC016051@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: freetype security update Advisory ID: RHSA-2006:0500-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0500.html Issue date: 2006-07-18 Updated on: 2006-07-18 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0747 CVE-2006-1861 CVE-2006-2661 CVE-2006-3467 - --------------------------------------------------------------------- 1. Summary: Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several integer underflow and overflow flaws in the FreeType font engine. If a user loads a carefully crafted font file with a program linked against FreeType, it could cause the application to crash or execute arbitrary code as the user. While it is uncommon for a user to explicitly load a font file, there are several application file formats which contain embedded fonts that are parsed by FreeType. (CVE-2006-0747, CVE-2006-1861, CVE-2006-3467) A NULL pointer dereference flaw was found in the FreeType font engine. An application linked against FreeType can crash upon loading a malformed font file. (CVE-2006-2661) Users of FreeType should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 183676 - CVE-2006-0747 Freetype integer underflow (CVE-2006-2661) 190593 - CVE-2006-1861 freetype multiple integer overflows (CVE-2006-3467) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/freetype-2.0.3-8.rhel2_1.2.src.rpm 9c3d03656cc51a72e2753a0e27c4b474 freetype-2.0.3-8.rhel2_1.2.src.rpm i386: 407cfe8163092692652a64baf217074e freetype-2.0.3-8.rhel2_1.2.i386.rpm 5724f665a6b32fd026b7b338d888e57b freetype-devel-2.0.3-8.rhel2_1.2.i386.rpm a9a323b730d32b1fbcb8f619cec0b4a5 freetype-utils-2.0.3-8.rhel2_1.2.i386.rpm ia64: 1cc6902e487dc3d94948e6fe0a91f2a7 freetype-2.0.3-8.rhel2_1.2.ia64.rpm 4d2e15bc0f6c0c2849b3826ab13f5c38 freetype-devel-2.0.3-8.rhel2_1.2.ia64.rpm 8b9c3c8ea308328251bcec9d9cd4ee33 freetype-utils-2.0.3-8.rhel2_1.2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/freetype-2.0.3-8.rhel2_1.2.src.rpm 9c3d03656cc51a72e2753a0e27c4b474 freetype-2.0.3-8.rhel2_1.2.src.rpm ia64: 1cc6902e487dc3d94948e6fe0a91f2a7 freetype-2.0.3-8.rhel2_1.2.ia64.rpm 4d2e15bc0f6c0c2849b3826ab13f5c38 freetype-devel-2.0.3-8.rhel2_1.2.ia64.rpm 8b9c3c8ea308328251bcec9d9cd4ee33 freetype-utils-2.0.3-8.rhel2_1.2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/freetype-2.0.3-8.rhel2_1.2.src.rpm 9c3d03656cc51a72e2753a0e27c4b474 freetype-2.0.3-8.rhel2_1.2.src.rpm i386: 407cfe8163092692652a64baf217074e freetype-2.0.3-8.rhel2_1.2.i386.rpm 5724f665a6b32fd026b7b338d888e57b freetype-devel-2.0.3-8.rhel2_1.2.i386.rpm a9a323b730d32b1fbcb8f619cec0b4a5 freetype-utils-2.0.3-8.rhel2_1.2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/freetype-2.0.3-8.rhel2_1.2.src.rpm 9c3d03656cc51a72e2753a0e27c4b474 freetype-2.0.3-8.rhel2_1.2.src.rpm i386: 407cfe8163092692652a64baf217074e freetype-2.0.3-8.rhel2_1.2.i386.rpm 5724f665a6b32fd026b7b338d888e57b freetype-devel-2.0.3-8.rhel2_1.2.i386.rpm a9a323b730d32b1fbcb8f619cec0b4a5 freetype-utils-2.0.3-8.rhel2_1.2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/freetype-2.1.4-4.0.rhel3.2.src.rpm b1a408493bba9185c162e4951be43b18 freetype-2.1.4-4.0.rhel3.2.src.rpm i386: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 27f98060dc5e8a5788e836f4b68133d7 freetype-devel-2.1.4-4.0.rhel3.2.i386.rpm ia64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm 715b086353e75c73557d093edf3fcd6d freetype-2.1.4-4.0.rhel3.2.ia64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 7fca85177ba6b6b747d0ef73b520d418 freetype-debuginfo-2.1.4-4.0.rhel3.2.ia64.rpm d3a2e21df27b6b0aaf61262426418f68 freetype-devel-2.1.4-4.0.rhel3.2.ia64.rpm ppc: 5d170f7b9edd559bbecdcd67a222ee58 freetype-2.1.4-4.0.rhel3.2.ppc.rpm fa5cfb6f58389bf5ff79d1eb20a1d751 freetype-2.1.4-4.0.rhel3.2.ppc64.rpm 92e63496948ed6e72934342b6e7c7894 freetype-debuginfo-2.1.4-4.0.rhel3.2.ppc.rpm dc282a8be56d5e3817aa50265c6657d3 freetype-debuginfo-2.1.4-4.0.rhel3.2.ppc64.rpm 9c64d14c71deabb125d1904baed60454 freetype-devel-2.1.4-4.0.rhel3.2.ppc.rpm s390: ac3122941009aaf309b658161f9ab376 freetype-2.1.4-4.0.rhel3.2.s390.rpm 78dcfd5519a2f85b6d559887a17e94fd freetype-debuginfo-2.1.4-4.0.rhel3.2.s390.rpm 6465809d682d960d20b34646f5c6a22b freetype-devel-2.1.4-4.0.rhel3.2.s390.rpm s390x: ac3122941009aaf309b658161f9ab376 freetype-2.1.4-4.0.rhel3.2.s390.rpm fbacd92a4dc87c11784617b4a60be2df freetype-2.1.4-4.0.rhel3.2.s390x.rpm 78dcfd5519a2f85b6d559887a17e94fd freetype-debuginfo-2.1.4-4.0.rhel3.2.s390.rpm db92d2021bd9e26a76c9a5ebce6b6dc7 freetype-debuginfo-2.1.4-4.0.rhel3.2.s390x.rpm d0854600a5492eb13ed216677a2e8962 freetype-devel-2.1.4-4.0.rhel3.2.s390x.rpm x86_64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm b4db4ba664bdf9ff605c2190a00c3724 freetype-2.1.4-4.0.rhel3.2.x86_64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 5883a335c91312f6372a06e8692c95bc freetype-debuginfo-2.1.4-4.0.rhel3.2.x86_64.rpm deac2e0429300513b2abb9ba75c62dad freetype-devel-2.1.4-4.0.rhel3.2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/freetype-2.1.4-4.0.rhel3.2.src.rpm b1a408493bba9185c162e4951be43b18 freetype-2.1.4-4.0.rhel3.2.src.rpm i386: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 27f98060dc5e8a5788e836f4b68133d7 freetype-devel-2.1.4-4.0.rhel3.2.i386.rpm x86_64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm b4db4ba664bdf9ff605c2190a00c3724 freetype-2.1.4-4.0.rhel3.2.x86_64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 5883a335c91312f6372a06e8692c95bc freetype-debuginfo-2.1.4-4.0.rhel3.2.x86_64.rpm deac2e0429300513b2abb9ba75c62dad freetype-devel-2.1.4-4.0.rhel3.2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/freetype-2.1.4-4.0.rhel3.2.src.rpm b1a408493bba9185c162e4951be43b18 freetype-2.1.4-4.0.rhel3.2.src.rpm i386: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 27f98060dc5e8a5788e836f4b68133d7 freetype-devel-2.1.4-4.0.rhel3.2.i386.rpm ia64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm 715b086353e75c73557d093edf3fcd6d freetype-2.1.4-4.0.rhel3.2.ia64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 7fca85177ba6b6b747d0ef73b520d418 freetype-debuginfo-2.1.4-4.0.rhel3.2.ia64.rpm d3a2e21df27b6b0aaf61262426418f68 freetype-devel-2.1.4-4.0.rhel3.2.ia64.rpm x86_64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm b4db4ba664bdf9ff605c2190a00c3724 freetype-2.1.4-4.0.rhel3.2.x86_64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 5883a335c91312f6372a06e8692c95bc freetype-debuginfo-2.1.4-4.0.rhel3.2.x86_64.rpm deac2e0429300513b2abb9ba75c62dad freetype-devel-2.1.4-4.0.rhel3.2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/freetype-2.1.4-4.0.rhel3.2.src.rpm b1a408493bba9185c162e4951be43b18 freetype-2.1.4-4.0.rhel3.2.src.rpm i386: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 27f98060dc5e8a5788e836f4b68133d7 freetype-devel-2.1.4-4.0.rhel3.2.i386.rpm ia64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm 715b086353e75c73557d093edf3fcd6d freetype-2.1.4-4.0.rhel3.2.ia64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 7fca85177ba6b6b747d0ef73b520d418 freetype-debuginfo-2.1.4-4.0.rhel3.2.ia64.rpm d3a2e21df27b6b0aaf61262426418f68 freetype-devel-2.1.4-4.0.rhel3.2.ia64.rpm x86_64: 3e4cdc899ff5aa657e51270bcb886b37 freetype-2.1.4-4.0.rhel3.2.i386.rpm b4db4ba664bdf9ff605c2190a00c3724 freetype-2.1.4-4.0.rhel3.2.x86_64.rpm d874c5ce3ece70500d8f1bbe68752cd4 freetype-debuginfo-2.1.4-4.0.rhel3.2.i386.rpm 5883a335c91312f6372a06e8692c95bc freetype-debuginfo-2.1.4-4.0.rhel3.2.x86_64.rpm deac2e0429300513b2abb9ba75c62dad freetype-devel-2.1.4-4.0.rhel3.2.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freetype-2.1.9-1.rhel4.4.src.rpm 927ac506c112db88f65da71044aa70c7 freetype-2.1.9-1.rhel4.4.src.rpm i386: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 1780063a39d2433520a775485bbd00c0 freetype-demos-2.1.9-1.rhel4.4.i386.rpm 64e3dc01cd9cb61a7adb3cd83113c8c6 freetype-devel-2.1.9-1.rhel4.4.i386.rpm d18df0766f06ffd7710c2bd97cc32a65 freetype-utils-2.1.9-1.rhel4.4.i386.rpm ia64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 271f588027cd34f8a0cc003f304d3f28 freetype-2.1.9-1.rhel4.4.ia64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm bfa14d39053f78ff2675edaf784ec5b6 freetype-debuginfo-2.1.9-1.rhel4.4.ia64.rpm bb5f5405f3b733a4bf541109a0f83dda freetype-demos-2.1.9-1.rhel4.4.ia64.rpm 31bc0ada2359d4f4bb10ce55e75acdaf freetype-devel-2.1.9-1.rhel4.4.ia64.rpm 1d942badb4b1387d8a4887afaa2609f1 freetype-utils-2.1.9-1.rhel4.4.ia64.rpm ppc: 5814117f8a14e77a52833faf03b9a675 freetype-2.1.9-1.rhel4.4.ppc.rpm b9db10734903abe8bc9c51df17929a53 freetype-2.1.9-1.rhel4.4.ppc64.rpm a4d53e08a313d8dd9d31e7e8a2fa9e2e freetype-debuginfo-2.1.9-1.rhel4.4.ppc.rpm 2ed0c908014b4bb088f80f4d2ab2f9de freetype-debuginfo-2.1.9-1.rhel4.4.ppc64.rpm bfc62372116ffd66a312b492d4c914ed freetype-demos-2.1.9-1.rhel4.4.ppc.rpm 26b77e7e2e75d362f09464723761146e freetype-devel-2.1.9-1.rhel4.4.ppc.rpm c031f11bb7c1ca2bcd45894a55f6443f freetype-utils-2.1.9-1.rhel4.4.ppc.rpm s390: c7b3866846999a9771481f8328a077bc freetype-2.1.9-1.rhel4.4.s390.rpm e9d19d68fa1dab0a856ccc9222ac743b freetype-debuginfo-2.1.9-1.rhel4.4.s390.rpm 622b582663c82c3a88da772e240c9880 freetype-demos-2.1.9-1.rhel4.4.s390.rpm 93476295362b4ceb86f09cf42a4fa850 freetype-devel-2.1.9-1.rhel4.4.s390.rpm 9031b2ac4f7b65e1155bc0fcc54c59bb freetype-utils-2.1.9-1.rhel4.4.s390.rpm s390x: c7b3866846999a9771481f8328a077bc freetype-2.1.9-1.rhel4.4.s390.rpm 24b9f1ce612a1fd0792f1be6dd4f8d89 freetype-2.1.9-1.rhel4.4.s390x.rpm e9d19d68fa1dab0a856ccc9222ac743b freetype-debuginfo-2.1.9-1.rhel4.4.s390.rpm 1701739fe98cf162735fb85755202b28 freetype-debuginfo-2.1.9-1.rhel4.4.s390x.rpm 3be671cb7587fb53884d10102193ccc1 freetype-demos-2.1.9-1.rhel4.4.s390x.rpm 8062dd53300a5f562c08c382ab3a7607 freetype-devel-2.1.9-1.rhel4.4.s390x.rpm 3138bf1a5526f05103c68968e56e1f9f freetype-utils-2.1.9-1.rhel4.4.s390x.rpm x86_64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 26214e971a37c207903c87c057cc2b2e freetype-2.1.9-1.rhel4.4.x86_64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 2a5ea0e4828f109decdaf07a43b4aaa8 freetype-debuginfo-2.1.9-1.rhel4.4.x86_64.rpm bd167657107e37c2f9e6c034bf126a87 freetype-demos-2.1.9-1.rhel4.4.x86_64.rpm 0b706cd7a4f0ef9c3e82870ce696c4df freetype-devel-2.1.9-1.rhel4.4.x86_64.rpm abbe3bf77fd9abe66133f1d509081ca7 freetype-utils-2.1.9-1.rhel4.4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/freetype-2.1.9-1.rhel4.4.src.rpm 927ac506c112db88f65da71044aa70c7 freetype-2.1.9-1.rhel4.4.src.rpm i386: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 1780063a39d2433520a775485bbd00c0 freetype-demos-2.1.9-1.rhel4.4.i386.rpm 64e3dc01cd9cb61a7adb3cd83113c8c6 freetype-devel-2.1.9-1.rhel4.4.i386.rpm d18df0766f06ffd7710c2bd97cc32a65 freetype-utils-2.1.9-1.rhel4.4.i386.rpm x86_64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 26214e971a37c207903c87c057cc2b2e freetype-2.1.9-1.rhel4.4.x86_64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 2a5ea0e4828f109decdaf07a43b4aaa8 freetype-debuginfo-2.1.9-1.rhel4.4.x86_64.rpm bd167657107e37c2f9e6c034bf126a87 freetype-demos-2.1.9-1.rhel4.4.x86_64.rpm 0b706cd7a4f0ef9c3e82870ce696c4df freetype-devel-2.1.9-1.rhel4.4.x86_64.rpm abbe3bf77fd9abe66133f1d509081ca7 freetype-utils-2.1.9-1.rhel4.4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freetype-2.1.9-1.rhel4.4.src.rpm 927ac506c112db88f65da71044aa70c7 freetype-2.1.9-1.rhel4.4.src.rpm i386: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 1780063a39d2433520a775485bbd00c0 freetype-demos-2.1.9-1.rhel4.4.i386.rpm 64e3dc01cd9cb61a7adb3cd83113c8c6 freetype-devel-2.1.9-1.rhel4.4.i386.rpm d18df0766f06ffd7710c2bd97cc32a65 freetype-utils-2.1.9-1.rhel4.4.i386.rpm ia64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 271f588027cd34f8a0cc003f304d3f28 freetype-2.1.9-1.rhel4.4.ia64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm bfa14d39053f78ff2675edaf784ec5b6 freetype-debuginfo-2.1.9-1.rhel4.4.ia64.rpm bb5f5405f3b733a4bf541109a0f83dda freetype-demos-2.1.9-1.rhel4.4.ia64.rpm 31bc0ada2359d4f4bb10ce55e75acdaf freetype-devel-2.1.9-1.rhel4.4.ia64.rpm 1d942badb4b1387d8a4887afaa2609f1 freetype-utils-2.1.9-1.rhel4.4.ia64.rpm x86_64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 26214e971a37c207903c87c057cc2b2e freetype-2.1.9-1.rhel4.4.x86_64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 2a5ea0e4828f109decdaf07a43b4aaa8 freetype-debuginfo-2.1.9-1.rhel4.4.x86_64.rpm bd167657107e37c2f9e6c034bf126a87 freetype-demos-2.1.9-1.rhel4.4.x86_64.rpm 0b706cd7a4f0ef9c3e82870ce696c4df freetype-devel-2.1.9-1.rhel4.4.x86_64.rpm abbe3bf77fd9abe66133f1d509081ca7 freetype-utils-2.1.9-1.rhel4.4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/freetype-2.1.9-1.rhel4.4.src.rpm 927ac506c112db88f65da71044aa70c7 freetype-2.1.9-1.rhel4.4.src.rpm i386: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 1780063a39d2433520a775485bbd00c0 freetype-demos-2.1.9-1.rhel4.4.i386.rpm 64e3dc01cd9cb61a7adb3cd83113c8c6 freetype-devel-2.1.9-1.rhel4.4.i386.rpm d18df0766f06ffd7710c2bd97cc32a65 freetype-utils-2.1.9-1.rhel4.4.i386.rpm ia64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 271f588027cd34f8a0cc003f304d3f28 freetype-2.1.9-1.rhel4.4.ia64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm bfa14d39053f78ff2675edaf784ec5b6 freetype-debuginfo-2.1.9-1.rhel4.4.ia64.rpm bb5f5405f3b733a4bf541109a0f83dda freetype-demos-2.1.9-1.rhel4.4.ia64.rpm 31bc0ada2359d4f4bb10ce55e75acdaf freetype-devel-2.1.9-1.rhel4.4.ia64.rpm 1d942badb4b1387d8a4887afaa2609f1 freetype-utils-2.1.9-1.rhel4.4.ia64.rpm x86_64: f4dfc9303c4d4f2894a415475c7d7190 freetype-2.1.9-1.rhel4.4.i386.rpm 26214e971a37c207903c87c057cc2b2e freetype-2.1.9-1.rhel4.4.x86_64.rpm 1a5c2f2e0fbb3f29a2087d18ec465410 freetype-debuginfo-2.1.9-1.rhel4.4.i386.rpm 2a5ea0e4828f109decdaf07a43b4aaa8 freetype-debuginfo-2.1.9-1.rhel4.4.x86_64.rpm bd167657107e37c2f9e6c034bf126a87 freetype-demos-2.1.9-1.rhel4.4.x86_64.rpm 0b706cd7a4f0ef9c3e82870ce696c4df freetype-devel-2.1.9-1.rhel4.4.x86_64.rpm abbe3bf77fd9abe66133f1d509081ca7 freetype-utils-2.1.9-1.rhel4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0747 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1861 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2661 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3467 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEvLpXXlSAg2UNWIIRAqbvAJwNmh3byhYoUK07tGMJI9FF5lJKzwCgstvq GCdRHgiWlYG+mUEy7tGiTTc= =ObtS -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 18 10:40:15 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Jul 2006 06:40:15 -0400 Subject: [RHSA-2006:0571-01] Moderate: gnupg security update Message-ID: <200607181040.k6IAeFVW016457@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gnupg security update Advisory ID: RHSA-2006:0571-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0571.html Issue date: 2006-07-18 Updated on: 2006-07-18 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3082 - --------------------------------------------------------------------- 1. Summary: An updated GnuPG package that fixes a security issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GnuPG is a utility for encrypting data and creating digital signatures. An integer overflow flaw was found in GnuPG. An attacker could create a carefully crafted message packet with a large length that could cause GnuPG to crash or possibly overwrite memory when opened. (CVE-2006-3082) All users of GnuPG are advised to upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 195945 - CVE-2006-3082 gnupg integer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gnupg-1.0.7-17.src.rpm fa7cfe6dfa03fa809e9b2af5147a7d51 gnupg-1.0.7-17.src.rpm i386: 0cc151d11326fd2358805f4586a53184 gnupg-1.0.7-17.i386.rpm ia64: c1b68462b1b4d696fa9e90e38f6f54d7 gnupg-1.0.7-17.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gnupg-1.0.7-17.src.rpm fa7cfe6dfa03fa809e9b2af5147a7d51 gnupg-1.0.7-17.src.rpm ia64: c1b68462b1b4d696fa9e90e38f6f54d7 gnupg-1.0.7-17.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gnupg-1.0.7-17.src.rpm fa7cfe6dfa03fa809e9b2af5147a7d51 gnupg-1.0.7-17.src.rpm i386: 0cc151d11326fd2358805f4586a53184 gnupg-1.0.7-17.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gnupg-1.0.7-17.src.rpm fa7cfe6dfa03fa809e9b2af5147a7d51 gnupg-1.0.7-17.src.rpm i386: 0cc151d11326fd2358805f4586a53184 gnupg-1.0.7-17.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gnupg-1.2.1-16.src.rpm f173b3d78ec867a2f3111bdf974a274f gnupg-1.2.1-16.src.rpm i386: 4a09e2928900d8a82c2d783c7eb2d296 gnupg-1.2.1-16.i386.rpm 585875422f491242ad70dba461de85ea gnupg-debuginfo-1.2.1-16.i386.rpm ia64: 9e5c54d0ab18653e474d55b7dbf239f4 gnupg-1.2.1-16.ia64.rpm e9b95b54d37687b4450ab049305c3206 gnupg-debuginfo-1.2.1-16.ia64.rpm ppc: 950443789619df4f52cdf43ab0fec80c gnupg-1.2.1-16.ppc.rpm 90dbe63929e7992bf0c24b43a925b777 gnupg-debuginfo-1.2.1-16.ppc.rpm s390: 7e791472c18454f8f9a0e5efbee1ef87 gnupg-1.2.1-16.s390.rpm c17c578799ba3d2996a883f3be7fa76e gnupg-debuginfo-1.2.1-16.s390.rpm s390x: 14b9d593377b1e01a1dae543cc1716ad gnupg-1.2.1-16.s390x.rpm 31b331a50108e47b15208326609f7670 gnupg-debuginfo-1.2.1-16.s390x.rpm x86_64: 0e9ea49121b053d9a8bc67c50cf70673 gnupg-1.2.1-16.x86_64.rpm 46437be7724be2a7116e97006dccee11 gnupg-debuginfo-1.2.1-16.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gnupg-1.2.1-16.src.rpm f173b3d78ec867a2f3111bdf974a274f gnupg-1.2.1-16.src.rpm i386: 4a09e2928900d8a82c2d783c7eb2d296 gnupg-1.2.1-16.i386.rpm 585875422f491242ad70dba461de85ea gnupg-debuginfo-1.2.1-16.i386.rpm x86_64: 0e9ea49121b053d9a8bc67c50cf70673 gnupg-1.2.1-16.x86_64.rpm 46437be7724be2a7116e97006dccee11 gnupg-debuginfo-1.2.1-16.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gnupg-1.2.1-16.src.rpm f173b3d78ec867a2f3111bdf974a274f gnupg-1.2.1-16.src.rpm i386: 4a09e2928900d8a82c2d783c7eb2d296 gnupg-1.2.1-16.i386.rpm 585875422f491242ad70dba461de85ea gnupg-debuginfo-1.2.1-16.i386.rpm ia64: 9e5c54d0ab18653e474d55b7dbf239f4 gnupg-1.2.1-16.ia64.rpm e9b95b54d37687b4450ab049305c3206 gnupg-debuginfo-1.2.1-16.ia64.rpm x86_64: 0e9ea49121b053d9a8bc67c50cf70673 gnupg-1.2.1-16.x86_64.rpm 46437be7724be2a7116e97006dccee11 gnupg-debuginfo-1.2.1-16.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gnupg-1.2.1-16.src.rpm f173b3d78ec867a2f3111bdf974a274f gnupg-1.2.1-16.src.rpm i386: 4a09e2928900d8a82c2d783c7eb2d296 gnupg-1.2.1-16.i386.rpm 585875422f491242ad70dba461de85ea gnupg-debuginfo-1.2.1-16.i386.rpm ia64: 9e5c54d0ab18653e474d55b7dbf239f4 gnupg-1.2.1-16.ia64.rpm e9b95b54d37687b4450ab049305c3206 gnupg-debuginfo-1.2.1-16.ia64.rpm x86_64: 0e9ea49121b053d9a8bc67c50cf70673 gnupg-1.2.1-16.x86_64.rpm 46437be7724be2a7116e97006dccee11 gnupg-debuginfo-1.2.1-16.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnupg-1.2.6-5.src.rpm 6cf00ad0b97c9731e07a34adc1965493 gnupg-1.2.6-5.src.rpm i386: 47e0360b4534d7220dd01f5dbdf11d72 gnupg-1.2.6-5.i386.rpm c3a7f32d81cbf830f9143646288d04a6 gnupg-debuginfo-1.2.6-5.i386.rpm ia64: 8bcbf0ee44c28eda3700601462f8f279 gnupg-1.2.6-5.ia64.rpm 0e8ac80c56798191601ba554fad08556 gnupg-debuginfo-1.2.6-5.ia64.rpm ppc: b5441d9d4ade66a04f4cdea1ddbdd307 gnupg-1.2.6-5.ppc.rpm ea1d914777b585a1e41aea1939cefabb gnupg-debuginfo-1.2.6-5.ppc.rpm s390: d7b5cfdd8c6f094a296c158922fe9b2e gnupg-1.2.6-5.s390.rpm 3540be56fb0b644f0fefa4d38805109c gnupg-debuginfo-1.2.6-5.s390.rpm s390x: 5d50e214254980abd03cd087eacf35bd gnupg-1.2.6-5.s390x.rpm b653dc31175df5d2e2144cbb9a0a7399 gnupg-debuginfo-1.2.6-5.s390x.rpm x86_64: 64689932318e0b756e64d1b4cfd4c850 gnupg-1.2.6-5.x86_64.rpm 45ccc6c12630ca9ac199edfc97b75fe9 gnupg-debuginfo-1.2.6-5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnupg-1.2.6-5.src.rpm 6cf00ad0b97c9731e07a34adc1965493 gnupg-1.2.6-5.src.rpm i386: 47e0360b4534d7220dd01f5dbdf11d72 gnupg-1.2.6-5.i386.rpm c3a7f32d81cbf830f9143646288d04a6 gnupg-debuginfo-1.2.6-5.i386.rpm x86_64: 64689932318e0b756e64d1b4cfd4c850 gnupg-1.2.6-5.x86_64.rpm 45ccc6c12630ca9ac199edfc97b75fe9 gnupg-debuginfo-1.2.6-5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnupg-1.2.6-5.src.rpm 6cf00ad0b97c9731e07a34adc1965493 gnupg-1.2.6-5.src.rpm i386: 47e0360b4534d7220dd01f5dbdf11d72 gnupg-1.2.6-5.i386.rpm c3a7f32d81cbf830f9143646288d04a6 gnupg-debuginfo-1.2.6-5.i386.rpm ia64: 8bcbf0ee44c28eda3700601462f8f279 gnupg-1.2.6-5.ia64.rpm 0e8ac80c56798191601ba554fad08556 gnupg-debuginfo-1.2.6-5.ia64.rpm x86_64: 64689932318e0b756e64d1b4cfd4c850 gnupg-1.2.6-5.x86_64.rpm 45ccc6c12630ca9ac199edfc97b75fe9 gnupg-debuginfo-1.2.6-5.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnupg-1.2.6-5.src.rpm 6cf00ad0b97c9731e07a34adc1965493 gnupg-1.2.6-5.src.rpm i386: 47e0360b4534d7220dd01f5dbdf11d72 gnupg-1.2.6-5.i386.rpm c3a7f32d81cbf830f9143646288d04a6 gnupg-debuginfo-1.2.6-5.i386.rpm ia64: 8bcbf0ee44c28eda3700601462f8f279 gnupg-1.2.6-5.ia64.rpm 0e8ac80c56798191601ba554fad08556 gnupg-debuginfo-1.2.6-5.ia64.rpm x86_64: 64689932318e0b756e64d1b4cfd4c850 gnupg-1.2.6-5.x86_64.rpm 45ccc6c12630ca9ac199edfc97b75fe9 gnupg-debuginfo-1.2.6-5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEvLqFXlSAg2UNWIIRAs0GAKDC2yFB6ZYCJxKRVHkr2d+l7gQ5ywCdFzVw a8vCYa9aPS+QiUSH2gr85Ck= =gL1L -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 18 10:40:45 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Jul 2006 06:40:45 -0400 Subject: [RHSA-2006:0597-01] Moderate: libwmf security update Message-ID: <200607181040.k6IAejIA017066@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: libwmf security update Advisory ID: RHSA-2006:0597-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0597.html Issue date: 2006-07-18 Updated on: 2006-07-18 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3376 - --------------------------------------------------------------------- 1. Summary: Updated libwmf packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Libwmf is a library for reading and converting Windows MetaFile vector graphics (WMF). Libwmf is used by packages such as The GIMP and ImageMagick. An integer overflow flaw was discovered in libwmf. An attacker could create a carefully crafted WMF flaw that could execute arbitrary code if opened by a victim. (CVE-2006-3376). Users of libwmf should update to these packages which contain a backported security patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 198290 - CVE-2006-3376 libwmf integer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libwmf-0.2.8.3-5.3.src.rpm a3351e97473f0af4394b998cd5ff389e libwmf-0.2.8.3-5.3.src.rpm i386: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 09e45037b62f7463fe722e507078df59 libwmf-devel-0.2.8.3-5.3.i386.rpm ia64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm da0236a75948cccfa9a8534091af47bb libwmf-0.2.8.3-5.3.ia64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 22de5d504e134590d17a9dd3e16a643e libwmf-debuginfo-0.2.8.3-5.3.ia64.rpm e211c15294c79a83bfcead7abe175bb5 libwmf-devel-0.2.8.3-5.3.ia64.rpm ppc: 73258f72fc27adf63b5598265a3d41d4 libwmf-0.2.8.3-5.3.ppc.rpm 09a24c35d6711648ef35f81800a7201e libwmf-0.2.8.3-5.3.ppc64.rpm 386f46b7457bff04b47a0ebe8a0538f9 libwmf-debuginfo-0.2.8.3-5.3.ppc.rpm 90b145052f46530d7fb3bf8b8c45cadd libwmf-debuginfo-0.2.8.3-5.3.ppc64.rpm 5bf40c54b6ba949f8e02ebb5e13984f0 libwmf-devel-0.2.8.3-5.3.ppc.rpm s390: 44dac72b0172705871d0c368269e7f9a libwmf-0.2.8.3-5.3.s390.rpm e842d2f832410e99328dce18ed54192f libwmf-debuginfo-0.2.8.3-5.3.s390.rpm 92190ab8c67aa978b499f750d7399ef5 libwmf-devel-0.2.8.3-5.3.s390.rpm s390x: 44dac72b0172705871d0c368269e7f9a libwmf-0.2.8.3-5.3.s390.rpm 4429fd7bbc35881cd9f29cc5c2ecda22 libwmf-0.2.8.3-5.3.s390x.rpm e842d2f832410e99328dce18ed54192f libwmf-debuginfo-0.2.8.3-5.3.s390.rpm 587093bdd9e438b571479e42a9e9e089 libwmf-debuginfo-0.2.8.3-5.3.s390x.rpm 661d64b1287985b92b22848dcd075887 libwmf-devel-0.2.8.3-5.3.s390x.rpm x86_64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm db3a6a0d9976a0a90e0bcc8318babed3 libwmf-0.2.8.3-5.3.x86_64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 2ebfbea367681a2c58324f11e61c66d0 libwmf-debuginfo-0.2.8.3-5.3.x86_64.rpm 255efbcafa17355b7d366e77f28ea92e libwmf-devel-0.2.8.3-5.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libwmf-0.2.8.3-5.3.src.rpm a3351e97473f0af4394b998cd5ff389e libwmf-0.2.8.3-5.3.src.rpm i386: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 09e45037b62f7463fe722e507078df59 libwmf-devel-0.2.8.3-5.3.i386.rpm x86_64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm db3a6a0d9976a0a90e0bcc8318babed3 libwmf-0.2.8.3-5.3.x86_64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 2ebfbea367681a2c58324f11e61c66d0 libwmf-debuginfo-0.2.8.3-5.3.x86_64.rpm 255efbcafa17355b7d366e77f28ea92e libwmf-devel-0.2.8.3-5.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libwmf-0.2.8.3-5.3.src.rpm a3351e97473f0af4394b998cd5ff389e libwmf-0.2.8.3-5.3.src.rpm i386: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 09e45037b62f7463fe722e507078df59 libwmf-devel-0.2.8.3-5.3.i386.rpm ia64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm da0236a75948cccfa9a8534091af47bb libwmf-0.2.8.3-5.3.ia64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 22de5d504e134590d17a9dd3e16a643e libwmf-debuginfo-0.2.8.3-5.3.ia64.rpm e211c15294c79a83bfcead7abe175bb5 libwmf-devel-0.2.8.3-5.3.ia64.rpm x86_64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm db3a6a0d9976a0a90e0bcc8318babed3 libwmf-0.2.8.3-5.3.x86_64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 2ebfbea367681a2c58324f11e61c66d0 libwmf-debuginfo-0.2.8.3-5.3.x86_64.rpm 255efbcafa17355b7d366e77f28ea92e libwmf-devel-0.2.8.3-5.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libwmf-0.2.8.3-5.3.src.rpm a3351e97473f0af4394b998cd5ff389e libwmf-0.2.8.3-5.3.src.rpm i386: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 09e45037b62f7463fe722e507078df59 libwmf-devel-0.2.8.3-5.3.i386.rpm ia64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm da0236a75948cccfa9a8534091af47bb libwmf-0.2.8.3-5.3.ia64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 22de5d504e134590d17a9dd3e16a643e libwmf-debuginfo-0.2.8.3-5.3.ia64.rpm e211c15294c79a83bfcead7abe175bb5 libwmf-devel-0.2.8.3-5.3.ia64.rpm x86_64: 95ce0776b99d34b2305b01d2491c8ff7 libwmf-0.2.8.3-5.3.i386.rpm db3a6a0d9976a0a90e0bcc8318babed3 libwmf-0.2.8.3-5.3.x86_64.rpm 130c14ff86120816f2714930fb4c113e libwmf-debuginfo-0.2.8.3-5.3.i386.rpm 2ebfbea367681a2c58324f11e61c66d0 libwmf-debuginfo-0.2.8.3-5.3.x86_64.rpm 255efbcafa17355b7d366e77f28ea92e libwmf-devel-0.2.8.3-5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEvLqhXlSAg2UNWIIRAo5PAJ9DUKgBVLAJtpdSfWXwDktkg//FWwCfX3r1 M44lFF+SeXi8h//dif+B0zE= =g7rD -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 18 12:38:41 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 18 Jul 2006 08:38:41 -0400 Subject: [RHSA-2006:0598-01] Moderate: gimp security update Message-ID: <200607181238.k6ICcfee008714@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gimp security update Advisory ID: RHSA-2006:0598-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0598.html Issue date: 2006-07-18 Updated on: 2006-07-18 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3404 - --------------------------------------------------------------------- 1. Summary: Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Henning Makholm discovered a buffer overflow bug in The GIMP XCF file loader. An attacker could create a carefully crafted image that could execute arbitrary code if opened by a victim. (CVE-2006-3404) Please note that this issue did not affect the gimp packages in Red Hat Enterprise Linux 2.1, or 3. Users of The GIMP should update to these erratum packages which contain a backported fix to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 198269 - CVE-2006-3404 gimp xcf buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gimp-2.0.5-6.src.rpm e04e322b38e961a39a11226d4332eb96 gimp-2.0.5-6.src.rpm i386: 4df3bf6b7eb28e00565d675710336a70 gimp-2.0.5-6.i386.rpm d17931aa26f6cd1a542bae0e61e69da2 gimp-debuginfo-2.0.5-6.i386.rpm 1281afed4e3e307b54d110e9069319a3 gimp-devel-2.0.5-6.i386.rpm ia64: c10526624b14a3d01dc0403323b3b334 gimp-2.0.5-6.ia64.rpm 0c8215a8e83e26844e0fd59f356d3c8a gimp-debuginfo-2.0.5-6.ia64.rpm c4ab05bcab59def7b78b12c02f3d55a9 gimp-devel-2.0.5-6.ia64.rpm ppc: f6d626ad978e353c9d22dd613787293b gimp-2.0.5-6.ppc.rpm 6ba17075abaf535ba024b82765173bbc gimp-debuginfo-2.0.5-6.ppc.rpm 0a5014b0b8d5fe00bb7a26c479cb556c gimp-devel-2.0.5-6.ppc.rpm s390: fa6b172b11970b24616833467919ed82 gimp-2.0.5-6.s390.rpm 1ee3407b511e310cf0110eb474162484 gimp-debuginfo-2.0.5-6.s390.rpm cca46a04cb1447a9e3c17b059735e142 gimp-devel-2.0.5-6.s390.rpm s390x: ad3aef899acaeb2cf10bf8826e66cb34 gimp-2.0.5-6.s390x.rpm e967db8a9f308b4441b08d6a7cd05ad6 gimp-debuginfo-2.0.5-6.s390x.rpm d78a1cca918edfb422a557e76afd50cd gimp-devel-2.0.5-6.s390x.rpm x86_64: a663dde0c10dbd66978a2331ff6d617c gimp-2.0.5-6.x86_64.rpm 15a1f141eb4cbb2a6389a7dd7311c81e gimp-debuginfo-2.0.5-6.x86_64.rpm be6424607dc53cace28ba1fbb99938ee gimp-devel-2.0.5-6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gimp-2.0.5-6.src.rpm e04e322b38e961a39a11226d4332eb96 gimp-2.0.5-6.src.rpm i386: 4df3bf6b7eb28e00565d675710336a70 gimp-2.0.5-6.i386.rpm d17931aa26f6cd1a542bae0e61e69da2 gimp-debuginfo-2.0.5-6.i386.rpm 1281afed4e3e307b54d110e9069319a3 gimp-devel-2.0.5-6.i386.rpm x86_64: a663dde0c10dbd66978a2331ff6d617c gimp-2.0.5-6.x86_64.rpm 15a1f141eb4cbb2a6389a7dd7311c81e gimp-debuginfo-2.0.5-6.x86_64.rpm be6424607dc53cace28ba1fbb99938ee gimp-devel-2.0.5-6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gimp-2.0.5-6.src.rpm e04e322b38e961a39a11226d4332eb96 gimp-2.0.5-6.src.rpm i386: 4df3bf6b7eb28e00565d675710336a70 gimp-2.0.5-6.i386.rpm d17931aa26f6cd1a542bae0e61e69da2 gimp-debuginfo-2.0.5-6.i386.rpm 1281afed4e3e307b54d110e9069319a3 gimp-devel-2.0.5-6.i386.rpm ia64: c10526624b14a3d01dc0403323b3b334 gimp-2.0.5-6.ia64.rpm 0c8215a8e83e26844e0fd59f356d3c8a gimp-debuginfo-2.0.5-6.ia64.rpm c4ab05bcab59def7b78b12c02f3d55a9 gimp-devel-2.0.5-6.ia64.rpm x86_64: a663dde0c10dbd66978a2331ff6d617c gimp-2.0.5-6.x86_64.rpm 15a1f141eb4cbb2a6389a7dd7311c81e gimp-debuginfo-2.0.5-6.x86_64.rpm be6424607dc53cace28ba1fbb99938ee gimp-devel-2.0.5-6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gimp-2.0.5-6.src.rpm e04e322b38e961a39a11226d4332eb96 gimp-2.0.5-6.src.rpm i386: 4df3bf6b7eb28e00565d675710336a70 gimp-2.0.5-6.i386.rpm d17931aa26f6cd1a542bae0e61e69da2 gimp-debuginfo-2.0.5-6.i386.rpm 1281afed4e3e307b54d110e9069319a3 gimp-devel-2.0.5-6.i386.rpm ia64: c10526624b14a3d01dc0403323b3b334 gimp-2.0.5-6.ia64.rpm 0c8215a8e83e26844e0fd59f356d3c8a gimp-debuginfo-2.0.5-6.ia64.rpm c4ab05bcab59def7b78b12c02f3d55a9 gimp-devel-2.0.5-6.ia64.rpm x86_64: a663dde0c10dbd66978a2331ff6d617c gimp-2.0.5-6.x86_64.rpm 15a1f141eb4cbb2a6389a7dd7311c81e gimp-debuginfo-2.0.5-6.x86_64.rpm be6424607dc53cace28ba1fbb99938ee gimp-devel-2.0.5-6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEvNZPXlSAg2UNWIIRApO6AKCj7qW4bSRMvbhfYiUB2NbpVbvH3gCfSmV1 1pLhpj8vM9xmBTpDKslYZ1A= =Got/ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 20 13:21:40 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Jul 2006 09:21:40 -0400 Subject: [RHSA-2006:0298-01] Low: openssh security update Message-ID: <200607201321.k6KDLe5G026334@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openssh security update Advisory ID: RHSA-2006:0298-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0298.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux Keywords: killed initscript scp lastlog CVE Names: CVE-2006-0225 CVE-2003-0386 - --------------------------------------------------------------------- 1. Summary: Updated openssh packages that fix bugs in sshd are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server. An arbitrary command execution flaw was discovered in the way scp copies files locally. It is possible for a local attacker to create a file with a carefully crafted name that could execute arbitrary commands as the user running scp to copy files locally. (CVE-2006-0225) The SSH daemon, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user at host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. (CVE-2003-0386) The following issues have also been fixed in this update: * If the sshd service was stopped using the sshd init script while the main sshd daemon was not running, the init script would kill other sshd processes, such as the running sessions. For example, this could happen when the 'service sshd stop' command was issued twice. * When privilege separation was enabled, the last login message was printed only for the root user. * The sshd daemon was sending messages to the system log from a signal handler when debug logging was enabled. This could cause a deadlock of the user's connection. All users of openssh should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 164661 - CVE-2003-0386 host based access bypass 167886 - init script kills all running sshd's if listening server is stopped 170463 - CVE-2006-0225 local to local copy uses shell expansion twice 172564 - I can't see "Last login" message after logged via ssh 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssh-3.6.1p2-33.30.9.src.rpm e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm ppc: 8a84ab6436d843999a47abf7eb49d5a0 openssh-3.6.1p2-33.30.9.ppc.rpm 8aaf0de43e33ba19565bb9bd946bea9b openssh-askpass-3.6.1p2-33.30.9.ppc.rpm 86977cd2d1cd372861f578afd87f6448 openssh-askpass-gnome-3.6.1p2-33.30.9.ppc.rpm 4180b0a29242635185b320b9c066f653 openssh-clients-3.6.1p2-33.30.9.ppc.rpm 3ea185391e9b4e97a3a9d74a17fc09be openssh-debuginfo-3.6.1p2-33.30.9.ppc.rpm 3410ad60c188487eaa03ebd481cb75d7 openssh-server-3.6.1p2-33.30.9.ppc.rpm s390: b65279d72dced4e828a93878f7cc5432 openssh-3.6.1p2-33.30.9.s390.rpm f69cbc52c6cc67df546035da1b648115 openssh-askpass-3.6.1p2-33.30.9.s390.rpm 81de02819ba221c68e207d8a19367e1c openssh-askpass-gnome-3.6.1p2-33.30.9.s390.rpm 3efc6853457369b1ced9338f814feb74 openssh-clients-3.6.1p2-33.30.9.s390.rpm 7bb8c01de8f7635c5ca67b36fa00cd09 openssh-debuginfo-3.6.1p2-33.30.9.s390.rpm e6aa13dcab6f2721da20fbd0254daf57 openssh-server-3.6.1p2-33.30.9.s390.rpm s390x: 7610b279141dbb7b608cdc7c3ffb1eca openssh-3.6.1p2-33.30.9.s390x.rpm 88fb3411276f4a243e2b1b6dbd49691a openssh-askpass-3.6.1p2-33.30.9.s390x.rpm 9bc48c69fa3f6efc685829e73a664f73 openssh-askpass-gnome-3.6.1p2-33.30.9.s390x.rpm c2a9622239251898528eb675e6c40770 openssh-clients-3.6.1p2-33.30.9.s390x.rpm 2723ee76c7f7be8021fb525903877a82 openssh-debuginfo-3.6.1p2-33.30.9.s390x.rpm 328b68dd779365f4ede425182a1f6a7b openssh-server-3.6.1p2-33.30.9.s390x.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssh-3.6.1p2-33.30.9.src.rpm e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssh-3.6.1p2-33.30.9.src.rpm e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssh-3.6.1p2-33.30.9.src.rpm e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEv4NfXlSAg2UNWIIRAtneAKCyceT+yfnuLxlLa8rezqcJHEvgvgCgtMkB 7p0Fu7dpe+w3WvBVNOyqNOI= =/Vny -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 20 13:21:54 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Jul 2006 09:21:54 -0400 Subject: [RHSA-2006:0368-01] Low: elfutils security update Message-ID: <200607201321.k6KDLsDj026345@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: elfutils security update Advisory ID: RHSA-2006:0368-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0368.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux Keywords: elfutils CVE Names: CVE-2005-1704 - --------------------------------------------------------------------- 1. Summary: Updated elfutils packages that address a minor security issue and various other issues are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The elfutils packages contain a number of utility programs and libraries related to the creation and maintenance of executable code. The elfutils packages that originally shipped with Red Hat Enterprise Linux 3 were GPL-licensed versions which lacked some functionality. Previous updates provided fully functional versions of elfutils only under the OSL license. This update provides a fully functional, GPL-licensed version of elfutils. In the OSL-licensed elfutils versions provided in previous updates, some tools could sometimes crash when given corrupted input files. (CVE-2005-1704) Also, when the eu-strip tool was used to create separate debuginfo files from relocatable objects such as kernel modules (.ko), the resulting debuginfo files (.ko.debug) were sometimes corrupted. Both of these problems are fixed in the new version. Users of elfutils should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: https://rhn.redhat.com/help/latest-up2date.pxt 5. Bug IDs fixed (http://bugzilla.redhat.com/): 159908 - CVE-2005-1704 Integer overflow in libelf 187507 - RHEL3 U8: Elfutils license upgrade 189114 - eu-strip mangles separate debuginfo with relocation sections 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/elfutils-0.94.1-2.src.rpm f9c89885daf3d51a699b99db4855b33c elfutils-0.94.1-2.src.rpm i386: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm bdfc7c99932291ae6ab742fd60ae0ca0 elfutils-devel-0.94.1-2.i386.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm b327fb13b08f74b472800b700439c39d elfutils-libelf-devel-0.94.1-2.i386.rpm ia64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 148e0a5469f1808517416a0b8e319c48 elfutils-0.94.1-2.ia64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm edda45ae94832daec035f16fad0ae1cf elfutils-debuginfo-0.94.1-2.ia64.rpm d69aa822ad4a73e1796fb699285a3e16 elfutils-devel-0.94.1-2.ia64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 4981bc501ca8ede3a23c6ebf469f85b3 elfutils-libelf-0.94.1-2.ia64.rpm 8b9a5084a9c8f34b94198908bab6b6a2 elfutils-libelf-devel-0.94.1-2.ia64.rpm ppc: b9341cf90ec0737298a7e57d6a57b593 elfutils-0.94.1-2.ppc.rpm 037d2690cc56966149c2a3b2ba8e4885 elfutils-0.94.1-2.ppc64.rpm 75a4d805f6f4bc5bc01408429082775e elfutils-debuginfo-0.94.1-2.ppc.rpm 33e5662958e13b7f448bc9863e375838 elfutils-debuginfo-0.94.1-2.ppc64.rpm 36398c56fe8adca7e4fdf4f084d513d4 elfutils-devel-0.94.1-2.ppc.rpm d2c559b82e34b035c2f0864b34f56fa9 elfutils-libelf-0.94.1-2.ppc.rpm 9e94d133ca19169f88f364e483bba629 elfutils-libelf-0.94.1-2.ppc64.rpm 958ca58a79551292277ae448a01c5e01 elfutils-libelf-devel-0.94.1-2.ppc.rpm s390: a66109327605d7652f5cca2f6edc4c9c elfutils-0.94.1-2.s390.rpm 36974e8ef9add022fa300041e8ce7529 elfutils-debuginfo-0.94.1-2.s390.rpm bb297fba4cb392fff25d2982f924ab81 elfutils-devel-0.94.1-2.s390.rpm 92619133e3d38c362c540520573b39da elfutils-libelf-0.94.1-2.s390.rpm 390fb07654eb89b5f43930720c419f98 elfutils-libelf-devel-0.94.1-2.s390.rpm s390x: a66109327605d7652f5cca2f6edc4c9c elfutils-0.94.1-2.s390.rpm a5498050a32775173fc9ea3faa6dfd9d elfutils-0.94.1-2.s390x.rpm 36974e8ef9add022fa300041e8ce7529 elfutils-debuginfo-0.94.1-2.s390.rpm a2d5048fcc7a763321eaf50eed9eb1a6 elfutils-debuginfo-0.94.1-2.s390x.rpm dc2cc5075dbda8c07108d7b5e60c7cdf elfutils-devel-0.94.1-2.s390x.rpm 92619133e3d38c362c540520573b39da elfutils-libelf-0.94.1-2.s390.rpm 82431bc3f0c38f026d192b15b5f0d8ea elfutils-libelf-0.94.1-2.s390x.rpm da86201bdfedb1bc639cd033e28601ad elfutils-libelf-devel-0.94.1-2.s390x.rpm x86_64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 55c216e57fdf0edf3623cdadd814456e elfutils-0.94.1-2.x86_64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm f389c86cba1e5fbda8d1798ecc32d142 elfutils-debuginfo-0.94.1-2.x86_64.rpm 921e1675d0c270e6f8e20a7413a65955 elfutils-devel-0.94.1-2.x86_64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 5516fefe4b2c4ec3dd491cdc09f1f153 elfutils-libelf-0.94.1-2.x86_64.rpm 85aa5c18b57bcd149b074092e77aa172 elfutils-libelf-devel-0.94.1-2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/elfutils-0.94.1-2.src.rpm f9c89885daf3d51a699b99db4855b33c elfutils-0.94.1-2.src.rpm i386: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm bdfc7c99932291ae6ab742fd60ae0ca0 elfutils-devel-0.94.1-2.i386.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm b327fb13b08f74b472800b700439c39d elfutils-libelf-devel-0.94.1-2.i386.rpm x86_64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 55c216e57fdf0edf3623cdadd814456e elfutils-0.94.1-2.x86_64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm f389c86cba1e5fbda8d1798ecc32d142 elfutils-debuginfo-0.94.1-2.x86_64.rpm 921e1675d0c270e6f8e20a7413a65955 elfutils-devel-0.94.1-2.x86_64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 5516fefe4b2c4ec3dd491cdc09f1f153 elfutils-libelf-0.94.1-2.x86_64.rpm 85aa5c18b57bcd149b074092e77aa172 elfutils-libelf-devel-0.94.1-2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/elfutils-0.94.1-2.src.rpm f9c89885daf3d51a699b99db4855b33c elfutils-0.94.1-2.src.rpm i386: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm bdfc7c99932291ae6ab742fd60ae0ca0 elfutils-devel-0.94.1-2.i386.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm b327fb13b08f74b472800b700439c39d elfutils-libelf-devel-0.94.1-2.i386.rpm ia64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 148e0a5469f1808517416a0b8e319c48 elfutils-0.94.1-2.ia64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm edda45ae94832daec035f16fad0ae1cf elfutils-debuginfo-0.94.1-2.ia64.rpm d69aa822ad4a73e1796fb699285a3e16 elfutils-devel-0.94.1-2.ia64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 4981bc501ca8ede3a23c6ebf469f85b3 elfutils-libelf-0.94.1-2.ia64.rpm 8b9a5084a9c8f34b94198908bab6b6a2 elfutils-libelf-devel-0.94.1-2.ia64.rpm x86_64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 55c216e57fdf0edf3623cdadd814456e elfutils-0.94.1-2.x86_64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm f389c86cba1e5fbda8d1798ecc32d142 elfutils-debuginfo-0.94.1-2.x86_64.rpm 921e1675d0c270e6f8e20a7413a65955 elfutils-devel-0.94.1-2.x86_64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 5516fefe4b2c4ec3dd491cdc09f1f153 elfutils-libelf-0.94.1-2.x86_64.rpm 85aa5c18b57bcd149b074092e77aa172 elfutils-libelf-devel-0.94.1-2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/elfutils-0.94.1-2.src.rpm f9c89885daf3d51a699b99db4855b33c elfutils-0.94.1-2.src.rpm i386: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm bdfc7c99932291ae6ab742fd60ae0ca0 elfutils-devel-0.94.1-2.i386.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm b327fb13b08f74b472800b700439c39d elfutils-libelf-devel-0.94.1-2.i386.rpm ia64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 148e0a5469f1808517416a0b8e319c48 elfutils-0.94.1-2.ia64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm edda45ae94832daec035f16fad0ae1cf elfutils-debuginfo-0.94.1-2.ia64.rpm d69aa822ad4a73e1796fb699285a3e16 elfutils-devel-0.94.1-2.ia64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 4981bc501ca8ede3a23c6ebf469f85b3 elfutils-libelf-0.94.1-2.ia64.rpm 8b9a5084a9c8f34b94198908bab6b6a2 elfutils-libelf-devel-0.94.1-2.ia64.rpm x86_64: aff3e63cdad846aa2d8f866ae517c388 elfutils-0.94.1-2.i386.rpm 55c216e57fdf0edf3623cdadd814456e elfutils-0.94.1-2.x86_64.rpm 7b39a06ce634c2905b419a97c48f0b42 elfutils-debuginfo-0.94.1-2.i386.rpm f389c86cba1e5fbda8d1798ecc32d142 elfutils-debuginfo-0.94.1-2.x86_64.rpm 921e1675d0c270e6f8e20a7413a65955 elfutils-devel-0.94.1-2.x86_64.rpm 676234c6860bfddc964ef7c9ad15c7f3 elfutils-libelf-0.94.1-2.i386.rpm 5516fefe4b2c4ec3dd491cdc09f1f153 elfutils-libelf-0.94.1-2.x86_64.rpm 85aa5c18b57bcd149b074092e77aa172 elfutils-libelf-devel-0.94.1-2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1704 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEv4NvXlSAg2UNWIIRAqJqAKDC1zPip3KgakhLsFVOy4yBztYo3gCgtqgI Fi1xbcIXOFWS8WwpeDzk0hY= =g9+K -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 20 13:22:14 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Jul 2006 09:22:14 -0400 Subject: [RHSA-2006:0437-01] Important: Updated kernel packages for Red Hat Enterprise Linux 3 Update 8 Message-ID: <200607201322.k6KDMEL3026356@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: Updated kernel packages for Red Hat Enterprise Linux 3 Update 8 Advisory ID: RHSA-2006:0437-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0437.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux Keywords: taroon kernel update Obsoletes: RHSA-2006:0144 CVE Names: CVE-2005-3055 CVE-2005-3107 CVE-2006-0741 CVE-2006-0742 CVE-2006-0744 CVE-2006-1056 CVE-2006-1242 CVE-2006-1343 CVE-2006-2444 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. This is the eighth regular kernel update to Red Hat Enterprise Linux 3. New features introduced by this update include: - addition of the adp94xx and dcdbas device drivers - diskdump support on megaraid_sas, qlogic, and swap partitions - support for new hardware via driver and SCSI white-list updates There were many bug fixes in various parts of the kernel. The ongoing effort to resolve these problems has resulted in a marked improvement in the reliability and scalability of Red Hat Enterprise Linux 3. There were numerous driver updates and security fixes (elaborated below). Other key areas affected by fixes in this update include the networking subsystem, the NFS and autofs4 file systems, the SCSI and USB subsystems, and architecture-specific handling affecting AMD Opteron and Intel EM64T processors. The following device drivers have been added or upgraded to new versions: adp94xx -------- 1.0.8 (new) bnx2 ----------- 1.4.38 cciss ---------- 2.4.60.RH1 dcdbas --------- 5.6.0-1 (new) e1000 ---------- 7.0.33-k2 emulex --------- 7.3.6 forcedeth ------ 0.30 ipmi ----------- 35.13 qlogic --------- 7.07.04b6 tg3 ------------ 3.52RH The following security bugs were fixed in this update: - a flaw in the USB devio handling of device removal that allowed a local user to cause a denial of service (crash) (CVE-2005-3055, moderate) - a flaw in the exec() handling of multi-threaded tasks using ptrace() that allowed a local user to cause a denial of service (hang of a user process) (CVE-2005-3107, low) - a difference in "sysretq" operation of EM64T (as opposed to Opteron) processors that allowed a local user to cause a denial of service (crash) upon return from certain system calls (CVE-2006-0741 and CVE-2006-0744, important) - a flaw in unaligned accesses handling on Intel Itanium processors that allowed a local user to cause a denial of service (crash) (CVE-2006-0742, important) - an info leak on AMD-based x86 and x86_64 systems that allowed a local user to retrieve the floating point exception state of a process run by a different user (CVE-2006-1056, important) - a flaw in IPv4 packet output handling that allowed a remote user to bypass the zero IP ID countermeasure on systems with a disabled firewall (CVE-2006-1242, low) - a minor info leak in socket option handling in the network code (CVE-2006-1343, low) - a flaw in IPv4 netfilter handling for the unlikely use of SNMP NAT processing that allowed a remote user to cause a denial of service (crash) or potential memory corruption (CVE-2006-2444, moderate) Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 97000 - i8253 count too high! resetting... 102504 - cannot reboot on Dell 6450 with RHEL 3 102973 - i8253 count too high 103024 - "i8253 count too high! resetting.." ? 119457 - panics in generic_aio_complete_rw and unmap_kvec after __iodesc_free calls generic_aio_complete_read() 127689 - Reboot fails on Dell PowerEdge 6450 129477 - kernel panic in umount 131881 - clock_gettime() triggers audit kill from i386 binary on x86_64 132105 - autofs (automount) failover does not work 132994 - kernel oops when unplugging usb serial adapter using pl2303 and mct_u232 134555 - System hangs when rebooting Dell PE6450 134736 - kernel panic in md driver (md lacks proper locking of device lists) 142718 - [PATCH] [RHEL3] dpt_i2o modules in RHEL gets oops 146789 - Implement a better solution to the dma memory allocation done in the kernel 146954 - megaraid2 driver fails to recognize all LSI RAID adapters when there are more than 4 with >=4GB 149732 - Hang with radeon driver when DRM DRI actve 152630 - timer interrupt received twice on ATI chipset motherboard, clock runs at double speed 153954 - kernel panic when removing active USB serial converter used as serial console 154680 - Kernel panic on 8GB machines under stress running e1000 diagnostics 157667 - I/O Errors when swtiching Blade USB Media Tray 159862 - kernel oops with usbserial (minicom key pressed) 160600 - Accessing automounted directories can cause a process to hang forever 165246 - EHCI Host driver violates USB2.0 Specification leading to device failures. 167636 - Unable to unmount a local file system exported by NFS 167672 - GART error during bootup 167839 - kernel crashes with an Ooops 169261 - CVE-2005-3055 async usb devio oops 170261 - CVE-2005-3107 zap_threads DoS 171277 - MCE arg parsing broken on x86-64 174818 - [PATCH] bonding: don't drop non-VLAN traffic 175143 - sys_io_setup() can leak an mm reference on failure 175759 - Reboot of Dell 6450 fails 177451 - Kernel panic : Unable to handle kernel paging request at virtual address 6668c79a 177571 - [RHEL3] [RFE] forcedeth driver on xw9300 has minimal support for ethtool and mii-tool 178119 - [RHEL3] dump_stack() isn't implemented on x86_64 178131 - syslog-only netdump still tries to dump memory 178885 - bonding mode=6 + dhcp doesn't work correctly 179657 - Intermittently unable to mount NFS filesystem using autofs --ghost 180968 - Data corruption in ext3 FS when running hazard (corrupt inodes) 181815 - Phantom escalating load due to flawed rq->nr_uninterruptible increment 182961 - IBM x336, x260, and x460 requires acpi=noirq bootup option. 182996 - ST Tape Driver Bug!! 183881 - kernel/libc type mismatch on siginfo_t->si_band - breaks FAM on 64bit arches 185183 - Kernel BUG at pci_dma:43 encountered 185735 - BNX2 Patch in 2.4.21-40.EL kills "Network Device Support" config menu 186058 - CVE-2006-1242 Linux zero IP ID vulnerability? 186244 - CVE-2006-1343 Small information leak in SO_ORIGINAL_DST 186307 - RHEL3U7 fails installation using RSA(2). 186455 - Submission of a patch for non-sequential LUN mapping 186901 - make menuconfig crashes 187548 - IPMI startup race condition 187911 - CVE-2006-1056 FPU Information leak on i386/x86-64 on AMD CPUs 192633 - CVE-2006-2444 SNMP NAT netfilter memory corruption 196938 - [Beta RHEL3 U8 Regression] Processes hung while allocating stack using gdb 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-47.EL.src.rpm ad2d8788e17c18d3a6e078c42ddefc8c kernel-2.4.21-47.EL.src.rpm i386: 3a6be922eb8205b6e8890d524963fd12 kernel-2.4.21-47.EL.athlon.rpm d39a30f4a73a8b2b4ed7f78cef37a8dd kernel-2.4.21-47.EL.i686.rpm 828c25797547dbb19fbe90d04c8e0681 kernel-BOOT-2.4.21-47.EL.i386.rpm 9de060bf02043ede15eb4fbaa53df368 kernel-debuginfo-2.4.21-47.EL.athlon.rpm af4c9cacf7c98658c15429230494e8f5 kernel-debuginfo-2.4.21-47.EL.i386.rpm 26d39b74be39a90bb87f244252a905d7 kernel-debuginfo-2.4.21-47.EL.i686.rpm f996ed7d81e56b863f4ee95bf77f2232 kernel-doc-2.4.21-47.EL.i386.rpm dd3a082be14db9a3f2c5d8fffaa5a88b kernel-hugemem-2.4.21-47.EL.i686.rpm 171cfbd96711dd6b9c130253616836e6 kernel-hugemem-unsupported-2.4.21-47.EL.i686.rpm 6cb9e4f65d21ed49cd0b95a15b477c17 kernel-smp-2.4.21-47.EL.athlon.rpm 1e26e704c1d685f7f25159d0c728c5a0 kernel-smp-2.4.21-47.EL.i686.rpm f16baf3eacd80c5fd06b0fba15263089 kernel-smp-unsupported-2.4.21-47.EL.athlon.rpm 58e4b4842750f55d67d42f73541c6d4b kernel-smp-unsupported-2.4.21-47.EL.i686.rpm 8b703059bed38e9382617bb2561971a5 kernel-source-2.4.21-47.EL.i386.rpm 73778bab6685813ee7a10d84c62106e0 kernel-unsupported-2.4.21-47.EL.athlon.rpm e7e7407b6c042bea70b8dc9dafb3216a kernel-unsupported-2.4.21-47.EL.i686.rpm ia64: b634628de6cc83505cbdba01b8e504f0 kernel-2.4.21-47.EL.ia64.rpm 6119af9de2554caefbd51412d1e82f14 kernel-debuginfo-2.4.21-47.EL.ia64.rpm da355dc014ec9481cfdbce10a5e662c9 kernel-doc-2.4.21-47.EL.ia64.rpm 5f19afc2c3de3ef76e7d683d6034c2f9 kernel-source-2.4.21-47.EL.ia64.rpm 65f7865cd8ead2c38e44388e14238a3a kernel-unsupported-2.4.21-47.EL.ia64.rpm ppc: a1e773d9e270c4ce355f8cabaca8b204 kernel-2.4.21-47.EL.ppc64iseries.rpm 7536e9fe229f99225be383601fef379d kernel-2.4.21-47.EL.ppc64pseries.rpm 642d28ffa8ded5b9b7bfda83870d6c6e kernel-debuginfo-2.4.21-47.EL.ppc64.rpm 6c54fcfcee1399b2465c48f7f2836019 kernel-debuginfo-2.4.21-47.EL.ppc64iseries.rpm 97d1692de52c1d55ce60f7bd20ced32f kernel-debuginfo-2.4.21-47.EL.ppc64pseries.rpm 17197d16b0758b8bc746fe6e77a07aa2 kernel-doc-2.4.21-47.EL.ppc64.rpm 354f626eaec3328a2303753074c33bf7 kernel-source-2.4.21-47.EL.ppc64.rpm fc3da58c8347792f1cdf3e7aceb37e9c kernel-unsupported-2.4.21-47.EL.ppc64iseries.rpm 34ec69fc6f843d817f86a2a84bc2110e kernel-unsupported-2.4.21-47.EL.ppc64pseries.rpm s390: 90c37c377be5ef7d6165a4638f15311d kernel-2.4.21-47.EL.s390.rpm 9b64618d9cc519b5dcc1c1299465d7af kernel-debuginfo-2.4.21-47.EL.s390.rpm 2e42e40a96cf582cd615ad6a2dde56b2 kernel-doc-2.4.21-47.EL.s390.rpm 090df94b03b41fec1bf304169e0cf1d0 kernel-source-2.4.21-47.EL.s390.rpm 2f1e2b1b4243550e381606f501b20d34 kernel-unsupported-2.4.21-47.EL.s390.rpm s390x: ad7a8351a357cba1e4b96ddb7bf1b87e kernel-2.4.21-47.EL.s390x.rpm df3a5731ab3da6a92e89f81f3f39582a kernel-debuginfo-2.4.21-47.EL.s390x.rpm 5f1733d166b15065c4223b2924fe0022 kernel-doc-2.4.21-47.EL.s390x.rpm 691c88969be0422a222ff69bdde23929 kernel-source-2.4.21-47.EL.s390x.rpm 8c6f35a9efff280d9ccce308a5248e13 kernel-unsupported-2.4.21-47.EL.s390x.rpm x86_64: 42ad1b6c57955012a6945b240b933f17 kernel-2.4.21-47.EL.ia32e.rpm 3d02d42d9b936857999ffffebad26366 kernel-2.4.21-47.EL.x86_64.rpm 87ec6c9cee8b8f89671f210c2e8d1141 kernel-debuginfo-2.4.21-47.EL.ia32e.rpm 6072bb496dd48e82d7ad46daa6075a0f kernel-debuginfo-2.4.21-47.EL.x86_64.rpm c999d4b2af19b5ea930d23af1be52811 kernel-doc-2.4.21-47.EL.x86_64.rpm 68bb412d217d00fd53acf16f65a1cd69 kernel-smp-2.4.21-47.EL.x86_64.rpm 3e0e9ccd5332658e7f481166725fdb70 kernel-smp-unsupported-2.4.21-47.EL.x86_64.rpm 22c324aa82aec45b3bd01f40bc6245f2 kernel-source-2.4.21-47.EL.x86_64.rpm 57f87cdd8cdeaf3308a4e574dab9b8f4 kernel-unsupported-2.4.21-47.EL.ia32e.rpm f4bab8b064c3bf989976525f2d3e90a5 kernel-unsupported-2.4.21-47.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-47.EL.src.rpm ad2d8788e17c18d3a6e078c42ddefc8c kernel-2.4.21-47.EL.src.rpm i386: 3a6be922eb8205b6e8890d524963fd12 kernel-2.4.21-47.EL.athlon.rpm d39a30f4a73a8b2b4ed7f78cef37a8dd kernel-2.4.21-47.EL.i686.rpm 828c25797547dbb19fbe90d04c8e0681 kernel-BOOT-2.4.21-47.EL.i386.rpm 9de060bf02043ede15eb4fbaa53df368 kernel-debuginfo-2.4.21-47.EL.athlon.rpm af4c9cacf7c98658c15429230494e8f5 kernel-debuginfo-2.4.21-47.EL.i386.rpm 26d39b74be39a90bb87f244252a905d7 kernel-debuginfo-2.4.21-47.EL.i686.rpm f996ed7d81e56b863f4ee95bf77f2232 kernel-doc-2.4.21-47.EL.i386.rpm dd3a082be14db9a3f2c5d8fffaa5a88b kernel-hugemem-2.4.21-47.EL.i686.rpm 171cfbd96711dd6b9c130253616836e6 kernel-hugemem-unsupported-2.4.21-47.EL.i686.rpm 6cb9e4f65d21ed49cd0b95a15b477c17 kernel-smp-2.4.21-47.EL.athlon.rpm 1e26e704c1d685f7f25159d0c728c5a0 kernel-smp-2.4.21-47.EL.i686.rpm f16baf3eacd80c5fd06b0fba15263089 kernel-smp-unsupported-2.4.21-47.EL.athlon.rpm 58e4b4842750f55d67d42f73541c6d4b kernel-smp-unsupported-2.4.21-47.EL.i686.rpm 8b703059bed38e9382617bb2561971a5 kernel-source-2.4.21-47.EL.i386.rpm 73778bab6685813ee7a10d84c62106e0 kernel-unsupported-2.4.21-47.EL.athlon.rpm e7e7407b6c042bea70b8dc9dafb3216a kernel-unsupported-2.4.21-47.EL.i686.rpm x86_64: 42ad1b6c57955012a6945b240b933f17 kernel-2.4.21-47.EL.ia32e.rpm 3d02d42d9b936857999ffffebad26366 kernel-2.4.21-47.EL.x86_64.rpm 87ec6c9cee8b8f89671f210c2e8d1141 kernel-debuginfo-2.4.21-47.EL.ia32e.rpm 6072bb496dd48e82d7ad46daa6075a0f kernel-debuginfo-2.4.21-47.EL.x86_64.rpm c999d4b2af19b5ea930d23af1be52811 kernel-doc-2.4.21-47.EL.x86_64.rpm 68bb412d217d00fd53acf16f65a1cd69 kernel-smp-2.4.21-47.EL.x86_64.rpm 3e0e9ccd5332658e7f481166725fdb70 kernel-smp-unsupported-2.4.21-47.EL.x86_64.rpm 22c324aa82aec45b3bd01f40bc6245f2 kernel-source-2.4.21-47.EL.x86_64.rpm 57f87cdd8cdeaf3308a4e574dab9b8f4 kernel-unsupported-2.4.21-47.EL.ia32e.rpm f4bab8b064c3bf989976525f2d3e90a5 kernel-unsupported-2.4.21-47.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-47.EL.src.rpm ad2d8788e17c18d3a6e078c42ddefc8c kernel-2.4.21-47.EL.src.rpm i386: 3a6be922eb8205b6e8890d524963fd12 kernel-2.4.21-47.EL.athlon.rpm d39a30f4a73a8b2b4ed7f78cef37a8dd kernel-2.4.21-47.EL.i686.rpm 828c25797547dbb19fbe90d04c8e0681 kernel-BOOT-2.4.21-47.EL.i386.rpm 9de060bf02043ede15eb4fbaa53df368 kernel-debuginfo-2.4.21-47.EL.athlon.rpm af4c9cacf7c98658c15429230494e8f5 kernel-debuginfo-2.4.21-47.EL.i386.rpm 26d39b74be39a90bb87f244252a905d7 kernel-debuginfo-2.4.21-47.EL.i686.rpm f996ed7d81e56b863f4ee95bf77f2232 kernel-doc-2.4.21-47.EL.i386.rpm dd3a082be14db9a3f2c5d8fffaa5a88b kernel-hugemem-2.4.21-47.EL.i686.rpm 171cfbd96711dd6b9c130253616836e6 kernel-hugemem-unsupported-2.4.21-47.EL.i686.rpm 6cb9e4f65d21ed49cd0b95a15b477c17 kernel-smp-2.4.21-47.EL.athlon.rpm 1e26e704c1d685f7f25159d0c728c5a0 kernel-smp-2.4.21-47.EL.i686.rpm f16baf3eacd80c5fd06b0fba15263089 kernel-smp-unsupported-2.4.21-47.EL.athlon.rpm 58e4b4842750f55d67d42f73541c6d4b kernel-smp-unsupported-2.4.21-47.EL.i686.rpm 8b703059bed38e9382617bb2561971a5 kernel-source-2.4.21-47.EL.i386.rpm 73778bab6685813ee7a10d84c62106e0 kernel-unsupported-2.4.21-47.EL.athlon.rpm e7e7407b6c042bea70b8dc9dafb3216a kernel-unsupported-2.4.21-47.EL.i686.rpm ia64: b634628de6cc83505cbdba01b8e504f0 kernel-2.4.21-47.EL.ia64.rpm 6119af9de2554caefbd51412d1e82f14 kernel-debuginfo-2.4.21-47.EL.ia64.rpm da355dc014ec9481cfdbce10a5e662c9 kernel-doc-2.4.21-47.EL.ia64.rpm 5f19afc2c3de3ef76e7d683d6034c2f9 kernel-source-2.4.21-47.EL.ia64.rpm 65f7865cd8ead2c38e44388e14238a3a kernel-unsupported-2.4.21-47.EL.ia64.rpm x86_64: 42ad1b6c57955012a6945b240b933f17 kernel-2.4.21-47.EL.ia32e.rpm 3d02d42d9b936857999ffffebad26366 kernel-2.4.21-47.EL.x86_64.rpm 87ec6c9cee8b8f89671f210c2e8d1141 kernel-debuginfo-2.4.21-47.EL.ia32e.rpm 6072bb496dd48e82d7ad46daa6075a0f kernel-debuginfo-2.4.21-47.EL.x86_64.rpm c999d4b2af19b5ea930d23af1be52811 kernel-doc-2.4.21-47.EL.x86_64.rpm 68bb412d217d00fd53acf16f65a1cd69 kernel-smp-2.4.21-47.EL.x86_64.rpm 3e0e9ccd5332658e7f481166725fdb70 kernel-smp-unsupported-2.4.21-47.EL.x86_64.rpm 22c324aa82aec45b3bd01f40bc6245f2 kernel-source-2.4.21-47.EL.x86_64.rpm 57f87cdd8cdeaf3308a4e574dab9b8f4 kernel-unsupported-2.4.21-47.EL.ia32e.rpm f4bab8b064c3bf989976525f2d3e90a5 kernel-unsupported-2.4.21-47.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-47.EL.src.rpm ad2d8788e17c18d3a6e078c42ddefc8c kernel-2.4.21-47.EL.src.rpm i386: 3a6be922eb8205b6e8890d524963fd12 kernel-2.4.21-47.EL.athlon.rpm d39a30f4a73a8b2b4ed7f78cef37a8dd kernel-2.4.21-47.EL.i686.rpm 828c25797547dbb19fbe90d04c8e0681 kernel-BOOT-2.4.21-47.EL.i386.rpm 9de060bf02043ede15eb4fbaa53df368 kernel-debuginfo-2.4.21-47.EL.athlon.rpm af4c9cacf7c98658c15429230494e8f5 kernel-debuginfo-2.4.21-47.EL.i386.rpm 26d39b74be39a90bb87f244252a905d7 kernel-debuginfo-2.4.21-47.EL.i686.rpm f996ed7d81e56b863f4ee95bf77f2232 kernel-doc-2.4.21-47.EL.i386.rpm dd3a082be14db9a3f2c5d8fffaa5a88b kernel-hugemem-2.4.21-47.EL.i686.rpm 171cfbd96711dd6b9c130253616836e6 kernel-hugemem-unsupported-2.4.21-47.EL.i686.rpm 6cb9e4f65d21ed49cd0b95a15b477c17 kernel-smp-2.4.21-47.EL.athlon.rpm 1e26e704c1d685f7f25159d0c728c5a0 kernel-smp-2.4.21-47.EL.i686.rpm f16baf3eacd80c5fd06b0fba15263089 kernel-smp-unsupported-2.4.21-47.EL.athlon.rpm 58e4b4842750f55d67d42f73541c6d4b kernel-smp-unsupported-2.4.21-47.EL.i686.rpm 8b703059bed38e9382617bb2561971a5 kernel-source-2.4.21-47.EL.i386.rpm 73778bab6685813ee7a10d84c62106e0 kernel-unsupported-2.4.21-47.EL.athlon.rpm e7e7407b6c042bea70b8dc9dafb3216a kernel-unsupported-2.4.21-47.EL.i686.rpm ia64: b634628de6cc83505cbdba01b8e504f0 kernel-2.4.21-47.EL.ia64.rpm 6119af9de2554caefbd51412d1e82f14 kernel-debuginfo-2.4.21-47.EL.ia64.rpm da355dc014ec9481cfdbce10a5e662c9 kernel-doc-2.4.21-47.EL.ia64.rpm 5f19afc2c3de3ef76e7d683d6034c2f9 kernel-source-2.4.21-47.EL.ia64.rpm 65f7865cd8ead2c38e44388e14238a3a kernel-unsupported-2.4.21-47.EL.ia64.rpm x86_64: 42ad1b6c57955012a6945b240b933f17 kernel-2.4.21-47.EL.ia32e.rpm 3d02d42d9b936857999ffffebad26366 kernel-2.4.21-47.EL.x86_64.rpm 87ec6c9cee8b8f89671f210c2e8d1141 kernel-debuginfo-2.4.21-47.EL.ia32e.rpm 6072bb496dd48e82d7ad46daa6075a0f kernel-debuginfo-2.4.21-47.EL.x86_64.rpm c999d4b2af19b5ea930d23af1be52811 kernel-doc-2.4.21-47.EL.x86_64.rpm 68bb412d217d00fd53acf16f65a1cd69 kernel-smp-2.4.21-47.EL.x86_64.rpm 3e0e9ccd5332658e7f481166725fdb70 kernel-smp-unsupported-2.4.21-47.EL.x86_64.rpm 22c324aa82aec45b3bd01f40bc6245f2 kernel-source-2.4.21-47.EL.x86_64.rpm 57f87cdd8cdeaf3308a4e574dab9b8f4 kernel-unsupported-2.4.21-47.EL.ia32e.rpm f4bab8b064c3bf989976525f2d3e90a5 kernel-unsupported-2.4.21-47.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3055 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0744 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1056 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1343 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2444 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEv4N6XlSAg2UNWIIRAj8CAJ0WZ8Kka2PXzEcin+kfDez4lq+5/gCeMhZd 0VI7R5o70tqw8a8/2ygze68= =lOTh -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 20 13:51:29 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 20 Jul 2006 09:51:29 -0400 Subject: [RHSA-2006:0578-01] Critical: seamonkey security update (was mozilla) Message-ID: <200607201351.k6KDpTZO004441@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: seamonkey security update (was mozilla) Advisory ID: RHSA-2006:0578-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0578.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2779 CVE-2006-2780 CVE-2006-2781 CVE-2006-2783 CVE-2006-2782 CVE-2006-2778 CVE-2006-2776 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786 CVE-2006-2787 CVE-2006-2788 - --------------------------------------------------------------------- 1. Summary: Updated seamonkey packages that fix several security bugs in the mozilla package are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. The Mozilla Foundation has discontinued support for the Mozilla Suite. This update deprecates the Mozilla Suite in Red Hat Enterprise Linux 3 in favor of the supported SeaMonkey Suite. This update also resolves a number of outstanding Mozilla security issues: Several flaws were found in the way Mozilla processed certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787) Several denial of service flaws were found in the way Mozilla processed certain web content. A malicious web page could crash firefox or possibly execute arbitrary code. These issues to date were not proven to be exploitable, but do show evidence of memory corruption. (CVE-2006-2779, CVE-2006-2780) A double-free flaw was found in the way Mozilla-mail displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard it could execute arbitrary code as the user running Mozilla-mail. (CVE-2006-2781) A cross site scripting flaw was found in the way Mozilla processed Unicode Byte-order-Mark (BOM) markers in UTF-8 web pages. A malicious web page could execute a script within the browser that a web input sanitizer could miss due to a malformed "script" tag. (CVE-2006-2783) A form file upload flaw was found in the way Mozilla handled javascript input object mutation. A malicious web page could upload an arbitrary local file at form submission time without user interaction. (CVE-2006-2782) A denial of service flaw was found in the way Mozilla called the crypto.signText() javascript function. A malicious web page could crash the browser if the victim had a client certificate loaded. (CVE-2006-2778) Two HTTP response smuggling flaws were found in the way Mozilla processed certain invalid HTTP response headers. A malicious web site could return specially crafted HTTP response headers which may bypass HTTP proxy restrictions. (CVE-2006-2786) A double free flaw was found in the way the nsIX509::getRawDER method was called. If a victim visited a carefully crafted web page it could execute arbitrary code as the user running Mozilla. (CVE-2006-2788) Users of Mozilla are advised to upgrade to this update, which contains SeaMonkey version 1.0.2 that is not vulnerable to these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 196971 - CVE-2006-2783 multiple Seamonkey issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788) 198683 - CVE-2006-2779 Multiple Mozilla issues (CVE-2006-2780, CVE-2006-2781) 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm ppc: b4cf123d709d46d5150962eb67abf700 seamonkey-1.0.2-0.1.0.EL3.ppc.rpm 14da09eb186efccd8ca3c23cb66f316d seamonkey-chat-1.0.2-0.1.0.EL3.ppc.rpm 6331f517155a5bb4d572c90f0f975f2a seamonkey-debuginfo-1.0.2-0.1.0.EL3.ppc.rpm 58596cc9f5ca02f71f33e3e10f8fd906 seamonkey-devel-1.0.2-0.1.0.EL3.ppc.rpm ea7e430989d0d435b1ec7467f3fb80d1 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ppc.rpm 6c48be8159be70eb982148152db0a2a6 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ppc.rpm dd40c7d1cbd8c965b4d1122e38ee0bc2 seamonkey-mail-1.0.2-0.1.0.EL3.ppc.rpm 7b189d2e7d5565c0374b80d0d918a635 seamonkey-nspr-1.0.2-0.1.0.EL3.ppc.rpm cacda140b54ee4fb9e36bf210825184a seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ppc.rpm 719ee516e9138f3bbca0e62bf7358985 seamonkey-nss-1.0.2-0.1.0.EL3.ppc.rpm 16a0da76d3eeabf94153afcdd5f7fdf9 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ppc.rpm s390: 9f9830f66e95027a8196f3814716e1cb seamonkey-1.0.2-0.1.0.EL3.s390.rpm a3f0a08bc16e9c3fd092ca14b0cd3122 seamonkey-chat-1.0.2-0.1.0.EL3.s390.rpm 6532490c2c144f9ded0d023f14d23461 seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390.rpm 686e30e1d7f9e2da1104e16bf3919d12 seamonkey-devel-1.0.2-0.1.0.EL3.s390.rpm 5fadb2060f2a62af9c8f912c82433c37 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.s390.rpm 6545d7e7b0a360a3b08807c17f12ebe4 seamonkey-js-debugger-1.0.2-0.1.0.EL3.s390.rpm 6d7915768b31523e3c764e646e53d4d4 seamonkey-mail-1.0.2-0.1.0.EL3.s390.rpm 19549dc1b8c168d96d71d23f795abe29 seamonkey-nspr-1.0.2-0.1.0.EL3.s390.rpm 623e11a754c9618806bf75c37f043853 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.s390.rpm 7f50c7aa247209118565883e755c1a6c seamonkey-nss-1.0.2-0.1.0.EL3.s390.rpm 107e118d82f58c5e67d85c586689fdc5 seamonkey-nss-devel-1.0.2-0.1.0.EL3.s390.rpm s390x: 8f15d08911c6f86d2053a25f5551c2e0 seamonkey-1.0.2-0.1.0.EL3.s390x.rpm 267406f1e669245d0865a3c99711defb seamonkey-chat-1.0.2-0.1.0.EL3.s390x.rpm 6532490c2c144f9ded0d023f14d23461 seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390.rpm f11aabe13123313135c35f286ff4191a seamonkey-debuginfo-1.0.2-0.1.0.EL3.s390x.rpm 532931ca70eeb234c8ff94f27513af82 seamonkey-devel-1.0.2-0.1.0.EL3.s390x.rpm 1b8a357a1373ca0b95dd239e2c3919af seamonkey-dom-inspector-1.0.2-0.1.0.EL3.s390x.rpm 487ac1817390bc95a070cc463f3844eb seamonkey-js-debugger-1.0.2-0.1.0.EL3.s390x.rpm 5e06808fb3dff165f686ba26ef4835be seamonkey-mail-1.0.2-0.1.0.EL3.s390x.rpm 19549dc1b8c168d96d71d23f795abe29 seamonkey-nspr-1.0.2-0.1.0.EL3.s390.rpm 5de0519382b91c731a33e32fd4cf0393 seamonkey-nspr-1.0.2-0.1.0.EL3.s390x.rpm b8c7b29d8ba439cb826cad8d624b4db4 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.s390x.rpm 7f50c7aa247209118565883e755c1a6c seamonkey-nss-1.0.2-0.1.0.EL3.s390.rpm af5c707597318d62e4236c5bedfcd4ee seamonkey-nss-1.0.2-0.1.0.EL3.s390x.rpm 9f13fc39e28a8c2e3ef43b52e6f3f89d seamonkey-nss-devel-1.0.2-0.1.0.EL3.s390x.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.2-0.1.0.EL3.src.rpm e7f42fee596ad457febe242c64bd5787 seamonkey-1.0.2-0.1.0.EL3.src.rpm i386: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 0107a05bf5bf3cd9e5b871aa52e94f02 seamonkey-chat-1.0.2-0.1.0.EL3.i386.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm cb8e2e0b35f45625fec39d28af1cb6d1 seamonkey-devel-1.0.2-0.1.0.EL3.i386.rpm d8bf06ddf59a8c26fe176c98b249cf52 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.i386.rpm 84ec6859df530a8ea6c1a71b5e9c5369 seamonkey-js-debugger-1.0.2-0.1.0.EL3.i386.rpm 546ce0126786d8dad69cd3d682301556 seamonkey-mail-1.0.2-0.1.0.EL3.i386.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm ad831a228128e9e7681b3447aa20ef52 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.i386.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 4ddfa278b3a2ce52f4ec4c13ae8e7d10 seamonkey-nss-devel-1.0.2-0.1.0.EL3.i386.rpm ia64: 3a53ec8fa9d4de0c1520f646842533be seamonkey-1.0.2-0.1.0.EL3.ia64.rpm 5248d87146f0e76cd2ec0e618b6cb928 seamonkey-chat-1.0.2-0.1.0.EL3.ia64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm 5d7c4bdc79c057f18d5403102a801cdb seamonkey-debuginfo-1.0.2-0.1.0.EL3.ia64.rpm d2eaa475714186132a69acc3f30bee43 seamonkey-devel-1.0.2-0.1.0.EL3.ia64.rpm 9f1024744a669ff06aabf64db507430a seamonkey-dom-inspector-1.0.2-0.1.0.EL3.ia64.rpm af2c3b36524f43659f1cba3c7d76a917 seamonkey-js-debugger-1.0.2-0.1.0.EL3.ia64.rpm c5ada6f5c1f0cb073e64b3cd638972a5 seamonkey-mail-1.0.2-0.1.0.EL3.ia64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm 604575dd5d1819600a7c84c1755f103c seamonkey-nspr-1.0.2-0.1.0.EL3.ia64.rpm e7093e53153651f2c501f68f6466618e seamonkey-nspr-devel-1.0.2-0.1.0.EL3.ia64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm 9bed60cdd1e3d2a1dc5817f7b4f6070e seamonkey-nss-1.0.2-0.1.0.EL3.ia64.rpm c9308271dd16088fd21a191782ef2758 seamonkey-nss-devel-1.0.2-0.1.0.EL3.ia64.rpm x86_64: cd2ed103ee013ca0b41987baf48dc6be seamonkey-1.0.2-0.1.0.EL3.i386.rpm 2e860fe38f090f5c68b9f04ac0d4357d seamonkey-1.0.2-0.1.0.EL3.x86_64.rpm 2a108e026bf9266162279d183954c4e2 seamonkey-chat-1.0.2-0.1.0.EL3.x86_64.rpm ffc055bae0d9db603a20b24a57f543c4 seamonkey-debuginfo-1.0.2-0.1.0.EL3.i386.rpm dec96a2e7cdacb8cc9c900f40d86635a seamonkey-debuginfo-1.0.2-0.1.0.EL3.x86_64.rpm df2a0566ad96e13620e9d6c3d4114150 seamonkey-devel-1.0.2-0.1.0.EL3.x86_64.rpm 1f55d411d82759ce71ef1bee4c1a4f61 seamonkey-dom-inspector-1.0.2-0.1.0.EL3.x86_64.rpm b4f0dd224f293363a1bc41e34d8a1c23 seamonkey-js-debugger-1.0.2-0.1.0.EL3.x86_64.rpm c8ef05e371be6ac1ca3338ac9ade1c64 seamonkey-mail-1.0.2-0.1.0.EL3.x86_64.rpm db283c25140cc695d782bae05e30ae87 seamonkey-nspr-1.0.2-0.1.0.EL3.i386.rpm da40e1ac22751c1df8368d313618bea6 seamonkey-nspr-1.0.2-0.1.0.EL3.x86_64.rpm b0ae6e9b45458a80eeee64722912af59 seamonkey-nspr-devel-1.0.2-0.1.0.EL3.x86_64.rpm ed2537362625184a74b04614f93c6c3c seamonkey-nss-1.0.2-0.1.0.EL3.i386.rpm c070487b616f51572d978bc7cd1c3673 seamonkey-nss-1.0.2-0.1.0.EL3.x86_64.rpm 45072a8cf4a7630f4ab39b45fde85608 seamonkey-nss-devel-1.0.2-0.1.0.EL3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2788 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEv4pQXlSAg2UNWIIRAn/PAKCKtIn2+3WIa8v20D3hhIYxYC3hbACePmBV LKRJI+9klxRMhG8FBbgHPaM= =EQcr -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 25 12:25:12 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Jul 2006 08:25:12 -0400 Subject: [RHSA-2006:0567-01] Moderate: php security update Message-ID: <200607251225.k6PCPJXs009410@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: php security update Advisory ID: RHSA-2006:0567-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0567.html Issue date: 2006-07-25 Updated on: 2006-07-25 Product: Red Hat Enterprise Linux CVE Names: CVE-2002-2214 CVE-2006-1494 CVE-2006-3017 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A flaw was found in the zend_hash_del() PHP function. For PHP scripts that rely on the use of the unset() function, a remote attacker could force variable initialization to be bypassed. This would be a security issue particularly for installations that enable the "register_globals" setting. "register_globals" is disabled by default in Red Hat Enterprise Linux. (CVE-2006-3017) A directory traversal vulnerability was found in PHP. Local users could bypass open_basedir restrictions allowing remote attackers to create files in arbitrary directories via the tempnam() function. (CVE-2006-1494) A flaw was found in the PHP IMAP MIME header decoding function. An attacker could craft a message with an overly long header which caused PHP to crash. (CVE-2002-2214) Users of PHP should upgrade to these updated packages, which contain backported patches that resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 195495 - CVE-2002-2214 php imap To header buffer overflow 196257 - CVE-2006-3017 zend_hash_del bug 197050 - CVE-2006-1494 PHP tempname open_basedir issue 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/php-4.1.2-2.8.src.rpm b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm i386: 49c5170d0254ab6852ed1a0ec99ee005 php-4.1.2-2.8.i386.rpm fbbf8ecb1d8212fb61ab03cb582fa6ba php-devel-4.1.2-2.8.i386.rpm a8cc27adc804ac40f5530f5bc305209b php-imap-4.1.2-2.8.i386.rpm 2b9e509db230478986a620bccf3c3595 php-ldap-4.1.2-2.8.i386.rpm 296c22cd73b830fc0455a3cc00b38858 php-manual-4.1.2-2.8.i386.rpm a083c9ad5a0aef8c528abb1123bb88aa php-mysql-4.1.2-2.8.i386.rpm 7df60aec5a0b642ea6e8fcb8ae4e0bc4 php-odbc-4.1.2-2.8.i386.rpm bdbfcb35354ad079d4a15a4054f2caf8 php-pgsql-4.1.2-2.8.i386.rpm ia64: 0de57ca1d1f8ad29f509288a9c67f501 php-4.1.2-2.8.ia64.rpm b386f3eacea485b36525055006fa89c5 php-devel-4.1.2-2.8.ia64.rpm 91b7f7262828ad5c9f17d8e1e02bd9e1 php-imap-4.1.2-2.8.ia64.rpm bb5d71d5964ed4e3ebaba5c1e755599c php-ldap-4.1.2-2.8.ia64.rpm 2d1d721016880e26c041d36af289288f php-manual-4.1.2-2.8.ia64.rpm 74de741c6420b49591eb82e8d3109286 php-mysql-4.1.2-2.8.ia64.rpm ac98627c368011e8bc123fab619131fa php-odbc-4.1.2-2.8.ia64.rpm 101f908d73b7182821a6ca553df4c3f5 php-pgsql-4.1.2-2.8.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/php-4.1.2-2.8.src.rpm b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm ia64: 0de57ca1d1f8ad29f509288a9c67f501 php-4.1.2-2.8.ia64.rpm b386f3eacea485b36525055006fa89c5 php-devel-4.1.2-2.8.ia64.rpm 91b7f7262828ad5c9f17d8e1e02bd9e1 php-imap-4.1.2-2.8.ia64.rpm bb5d71d5964ed4e3ebaba5c1e755599c php-ldap-4.1.2-2.8.ia64.rpm 2d1d721016880e26c041d36af289288f php-manual-4.1.2-2.8.ia64.rpm 74de741c6420b49591eb82e8d3109286 php-mysql-4.1.2-2.8.ia64.rpm ac98627c368011e8bc123fab619131fa php-odbc-4.1.2-2.8.ia64.rpm 101f908d73b7182821a6ca553df4c3f5 php-pgsql-4.1.2-2.8.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/php-4.1.2-2.8.src.rpm b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm i386: 49c5170d0254ab6852ed1a0ec99ee005 php-4.1.2-2.8.i386.rpm fbbf8ecb1d8212fb61ab03cb582fa6ba php-devel-4.1.2-2.8.i386.rpm a8cc27adc804ac40f5530f5bc305209b php-imap-4.1.2-2.8.i386.rpm 2b9e509db230478986a620bccf3c3595 php-ldap-4.1.2-2.8.i386.rpm 296c22cd73b830fc0455a3cc00b38858 php-manual-4.1.2-2.8.i386.rpm a083c9ad5a0aef8c528abb1123bb88aa php-mysql-4.1.2-2.8.i386.rpm 7df60aec5a0b642ea6e8fcb8ae4e0bc4 php-odbc-4.1.2-2.8.i386.rpm bdbfcb35354ad079d4a15a4054f2caf8 php-pgsql-4.1.2-2.8.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/php-4.1.2-2.8.src.rpm b00da9890a6407ceeefde6af712335a8 php-4.1.2-2.8.src.rpm i386: 49c5170d0254ab6852ed1a0ec99ee005 php-4.1.2-2.8.i386.rpm fbbf8ecb1d8212fb61ab03cb582fa6ba php-devel-4.1.2-2.8.i386.rpm a8cc27adc804ac40f5530f5bc305209b php-imap-4.1.2-2.8.i386.rpm 2b9e509db230478986a620bccf3c3595 php-ldap-4.1.2-2.8.i386.rpm 296c22cd73b830fc0455a3cc00b38858 php-manual-4.1.2-2.8.i386.rpm a083c9ad5a0aef8c528abb1123bb88aa php-mysql-4.1.2-2.8.i386.rpm 7df60aec5a0b642ea6e8fcb8ae4e0bc4 php-odbc-4.1.2-2.8.i386.rpm bdbfcb35354ad079d4a15a4054f2caf8 php-pgsql-4.1.2-2.8.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-2214 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3017 http://www.php.net/register_globals http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFExg2lXlSAg2UNWIIRAlBqAKCasxXredz0b35TY/KcKofrlFYTlgCdHeA5 sh05mr/MHMArqz1zE6X3Fkk= =oEw2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 25 12:37:59 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Jul 2006 08:37:59 -0400 Subject: [RHSA-2006:0576-01] Moderate: kdebase security fix Message-ID: <200607251237.k6PCbxXx012526@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kdebase security fix Advisory ID: RHSA-2006:0576-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0576.html Issue date: 2006-07-25 Updated on: 2006-07-25 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2933 - --------------------------------------------------------------------- 1. Summary: Updated kdebase packages that resolve a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The kdebase packages provide the core applications for KDE, the K Desktop Environment. A flaw was found in KDE where the kdesktop_lock process sometimes failed to terminate properly. This issue could either block the user's ability to manually lock the desktop or prevent the screensaver to activate, both of which could have a security impact for users who rely on these functionalities. (CVE-2006-2933) Please note that this issue only affected Red Hat Enterprise Linux 3. All users of kdebase should upgrade to these updated packages, which contain a patch to resolve this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 177755 - CVE-2006-2933 occasionally KDE screensaver fails to start 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm ppc: 3420be20d8e4b4570accf770e7905571 kdebase-3.1.3-5.11.ppc.rpm e239a86189994c13fd353b979267ff36 kdebase-3.1.3-5.11.ppc64.rpm fa912974f196e8b380aefeb5f101909b kdebase-debuginfo-3.1.3-5.11.ppc.rpm 0fd6a138fbec5a56c34f1d1464657791 kdebase-debuginfo-3.1.3-5.11.ppc64.rpm d3647bcc06b9b910a0c4fada87d890be kdebase-devel-3.1.3-5.11.ppc.rpm s390: fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm ab4603381ccf4debd2751a8b8a19c1b9 kdebase-devel-3.1.3-5.11.s390.rpm s390x: fcdf461eb6d600e1f948a3b92ba6a950 kdebase-3.1.3-5.11.s390.rpm 3d4f0c441b88e6252cd0b586087b8bb5 kdebase-3.1.3-5.11.s390x.rpm b0b87ea5d1a66b74eb2a56420f54af0f kdebase-debuginfo-3.1.3-5.11.s390.rpm d16ac48faa1d513de50d7e8fe1a4c3a4 kdebase-debuginfo-3.1.3-5.11.s390x.rpm a8423c6093ddab102a593e4e655fea16 kdebase-devel-3.1.3-5.11.s390x.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kdebase-3.1.3-5.11.src.rpm 6aa3d3f78de7c533e3e6da39794180b2 kdebase-3.1.3-5.11.src.rpm i386: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 2ac5719bfa079d8b71371fc90db9f3a9 kdebase-devel-3.1.3-5.11.i386.rpm ia64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm c720754146a4aa60a4560deb5f6d5eb9 kdebase-3.1.3-5.11.ia64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm 1cd0f69d9747fbe6c7215e4dabf0a900 kdebase-debuginfo-3.1.3-5.11.ia64.rpm 7266920d22b20b1464ffc37967877ff3 kdebase-devel-3.1.3-5.11.ia64.rpm x86_64: 118df2b4ac6ab1a4676aa14142f98a09 kdebase-3.1.3-5.11.i386.rpm de315cd2a571e45b4d3e9e4b20f817fd kdebase-3.1.3-5.11.x86_64.rpm a7867ecf99c15ece76eddba8638db7f8 kdebase-debuginfo-3.1.3-5.11.i386.rpm e0f0717146bc051a55425ddd812a023e kdebase-debuginfo-3.1.3-5.11.x86_64.rpm 6b940119787351acbd6ef2ea470f4d13 kdebase-devel-3.1.3-5.11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2933 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFExhCaXlSAg2UNWIIRAhx3AJ4scmHyvaHCsCLVGAYgh0oZ56ck/QCdH+yQ 4jIOnc2z2KkmupUpGCzFxQo= =KaN7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jul 25 13:06:09 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 25 Jul 2006 09:06:09 -0400 Subject: [RHSA-2006:0591-01] Important: samba security update Message-ID: <200607251306.k6PD6AFa020122@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: samba security update Advisory ID: RHSA-2006:0591-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0591.html Issue date: 2006-07-25 Updated on: 2006-07-25 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3403 - --------------------------------------------------------------------- 1. Summary: Updated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service bug was found in the way the smbd daemon tracks active connections to shares. It was possible for a remote attacker to cause the smbd daemon to consume a large amount of system memory by sending carefully crafted smb requests. (CVE-2006-3403) Users of Samba are advised to upgrade to these packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 197836 - CVE-2006-3403 Samba denial of service 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm 744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm i386: c04ce6edfe57da898769cb29454d09c9 samba-2.2.12-1.21as.5.i386.rpm fa9bab9c09624e93d40025a7d06db389 samba-client-2.2.12-1.21as.5.i386.rpm 744c5053e812e7bf8a7bb61fd5b4dce4 samba-common-2.2.12-1.21as.5.i386.rpm 4214be9c3ab7096b58a86801983bd5c6 samba-swat-2.2.12-1.21as.5.i386.rpm ia64: cf8e05d8735bb3c08229f871afd0089d samba-2.2.12-1.21as.5.ia64.rpm 92ae124fb9f103e979f558278c78e90d samba-client-2.2.12-1.21as.5.ia64.rpm 8dff37f2d3cf2174f4975f85862d97d7 samba-common-2.2.12-1.21as.5.ia64.rpm 60b1b37841a5aea18f3d1837337e7545 samba-swat-2.2.12-1.21as.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm 744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm ia64: cf8e05d8735bb3c08229f871afd0089d samba-2.2.12-1.21as.5.ia64.rpm 92ae124fb9f103e979f558278c78e90d samba-client-2.2.12-1.21as.5.ia64.rpm 8dff37f2d3cf2174f4975f85862d97d7 samba-common-2.2.12-1.21as.5.ia64.rpm 60b1b37841a5aea18f3d1837337e7545 samba-swat-2.2.12-1.21as.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm 744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm i386: c04ce6edfe57da898769cb29454d09c9 samba-2.2.12-1.21as.5.i386.rpm fa9bab9c09624e93d40025a7d06db389 samba-client-2.2.12-1.21as.5.i386.rpm 744c5053e812e7bf8a7bb61fd5b4dce4 samba-common-2.2.12-1.21as.5.i386.rpm 4214be9c3ab7096b58a86801983bd5c6 samba-swat-2.2.12-1.21as.5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.5.src.rpm 744771460c14a1af1b58e82ec52cb6a5 samba-2.2.12-1.21as.5.src.rpm i386: c04ce6edfe57da898769cb29454d09c9 samba-2.2.12-1.21as.5.i386.rpm fa9bab9c09624e93d40025a7d06db389 samba-client-2.2.12-1.21as.5.i386.rpm 744c5053e812e7bf8a7bb61fd5b4dce4 samba-common-2.2.12-1.21as.5.i386.rpm 4214be9c3ab7096b58a86801983bd5c6 samba-swat-2.2.12-1.21as.5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm i386: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm dfc3dbca60435d016690ea7b78ced477 samba-client-3.0.9-1.3E.10.i386.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 030c6a9c4f242afc59f7eb6ce2024480 samba-swat-3.0.9-1.3E.10.i386.rpm ia64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm 0934a9f9a74a205a81eda7296c6031a8 samba-3.0.9-1.3E.10.ia64.rpm b0310000d5fb345ca6c16428afbf1032 samba-client-3.0.9-1.3E.10.ia64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 33585206d76cec5b6293bc10fcc9681d samba-common-3.0.9-1.3E.10.ia64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 136862188a0e579e3868ee05a62b8c76 samba-debuginfo-3.0.9-1.3E.10.ia64.rpm c39bf636ea6434b2e241446d5b51fa9c samba-swat-3.0.9-1.3E.10.ia64.rpm ppc: 8c51b16445534cc7a4ca49eb5cd4890a samba-3.0.9-1.3E.10.ppc.rpm 5766e87f7ea6d1e0c36f53fb4b61bcbb samba-3.0.9-1.3E.10.ppc64.rpm d3971637751b9653dbb8e638a54846c0 samba-client-3.0.9-1.3E.10.ppc.rpm d06644b9dc4d459f55c6ba6a2bdd5100 samba-common-3.0.9-1.3E.10.ppc.rpm 4210cb3f8eef958db98543262972beb2 samba-common-3.0.9-1.3E.10.ppc64.rpm 0ce017ed576f45f138f1831fa9bade65 samba-debuginfo-3.0.9-1.3E.10.ppc.rpm d8617da5ffc7af1d10c3a12fce6435dc samba-debuginfo-3.0.9-1.3E.10.ppc64.rpm 930bb7cdcd5bd0e2214254f96c3f7ce2 samba-swat-3.0.9-1.3E.10.ppc.rpm s390: 6e6e3c6b46ad6b30e7ba6e40be69f73a samba-3.0.9-1.3E.10.s390.rpm a0c6e17b4ea40829adb1ff425b2c67c6 samba-client-3.0.9-1.3E.10.s390.rpm bd7a20a3222cfcb057a3dbda23cf2341 samba-common-3.0.9-1.3E.10.s390.rpm ad3aef6016c84e226b509f8a830b561c samba-debuginfo-3.0.9-1.3E.10.s390.rpm 37122bfe4d8708d230ca6547996bf994 samba-swat-3.0.9-1.3E.10.s390.rpm s390x: 6e6e3c6b46ad6b30e7ba6e40be69f73a samba-3.0.9-1.3E.10.s390.rpm 0618de37f16ea17d7566bcfd05f93472 samba-3.0.9-1.3E.10.s390x.rpm e70a8e4d68d8bf921ee7551fcb24cd02 samba-client-3.0.9-1.3E.10.s390x.rpm bd7a20a3222cfcb057a3dbda23cf2341 samba-common-3.0.9-1.3E.10.s390.rpm d9a8d3539074074cb36ddc72c681b271 samba-common-3.0.9-1.3E.10.s390x.rpm ad3aef6016c84e226b509f8a830b561c samba-debuginfo-3.0.9-1.3E.10.s390.rpm f6c1f150521cb885982550eab0145040 samba-debuginfo-3.0.9-1.3E.10.s390x.rpm 3da9025363680629381f971a828d302e samba-swat-3.0.9-1.3E.10.s390x.rpm x86_64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm ca7e3c02f8dbd7f03d01e467489c34cd samba-3.0.9-1.3E.10.x86_64.rpm 3294ec6317982be1ebbd842d9e1852b0 samba-client-3.0.9-1.3E.10.x86_64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm dbd68f6c8e315652958674ebf2c62e08 samba-common-3.0.9-1.3E.10.x86_64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 76ccf3614c28cec60d8b362ffb599a2d samba-debuginfo-3.0.9-1.3E.10.x86_64.rpm b303f8dbf6ecf83859663df1100410af samba-swat-3.0.9-1.3E.10.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm i386: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm dfc3dbca60435d016690ea7b78ced477 samba-client-3.0.9-1.3E.10.i386.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 030c6a9c4f242afc59f7eb6ce2024480 samba-swat-3.0.9-1.3E.10.i386.rpm x86_64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm ca7e3c02f8dbd7f03d01e467489c34cd samba-3.0.9-1.3E.10.x86_64.rpm 3294ec6317982be1ebbd842d9e1852b0 samba-client-3.0.9-1.3E.10.x86_64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm dbd68f6c8e315652958674ebf2c62e08 samba-common-3.0.9-1.3E.10.x86_64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 76ccf3614c28cec60d8b362ffb599a2d samba-debuginfo-3.0.9-1.3E.10.x86_64.rpm b303f8dbf6ecf83859663df1100410af samba-swat-3.0.9-1.3E.10.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm i386: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm dfc3dbca60435d016690ea7b78ced477 samba-client-3.0.9-1.3E.10.i386.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 030c6a9c4f242afc59f7eb6ce2024480 samba-swat-3.0.9-1.3E.10.i386.rpm ia64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm 0934a9f9a74a205a81eda7296c6031a8 samba-3.0.9-1.3E.10.ia64.rpm b0310000d5fb345ca6c16428afbf1032 samba-client-3.0.9-1.3E.10.ia64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 33585206d76cec5b6293bc10fcc9681d samba-common-3.0.9-1.3E.10.ia64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 136862188a0e579e3868ee05a62b8c76 samba-debuginfo-3.0.9-1.3E.10.ia64.rpm c39bf636ea6434b2e241446d5b51fa9c samba-swat-3.0.9-1.3E.10.ia64.rpm x86_64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm ca7e3c02f8dbd7f03d01e467489c34cd samba-3.0.9-1.3E.10.x86_64.rpm 3294ec6317982be1ebbd842d9e1852b0 samba-client-3.0.9-1.3E.10.x86_64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm dbd68f6c8e315652958674ebf2c62e08 samba-common-3.0.9-1.3E.10.x86_64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 76ccf3614c28cec60d8b362ffb599a2d samba-debuginfo-3.0.9-1.3E.10.x86_64.rpm b303f8dbf6ecf83859663df1100410af samba-swat-3.0.9-1.3E.10.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.10.src.rpm ff01b3cb9e7a235e85bfcb934fcd0b52 samba-3.0.9-1.3E.10.src.rpm i386: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm dfc3dbca60435d016690ea7b78ced477 samba-client-3.0.9-1.3E.10.i386.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 030c6a9c4f242afc59f7eb6ce2024480 samba-swat-3.0.9-1.3E.10.i386.rpm ia64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm 0934a9f9a74a205a81eda7296c6031a8 samba-3.0.9-1.3E.10.ia64.rpm b0310000d5fb345ca6c16428afbf1032 samba-client-3.0.9-1.3E.10.ia64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm 33585206d76cec5b6293bc10fcc9681d samba-common-3.0.9-1.3E.10.ia64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 136862188a0e579e3868ee05a62b8c76 samba-debuginfo-3.0.9-1.3E.10.ia64.rpm c39bf636ea6434b2e241446d5b51fa9c samba-swat-3.0.9-1.3E.10.ia64.rpm x86_64: afe7f51705750af98376d4b72eab0e3a samba-3.0.9-1.3E.10.i386.rpm ca7e3c02f8dbd7f03d01e467489c34cd samba-3.0.9-1.3E.10.x86_64.rpm 3294ec6317982be1ebbd842d9e1852b0 samba-client-3.0.9-1.3E.10.x86_64.rpm 01b088d2928e3957c40f6290ab067be6 samba-common-3.0.9-1.3E.10.i386.rpm dbd68f6c8e315652958674ebf2c62e08 samba-common-3.0.9-1.3E.10.x86_64.rpm 88aae1da964dc7499c39f19cd3852160 samba-debuginfo-3.0.9-1.3E.10.i386.rpm 76ccf3614c28cec60d8b362ffb599a2d samba-debuginfo-3.0.9-1.3E.10.x86_64.rpm b303f8dbf6ecf83859663df1100410af samba-swat-3.0.9-1.3E.10.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm 9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm i386: dfa53665255d6fd2ffdebfee99d5a3b0 samba-3.0.10-1.4E.6.2.i386.rpm 36b1cd36740619f3d5b41c008135c502 samba-client-3.0.10-1.4E.6.2.i386.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm e53a6a487263b67389d18866c2330179 samba-swat-3.0.10-1.4E.6.2.i386.rpm ia64: 401077259ed47bbdb87cf6e206700b09 samba-3.0.10-1.4E.6.2.ia64.rpm b73c189d7acc898a325d83e4147fe98c samba-client-3.0.10-1.4E.6.2.ia64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm c7f3795dfff3cce6e26e0e2acc6b86c1 samba-common-3.0.10-1.4E.6.2.ia64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm 9a3ba9c8f3440192ab3e2270476677e9 samba-debuginfo-3.0.10-1.4E.6.2.ia64.rpm a6c6a9d55966afc8f8fe0fd0a554208d samba-swat-3.0.10-1.4E.6.2.ia64.rpm ppc: 095b804edce6df4d9d0b99bed6222e5e samba-3.0.10-1.4E.6.2.ppc.rpm 417f79b512bd1492727f0a22eadfe57a samba-client-3.0.10-1.4E.6.2.ppc.rpm 0d6d8f0a479c9d5f0e0e1603d66d69c6 samba-common-3.0.10-1.4E.6.2.ppc.rpm 63418d744a15848b48779088a186d6a6 samba-common-3.0.10-1.4E.6.2.ppc64.rpm aef0ed460ec84db98a363bfe86d9b2b3 samba-debuginfo-3.0.10-1.4E.6.2.ppc.rpm abfaff84ee6f7690dd71262aed7882fe samba-debuginfo-3.0.10-1.4E.6.2.ppc64.rpm 583ff31d946f8fd96a7581aaa71ec77d samba-swat-3.0.10-1.4E.6.2.ppc.rpm s390: 84f7081f936aecba3606d09ff3ea6716 samba-3.0.10-1.4E.6.2.s390.rpm 9ab1de15d5582517f8e4b6348f789961 samba-client-3.0.10-1.4E.6.2.s390.rpm 362db413cd4d3069a2ba757322d11581 samba-common-3.0.10-1.4E.6.2.s390.rpm a2319d41a91b6e67bba4bfa8e3b7cf08 samba-debuginfo-3.0.10-1.4E.6.2.s390.rpm 6b3b3607acd87505660c97c753c6f8e5 samba-swat-3.0.10-1.4E.6.2.s390.rpm s390x: 381aad2d50b8fe55c7a0aaaca2c956c1 samba-3.0.10-1.4E.6.2.s390x.rpm 27c38f6e43ac9032c760456eadeaf4b3 samba-client-3.0.10-1.4E.6.2.s390x.rpm 362db413cd4d3069a2ba757322d11581 samba-common-3.0.10-1.4E.6.2.s390.rpm 62ca657bff33fabe5df0ebc18fd58589 samba-common-3.0.10-1.4E.6.2.s390x.rpm a2319d41a91b6e67bba4bfa8e3b7cf08 samba-debuginfo-3.0.10-1.4E.6.2.s390.rpm 02941354da6f7e04d0b3cf046cf4434e samba-debuginfo-3.0.10-1.4E.6.2.s390x.rpm 91b3a34774aa143e017a158906ae4fc5 samba-swat-3.0.10-1.4E.6.2.s390x.rpm x86_64: 414a2986d5bf7a466a39826ecf6ed1c6 samba-3.0.10-1.4E.6.2.x86_64.rpm caab365161a896c72ee7cb1238307cb9 samba-client-3.0.10-1.4E.6.2.x86_64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm 4686784c27aefc4acef6e7ffeb82adef samba-common-3.0.10-1.4E.6.2.x86_64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm b389651d0ecdf7efdc5c9b4de9f4ded2 samba-debuginfo-3.0.10-1.4E.6.2.x86_64.rpm e9687c733040c725360ffae580b4c66c samba-swat-3.0.10-1.4E.6.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm 9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm i386: dfa53665255d6fd2ffdebfee99d5a3b0 samba-3.0.10-1.4E.6.2.i386.rpm 36b1cd36740619f3d5b41c008135c502 samba-client-3.0.10-1.4E.6.2.i386.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm e53a6a487263b67389d18866c2330179 samba-swat-3.0.10-1.4E.6.2.i386.rpm x86_64: 414a2986d5bf7a466a39826ecf6ed1c6 samba-3.0.10-1.4E.6.2.x86_64.rpm caab365161a896c72ee7cb1238307cb9 samba-client-3.0.10-1.4E.6.2.x86_64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm 4686784c27aefc4acef6e7ffeb82adef samba-common-3.0.10-1.4E.6.2.x86_64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm b389651d0ecdf7efdc5c9b4de9f4ded2 samba-debuginfo-3.0.10-1.4E.6.2.x86_64.rpm e9687c733040c725360ffae580b4c66c samba-swat-3.0.10-1.4E.6.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm 9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm i386: dfa53665255d6fd2ffdebfee99d5a3b0 samba-3.0.10-1.4E.6.2.i386.rpm 36b1cd36740619f3d5b41c008135c502 samba-client-3.0.10-1.4E.6.2.i386.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm e53a6a487263b67389d18866c2330179 samba-swat-3.0.10-1.4E.6.2.i386.rpm ia64: 401077259ed47bbdb87cf6e206700b09 samba-3.0.10-1.4E.6.2.ia64.rpm b73c189d7acc898a325d83e4147fe98c samba-client-3.0.10-1.4E.6.2.ia64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm c7f3795dfff3cce6e26e0e2acc6b86c1 samba-common-3.0.10-1.4E.6.2.ia64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm 9a3ba9c8f3440192ab3e2270476677e9 samba-debuginfo-3.0.10-1.4E.6.2.ia64.rpm a6c6a9d55966afc8f8fe0fd0a554208d samba-swat-3.0.10-1.4E.6.2.ia64.rpm x86_64: 414a2986d5bf7a466a39826ecf6ed1c6 samba-3.0.10-1.4E.6.2.x86_64.rpm caab365161a896c72ee7cb1238307cb9 samba-client-3.0.10-1.4E.6.2.x86_64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm 4686784c27aefc4acef6e7ffeb82adef samba-common-3.0.10-1.4E.6.2.x86_64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm b389651d0ecdf7efdc5c9b4de9f4ded2 samba-debuginfo-3.0.10-1.4E.6.2.x86_64.rpm e9687c733040c725360ffae580b4c66c samba-swat-3.0.10-1.4E.6.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.10-1.4E.6.2.src.rpm 9724ce298ee37a3e378822a57a0a33dc samba-3.0.10-1.4E.6.2.src.rpm i386: dfa53665255d6fd2ffdebfee99d5a3b0 samba-3.0.10-1.4E.6.2.i386.rpm 36b1cd36740619f3d5b41c008135c502 samba-client-3.0.10-1.4E.6.2.i386.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm e53a6a487263b67389d18866c2330179 samba-swat-3.0.10-1.4E.6.2.i386.rpm ia64: 401077259ed47bbdb87cf6e206700b09 samba-3.0.10-1.4E.6.2.ia64.rpm b73c189d7acc898a325d83e4147fe98c samba-client-3.0.10-1.4E.6.2.ia64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm c7f3795dfff3cce6e26e0e2acc6b86c1 samba-common-3.0.10-1.4E.6.2.ia64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm 9a3ba9c8f3440192ab3e2270476677e9 samba-debuginfo-3.0.10-1.4E.6.2.ia64.rpm a6c6a9d55966afc8f8fe0fd0a554208d samba-swat-3.0.10-1.4E.6.2.ia64.rpm x86_64: 414a2986d5bf7a466a39826ecf6ed1c6 samba-3.0.10-1.4E.6.2.x86_64.rpm caab365161a896c72ee7cb1238307cb9 samba-client-3.0.10-1.4E.6.2.x86_64.rpm 61e19ce7eef9aaaf74da73b84f29f3c0 samba-common-3.0.10-1.4E.6.2.i386.rpm 4686784c27aefc4acef6e7ffeb82adef samba-common-3.0.10-1.4E.6.2.x86_64.rpm d072ae1cf3acf0670c5b7444315fe34c samba-debuginfo-3.0.10-1.4E.6.2.i386.rpm b389651d0ecdf7efdc5c9b4de9f4ded2 samba-debuginfo-3.0.10-1.4E.6.2.x86_64.rpm e9687c733040c725360ffae580b4c66c samba-swat-3.0.10-1.4E.6.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403 http://www.samba.org/samba/security/CAN-2006-3403.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFExhc+XlSAg2UNWIIRAjt5AKCAxcqZETGRM5Ic6CHSAbah6UkpTQCePSfz l7w/9yrok2YUwnISbovhGL8= =yRVH -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 27 20:12:55 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 27 Jul 2006 16:12:55 -0400 Subject: [RHSA-2006:0608-01] Critical: seamonkey security update Message-ID: <200607272012.k6RKCucQ020886@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2006:0608-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0608.html Issue date: 2006-07-27 Updated on: 2006-07-27 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3801 CVE-2006-3677 CVE-2006-3113 CVE-2006-3802 CVE-2006-3803 CVE-2006-3804 CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810 CVE-2006-3811 CVE-2006-3812 - --------------------------------------------------------------------- 1. Summary: Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-3807, CVE-2006-3809, CVE-2006-3812) Several denial of service flaws were found in the way SeaMonkey processed certain web content. A malicious web page could crash the browser or possibly execute arbitrary code as the user running SeaMonkey. (CVE-2006-3801, CVE-2006-3677, CVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811) A buffer overflow flaw was found in the way SeaMonkey Messenger displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard, it was possible to execute arbitrary code as the user running SeaMonkey Messenger. (CVE-2006-3804) Several flaws were found in the way SeaMonkey processed certain javascript actions. A malicious web page could conduct a cross-site scripting attack or steal sensitive information (such as cookies owned by other domains). (CVE-2006-3802, CVE-2006-3810) A flaw was found in the way SeaMonkey processed Proxy AutoConfig scripts. A malicious Proxy AutoConfig server could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-3808) Users of SeaMonkey are advised to upgrade to this update, which contains SeaMonkey version 1.0.3 that corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 200253 - CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812) 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.3-0.el3.1.src.rpm 5700fda497d3d6e09cb99bd0160cae1c seamonkey-1.0.3-0.el3.1.src.rpm i386: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm 10bccb0c6f61cc913a5cee11e4525282 seamonkey-chat-1.0.3-0.el3.1.i386.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 4e0d353982d9c7c7779b394047a1cfd9 seamonkey-devel-1.0.3-0.el3.1.i386.rpm 9b47bc7c27efe287cfa0c07792ccc01e seamonkey-dom-inspector-1.0.3-0.el3.1.i386.rpm 0ca5d34ca0b6db2c734ad126b6cb7b87 seamonkey-js-debugger-1.0.3-0.el3.1.i386.rpm 80e793f420547aa0ffc9f55a5d6c790a seamonkey-mail-1.0.3-0.el3.1.i386.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 7b016fbdf8977d24272a6a9bf5c549eb seamonkey-nspr-devel-1.0.3-0.el3.1.i386.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 0b0f7b284d7a43c701b8357a0636147a seamonkey-nss-devel-1.0.3-0.el3.1.i386.rpm ia64: b54f3e53c45f910fa925c78a3f85a830 seamonkey-1.0.3-0.el3.1.ia64.rpm a54b5aa4c3aca436c9dea299d6f6a084 seamonkey-chat-1.0.3-0.el3.1.ia64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 6f6f74fe222bdc7f46d8ac7dcd7fa39c seamonkey-debuginfo-1.0.3-0.el3.1.ia64.rpm 165d173c204d1194d809a01550477bb2 seamonkey-devel-1.0.3-0.el3.1.ia64.rpm 04c06e71a1e01ec3fb1b6d4921cf8e72 seamonkey-dom-inspector-1.0.3-0.el3.1.ia64.rpm e7533e4ee79017f973b5efd8c263fbb8 seamonkey-js-debugger-1.0.3-0.el3.1.ia64.rpm 6934faf2b40b265306fafa09eb7e2bdb seamonkey-mail-1.0.3-0.el3.1.ia64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 97ffb9cdeaa8c375248d7338e081705a seamonkey-nspr-1.0.3-0.el3.1.ia64.rpm 15746c43e276091cca7b22e149968eec seamonkey-nspr-devel-1.0.3-0.el3.1.ia64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 3fa583ba5193eb5022a1492207af373e seamonkey-nss-1.0.3-0.el3.1.ia64.rpm 430532e2827047ec6e95bd5fad698c98 seamonkey-nss-devel-1.0.3-0.el3.1.ia64.rpm ppc: 3557460aa7a520cf3ae737e97a23cabf seamonkey-1.0.3-0.el3.1.ppc.rpm 5da4d6c953c2375ea944da5bbc6d65d7 seamonkey-chat-1.0.3-0.el3.1.ppc.rpm 66bcc3654a08f94f34fb68f4af2fd8b3 seamonkey-debuginfo-1.0.3-0.el3.1.ppc.rpm 4a13b4766810a93c338c6e61eb7c2878 seamonkey-devel-1.0.3-0.el3.1.ppc.rpm 43af0613aef928839f9953be9275976e seamonkey-dom-inspector-1.0.3-0.el3.1.ppc.rpm 47c3640748bb8028f99fdc8df7143726 seamonkey-js-debugger-1.0.3-0.el3.1.ppc.rpm 8b0ac20bf0eb1665c48503c1e0be2190 seamonkey-mail-1.0.3-0.el3.1.ppc.rpm 81048df18d14782470b2191138ca1d1d seamonkey-nspr-1.0.3-0.el3.1.ppc.rpm b086f5ca564b9dc92f7cb42d05cfe152 seamonkey-nspr-devel-1.0.3-0.el3.1.ppc.rpm 9bfb86324ed33e65b75a222e4f4d594c seamonkey-nss-1.0.3-0.el3.1.ppc.rpm 8ead6a1dbcf7127d1be215be9386315f seamonkey-nss-devel-1.0.3-0.el3.1.ppc.rpm s390: 484c596e85d071c16b60a4ff7b588cb2 seamonkey-1.0.3-0.el3.1.s390.rpm 1d19478fe278e8810d37d0e53b843bdd seamonkey-chat-1.0.3-0.el3.1.s390.rpm 1209d9652acacb8f5443477c8762f1f0 seamonkey-debuginfo-1.0.3-0.el3.1.s390.rpm 1cdd722aaf5be9fde448c5f6572af567 seamonkey-devel-1.0.3-0.el3.1.s390.rpm 1271e3bd7a31e1a61ed06ea92700316b seamonkey-dom-inspector-1.0.3-0.el3.1.s390.rpm c48f29a1788d2724a0242b9905f4257f seamonkey-js-debugger-1.0.3-0.el3.1.s390.rpm 2cdab0ae5eac44b1ce498dd30b7bbc37 seamonkey-mail-1.0.3-0.el3.1.s390.rpm b846008adfbdad2b17be5016674c7bae seamonkey-nspr-1.0.3-0.el3.1.s390.rpm bd9ddc4a63442bca42902f1ba24f36af seamonkey-nspr-devel-1.0.3-0.el3.1.s390.rpm bcb5e6d4273210272de5885cd4493df5 seamonkey-nss-1.0.3-0.el3.1.s390.rpm 4931ae4f6b847dc3e9ad4e6a7cbff616 seamonkey-nss-devel-1.0.3-0.el3.1.s390.rpm s390x: d575784f960eae10569f23e9b960539f seamonkey-1.0.3-0.el3.1.s390x.rpm 13515109a27470d1473382feed63ac85 seamonkey-chat-1.0.3-0.el3.1.s390x.rpm 1209d9652acacb8f5443477c8762f1f0 seamonkey-debuginfo-1.0.3-0.el3.1.s390.rpm 2b922024c20037dc4e4e70c9e93da048 seamonkey-debuginfo-1.0.3-0.el3.1.s390x.rpm dca79815a7bf6b1abc31c3d1da3f8b7d seamonkey-devel-1.0.3-0.el3.1.s390x.rpm 69658420caf319c4a87f9d08cb1f8b63 seamonkey-dom-inspector-1.0.3-0.el3.1.s390x.rpm b3084333c4285c43b1e7f98d121459d4 seamonkey-js-debugger-1.0.3-0.el3.1.s390x.rpm b1c98f83174a4294e6442fd85cc54c1e seamonkey-mail-1.0.3-0.el3.1.s390x.rpm b846008adfbdad2b17be5016674c7bae seamonkey-nspr-1.0.3-0.el3.1.s390.rpm 94825bce286f505d30157ed388ec0851 seamonkey-nspr-1.0.3-0.el3.1.s390x.rpm bd5db4932cf91db2e1ab44543bf88b24 seamonkey-nspr-devel-1.0.3-0.el3.1.s390x.rpm bcb5e6d4273210272de5885cd4493df5 seamonkey-nss-1.0.3-0.el3.1.s390.rpm bd25f904c8651f3339c6fb4110209673 seamonkey-nss-1.0.3-0.el3.1.s390x.rpm 0317b5cc38abe9e5d753407e6053724f seamonkey-nss-devel-1.0.3-0.el3.1.s390x.rpm x86_64: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm d4c9f6d7193e758c20eaed2351bb2d91 seamonkey-1.0.3-0.el3.1.x86_64.rpm f54fe75baa2c2fa5907cd0a8737efd11 seamonkey-chat-1.0.3-0.el3.1.x86_64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 107d17cf6eacfc8d82903a7b52722c66 seamonkey-debuginfo-1.0.3-0.el3.1.x86_64.rpm 7762f692b3d621e8c47c392bd2c8031c seamonkey-devel-1.0.3-0.el3.1.x86_64.rpm e510b5446448432ba00053432c8a8d37 seamonkey-dom-inspector-1.0.3-0.el3.1.x86_64.rpm 299196ad7affc2b288423aaa1e92829e seamonkey-js-debugger-1.0.3-0.el3.1.x86_64.rpm 959424ae886ecf449f8cd657de5cf46a seamonkey-mail-1.0.3-0.el3.1.x86_64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 267086e1803aa3a62035f747cbbdb659 seamonkey-nspr-1.0.3-0.el3.1.x86_64.rpm 7c636ad447bbd128e651262084d62bee seamonkey-nspr-devel-1.0.3-0.el3.1.x86_64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 03897b6821a7edfc3d9116a0b64a2845 seamonkey-nss-1.0.3-0.el3.1.x86_64.rpm 1c0a8543ac1dd50e69bf5ac03c5f1d1f seamonkey-nss-devel-1.0.3-0.el3.1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.3-0.el3.1.src.rpm 5700fda497d3d6e09cb99bd0160cae1c seamonkey-1.0.3-0.el3.1.src.rpm i386: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm 10bccb0c6f61cc913a5cee11e4525282 seamonkey-chat-1.0.3-0.el3.1.i386.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 4e0d353982d9c7c7779b394047a1cfd9 seamonkey-devel-1.0.3-0.el3.1.i386.rpm 9b47bc7c27efe287cfa0c07792ccc01e seamonkey-dom-inspector-1.0.3-0.el3.1.i386.rpm 0ca5d34ca0b6db2c734ad126b6cb7b87 seamonkey-js-debugger-1.0.3-0.el3.1.i386.rpm 80e793f420547aa0ffc9f55a5d6c790a seamonkey-mail-1.0.3-0.el3.1.i386.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 7b016fbdf8977d24272a6a9bf5c549eb seamonkey-nspr-devel-1.0.3-0.el3.1.i386.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 0b0f7b284d7a43c701b8357a0636147a seamonkey-nss-devel-1.0.3-0.el3.1.i386.rpm x86_64: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm d4c9f6d7193e758c20eaed2351bb2d91 seamonkey-1.0.3-0.el3.1.x86_64.rpm f54fe75baa2c2fa5907cd0a8737efd11 seamonkey-chat-1.0.3-0.el3.1.x86_64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 107d17cf6eacfc8d82903a7b52722c66 seamonkey-debuginfo-1.0.3-0.el3.1.x86_64.rpm 7762f692b3d621e8c47c392bd2c8031c seamonkey-devel-1.0.3-0.el3.1.x86_64.rpm e510b5446448432ba00053432c8a8d37 seamonkey-dom-inspector-1.0.3-0.el3.1.x86_64.rpm 299196ad7affc2b288423aaa1e92829e seamonkey-js-debugger-1.0.3-0.el3.1.x86_64.rpm 959424ae886ecf449f8cd657de5cf46a seamonkey-mail-1.0.3-0.el3.1.x86_64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 267086e1803aa3a62035f747cbbdb659 seamonkey-nspr-1.0.3-0.el3.1.x86_64.rpm 7c636ad447bbd128e651262084d62bee seamonkey-nspr-devel-1.0.3-0.el3.1.x86_64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 03897b6821a7edfc3d9116a0b64a2845 seamonkey-nss-1.0.3-0.el3.1.x86_64.rpm 1c0a8543ac1dd50e69bf5ac03c5f1d1f seamonkey-nss-devel-1.0.3-0.el3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.3-0.el3.1.src.rpm 5700fda497d3d6e09cb99bd0160cae1c seamonkey-1.0.3-0.el3.1.src.rpm i386: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm 10bccb0c6f61cc913a5cee11e4525282 seamonkey-chat-1.0.3-0.el3.1.i386.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 4e0d353982d9c7c7779b394047a1cfd9 seamonkey-devel-1.0.3-0.el3.1.i386.rpm 9b47bc7c27efe287cfa0c07792ccc01e seamonkey-dom-inspector-1.0.3-0.el3.1.i386.rpm 0ca5d34ca0b6db2c734ad126b6cb7b87 seamonkey-js-debugger-1.0.3-0.el3.1.i386.rpm 80e793f420547aa0ffc9f55a5d6c790a seamonkey-mail-1.0.3-0.el3.1.i386.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 7b016fbdf8977d24272a6a9bf5c549eb seamonkey-nspr-devel-1.0.3-0.el3.1.i386.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 0b0f7b284d7a43c701b8357a0636147a seamonkey-nss-devel-1.0.3-0.el3.1.i386.rpm ia64: b54f3e53c45f910fa925c78a3f85a830 seamonkey-1.0.3-0.el3.1.ia64.rpm a54b5aa4c3aca436c9dea299d6f6a084 seamonkey-chat-1.0.3-0.el3.1.ia64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 6f6f74fe222bdc7f46d8ac7dcd7fa39c seamonkey-debuginfo-1.0.3-0.el3.1.ia64.rpm 165d173c204d1194d809a01550477bb2 seamonkey-devel-1.0.3-0.el3.1.ia64.rpm 04c06e71a1e01ec3fb1b6d4921cf8e72 seamonkey-dom-inspector-1.0.3-0.el3.1.ia64.rpm e7533e4ee79017f973b5efd8c263fbb8 seamonkey-js-debugger-1.0.3-0.el3.1.ia64.rpm 6934faf2b40b265306fafa09eb7e2bdb seamonkey-mail-1.0.3-0.el3.1.ia64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 97ffb9cdeaa8c375248d7338e081705a seamonkey-nspr-1.0.3-0.el3.1.ia64.rpm 15746c43e276091cca7b22e149968eec seamonkey-nspr-devel-1.0.3-0.el3.1.ia64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 3fa583ba5193eb5022a1492207af373e seamonkey-nss-1.0.3-0.el3.1.ia64.rpm 430532e2827047ec6e95bd5fad698c98 seamonkey-nss-devel-1.0.3-0.el3.1.ia64.rpm x86_64: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm d4c9f6d7193e758c20eaed2351bb2d91 seamonkey-1.0.3-0.el3.1.x86_64.rpm f54fe75baa2c2fa5907cd0a8737efd11 seamonkey-chat-1.0.3-0.el3.1.x86_64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 107d17cf6eacfc8d82903a7b52722c66 seamonkey-debuginfo-1.0.3-0.el3.1.x86_64.rpm 7762f692b3d621e8c47c392bd2c8031c seamonkey-devel-1.0.3-0.el3.1.x86_64.rpm e510b5446448432ba00053432c8a8d37 seamonkey-dom-inspector-1.0.3-0.el3.1.x86_64.rpm 299196ad7affc2b288423aaa1e92829e seamonkey-js-debugger-1.0.3-0.el3.1.x86_64.rpm 959424ae886ecf449f8cd657de5cf46a seamonkey-mail-1.0.3-0.el3.1.x86_64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 267086e1803aa3a62035f747cbbdb659 seamonkey-nspr-1.0.3-0.el3.1.x86_64.rpm 7c636ad447bbd128e651262084d62bee seamonkey-nspr-devel-1.0.3-0.el3.1.x86_64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 03897b6821a7edfc3d9116a0b64a2845 seamonkey-nss-1.0.3-0.el3.1.x86_64.rpm 1c0a8543ac1dd50e69bf5ac03c5f1d1f seamonkey-nss-devel-1.0.3-0.el3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.3-0.el3.1.src.rpm 5700fda497d3d6e09cb99bd0160cae1c seamonkey-1.0.3-0.el3.1.src.rpm i386: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm 10bccb0c6f61cc913a5cee11e4525282 seamonkey-chat-1.0.3-0.el3.1.i386.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 4e0d353982d9c7c7779b394047a1cfd9 seamonkey-devel-1.0.3-0.el3.1.i386.rpm 9b47bc7c27efe287cfa0c07792ccc01e seamonkey-dom-inspector-1.0.3-0.el3.1.i386.rpm 0ca5d34ca0b6db2c734ad126b6cb7b87 seamonkey-js-debugger-1.0.3-0.el3.1.i386.rpm 80e793f420547aa0ffc9f55a5d6c790a seamonkey-mail-1.0.3-0.el3.1.i386.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 7b016fbdf8977d24272a6a9bf5c549eb seamonkey-nspr-devel-1.0.3-0.el3.1.i386.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 0b0f7b284d7a43c701b8357a0636147a seamonkey-nss-devel-1.0.3-0.el3.1.i386.rpm ia64: b54f3e53c45f910fa925c78a3f85a830 seamonkey-1.0.3-0.el3.1.ia64.rpm a54b5aa4c3aca436c9dea299d6f6a084 seamonkey-chat-1.0.3-0.el3.1.ia64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 6f6f74fe222bdc7f46d8ac7dcd7fa39c seamonkey-debuginfo-1.0.3-0.el3.1.ia64.rpm 165d173c204d1194d809a01550477bb2 seamonkey-devel-1.0.3-0.el3.1.ia64.rpm 04c06e71a1e01ec3fb1b6d4921cf8e72 seamonkey-dom-inspector-1.0.3-0.el3.1.ia64.rpm e7533e4ee79017f973b5efd8c263fbb8 seamonkey-js-debugger-1.0.3-0.el3.1.ia64.rpm 6934faf2b40b265306fafa09eb7e2bdb seamonkey-mail-1.0.3-0.el3.1.ia64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 97ffb9cdeaa8c375248d7338e081705a seamonkey-nspr-1.0.3-0.el3.1.ia64.rpm 15746c43e276091cca7b22e149968eec seamonkey-nspr-devel-1.0.3-0.el3.1.ia64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 3fa583ba5193eb5022a1492207af373e seamonkey-nss-1.0.3-0.el3.1.ia64.rpm 430532e2827047ec6e95bd5fad698c98 seamonkey-nss-devel-1.0.3-0.el3.1.ia64.rpm x86_64: edf47c00458eabb9a145b3a2d6211712 seamonkey-1.0.3-0.el3.1.i386.rpm d4c9f6d7193e758c20eaed2351bb2d91 seamonkey-1.0.3-0.el3.1.x86_64.rpm f54fe75baa2c2fa5907cd0a8737efd11 seamonkey-chat-1.0.3-0.el3.1.x86_64.rpm 6c48ebe61fd49a8049c8f7d860609006 seamonkey-debuginfo-1.0.3-0.el3.1.i386.rpm 107d17cf6eacfc8d82903a7b52722c66 seamonkey-debuginfo-1.0.3-0.el3.1.x86_64.rpm 7762f692b3d621e8c47c392bd2c8031c seamonkey-devel-1.0.3-0.el3.1.x86_64.rpm e510b5446448432ba00053432c8a8d37 seamonkey-dom-inspector-1.0.3-0.el3.1.x86_64.rpm 299196ad7affc2b288423aaa1e92829e seamonkey-js-debugger-1.0.3-0.el3.1.x86_64.rpm 959424ae886ecf449f8cd657de5cf46a seamonkey-mail-1.0.3-0.el3.1.x86_64.rpm dd0da039d35805b601e785791230b1b5 seamonkey-nspr-1.0.3-0.el3.1.i386.rpm 267086e1803aa3a62035f747cbbdb659 seamonkey-nspr-1.0.3-0.el3.1.x86_64.rpm 7c636ad447bbd128e651262084d62bee seamonkey-nspr-devel-1.0.3-0.el3.1.x86_64.rpm b76d2bf3a842876e218395172a9390ee seamonkey-nss-1.0.3-0.el3.1.i386.rpm 03897b6821a7edfc3d9116a0b64a2845 seamonkey-nss-1.0.3-0.el3.1.x86_64.rpm 1c0a8543ac1dd50e69bf5ac03c5f1d1f seamonkey-nss-devel-1.0.3-0.el3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3677 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3804 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3811 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3812 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEyR4zXlSAg2UNWIIRAhmfAJ9MSTmR6VPFIK6Bb9P28JHgXPHX/gCgnhfr YPdI9mgL+kQsIAfaHIsGNno= =Z5+F -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jul 27 20:47:31 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 27 Jul 2006 16:47:31 -0400 Subject: [RHSA-2006:0604-01] Moderate: ruby security update Message-ID: <200607272047.k6RKlWbP025507@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ruby security update Advisory ID: RHSA-2006:0604-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0604.html Issue date: 2006-07-27 Updated on: 2006-07-27 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-3694 - --------------------------------------------------------------------- 1. Summary: Updated ruby packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Ruby is an interpreted scripting language for object-oriented programming. A number of flaws were found in the safe-level restrictions in Ruby. It was possible for an attacker to create a carefully crafted malicious script that can allow the bypass of certain safe-level restrictions. (CVE-2006-3694) Users of Ruby should update to these erratum packages, which contain a backported patch and are not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 199539 - CVE-2006-3694 Insecure operations in the certain safe-level restrictions 199545 - CVE-2006-3694 ruby safe-level bypass 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ruby-1.6.4-2.AS21.3.src.rpm 0194fd11ebf10b7119000c7d2436734a ruby-1.6.4-2.AS21.3.src.rpm i386: 9909d3bab7d09e7b0f8f13233457a466 irb-1.6.4-2.AS21.3.i386.rpm 954bfbbdfec87d05dba8077e36c53927 ruby-1.6.4-2.AS21.3.i386.rpm cebfcee3d70eb93a01371bb870dfd467 ruby-devel-1.6.4-2.AS21.3.i386.rpm db82a7a8faff3d0e435d3c09bb5038d6 ruby-docs-1.6.4-2.AS21.3.i386.rpm dfa88bcc900d27eb5e470add7a8e0b6e ruby-libs-1.6.4-2.AS21.3.i386.rpm 2ed45b0c0e5a3bf914a5f2a29d246c39 ruby-tcltk-1.6.4-2.AS21.3.i386.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ruby-1.6.4-2.AS21.3.src.rpm 0194fd11ebf10b7119000c7d2436734a ruby-1.6.4-2.AS21.3.src.rpm i386: 9909d3bab7d09e7b0f8f13233457a466 irb-1.6.4-2.AS21.3.i386.rpm 954bfbbdfec87d05dba8077e36c53927 ruby-1.6.4-2.AS21.3.i386.rpm cebfcee3d70eb93a01371bb870dfd467 ruby-devel-1.6.4-2.AS21.3.i386.rpm db82a7a8faff3d0e435d3c09bb5038d6 ruby-docs-1.6.4-2.AS21.3.i386.rpm dfa88bcc900d27eb5e470add7a8e0b6e ruby-libs-1.6.4-2.AS21.3.i386.rpm 2ed45b0c0e5a3bf914a5f2a29d246c39 ruby-tcltk-1.6.4-2.AS21.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ruby-1.6.4-2.AS21.3.src.rpm 0194fd11ebf10b7119000c7d2436734a ruby-1.6.4-2.AS21.3.src.rpm i386: 9909d3bab7d09e7b0f8f13233457a466 irb-1.6.4-2.AS21.3.i386.rpm 954bfbbdfec87d05dba8077e36c53927 ruby-1.6.4-2.AS21.3.i386.rpm cebfcee3d70eb93a01371bb870dfd467 ruby-devel-1.6.4-2.AS21.3.i386.rpm db82a7a8faff3d0e435d3c09bb5038d6 ruby-docs-1.6.4-2.AS21.3.i386.rpm dfa88bcc900d27eb5e470add7a8e0b6e ruby-libs-1.6.4-2.AS21.3.i386.rpm 2ed45b0c0e5a3bf914a5f2a29d246c39 ruby-tcltk-1.6.4-2.AS21.3.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ruby-1.6.8-9.EL3.6.src.rpm f0a7cf83245df56f9cbdaeb07f6da894 ruby-1.6.8-9.EL3.6.src.rpm i386: 3a7f044faa7c76c3c7614c44afa80c23 irb-1.6.8-9.EL3.6.i386.rpm d0a3d310fc341ceafef75428a397063a ruby-1.6.8-9.EL3.6.i386.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 02461bf50f03a523b90a7a80305590fd ruby-devel-1.6.8-9.EL3.6.i386.rpm d162b3df3bc1596ec91e872c39da09ea ruby-docs-1.6.8-9.EL3.6.i386.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm 3416a4bc383d889f1e32466a0b87392c ruby-mode-1.6.8-9.EL3.6.i386.rpm 59a76a565cb1c829cd9586685bbb980f ruby-tcltk-1.6.8-9.EL3.6.i386.rpm ia64: 7099776d6d9aeede4edd69dc6dd8ce07 irb-1.6.8-9.EL3.6.ia64.rpm 97b51cdec6858940c5606ec35923ce92 ruby-1.6.8-9.EL3.6.ia64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 079986124d225d4279abb5656eabc5c7 ruby-debuginfo-1.6.8-9.EL3.6.ia64.rpm bcd5b2b481548e13adf780f5ed17fd08 ruby-devel-1.6.8-9.EL3.6.ia64.rpm 005422857b56be1e4bdffbe5c9133493 ruby-docs-1.6.8-9.EL3.6.ia64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ce78620547dd007d3b673d3eeca188b1 ruby-libs-1.6.8-9.EL3.6.ia64.rpm e69addf873437651d94aaea1845d49cb ruby-mode-1.6.8-9.EL3.6.ia64.rpm 335bcda1d31ca9b9d07f31d97f5e06fa ruby-tcltk-1.6.8-9.EL3.6.ia64.rpm ppc: a94524c2402979c085ce9427a66b3046 irb-1.6.8-9.EL3.6.ppc.rpm 92adbda2819aabd858aa77c198994ff1 ruby-1.6.8-9.EL3.6.ppc.rpm d5b7927d6b9fd48948eaf1cc221ea14c ruby-debuginfo-1.6.8-9.EL3.6.ppc.rpm d60fb1b060add40e16a5e7437e18747d ruby-debuginfo-1.6.8-9.EL3.6.ppc64.rpm fa874b1d552a129dc509074643933641 ruby-devel-1.6.8-9.EL3.6.ppc.rpm a83bc2fbb59c537b4bad6f9be56432a4 ruby-docs-1.6.8-9.EL3.6.ppc.rpm 33f0fdbe6ccd753ca1099de79f42b4d0 ruby-libs-1.6.8-9.EL3.6.ppc.rpm 39b133814c1b65d56c1f865de3fed2f0 ruby-libs-1.6.8-9.EL3.6.ppc64.rpm b88177e20a0317b875e387f2b97830fc ruby-mode-1.6.8-9.EL3.6.ppc.rpm 8590f78a59ec8562963bcc13d5467fd1 ruby-tcltk-1.6.8-9.EL3.6.ppc.rpm s390: d1b105e23cc7aab40e16488b6f9dfade irb-1.6.8-9.EL3.6.s390.rpm b803d32393eaccc08356a0cfcb8baf6e ruby-1.6.8-9.EL3.6.s390.rpm e215331255e21cde325a95d7c48c1e2c ruby-debuginfo-1.6.8-9.EL3.6.s390.rpm 8e20843a8107d1a819abe1628a75d038 ruby-devel-1.6.8-9.EL3.6.s390.rpm 4ed863a052e39c65fc20bc766bbf01a5 ruby-docs-1.6.8-9.EL3.6.s390.rpm e12d2211f9d8810d72e99a5e7c406143 ruby-libs-1.6.8-9.EL3.6.s390.rpm 17dd2d6ada084ef3d58d2fa79c88774b ruby-mode-1.6.8-9.EL3.6.s390.rpm 4d35ec337cc0cb888c2c2c6f61129a6d ruby-tcltk-1.6.8-9.EL3.6.s390.rpm s390x: 72025dc3b5ba3bde248b8d95f1f67405 irb-1.6.8-9.EL3.6.s390x.rpm cce8a20cda425f393f7d15aae658e6b9 ruby-1.6.8-9.EL3.6.s390x.rpm e215331255e21cde325a95d7c48c1e2c ruby-debuginfo-1.6.8-9.EL3.6.s390.rpm 49f141e2e7e39ffa8ef1bb948af10c09 ruby-debuginfo-1.6.8-9.EL3.6.s390x.rpm 479da21cc733743953323621f82ffac2 ruby-devel-1.6.8-9.EL3.6.s390x.rpm 3263d2435b9206b84c647405b3170384 ruby-docs-1.6.8-9.EL3.6.s390x.rpm e12d2211f9d8810d72e99a5e7c406143 ruby-libs-1.6.8-9.EL3.6.s390.rpm 432d5c9e797bade73b911c0c06cd292f ruby-libs-1.6.8-9.EL3.6.s390x.rpm fd8ba879883c35e3262f64bc0e5d9a4e ruby-mode-1.6.8-9.EL3.6.s390x.rpm 0548f3a7619ba6f27411dc38dab1dfe0 ruby-tcltk-1.6.8-9.EL3.6.s390x.rpm x86_64: da7d4ddb738b451e98beae17c80864bc irb-1.6.8-9.EL3.6.x86_64.rpm 752236894c83cf118e224848c148e0fb ruby-1.6.8-9.EL3.6.x86_64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 1f859bf02560d0cd609655f88db608e9 ruby-debuginfo-1.6.8-9.EL3.6.x86_64.rpm a29dbe0ee6572bd8d6105d16452990c0 ruby-devel-1.6.8-9.EL3.6.x86_64.rpm 3c8d6bb264bb1ce550d7f30aa4dacdaf ruby-docs-1.6.8-9.EL3.6.x86_64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ed2f834054ea90f889ec0c9b2a246405 ruby-libs-1.6.8-9.EL3.6.x86_64.rpm 35d407a9234452eadaec42e81c167f6f ruby-mode-1.6.8-9.EL3.6.x86_64.rpm ddcced9255e0d33be0c67c22c2268a23 ruby-tcltk-1.6.8-9.EL3.6.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ruby-1.6.8-9.EL3.6.src.rpm f0a7cf83245df56f9cbdaeb07f6da894 ruby-1.6.8-9.EL3.6.src.rpm i386: 3a7f044faa7c76c3c7614c44afa80c23 irb-1.6.8-9.EL3.6.i386.rpm d0a3d310fc341ceafef75428a397063a ruby-1.6.8-9.EL3.6.i386.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 02461bf50f03a523b90a7a80305590fd ruby-devel-1.6.8-9.EL3.6.i386.rpm d162b3df3bc1596ec91e872c39da09ea ruby-docs-1.6.8-9.EL3.6.i386.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm 3416a4bc383d889f1e32466a0b87392c ruby-mode-1.6.8-9.EL3.6.i386.rpm 59a76a565cb1c829cd9586685bbb980f ruby-tcltk-1.6.8-9.EL3.6.i386.rpm x86_64: da7d4ddb738b451e98beae17c80864bc irb-1.6.8-9.EL3.6.x86_64.rpm 752236894c83cf118e224848c148e0fb ruby-1.6.8-9.EL3.6.x86_64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 1f859bf02560d0cd609655f88db608e9 ruby-debuginfo-1.6.8-9.EL3.6.x86_64.rpm a29dbe0ee6572bd8d6105d16452990c0 ruby-devel-1.6.8-9.EL3.6.x86_64.rpm 3c8d6bb264bb1ce550d7f30aa4dacdaf ruby-docs-1.6.8-9.EL3.6.x86_64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ed2f834054ea90f889ec0c9b2a246405 ruby-libs-1.6.8-9.EL3.6.x86_64.rpm 35d407a9234452eadaec42e81c167f6f ruby-mode-1.6.8-9.EL3.6.x86_64.rpm ddcced9255e0d33be0c67c22c2268a23 ruby-tcltk-1.6.8-9.EL3.6.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ruby-1.6.8-9.EL3.6.src.rpm f0a7cf83245df56f9cbdaeb07f6da894 ruby-1.6.8-9.EL3.6.src.rpm i386: 3a7f044faa7c76c3c7614c44afa80c23 irb-1.6.8-9.EL3.6.i386.rpm d0a3d310fc341ceafef75428a397063a ruby-1.6.8-9.EL3.6.i386.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 02461bf50f03a523b90a7a80305590fd ruby-devel-1.6.8-9.EL3.6.i386.rpm d162b3df3bc1596ec91e872c39da09ea ruby-docs-1.6.8-9.EL3.6.i386.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm 3416a4bc383d889f1e32466a0b87392c ruby-mode-1.6.8-9.EL3.6.i386.rpm 59a76a565cb1c829cd9586685bbb980f ruby-tcltk-1.6.8-9.EL3.6.i386.rpm ia64: 7099776d6d9aeede4edd69dc6dd8ce07 irb-1.6.8-9.EL3.6.ia64.rpm 97b51cdec6858940c5606ec35923ce92 ruby-1.6.8-9.EL3.6.ia64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 079986124d225d4279abb5656eabc5c7 ruby-debuginfo-1.6.8-9.EL3.6.ia64.rpm bcd5b2b481548e13adf780f5ed17fd08 ruby-devel-1.6.8-9.EL3.6.ia64.rpm 005422857b56be1e4bdffbe5c9133493 ruby-docs-1.6.8-9.EL3.6.ia64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ce78620547dd007d3b673d3eeca188b1 ruby-libs-1.6.8-9.EL3.6.ia64.rpm e69addf873437651d94aaea1845d49cb ruby-mode-1.6.8-9.EL3.6.ia64.rpm 335bcda1d31ca9b9d07f31d97f5e06fa ruby-tcltk-1.6.8-9.EL3.6.ia64.rpm x86_64: da7d4ddb738b451e98beae17c80864bc irb-1.6.8-9.EL3.6.x86_64.rpm 752236894c83cf118e224848c148e0fb ruby-1.6.8-9.EL3.6.x86_64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 1f859bf02560d0cd609655f88db608e9 ruby-debuginfo-1.6.8-9.EL3.6.x86_64.rpm a29dbe0ee6572bd8d6105d16452990c0 ruby-devel-1.6.8-9.EL3.6.x86_64.rpm 3c8d6bb264bb1ce550d7f30aa4dacdaf ruby-docs-1.6.8-9.EL3.6.x86_64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ed2f834054ea90f889ec0c9b2a246405 ruby-libs-1.6.8-9.EL3.6.x86_64.rpm 35d407a9234452eadaec42e81c167f6f ruby-mode-1.6.8-9.EL3.6.x86_64.rpm ddcced9255e0d33be0c67c22c2268a23 ruby-tcltk-1.6.8-9.EL3.6.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ruby-1.6.8-9.EL3.6.src.rpm f0a7cf83245df56f9cbdaeb07f6da894 ruby-1.6.8-9.EL3.6.src.rpm i386: 3a7f044faa7c76c3c7614c44afa80c23 irb-1.6.8-9.EL3.6.i386.rpm d0a3d310fc341ceafef75428a397063a ruby-1.6.8-9.EL3.6.i386.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 02461bf50f03a523b90a7a80305590fd ruby-devel-1.6.8-9.EL3.6.i386.rpm d162b3df3bc1596ec91e872c39da09ea ruby-docs-1.6.8-9.EL3.6.i386.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm 3416a4bc383d889f1e32466a0b87392c ruby-mode-1.6.8-9.EL3.6.i386.rpm 59a76a565cb1c829cd9586685bbb980f ruby-tcltk-1.6.8-9.EL3.6.i386.rpm ia64: 7099776d6d9aeede4edd69dc6dd8ce07 irb-1.6.8-9.EL3.6.ia64.rpm 97b51cdec6858940c5606ec35923ce92 ruby-1.6.8-9.EL3.6.ia64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 079986124d225d4279abb5656eabc5c7 ruby-debuginfo-1.6.8-9.EL3.6.ia64.rpm bcd5b2b481548e13adf780f5ed17fd08 ruby-devel-1.6.8-9.EL3.6.ia64.rpm 005422857b56be1e4bdffbe5c9133493 ruby-docs-1.6.8-9.EL3.6.ia64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ce78620547dd007d3b673d3eeca188b1 ruby-libs-1.6.8-9.EL3.6.ia64.rpm e69addf873437651d94aaea1845d49cb ruby-mode-1.6.8-9.EL3.6.ia64.rpm 335bcda1d31ca9b9d07f31d97f5e06fa ruby-tcltk-1.6.8-9.EL3.6.ia64.rpm x86_64: da7d4ddb738b451e98beae17c80864bc irb-1.6.8-9.EL3.6.x86_64.rpm 752236894c83cf118e224848c148e0fb ruby-1.6.8-9.EL3.6.x86_64.rpm 5a5316aefd0a7d3eb2cb0b28cba8cb21 ruby-debuginfo-1.6.8-9.EL3.6.i386.rpm 1f859bf02560d0cd609655f88db608e9 ruby-debuginfo-1.6.8-9.EL3.6.x86_64.rpm a29dbe0ee6572bd8d6105d16452990c0 ruby-devel-1.6.8-9.EL3.6.x86_64.rpm 3c8d6bb264bb1ce550d7f30aa4dacdaf ruby-docs-1.6.8-9.EL3.6.x86_64.rpm f97b330230b301c4f6b6501b0b4a632e ruby-libs-1.6.8-9.EL3.6.i386.rpm ed2f834054ea90f889ec0c9b2a246405 ruby-libs-1.6.8-9.EL3.6.x86_64.rpm 35d407a9234452eadaec42e81c167f6f ruby-mode-1.6.8-9.EL3.6.x86_64.rpm ddcced9255e0d33be0c67c22c2268a23 ruby-tcltk-1.6.8-9.EL3.6.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ruby-1.8.1-7.EL4.6.src.rpm 5ff261f5fa0400530829e41cd233ee47 ruby-1.8.1-7.EL4.6.src.rpm i386: 2796b7eb30d23abd1cb33b5173afe75c irb-1.8.1-7.EL4.6.i386.rpm cdfea9dc4d55a84c3b2f3781d385b6f9 ruby-1.8.1-7.EL4.6.i386.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 1c34a419d409b8e23582138b9b7eed55 ruby-devel-1.8.1-7.EL4.6.i386.rpm 52935fe5dd5e3aa9b5f61dc18f2b1ac4 ruby-docs-1.8.1-7.EL4.6.i386.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 83f7995e351402f51791c1d48f058f91 ruby-mode-1.8.1-7.EL4.6.i386.rpm b57bf2ea4ed715f430cea96810cfdc02 ruby-tcltk-1.8.1-7.EL4.6.i386.rpm ia64: 678aa321b219f5d75993c07684abe099 irb-1.8.1-7.EL4.6.ia64.rpm 10318ed6c46e1a0a0e491140c9bf1b37 ruby-1.8.1-7.EL4.6.ia64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 54430176ebf6d12a2b17284a679c927c ruby-debuginfo-1.8.1-7.EL4.6.ia64.rpm 930755e758e20e4beeb64a76d0bc5505 ruby-devel-1.8.1-7.EL4.6.ia64.rpm 235acfc07bedd919dfd88c56fabc22f4 ruby-docs-1.8.1-7.EL4.6.ia64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm efa22ff5c1228a43bf32008de22c3a8d ruby-libs-1.8.1-7.EL4.6.ia64.rpm cf053236a2be5a7801cb148274565403 ruby-mode-1.8.1-7.EL4.6.ia64.rpm 319ee4726c554d64d26da5295c934902 ruby-tcltk-1.8.1-7.EL4.6.ia64.rpm ppc: c347183c954913680dc86fd0954712f1 irb-1.8.1-7.EL4.6.ppc.rpm 34c915cbab5fc8d6323061584372f55a ruby-1.8.1-7.EL4.6.ppc.rpm ccc4499383dad28f355a9f2de839f37a ruby-debuginfo-1.8.1-7.EL4.6.ppc.rpm 13f824c6696d3d4358bbdb9b19564ceb ruby-debuginfo-1.8.1-7.EL4.6.ppc64.rpm 10d99f1b0c371eafeb8db30dc6a42e91 ruby-devel-1.8.1-7.EL4.6.ppc.rpm d5713f85cca9c9a565dac6e4307436d4 ruby-docs-1.8.1-7.EL4.6.ppc.rpm 27a69562e870ee5279894d5d64a3b4af ruby-libs-1.8.1-7.EL4.6.ppc.rpm 6c285e751c35efce39fcf6a70015a082 ruby-libs-1.8.1-7.EL4.6.ppc64.rpm 2566d8bd8281dbf3b3115e841971946a ruby-mode-1.8.1-7.EL4.6.ppc.rpm f1da93483bfefd6cb43865e6d97daf93 ruby-tcltk-1.8.1-7.EL4.6.ppc.rpm s390: 76d2d0a675874f003aef6a5ab9aba1d2 irb-1.8.1-7.EL4.6.s390.rpm eb2733a481f4ee46662bb7970eea8efe ruby-1.8.1-7.EL4.6.s390.rpm 2f09b061f88b979267340e7a81a9eee3 ruby-debuginfo-1.8.1-7.EL4.6.s390.rpm 7c75e1d9a8b2473afc4259a0b016a291 ruby-devel-1.8.1-7.EL4.6.s390.rpm b4f1554d9e5ed7f8b1023f94a7193e33 ruby-docs-1.8.1-7.EL4.6.s390.rpm dd32f562baa64e435bf93d7a83aa8709 ruby-libs-1.8.1-7.EL4.6.s390.rpm 4f6c2f4f92bcc3117cb645b0d65d7b53 ruby-mode-1.8.1-7.EL4.6.s390.rpm 6c550e8ad94e988ad14b29223ed1821a ruby-tcltk-1.8.1-7.EL4.6.s390.rpm s390x: 25935ed52b6b97f4efc11361cc5efc1e irb-1.8.1-7.EL4.6.s390x.rpm c34c3f944d1c9ba53c6fa21097851dce ruby-1.8.1-7.EL4.6.s390x.rpm 2f09b061f88b979267340e7a81a9eee3 ruby-debuginfo-1.8.1-7.EL4.6.s390.rpm 04757c569ca741c84ab840a94b73d243 ruby-debuginfo-1.8.1-7.EL4.6.s390x.rpm 80161ca73b0f8b52fc79280ec3e34cb5 ruby-devel-1.8.1-7.EL4.6.s390x.rpm 18e45bc53ca491997151b3246c968482 ruby-docs-1.8.1-7.EL4.6.s390x.rpm dd32f562baa64e435bf93d7a83aa8709 ruby-libs-1.8.1-7.EL4.6.s390.rpm 44cdb639cefb0c7db8e2f04706db07ea ruby-libs-1.8.1-7.EL4.6.s390x.rpm 8cec577cb4f6cb3a5515712b5c13a4c6 ruby-mode-1.8.1-7.EL4.6.s390x.rpm 77a49a3c56800455a6629c1c3c8c8926 ruby-tcltk-1.8.1-7.EL4.6.s390x.rpm x86_64: 502dc8b831e020dbe9a4e1064865378f irb-1.8.1-7.EL4.6.x86_64.rpm c9ca6eed369c026163ba8c8fb4ca4886 ruby-1.8.1-7.EL4.6.x86_64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 2cb9ca4be4dedf316a1745bfc4dd5116 ruby-debuginfo-1.8.1-7.EL4.6.x86_64.rpm 3d9d8462f8be9486e01b3b03060b98a1 ruby-devel-1.8.1-7.EL4.6.x86_64.rpm 10085244f5f10eb10deee7b31cfe0bed ruby-docs-1.8.1-7.EL4.6.x86_64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 79a49aa2f16350cc276e506feee5ce95 ruby-libs-1.8.1-7.EL4.6.x86_64.rpm 178ec5f53c9af59e4880e95240f85ac0 ruby-mode-1.8.1-7.EL4.6.x86_64.rpm 88e94020f3ba3d96c93dac7b3c5cd024 ruby-tcltk-1.8.1-7.EL4.6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ruby-1.8.1-7.EL4.6.src.rpm 5ff261f5fa0400530829e41cd233ee47 ruby-1.8.1-7.EL4.6.src.rpm i386: 2796b7eb30d23abd1cb33b5173afe75c irb-1.8.1-7.EL4.6.i386.rpm cdfea9dc4d55a84c3b2f3781d385b6f9 ruby-1.8.1-7.EL4.6.i386.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 1c34a419d409b8e23582138b9b7eed55 ruby-devel-1.8.1-7.EL4.6.i386.rpm 52935fe5dd5e3aa9b5f61dc18f2b1ac4 ruby-docs-1.8.1-7.EL4.6.i386.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 83f7995e351402f51791c1d48f058f91 ruby-mode-1.8.1-7.EL4.6.i386.rpm b57bf2ea4ed715f430cea96810cfdc02 ruby-tcltk-1.8.1-7.EL4.6.i386.rpm x86_64: 502dc8b831e020dbe9a4e1064865378f irb-1.8.1-7.EL4.6.x86_64.rpm c9ca6eed369c026163ba8c8fb4ca4886 ruby-1.8.1-7.EL4.6.x86_64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 2cb9ca4be4dedf316a1745bfc4dd5116 ruby-debuginfo-1.8.1-7.EL4.6.x86_64.rpm 3d9d8462f8be9486e01b3b03060b98a1 ruby-devel-1.8.1-7.EL4.6.x86_64.rpm 10085244f5f10eb10deee7b31cfe0bed ruby-docs-1.8.1-7.EL4.6.x86_64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 79a49aa2f16350cc276e506feee5ce95 ruby-libs-1.8.1-7.EL4.6.x86_64.rpm 178ec5f53c9af59e4880e95240f85ac0 ruby-mode-1.8.1-7.EL4.6.x86_64.rpm 88e94020f3ba3d96c93dac7b3c5cd024 ruby-tcltk-1.8.1-7.EL4.6.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ruby-1.8.1-7.EL4.6.src.rpm 5ff261f5fa0400530829e41cd233ee47 ruby-1.8.1-7.EL4.6.src.rpm i386: 2796b7eb30d23abd1cb33b5173afe75c irb-1.8.1-7.EL4.6.i386.rpm cdfea9dc4d55a84c3b2f3781d385b6f9 ruby-1.8.1-7.EL4.6.i386.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 1c34a419d409b8e23582138b9b7eed55 ruby-devel-1.8.1-7.EL4.6.i386.rpm 52935fe5dd5e3aa9b5f61dc18f2b1ac4 ruby-docs-1.8.1-7.EL4.6.i386.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 83f7995e351402f51791c1d48f058f91 ruby-mode-1.8.1-7.EL4.6.i386.rpm b57bf2ea4ed715f430cea96810cfdc02 ruby-tcltk-1.8.1-7.EL4.6.i386.rpm ia64: 678aa321b219f5d75993c07684abe099 irb-1.8.1-7.EL4.6.ia64.rpm 10318ed6c46e1a0a0e491140c9bf1b37 ruby-1.8.1-7.EL4.6.ia64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 54430176ebf6d12a2b17284a679c927c ruby-debuginfo-1.8.1-7.EL4.6.ia64.rpm 930755e758e20e4beeb64a76d0bc5505 ruby-devel-1.8.1-7.EL4.6.ia64.rpm 235acfc07bedd919dfd88c56fabc22f4 ruby-docs-1.8.1-7.EL4.6.ia64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm efa22ff5c1228a43bf32008de22c3a8d ruby-libs-1.8.1-7.EL4.6.ia64.rpm cf053236a2be5a7801cb148274565403 ruby-mode-1.8.1-7.EL4.6.ia64.rpm 319ee4726c554d64d26da5295c934902 ruby-tcltk-1.8.1-7.EL4.6.ia64.rpm x86_64: 502dc8b831e020dbe9a4e1064865378f irb-1.8.1-7.EL4.6.x86_64.rpm c9ca6eed369c026163ba8c8fb4ca4886 ruby-1.8.1-7.EL4.6.x86_64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 2cb9ca4be4dedf316a1745bfc4dd5116 ruby-debuginfo-1.8.1-7.EL4.6.x86_64.rpm 3d9d8462f8be9486e01b3b03060b98a1 ruby-devel-1.8.1-7.EL4.6.x86_64.rpm 10085244f5f10eb10deee7b31cfe0bed ruby-docs-1.8.1-7.EL4.6.x86_64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 79a49aa2f16350cc276e506feee5ce95 ruby-libs-1.8.1-7.EL4.6.x86_64.rpm 178ec5f53c9af59e4880e95240f85ac0 ruby-mode-1.8.1-7.EL4.6.x86_64.rpm 88e94020f3ba3d96c93dac7b3c5cd024 ruby-tcltk-1.8.1-7.EL4.6.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ruby-1.8.1-7.EL4.6.src.rpm 5ff261f5fa0400530829e41cd233ee47 ruby-1.8.1-7.EL4.6.src.rpm i386: 2796b7eb30d23abd1cb33b5173afe75c irb-1.8.1-7.EL4.6.i386.rpm cdfea9dc4d55a84c3b2f3781d385b6f9 ruby-1.8.1-7.EL4.6.i386.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 1c34a419d409b8e23582138b9b7eed55 ruby-devel-1.8.1-7.EL4.6.i386.rpm 52935fe5dd5e3aa9b5f61dc18f2b1ac4 ruby-docs-1.8.1-7.EL4.6.i386.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 83f7995e351402f51791c1d48f058f91 ruby-mode-1.8.1-7.EL4.6.i386.rpm b57bf2ea4ed715f430cea96810cfdc02 ruby-tcltk-1.8.1-7.EL4.6.i386.rpm ia64: 678aa321b219f5d75993c07684abe099 irb-1.8.1-7.EL4.6.ia64.rpm 10318ed6c46e1a0a0e491140c9bf1b37 ruby-1.8.1-7.EL4.6.ia64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 54430176ebf6d12a2b17284a679c927c ruby-debuginfo-1.8.1-7.EL4.6.ia64.rpm 930755e758e20e4beeb64a76d0bc5505 ruby-devel-1.8.1-7.EL4.6.ia64.rpm 235acfc07bedd919dfd88c56fabc22f4 ruby-docs-1.8.1-7.EL4.6.ia64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm efa22ff5c1228a43bf32008de22c3a8d ruby-libs-1.8.1-7.EL4.6.ia64.rpm cf053236a2be5a7801cb148274565403 ruby-mode-1.8.1-7.EL4.6.ia64.rpm 319ee4726c554d64d26da5295c934902 ruby-tcltk-1.8.1-7.EL4.6.ia64.rpm x86_64: 502dc8b831e020dbe9a4e1064865378f irb-1.8.1-7.EL4.6.x86_64.rpm c9ca6eed369c026163ba8c8fb4ca4886 ruby-1.8.1-7.EL4.6.x86_64.rpm 895145f56db7428877fa2b6b273e35ff ruby-debuginfo-1.8.1-7.EL4.6.i386.rpm 2cb9ca4be4dedf316a1745bfc4dd5116 ruby-debuginfo-1.8.1-7.EL4.6.x86_64.rpm 3d9d8462f8be9486e01b3b03060b98a1 ruby-devel-1.8.1-7.EL4.6.x86_64.rpm 10085244f5f10eb10deee7b31cfe0bed ruby-docs-1.8.1-7.EL4.6.x86_64.rpm 27801271ec3ce8f3bd31c1fe4a3f2bb1 ruby-libs-1.8.1-7.EL4.6.i386.rpm 79a49aa2f16350cc276e506feee5ce95 ruby-libs-1.8.1-7.EL4.6.x86_64.rpm 178ec5f53c9af59e4880e95240f85ac0 ruby-mode-1.8.1-7.EL4.6.x86_64.rpm 88e94020f3ba3d96c93dac7b3c5cd024 ruby-tcltk-1.8.1-7.EL4.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEySZHXlSAg2UNWIIRAhP/AJ4x7zRcP+tk5fipzL921n2fJJrzmQCfSEeJ 34dWXoaJtLlJ17Ub3NzggmQ= =muDc -----END PGP SIGNATURE----- From bugzilla at redhat.com Sat Jul 29 00:16:50 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 28 Jul 2006 20:16:50 -0400 Subject: [RHSA-2006:0610-01] Critical: firefox security update Message-ID: <200607290016.k6T0GpiY026960@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2006:0610-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0610.html Issue date: 2006-07-28 Updated on: 2006-07-28 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2779 CVE-2006-2780 CVE-2006-2783 CVE-2006-2782 CVE-2006-2778 CVE-2006-2776 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786 CVE-2006-2787 CVE-2006-2788 CVE-2006-3801 CVE-2006-3677 CVE-2006-3113 CVE-2006-3802 CVE-2006-3803 CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810 CVE-2006-3811 CVE-2006-3812 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. The Mozilla Foundation has discontinued support for the Mozilla Firefox 1.0 branch. This update deprecates the Mozilla Firefox 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Firefox 1.5 branch. This update also resolves a number of outstanding Firefox security issues: Several flaws were found in the way Firefox processed certain javascript actions. A malicious web page could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809, CVE-2006-3812) Several denial of service flaws were found in the way Firefox processed certain web content. A malicious web page could crash the browser or possibly execute arbitrary code as the user running Firefox. (CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811) A cross-site scripting flaw was found in the way Firefox processed Unicode Byte-Order-Mark (BOM) markers in UTF-8 web pages. A malicious web page could execute a script within the browser that a web input sanitizer could miss due to a malformed "script" tag. (CVE-2006-2783) Several flaws were found in the way Firefox processed certain javascript actions. A malicious web page could conduct a cross-site scripting attack or steal sensitive information (such as cookies owned by other domains). (CVE-2006-3802, CVE-2006-3810) A form file upload flaw was found in the way Firefox handled javascript input object mutation. A malicious web page could upload an arbitrary local file at form submission time without user interaction. (CVE-2006-2782) A denial of service flaw was found in the way Firefox called the crypto.signText() javascript function. A malicious web page could crash the browser if the victim had a client certificate loaded. (CVE-2006-2778) Two HTTP response smuggling flaws were found in the way Firefox processed certain invalid HTTP response headers. A malicious web site could return specially crafted HTTP response headers which may bypass HTTP proxy restrictions. (CVE-2006-2786) A flaw was found in the way Firefox processed Proxy AutoConfig scripts. A malicious Proxy AutoConfig server could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-3808) A double free flaw was found in the way the nsIX509::getRawDER method was called. If a victim visited a carefully crafted web page, it was possible to execute arbitrary code as the user running Firefox. (CVE-2006-2788) Users of Firefox are advised to upgrade to this update, which contains Firefox version 1.5.0.5 that corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 193895 - CVE-2006-2779 multiple firefox DoS issues (CVE-2006-2780) 196973 - CVE-2006-2783 multiple Firefox issues (CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788) 200168 - CVE-2006-3801 Multiple Seamonkey issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811, CVE-2006-3812) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.5.0.5-0.el4.1.src.rpm 6b7faea0461d07518bd00000001a4bbe firefox-1.5.0.5-0.el4.1.src.rpm i386: 93a78aeae71078e700fe06be36e33c8a firefox-1.5.0.5-0.el4.1.i386.rpm 15b00feee0fa331ff49b6c42900ec907 firefox-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: 29ae3f60c50462267765855063edddf4 firefox-1.5.0.5-0.el4.1.ia64.rpm a2e18536c14f09611d49276b9af8ffa8 firefox-debuginfo-1.5.0.5-0.el4.1.ia64.rpm ppc: 27c343290fd4c6fcf16323cd62f02e9b firefox-1.5.0.5-0.el4.1.ppc.rpm be5c0e93af729117a3c7153e58d50183 firefox-debuginfo-1.5.0.5-0.el4.1.ppc.rpm s390: 4be9436cc0d3cb1daee6f6962fb894ec firefox-1.5.0.5-0.el4.1.s390.rpm 4348ba2ef6e30a3e01137492373b6b11 firefox-debuginfo-1.5.0.5-0.el4.1.s390.rpm s390x: ddbb5e0ae4707724e08422de346aaedf firefox-1.5.0.5-0.el4.1.s390x.rpm db4a001815e2c6096122248ae9a22a4b firefox-debuginfo-1.5.0.5-0.el4.1.s390x.rpm x86_64: d523fd14b4efd77944a75f80c400f37b firefox-1.5.0.5-0.el4.1.x86_64.rpm bed1b30a94f7d92ee75b819bce7b55bf firefox-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.5.0.5-0.el4.1.src.rpm 6b7faea0461d07518bd00000001a4bbe firefox-1.5.0.5-0.el4.1.src.rpm i386: 93a78aeae71078e700fe06be36e33c8a firefox-1.5.0.5-0.el4.1.i386.rpm 15b00feee0fa331ff49b6c42900ec907 firefox-debuginfo-1.5.0.5-0.el4.1.i386.rpm x86_64: d523fd14b4efd77944a75f80c400f37b firefox-1.5.0.5-0.el4.1.x86_64.rpm bed1b30a94f7d92ee75b819bce7b55bf firefox-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.5.0.5-0.el4.1.src.rpm 6b7faea0461d07518bd00000001a4bbe firefox-1.5.0.5-0.el4.1.src.rpm i386: 93a78aeae71078e700fe06be36e33c8a firefox-1.5.0.5-0.el4.1.i386.rpm 15b00feee0fa331ff49b6c42900ec907 firefox-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: 29ae3f60c50462267765855063edddf4 firefox-1.5.0.5-0.el4.1.ia64.rpm a2e18536c14f09611d49276b9af8ffa8 firefox-debuginfo-1.5.0.5-0.el4.1.ia64.rpm x86_64: d523fd14b4efd77944a75f80c400f37b firefox-1.5.0.5-0.el4.1.x86_64.rpm bed1b30a94f7d92ee75b819bce7b55bf firefox-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.5.0.5-0.el4.1.src.rpm 6b7faea0461d07518bd00000001a4bbe firefox-1.5.0.5-0.el4.1.src.rpm i386: 93a78aeae71078e700fe06be36e33c8a firefox-1.5.0.5-0.el4.1.i386.rpm 15b00feee0fa331ff49b6c42900ec907 firefox-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: 29ae3f60c50462267765855063edddf4 firefox-1.5.0.5-0.el4.1.ia64.rpm a2e18536c14f09611d49276b9af8ffa8 firefox-debuginfo-1.5.0.5-0.el4.1.ia64.rpm x86_64: d523fd14b4efd77944a75f80c400f37b firefox-1.5.0.5-0.el4.1.x86_64.rpm bed1b30a94f7d92ee75b819bce7b55bf firefox-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3677 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3811 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3812 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEyqjvXlSAg2UNWIIRAht1AJ9/F6OyTVsnPHg3L8cf/9cJVfWmcQCbB9PA 7Tf3o4tdkJLNwMai8JUDDkc= =GX9n -----END PGP SIGNATURE----- From bugzilla at redhat.com Sat Jul 29 00:18:57 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 28 Jul 2006 20:18:57 -0400 Subject: [RHSA-2006:0611-01] Critical: thunderbird security update Message-ID: <200607290018.k6T0IwbK027031@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: thunderbird security update Advisory ID: RHSA-2006:0611-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0611.html Issue date: 2006-07-28 Updated on: 2006-07-28 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-2779 CVE-2006-2780 CVE-2006-2781 CVE-2006-2783 CVE-2006-2782 CVE-2006-2778 CVE-2006-2776 CVE-2006-2784 CVE-2006-2785 CVE-2006-2786 CVE-2006-2787 CVE-2006-2788 CVE-2006-3801 CVE-2006-3677 CVE-2006-3113 CVE-2006-3802 CVE-2006-3803 CVE-2006-3804 CVE-2006-3805 CVE-2006-3806 CVE-2006-3807 CVE-2006-3808 CVE-2006-3809 CVE-2006-3810 CVE-2006-3811 - --------------------------------------------------------------------- 1. Summary: Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Thunderbird is a standalone mail and newsgroup client. The Mozilla Foundation has discontinued support for the Mozilla Thunderbird 1.0 branch. This update deprecates the Mozilla Thunderbird 1.0 branch in Red Hat Enterprise Linux 4 in favor of the supported Mozilla Thunderbird 1.5 branch. This update also resolves a number of outstanding Thunderbird security issues: Several flaws were found in the way Thunderbird processed certain javascript actions. A malicious mail message could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install browser malware. (CVE-2006-2776, CVE-2006-2784, CVE-2006-2785, CVE-2006-2787, CVE-2006-3807, CVE-2006-3809) Several denial of service flaws were found in the way Thunderbird processed certain mail messages. A malicious web page could crash the browser or possibly execute arbitrary code as the user running Thunderbird. (CVE-2006-2779, CVE-2006-2780, CVE-2006-3801, CVE-2006-3677, CVE-2006-3113, CVE-2006-3803, CVE-2006-3805, CVE-2006-3806, CVE-2006-3811) Several flaws were found in the way Thunderbird processed certain javascript actions. A malicious mail message could conduct a cross-site scripting attack or steal sensitive information (such as cookies owned by other domains). (CVE-2006-3802, CVE-2006-3810) A form file upload flaw was found in the way Thunderbird handled javascript input object mutation. A malicious mail message could upload an arbitrary local file at form submission time without user interaction. (CVE-2006-2782) A denial of service flaw was found in the way Thunderbird called the crypto.signText() javascript function. A malicious mail message could crash the browser if the victim had a client certificate loaded. (CVE-2006-2778) A flaw was found in the way Thunderbird processed Proxy AutoConfig scripts. A malicious Proxy AutoConfig server could execute arbitrary javascript instructions with the permissions of "chrome", allowing the page to steal sensitive information or install client malware. (CVE-2006-3808) Note: Please note that JavaScript support is disabled by default in Thunderbird. The above issues are not exploitable with JavaScript disabled. Two flaws were found in the way Thunderbird displayed malformed inline vcard attachments. If a victim viewed an email message containing a carefully crafted vcard it was possible to execute arbitrary code as the user running Thunderbird. (CVE-2006-2781, CVE-2006-3804) A cross site scripting flaw was found in the way Thunderbird processed Unicode Byte-order-Mark (BOM) markers in UTF-8 mail messages. A malicious web page could execute a script within the browser that a web input sanitizer could miss due to a malformed "script" tag. (CVE-2006-2783) Two HTTP response smuggling flaws were found in the way Thunderbird processed certain invalid HTTP response headers. A malicious web site could return specially crafted HTTP response headers which may bypass HTTP proxy restrictions. (CVE-2006-2786) A double free flaw was found in the way the nsIX509::getRawDER method was called. If a victim visited a carefully crafted web page, it was possible to crash Thunderbird. (CVE-2006-2788) Users of Thunderbird are advised to upgrade to this update, which contains Thunderbird version 1.5.0.5 that corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 197078 - CVE-2006-2779 multiple Thunderbird issues (CVE-2006-2780, CVE-2006-2781, CVE-2006-2783,CVE-2006-2782,CVE-2006-2778,CVE-2006-2776,CVE-2006-2784,CVE-2006-2785,CVE-2006-2786,CVE-2006-2787,CVE-2006-2788) 200171 - CVE-2006-3801 Multiple Thunderbird issues (CVE-2006-3677, CVE-2006-3113, CVE-2006-3802, CVE-2006-3803, CVE-2006-3804, CVE-2006-3805, CVE-2006-3806, CVE-2006-3807, CVE-2006-3808, CVE-2006-3809, CVE-2006-3810, CVE-2006-3811) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.5.0.5-0.el4.1.src.rpm 7d5708193546b7a9fdb144bf0bfe9f57 thunderbird-1.5.0.5-0.el4.1.src.rpm i386: fdc62ce7df7b164a1850cd9b49c708f8 thunderbird-1.5.0.5-0.el4.1.i386.rpm f49d800c766cffccfb4c01335d0ec832 thunderbird-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: f3558f268bea0f5bfbbeca3696511cee thunderbird-1.5.0.5-0.el4.1.ia64.rpm f492269af025a0b71064217e42913082 thunderbird-debuginfo-1.5.0.5-0.el4.1.ia64.rpm ppc: 6668fbb49c1d368af08abc94473c96ef thunderbird-1.5.0.5-0.el4.1.ppc.rpm 6269ac8318e95fd4a2a3334c035d7582 thunderbird-debuginfo-1.5.0.5-0.el4.1.ppc.rpm s390: 59b0430decbfb67f6e08ebf385dd4355 thunderbird-1.5.0.5-0.el4.1.s390.rpm e721e28fe4743f470a502328829987fb thunderbird-debuginfo-1.5.0.5-0.el4.1.s390.rpm s390x: 370fef1937a4ee3c1278a7e6a9e6412e thunderbird-1.5.0.5-0.el4.1.s390x.rpm 7077ea8895b6807ab3c5de1adaa422bb thunderbird-debuginfo-1.5.0.5-0.el4.1.s390x.rpm x86_64: 95cac4013bd948f8c622af127d2e406e thunderbird-1.5.0.5-0.el4.1.x86_64.rpm e1621b6887ba56773d9369eb88ba5496 thunderbird-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.5.0.5-0.el4.1.src.rpm 7d5708193546b7a9fdb144bf0bfe9f57 thunderbird-1.5.0.5-0.el4.1.src.rpm i386: fdc62ce7df7b164a1850cd9b49c708f8 thunderbird-1.5.0.5-0.el4.1.i386.rpm f49d800c766cffccfb4c01335d0ec832 thunderbird-debuginfo-1.5.0.5-0.el4.1.i386.rpm x86_64: 95cac4013bd948f8c622af127d2e406e thunderbird-1.5.0.5-0.el4.1.x86_64.rpm e1621b6887ba56773d9369eb88ba5496 thunderbird-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.5.0.5-0.el4.1.src.rpm 7d5708193546b7a9fdb144bf0bfe9f57 thunderbird-1.5.0.5-0.el4.1.src.rpm i386: fdc62ce7df7b164a1850cd9b49c708f8 thunderbird-1.5.0.5-0.el4.1.i386.rpm f49d800c766cffccfb4c01335d0ec832 thunderbird-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: f3558f268bea0f5bfbbeca3696511cee thunderbird-1.5.0.5-0.el4.1.ia64.rpm f492269af025a0b71064217e42913082 thunderbird-debuginfo-1.5.0.5-0.el4.1.ia64.rpm x86_64: 95cac4013bd948f8c622af127d2e406e thunderbird-1.5.0.5-0.el4.1.x86_64.rpm e1621b6887ba56773d9369eb88ba5496 thunderbird-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.5.0.5-0.el4.1.src.rpm 7d5708193546b7a9fdb144bf0bfe9f57 thunderbird-1.5.0.5-0.el4.1.src.rpm i386: fdc62ce7df7b164a1850cd9b49c708f8 thunderbird-1.5.0.5-0.el4.1.i386.rpm f49d800c766cffccfb4c01335d0ec832 thunderbird-debuginfo-1.5.0.5-0.el4.1.i386.rpm ia64: f3558f268bea0f5bfbbeca3696511cee thunderbird-1.5.0.5-0.el4.1.ia64.rpm f492269af025a0b71064217e42913082 thunderbird-debuginfo-1.5.0.5-0.el4.1.ia64.rpm x86_64: 95cac4013bd948f8c622af127d2e406e thunderbird-1.5.0.5-0.el4.1.x86_64.rpm e1621b6887ba56773d9369eb88ba5496 thunderbird-debuginfo-1.5.0.5-0.el4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2784 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2785 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2786 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3677 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3804 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3811 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFEyqlqXlSAg2UNWIIRArbFAJ0WUEHpwiRLYIT3cgBdbRZ40C1idACdHKFs BuUIeoL9GFuIvXGLcoq7hGI= =yDhK -----END PGP SIGNATURE-----