From bugzilla at redhat.com Thu Oct 5 11:41:15 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Oct 2006 07:41:15 -0400 Subject: [RHSA-2006:0688-01] Important: php security update Message-ID: <200610051141.k95BfKB9024437@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2006:0688-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0688.html Issue date: 2006-10-05 Updated on: 2006-10-05 Product: Red Hat Application Stack CVE Names: CVE-2006-4020 CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 CVE-2006-4486 CVE-2006-4812 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix multiple security issues are now available for the Red Hat Application Stack. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. (CVE-2006-4812) A buffer overflow was discovered in the PHP sscanf() function. If a script used the sscanf() function with positional arguments in the format string, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. (CVE-2006-4020) An integer overflow was discovered in the PHP wordwrap() and str_repeat() functions. If a script running on a 64-bit server used either of these functions on untrusted user data, a remote attacker sending a carefully crafted request might be able to cause a heap overflow. (CVE-2006-4482) A buffer overflow was discovered in the PHP gd extension. If a script was set up to process GIF images from untrusted sources using the gd extension, a remote attacker could cause a heap overflow. (CVE-2006-4484) A buffer overread was discovered in the PHP stripos() function. If a script used the stripos() function with untrusted user data, PHP may read past the end of a buffer, which could allow a denial of service attack by a remote user. (CVE-2006-4485) An integer overflow was discovered in the PHP memory allocation handling. On 64-bit platforms, the "memory_limit" setting was not enforced correctly, which could allow a denial of service attack by a remote user. (CVE-2006-4486) These packages also contain a fix for a bug where certain input strings to the metaphone() function could cause memory corruption. Users of PHP should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 207090 - CVE-2006-4020 PHP security issues (CVE-2006-4482 CVE-2006-4484 CVE-2006-4485 CVE-2006-4486) 209408 - CVE-2006-4812 PHP ecalloc integer overflow 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/4AS-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.4.src.rpm 8450536ffd216fffd7a2c350ef2d8122 php-5.1.4-1.el4s1.4.src.rpm i386: d8504a875caf435ac3d87be51da23cbb php-5.1.4-1.el4s1.4.i386.rpm 0b093ab3604f91f031e77fc374851333 php-bcmath-5.1.4-1.el4s1.4.i386.rpm be94330943e42d6ce9795ac1aa005c5c php-dba-5.1.4-1.el4s1.4.i386.rpm 6a69ac6b8f30363beb5eb774ae8a7582 php-debuginfo-5.1.4-1.el4s1.4.i386.rpm 89e204920cedc8129dca821268de2fdb php-devel-5.1.4-1.el4s1.4.i386.rpm 9404807f4baab567cebf50e00dc0328c php-gd-5.1.4-1.el4s1.4.i386.rpm c08f52b6d7dbb729e09f4b95f89562b1 php-imap-5.1.4-1.el4s1.4.i386.rpm 9944e216a9b9d6b06a73d620e2d5a26e php-ldap-5.1.4-1.el4s1.4.i386.rpm 399033da724e5d135fbd4c5bea8641a3 php-mbstring-5.1.4-1.el4s1.4.i386.rpm 8cdb68afa789a1744f9c0cc4cb25f680 php-mysql-5.1.4-1.el4s1.4.i386.rpm 80b3a6b0e0b029255fea1ae1b892b3a8 php-ncurses-5.1.4-1.el4s1.4.i386.rpm 67fe4b574af94f99e22042e0b1b0617d php-odbc-5.1.4-1.el4s1.4.i386.rpm f3794d4b2cc0c41efb3029efea456129 php-pdo-5.1.4-1.el4s1.4.i386.rpm ff9b98642ebf3726ab189b8b07c78cf4 php-pgsql-5.1.4-1.el4s1.4.i386.rpm 42144bb23cfba2f20967d280f6bc4087 php-snmp-5.1.4-1.el4s1.4.i386.rpm dfe2fdeecd4fc439bad8c05e2abdefac php-soap-5.1.4-1.el4s1.4.i386.rpm 877b079373e5d1809d7c4e092b04c12a php-xml-5.1.4-1.el4s1.4.i386.rpm b2a43cb90b877484085c562d931daa06 php-xmlrpc-5.1.4-1.el4s1.4.i386.rpm x86_64: 21e04b311dc5f7b9bef079dc1dbdd01a php-5.1.4-1.el4s1.4.x86_64.rpm 372a46e2847f69de0b14ca16cb43eaf3 php-bcmath-5.1.4-1.el4s1.4.x86_64.rpm 23531793db020c866ebe475fcddf750d php-dba-5.1.4-1.el4s1.4.x86_64.rpm 5327f3805a18b235140ba91ece545400 php-debuginfo-5.1.4-1.el4s1.4.x86_64.rpm db2a441639cae736640e13ab7cbe133a php-devel-5.1.4-1.el4s1.4.x86_64.rpm 1634a9dc26e120084a6fe49262e0f0e0 php-gd-5.1.4-1.el4s1.4.x86_64.rpm 45becd8779a8da71b139b1ba3ee9400e php-imap-5.1.4-1.el4s1.4.x86_64.rpm 3b2ef5dede854065651495602fa6c126 php-ldap-5.1.4-1.el4s1.4.x86_64.rpm 5d27f29c72f624c1a868f3cdbefd0b77 php-mbstring-5.1.4-1.el4s1.4.x86_64.rpm edaafb7eca7e3c41acbf69259c525d14 php-mysql-5.1.4-1.el4s1.4.x86_64.rpm c15c8d27058ad09b838a53b4f4c81b6e php-ncurses-5.1.4-1.el4s1.4.x86_64.rpm d888187eb18ffa7f46550138d84700fa php-odbc-5.1.4-1.el4s1.4.x86_64.rpm 6d5d2387c96663442bf90b9a2cb45253 php-pdo-5.1.4-1.el4s1.4.x86_64.rpm c68935c8f98ea97fc468c173c6d36509 php-pgsql-5.1.4-1.el4s1.4.x86_64.rpm a7ac3a5427b16926fae2e91f347ea585 php-snmp-5.1.4-1.el4s1.4.x86_64.rpm 8143af224065383c5518c5f0b8764fb2 php-soap-5.1.4-1.el4s1.4.x86_64.rpm 1255ae1a27002b314951340ef15d886f php-xml-5.1.4-1.el4s1.4.x86_64.rpm 19d384ad3ccaf7fa73c21ffa7ff012c8 php-xmlrpc-5.1.4-1.el4s1.4.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/4ES-RHWAS/en/os/SRPMS/php-5.1.4-1.el4s1.4.src.rpm 8450536ffd216fffd7a2c350ef2d8122 php-5.1.4-1.el4s1.4.src.rpm i386: d8504a875caf435ac3d87be51da23cbb php-5.1.4-1.el4s1.4.i386.rpm 0b093ab3604f91f031e77fc374851333 php-bcmath-5.1.4-1.el4s1.4.i386.rpm be94330943e42d6ce9795ac1aa005c5c php-dba-5.1.4-1.el4s1.4.i386.rpm 6a69ac6b8f30363beb5eb774ae8a7582 php-debuginfo-5.1.4-1.el4s1.4.i386.rpm 89e204920cedc8129dca821268de2fdb php-devel-5.1.4-1.el4s1.4.i386.rpm 9404807f4baab567cebf50e00dc0328c php-gd-5.1.4-1.el4s1.4.i386.rpm c08f52b6d7dbb729e09f4b95f89562b1 php-imap-5.1.4-1.el4s1.4.i386.rpm 9944e216a9b9d6b06a73d620e2d5a26e php-ldap-5.1.4-1.el4s1.4.i386.rpm 399033da724e5d135fbd4c5bea8641a3 php-mbstring-5.1.4-1.el4s1.4.i386.rpm 8cdb68afa789a1744f9c0cc4cb25f680 php-mysql-5.1.4-1.el4s1.4.i386.rpm 80b3a6b0e0b029255fea1ae1b892b3a8 php-ncurses-5.1.4-1.el4s1.4.i386.rpm 67fe4b574af94f99e22042e0b1b0617d php-odbc-5.1.4-1.el4s1.4.i386.rpm f3794d4b2cc0c41efb3029efea456129 php-pdo-5.1.4-1.el4s1.4.i386.rpm ff9b98642ebf3726ab189b8b07c78cf4 php-pgsql-5.1.4-1.el4s1.4.i386.rpm 42144bb23cfba2f20967d280f6bc4087 php-snmp-5.1.4-1.el4s1.4.i386.rpm dfe2fdeecd4fc439bad8c05e2abdefac php-soap-5.1.4-1.el4s1.4.i386.rpm 877b079373e5d1809d7c4e092b04c12a php-xml-5.1.4-1.el4s1.4.i386.rpm b2a43cb90b877484085c562d931daa06 php-xmlrpc-5.1.4-1.el4s1.4.i386.rpm x86_64: 21e04b311dc5f7b9bef079dc1dbdd01a php-5.1.4-1.el4s1.4.x86_64.rpm 372a46e2847f69de0b14ca16cb43eaf3 php-bcmath-5.1.4-1.el4s1.4.x86_64.rpm 23531793db020c866ebe475fcddf750d php-dba-5.1.4-1.el4s1.4.x86_64.rpm 5327f3805a18b235140ba91ece545400 php-debuginfo-5.1.4-1.el4s1.4.x86_64.rpm db2a441639cae736640e13ab7cbe133a php-devel-5.1.4-1.el4s1.4.x86_64.rpm 1634a9dc26e120084a6fe49262e0f0e0 php-gd-5.1.4-1.el4s1.4.x86_64.rpm 45becd8779a8da71b139b1ba3ee9400e php-imap-5.1.4-1.el4s1.4.x86_64.rpm 3b2ef5dede854065651495602fa6c126 php-ldap-5.1.4-1.el4s1.4.x86_64.rpm 5d27f29c72f624c1a868f3cdbefd0b77 php-mbstring-5.1.4-1.el4s1.4.x86_64.rpm edaafb7eca7e3c41acbf69259c525d14 php-mysql-5.1.4-1.el4s1.4.x86_64.rpm c15c8d27058ad09b838a53b4f4c81b6e php-ncurses-5.1.4-1.el4s1.4.x86_64.rpm d888187eb18ffa7f46550138d84700fa php-odbc-5.1.4-1.el4s1.4.x86_64.rpm 6d5d2387c96663442bf90b9a2cb45253 php-pdo-5.1.4-1.el4s1.4.x86_64.rpm c68935c8f98ea97fc468c173c6d36509 php-pgsql-5.1.4-1.el4s1.4.x86_64.rpm a7ac3a5427b16926fae2e91f347ea585 php-snmp-5.1.4-1.el4s1.4.x86_64.rpm 8143af224065383c5518c5f0b8764fb2 php-soap-5.1.4-1.el4s1.4.x86_64.rpm 1255ae1a27002b314951340ef15d886f php-xml-5.1.4-1.el4s1.4.x86_64.rpm 19d384ad3ccaf7fa73c21ffa7ff012c8 php-xmlrpc-5.1.4-1.el4s1.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4485 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFJO9IXlSAg2UNWIIRAozxAJwNsQSNktv8JuyqHgkmUaFz/1nSPACgwW7i so2WVMWnfwhHzi9F9VYISwE= =hl2j -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Oct 5 11:42:09 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Oct 2006 07:42:09 -0400 Subject: [RHSA-2006:0708-01] Important: php security update Message-ID: <200610051142.k95BgDXu024460@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2006:0708-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0708.html Issue date: 2006-10-05 Updated on: 2006-10-05 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-4812 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix an integer overflow flaw are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. An integer overflow was discovered in the PHP memory handling routines. If a script can cause memory allocation based on untrusted user data, a remote attacker sending a carefully crafted request could execute arbitrary code as the 'apache' user. (CVE-2006-4812) This issue did not affect the PHP packages distributed with Red Hat Enterprise Linux 3 or 4. Users of PHP should upgrade to these updated packages which contain a backported patch that corrects this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 209409 - CVE-2006-4812 PHP ecalloc integer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/php-4.1.2-2.12.src.rpm 459589d5004f76ab2450edc1af97afe2 php-4.1.2-2.12.src.rpm i386: bf655ff9f669af575244594e62da10b9 php-4.1.2-2.12.i386.rpm ccf83cbe8f88c1bdc4c14c00edea6f71 php-devel-4.1.2-2.12.i386.rpm 4dc1627f9a1082dd7be2d0f8a148b965 php-imap-4.1.2-2.12.i386.rpm ab066de5a979e6b577acb9626ed69954 php-ldap-4.1.2-2.12.i386.rpm 100b84552bb308afd23b41be156d1b7c php-manual-4.1.2-2.12.i386.rpm fdedce80cbf2ae5d19fc5d1ad7135b67 php-mysql-4.1.2-2.12.i386.rpm ae87153c1f381e5fbde82c14b5ecddfa php-odbc-4.1.2-2.12.i386.rpm 3903c79f5c7633672b633a8193c5c2a2 php-pgsql-4.1.2-2.12.i386.rpm ia64: 0bfe9a34fad44475d32eccc82dda8050 php-4.1.2-2.12.ia64.rpm 4ac7c6d5bd7f45eeaa30e2f63e6c1839 php-devel-4.1.2-2.12.ia64.rpm b866b8555e4f21e9b1b836ba8e07e9d1 php-imap-4.1.2-2.12.ia64.rpm 9b0cb4d86d657865443c20994aa47e6f php-ldap-4.1.2-2.12.ia64.rpm f508886a3231941d45d5f070fcea9f13 php-manual-4.1.2-2.12.ia64.rpm 5b1504999d1a4e4298a6b368a6d203b3 php-mysql-4.1.2-2.12.ia64.rpm e95888b7d47c9716686388869a88ed05 php-odbc-4.1.2-2.12.ia64.rpm b93c2709f50d773057276a81e102febc php-pgsql-4.1.2-2.12.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/php-4.1.2-2.12.src.rpm 459589d5004f76ab2450edc1af97afe2 php-4.1.2-2.12.src.rpm ia64: 0bfe9a34fad44475d32eccc82dda8050 php-4.1.2-2.12.ia64.rpm 4ac7c6d5bd7f45eeaa30e2f63e6c1839 php-devel-4.1.2-2.12.ia64.rpm b866b8555e4f21e9b1b836ba8e07e9d1 php-imap-4.1.2-2.12.ia64.rpm 9b0cb4d86d657865443c20994aa47e6f php-ldap-4.1.2-2.12.ia64.rpm f508886a3231941d45d5f070fcea9f13 php-manual-4.1.2-2.12.ia64.rpm 5b1504999d1a4e4298a6b368a6d203b3 php-mysql-4.1.2-2.12.ia64.rpm e95888b7d47c9716686388869a88ed05 php-odbc-4.1.2-2.12.ia64.rpm b93c2709f50d773057276a81e102febc php-pgsql-4.1.2-2.12.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/php-4.1.2-2.12.src.rpm 459589d5004f76ab2450edc1af97afe2 php-4.1.2-2.12.src.rpm i386: bf655ff9f669af575244594e62da10b9 php-4.1.2-2.12.i386.rpm ccf83cbe8f88c1bdc4c14c00edea6f71 php-devel-4.1.2-2.12.i386.rpm 4dc1627f9a1082dd7be2d0f8a148b965 php-imap-4.1.2-2.12.i386.rpm ab066de5a979e6b577acb9626ed69954 php-ldap-4.1.2-2.12.i386.rpm 100b84552bb308afd23b41be156d1b7c php-manual-4.1.2-2.12.i386.rpm fdedce80cbf2ae5d19fc5d1ad7135b67 php-mysql-4.1.2-2.12.i386.rpm ae87153c1f381e5fbde82c14b5ecddfa php-odbc-4.1.2-2.12.i386.rpm 3903c79f5c7633672b633a8193c5c2a2 php-pgsql-4.1.2-2.12.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/php-4.1.2-2.12.src.rpm 459589d5004f76ab2450edc1af97afe2 php-4.1.2-2.12.src.rpm i386: bf655ff9f669af575244594e62da10b9 php-4.1.2-2.12.i386.rpm ccf83cbe8f88c1bdc4c14c00edea6f71 php-devel-4.1.2-2.12.i386.rpm 4dc1627f9a1082dd7be2d0f8a148b965 php-imap-4.1.2-2.12.i386.rpm ab066de5a979e6b577acb9626ed69954 php-ldap-4.1.2-2.12.i386.rpm 100b84552bb308afd23b41be156d1b7c php-manual-4.1.2-2.12.i386.rpm fdedce80cbf2ae5d19fc5d1ad7135b67 php-mysql-4.1.2-2.12.i386.rpm ae87153c1f381e5fbde82c14b5ecddfa php-odbc-4.1.2-2.12.i386.rpm 3903c79f5c7633672b633a8193c5c2a2 php-pgsql-4.1.2-2.12.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4812 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFJO9xXlSAg2UNWIIRApewAJ9wgKqq4dLflEvqb4q7l5DoegogXwCgwP/K /vkbLTojXNV8n+5tsa6ra4c= =zuiO -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Oct 5 19:19:07 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 5 Oct 2006 15:19:07 -0400 Subject: [RHSA-2006:0689-01] Important: kernel security update Message-ID: <200610051919.k95JJ79o006079@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2006:0689-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0689.html Issue date: 2006-10-05 Updated on: 2006-10-05 Product: Red Hat Enterprise Linux Keywords: nahant kernel update Obsoletes: RHSA-2006:0617 CVE Names: CVE-2005-4811 CVE-2006-0039 CVE-2006-2071 CVE-2006-3741 CVE-2006-4093 CVE-2006-4535 CVE-2006-4623 CVE-2006-4997 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 4 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the SCTP support that allowed a local user to cause a denial of service (crash) with a specific SO_LINGER value. (CVE-2006-4535, Important) * a flaw in the hugepage table support that allowed a local user to cause a denial of service (crash). (CVE-2005-4811, Important) * a flaw in the mprotect system call that allowed setting write permission for a read-only attachment of shared memory. (CVE-2006-2071, Moderate) * a flaw in HID0[31] (en_attn) register handling on PowerPC 970 systems that allowed a local user to cause a denial of service. (crash) (CVE-2006-4093, Moderate) * a flaw in the perfmon support of Itanium systems that allowed a local user to cause a denial of service by consuming all file descriptors. (CVE-2006-3741, Moderate) * a flaw in the ATM subsystem. On systems with installed ATM hardware and configured ATM support, a remote user could cause a denial of service (panic) by accessing socket buffers memory after freeing them. (CVE-2006-4997, Moderate) * a flaw in the DVB subsystem. On systems with installed DVB hardware and configured DVB support, a remote user could cause a denial of service (panic) by sending a ULE SNDU packet with length of 0. (CVE-2006-4623, Low) * an information leak in the network subsystem that possibly allowed a local user to read sensitive data from kernel memory. (CVE-2006-0039, Low) In addition, two bugfixes for the IPW-2200 wireless driver were included. The first one ensures that wireless management applications correctly identify IPW-2200 controlled devices, while the second fix ensures that DHCP requests using the IPW-2200 operate correctly. Red Hat would like to thank Olof Johansson, Stephane Eranian and Solar Designer for reporting issues fixed in this erratum. All Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architectures and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 165345 - CVE-2005-4811 Hugepage crash on failing mmap() 190073 - CVE-2006-2071 mprotect gives write permission to a readonly attachment 191698 - CVE-2006-0039 netfilter do_add_counters race 198820 - IPW2200 /proc/net/wireless file fields are empty 201684 - CVE-2006-4093 Local DoS through uncleared HID0[31] 203421 - Grabbing DHCP address via wireless not always successful 204360 - CVE-2006-3741 sys_perfmonctl() file descriptor reference count issue 204460 - CVE-2006-4535 Regression with fix for SCTP abort issue 204912 - CVE-2006-4623 Wrong handling of DVB ULE SNDU with length of 0 206265 - CVE-2006-4997 IP over ATM clip_mkip dereference freed pointer 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-42.0.3.EL.src.rpm c37a516dd84b1cf30988733b80cdde78 kernel-2.6.9-42.0.3.EL.src.rpm i386: 97c7b0d569b80ea7a86ad7181655b394 kernel-2.6.9-42.0.3.EL.i686.rpm 3ce48424de3cf73b639fa058c7d286bb kernel-debuginfo-2.6.9-42.0.3.EL.i686.rpm ce6b4e0e36cff5d1d6c2fa354543bb07 kernel-devel-2.6.9-42.0.3.EL.i686.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 6a8b8167ddef9ddfe724401da165c4cf kernel-hugemem-2.6.9-42.0.3.EL.i686.rpm 5a6aea58f763dafecec369d68f5b0b80 kernel-hugemem-devel-2.6.9-42.0.3.EL.i686.rpm beae36ad8d86d16bed5fda24c1365e51 kernel-smp-2.6.9-42.0.3.EL.i686.rpm 0ac9f3738ac9180a1fa4fcc37c88a1ee kernel-smp-devel-2.6.9-42.0.3.EL.i686.rpm ia64: f059a2e3b41e897b513913dab047bdfe kernel-2.6.9-42.0.3.EL.ia64.rpm c10007676513fcfa07cabd4520562cd0 kernel-debuginfo-2.6.9-42.0.3.EL.ia64.rpm c9eb612e4e006ea696d0e49ad6944aac kernel-devel-2.6.9-42.0.3.EL.ia64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm c889418bf058b9f2ce28de616ad80f06 kernel-largesmp-2.6.9-42.0.3.EL.ia64.rpm fb887a06a9a31a5da5f72df3a1b38ebc kernel-largesmp-devel-2.6.9-42.0.3.EL.ia64.rpm ppc: 6baa19f3ae93e40964d2135d7a80065f kernel-2.6.9-42.0.3.EL.ppc64.rpm 6037e7111ab58581b876d3b73b5f108d kernel-2.6.9-42.0.3.EL.ppc64iseries.rpm d6dcd6b280380d5c5081dcd049fef1d1 kernel-debuginfo-2.6.9-42.0.3.EL.ppc64.rpm 859239f1d7f0f1dfca757484f9e6862a kernel-debuginfo-2.6.9-42.0.3.EL.ppc64iseries.rpm 2a368faf439a27e41ee5ad12f7dc5379 kernel-devel-2.6.9-42.0.3.EL.ppc64.rpm 92b5cf3acf2659eadb313c73bf0624b1 kernel-devel-2.6.9-42.0.3.EL.ppc64iseries.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 1407d3d79e6f458de7c472f366d131f5 kernel-largesmp-2.6.9-42.0.3.EL.ppc64.rpm 86e0a6e1a3ba621a69eacea525c8421d kernel-largesmp-devel-2.6.9-42.0.3.EL.ppc64.rpm s390: 43411689ca8b3299a050eaacb5ccc6c4 kernel-2.6.9-42.0.3.EL.s390.rpm 8452548f0b60e38dab481598b2700e93 kernel-debuginfo-2.6.9-42.0.3.EL.s390.rpm 587ef66883f9b699dbc774507c605548 kernel-devel-2.6.9-42.0.3.EL.s390.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm s390x: a1b4a15fe3273edc6604e7a5472b96bd kernel-2.6.9-42.0.3.EL.s390x.rpm b048694685cbfa12297f3e02fa2d6fc3 kernel-debuginfo-2.6.9-42.0.3.EL.s390x.rpm 72fca784b40da07865a38c474b320a11 kernel-devel-2.6.9-42.0.3.EL.s390x.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm x86_64: a11a4627b70e6d3d29d8ec1b57486ff7 kernel-2.6.9-42.0.3.EL.x86_64.rpm bbe30bd45965df83b8172d03262dc578 kernel-debuginfo-2.6.9-42.0.3.EL.x86_64.rpm 3b123b8d1c519099e7253fb0210388ba kernel-devel-2.6.9-42.0.3.EL.x86_64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 2fb84f86fdf056b590575fff23fec180 kernel-largesmp-2.6.9-42.0.3.EL.x86_64.rpm 7b3e033a5e89a92a65001485ff80612c kernel-largesmp-devel-2.6.9-42.0.3.EL.x86_64.rpm c7c7e7656ac857faa3d202343462f6b5 kernel-smp-2.6.9-42.0.3.EL.x86_64.rpm 337fc3145a243e23207c74626b2c9a14 kernel-smp-devel-2.6.9-42.0.3.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-42.0.3.EL.src.rpm c37a516dd84b1cf30988733b80cdde78 kernel-2.6.9-42.0.3.EL.src.rpm i386: 97c7b0d569b80ea7a86ad7181655b394 kernel-2.6.9-42.0.3.EL.i686.rpm 3ce48424de3cf73b639fa058c7d286bb kernel-debuginfo-2.6.9-42.0.3.EL.i686.rpm ce6b4e0e36cff5d1d6c2fa354543bb07 kernel-devel-2.6.9-42.0.3.EL.i686.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 6a8b8167ddef9ddfe724401da165c4cf kernel-hugemem-2.6.9-42.0.3.EL.i686.rpm 5a6aea58f763dafecec369d68f5b0b80 kernel-hugemem-devel-2.6.9-42.0.3.EL.i686.rpm beae36ad8d86d16bed5fda24c1365e51 kernel-smp-2.6.9-42.0.3.EL.i686.rpm 0ac9f3738ac9180a1fa4fcc37c88a1ee kernel-smp-devel-2.6.9-42.0.3.EL.i686.rpm x86_64: a11a4627b70e6d3d29d8ec1b57486ff7 kernel-2.6.9-42.0.3.EL.x86_64.rpm bbe30bd45965df83b8172d03262dc578 kernel-debuginfo-2.6.9-42.0.3.EL.x86_64.rpm 3b123b8d1c519099e7253fb0210388ba kernel-devel-2.6.9-42.0.3.EL.x86_64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 2fb84f86fdf056b590575fff23fec180 kernel-largesmp-2.6.9-42.0.3.EL.x86_64.rpm 7b3e033a5e89a92a65001485ff80612c kernel-largesmp-devel-2.6.9-42.0.3.EL.x86_64.rpm c7c7e7656ac857faa3d202343462f6b5 kernel-smp-2.6.9-42.0.3.EL.x86_64.rpm 337fc3145a243e23207c74626b2c9a14 kernel-smp-devel-2.6.9-42.0.3.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-42.0.3.EL.src.rpm c37a516dd84b1cf30988733b80cdde78 kernel-2.6.9-42.0.3.EL.src.rpm i386: 97c7b0d569b80ea7a86ad7181655b394 kernel-2.6.9-42.0.3.EL.i686.rpm 3ce48424de3cf73b639fa058c7d286bb kernel-debuginfo-2.6.9-42.0.3.EL.i686.rpm ce6b4e0e36cff5d1d6c2fa354543bb07 kernel-devel-2.6.9-42.0.3.EL.i686.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 6a8b8167ddef9ddfe724401da165c4cf kernel-hugemem-2.6.9-42.0.3.EL.i686.rpm 5a6aea58f763dafecec369d68f5b0b80 kernel-hugemem-devel-2.6.9-42.0.3.EL.i686.rpm beae36ad8d86d16bed5fda24c1365e51 kernel-smp-2.6.9-42.0.3.EL.i686.rpm 0ac9f3738ac9180a1fa4fcc37c88a1ee kernel-smp-devel-2.6.9-42.0.3.EL.i686.rpm ia64: f059a2e3b41e897b513913dab047bdfe kernel-2.6.9-42.0.3.EL.ia64.rpm c10007676513fcfa07cabd4520562cd0 kernel-debuginfo-2.6.9-42.0.3.EL.ia64.rpm c9eb612e4e006ea696d0e49ad6944aac kernel-devel-2.6.9-42.0.3.EL.ia64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm c889418bf058b9f2ce28de616ad80f06 kernel-largesmp-2.6.9-42.0.3.EL.ia64.rpm fb887a06a9a31a5da5f72df3a1b38ebc kernel-largesmp-devel-2.6.9-42.0.3.EL.ia64.rpm x86_64: a11a4627b70e6d3d29d8ec1b57486ff7 kernel-2.6.9-42.0.3.EL.x86_64.rpm bbe30bd45965df83b8172d03262dc578 kernel-debuginfo-2.6.9-42.0.3.EL.x86_64.rpm 3b123b8d1c519099e7253fb0210388ba kernel-devel-2.6.9-42.0.3.EL.x86_64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 2fb84f86fdf056b590575fff23fec180 kernel-largesmp-2.6.9-42.0.3.EL.x86_64.rpm 7b3e033a5e89a92a65001485ff80612c kernel-largesmp-devel-2.6.9-42.0.3.EL.x86_64.rpm c7c7e7656ac857faa3d202343462f6b5 kernel-smp-2.6.9-42.0.3.EL.x86_64.rpm 337fc3145a243e23207c74626b2c9a14 kernel-smp-devel-2.6.9-42.0.3.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-42.0.3.EL.src.rpm c37a516dd84b1cf30988733b80cdde78 kernel-2.6.9-42.0.3.EL.src.rpm i386: 97c7b0d569b80ea7a86ad7181655b394 kernel-2.6.9-42.0.3.EL.i686.rpm 3ce48424de3cf73b639fa058c7d286bb kernel-debuginfo-2.6.9-42.0.3.EL.i686.rpm ce6b4e0e36cff5d1d6c2fa354543bb07 kernel-devel-2.6.9-42.0.3.EL.i686.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 6a8b8167ddef9ddfe724401da165c4cf kernel-hugemem-2.6.9-42.0.3.EL.i686.rpm 5a6aea58f763dafecec369d68f5b0b80 kernel-hugemem-devel-2.6.9-42.0.3.EL.i686.rpm beae36ad8d86d16bed5fda24c1365e51 kernel-smp-2.6.9-42.0.3.EL.i686.rpm 0ac9f3738ac9180a1fa4fcc37c88a1ee kernel-smp-devel-2.6.9-42.0.3.EL.i686.rpm ia64: f059a2e3b41e897b513913dab047bdfe kernel-2.6.9-42.0.3.EL.ia64.rpm c10007676513fcfa07cabd4520562cd0 kernel-debuginfo-2.6.9-42.0.3.EL.ia64.rpm c9eb612e4e006ea696d0e49ad6944aac kernel-devel-2.6.9-42.0.3.EL.ia64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm c889418bf058b9f2ce28de616ad80f06 kernel-largesmp-2.6.9-42.0.3.EL.ia64.rpm fb887a06a9a31a5da5f72df3a1b38ebc kernel-largesmp-devel-2.6.9-42.0.3.EL.ia64.rpm x86_64: a11a4627b70e6d3d29d8ec1b57486ff7 kernel-2.6.9-42.0.3.EL.x86_64.rpm bbe30bd45965df83b8172d03262dc578 kernel-debuginfo-2.6.9-42.0.3.EL.x86_64.rpm 3b123b8d1c519099e7253fb0210388ba kernel-devel-2.6.9-42.0.3.EL.x86_64.rpm 956dfa20406d710f2925191beb35b60e kernel-doc-2.6.9-42.0.3.EL.noarch.rpm 2fb84f86fdf056b590575fff23fec180 kernel-largesmp-2.6.9-42.0.3.EL.x86_64.rpm 7b3e033a5e89a92a65001485ff80612c kernel-largesmp-devel-2.6.9-42.0.3.EL.x86_64.rpm c7c7e7656ac857faa3d202343462f6b5 kernel-smp-2.6.9-42.0.3.EL.x86_64.rpm 337fc3145a243e23207c74626b2c9a14 kernel-smp-devel-2.6.9-42.0.3.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4811 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0039 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4535 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4623 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4997 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFJVqmXlSAg2UNWIIRAv2rAKCxlIDq5R+jv8vunGb+cFfyqr1CbwCfcWeH n/2uzioCE6Bto/tmSdcJWic= =HhRX -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Oct 9 21:57:36 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Oct 2006 17:57:36 -0400 Subject: [RHSA-2006:0713-01] Important: python security update Message-ID: <200610092157.k99LvaCS002032@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: python security update Advisory ID: RHSA-2006:0713-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0713.html Issue date: 2006-10-09 Updated on: 2006-10-09 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-4980 - --------------------------------------------------------------------- 1. Summary: Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Python is an interpreted, interactive, object-oriented programming language. A flaw was discovered in the way that the Python repr() function handled UTF-32/UCS-4 strings. If an application written in Python used the repr() function on untrusted data, this could lead to a denial of service or possibly allow the execution of arbitrary code with the privileges of the Python application. (CVE-2006-4980) In addition, this errata fixes a regression in the SimpleXMLRPCServer backport for Red Hat Enterprise Linux 3 that was introduced with RHSA-2005:109. Users of Python should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 160418 - Error in RHEL3-U4-errata python python-2.2-xmlfix.patch 208162 - CVE-2006-4980 repr unicode buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/python-2.2.3-6.5.src.rpm 7bd55e73c3a8afcf2190233bce2d3424 python-2.2.3-6.5.src.rpm i386: aa5c6ddaf74636f828d89565c440a84f python-2.2.3-6.5.i386.rpm 91d2242eb5fdf234dc8cd8935e67864e python-debuginfo-2.2.3-6.5.i386.rpm 7921f372dc7adb3b47b72ced396114cf python-devel-2.2.3-6.5.i386.rpm d1ff62856ebeb0b64c8e893d6d20686b python-tools-2.2.3-6.5.i386.rpm aa5a4072f9483e2d9127d2100787a1f1 tkinter-2.2.3-6.5.i386.rpm ia64: 23e24399883628b9213e6bb2c1310384 python-2.2.3-6.5.ia64.rpm 0de3fb91fd40261e0434cdc7002391ec python-debuginfo-2.2.3-6.5.ia64.rpm 6ad20da697f6f72b543a25394f831421 python-devel-2.2.3-6.5.ia64.rpm ef9a9aa4f82ea2862f3233c63623c0b8 python-tools-2.2.3-6.5.ia64.rpm 36c74ec8d24b295d6574ecada425591b tkinter-2.2.3-6.5.ia64.rpm ppc: 513bc522e279569ca5ae609cc02a0901 python-2.2.3-6.5.ppc.rpm 3fbb1cb6de72bf7a098b19f6cafe8007 python-debuginfo-2.2.3-6.5.ppc.rpm 959ba7380d7f1830c0132ed570b55f8f python-devel-2.2.3-6.5.ppc.rpm 3fcbd3b923c1a4534f96cd717e1d0cf0 python-tools-2.2.3-6.5.ppc.rpm 240da66aab0fdef51662566bd9be8acb tkinter-2.2.3-6.5.ppc.rpm s390: 95fbb55320dadfd9f9cad87038506695 python-2.2.3-6.5.s390.rpm 040ad1bf4c3bd0f4600958bb1ed0d231 python-debuginfo-2.2.3-6.5.s390.rpm 73137cda244d7ef351962d5e513e9ab6 python-devel-2.2.3-6.5.s390.rpm 71da560c7523b01b9c6e0d9c4a87c2c0 python-tools-2.2.3-6.5.s390.rpm a93a8b2d9a7a2dc0dba6bc481e0dad1c tkinter-2.2.3-6.5.s390.rpm s390x: 01363b0b6d57f7c66419b32038020782 python-2.2.3-6.5.s390x.rpm 1b511b48bff4f6cb51b406cab0905bcd python-debuginfo-2.2.3-6.5.s390x.rpm 9cdd24346a67eccf627d9e604d0775aa python-devel-2.2.3-6.5.s390x.rpm a902f110ed483432451663e9fc546706 python-tools-2.2.3-6.5.s390x.rpm cf46eeccc6308d6598e5fd336bb3644e tkinter-2.2.3-6.5.s390x.rpm x86_64: edb81dd6e870bcf318cd33ee97555c39 python-2.2.3-6.5.x86_64.rpm 1a903d13fa25c5e1cc556999f52d96c5 python-debuginfo-2.2.3-6.5.x86_64.rpm c75ca79933b9ecbe82c711f8ed79e96b python-devel-2.2.3-6.5.x86_64.rpm 0f4df04e3e60b21fe40992df711c61a7 python-tools-2.2.3-6.5.x86_64.rpm 7351fc8da36d14d3a74171948c5e3823 tkinter-2.2.3-6.5.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/python-2.2.3-6.5.src.rpm 7bd55e73c3a8afcf2190233bce2d3424 python-2.2.3-6.5.src.rpm i386: aa5c6ddaf74636f828d89565c440a84f python-2.2.3-6.5.i386.rpm 91d2242eb5fdf234dc8cd8935e67864e python-debuginfo-2.2.3-6.5.i386.rpm 7921f372dc7adb3b47b72ced396114cf python-devel-2.2.3-6.5.i386.rpm d1ff62856ebeb0b64c8e893d6d20686b python-tools-2.2.3-6.5.i386.rpm aa5a4072f9483e2d9127d2100787a1f1 tkinter-2.2.3-6.5.i386.rpm x86_64: edb81dd6e870bcf318cd33ee97555c39 python-2.2.3-6.5.x86_64.rpm 1a903d13fa25c5e1cc556999f52d96c5 python-debuginfo-2.2.3-6.5.x86_64.rpm c75ca79933b9ecbe82c711f8ed79e96b python-devel-2.2.3-6.5.x86_64.rpm 0f4df04e3e60b21fe40992df711c61a7 python-tools-2.2.3-6.5.x86_64.rpm 7351fc8da36d14d3a74171948c5e3823 tkinter-2.2.3-6.5.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/python-2.2.3-6.5.src.rpm 7bd55e73c3a8afcf2190233bce2d3424 python-2.2.3-6.5.src.rpm i386: aa5c6ddaf74636f828d89565c440a84f python-2.2.3-6.5.i386.rpm 91d2242eb5fdf234dc8cd8935e67864e python-debuginfo-2.2.3-6.5.i386.rpm 7921f372dc7adb3b47b72ced396114cf python-devel-2.2.3-6.5.i386.rpm d1ff62856ebeb0b64c8e893d6d20686b python-tools-2.2.3-6.5.i386.rpm aa5a4072f9483e2d9127d2100787a1f1 tkinter-2.2.3-6.5.i386.rpm ia64: 23e24399883628b9213e6bb2c1310384 python-2.2.3-6.5.ia64.rpm 0de3fb91fd40261e0434cdc7002391ec python-debuginfo-2.2.3-6.5.ia64.rpm 6ad20da697f6f72b543a25394f831421 python-devel-2.2.3-6.5.ia64.rpm ef9a9aa4f82ea2862f3233c63623c0b8 python-tools-2.2.3-6.5.ia64.rpm 36c74ec8d24b295d6574ecada425591b tkinter-2.2.3-6.5.ia64.rpm x86_64: edb81dd6e870bcf318cd33ee97555c39 python-2.2.3-6.5.x86_64.rpm 1a903d13fa25c5e1cc556999f52d96c5 python-debuginfo-2.2.3-6.5.x86_64.rpm c75ca79933b9ecbe82c711f8ed79e96b python-devel-2.2.3-6.5.x86_64.rpm 0f4df04e3e60b21fe40992df711c61a7 python-tools-2.2.3-6.5.x86_64.rpm 7351fc8da36d14d3a74171948c5e3823 tkinter-2.2.3-6.5.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/python-2.2.3-6.5.src.rpm 7bd55e73c3a8afcf2190233bce2d3424 python-2.2.3-6.5.src.rpm i386: aa5c6ddaf74636f828d89565c440a84f python-2.2.3-6.5.i386.rpm 91d2242eb5fdf234dc8cd8935e67864e python-debuginfo-2.2.3-6.5.i386.rpm 7921f372dc7adb3b47b72ced396114cf python-devel-2.2.3-6.5.i386.rpm d1ff62856ebeb0b64c8e893d6d20686b python-tools-2.2.3-6.5.i386.rpm aa5a4072f9483e2d9127d2100787a1f1 tkinter-2.2.3-6.5.i386.rpm ia64: 23e24399883628b9213e6bb2c1310384 python-2.2.3-6.5.ia64.rpm 0de3fb91fd40261e0434cdc7002391ec python-debuginfo-2.2.3-6.5.ia64.rpm 6ad20da697f6f72b543a25394f831421 python-devel-2.2.3-6.5.ia64.rpm ef9a9aa4f82ea2862f3233c63623c0b8 python-tools-2.2.3-6.5.ia64.rpm 36c74ec8d24b295d6574ecada425591b tkinter-2.2.3-6.5.ia64.rpm x86_64: edb81dd6e870bcf318cd33ee97555c39 python-2.2.3-6.5.x86_64.rpm 1a903d13fa25c5e1cc556999f52d96c5 python-debuginfo-2.2.3-6.5.x86_64.rpm c75ca79933b9ecbe82c711f8ed79e96b python-devel-2.2.3-6.5.x86_64.rpm 0f4df04e3e60b21fe40992df711c61a7 python-tools-2.2.3-6.5.x86_64.rpm 7351fc8da36d14d3a74171948c5e3823 tkinter-2.2.3-6.5.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/python-2.3.4-14.3.src.rpm b77a2036a4496f91b19cf2bfc228ef9d python-2.3.4-14.3.src.rpm i386: 588b1be239522d3e55b89bbb21d6ceec python-2.3.4-14.3.i386.rpm f3db32a8d02225747ccd3a1e163644c6 python-debuginfo-2.3.4-14.3.i386.rpm 3431de9944ebcb847be132b64e87e513 python-devel-2.3.4-14.3.i386.rpm c5b70323157c303f143db6d3ba369f58 python-docs-2.3.4-14.3.i386.rpm 06aab46ed671d94158d0d0b814b8427b python-tools-2.3.4-14.3.i386.rpm 3e78a7ef509eb7d19ed6aac9fa6c6546 tkinter-2.3.4-14.3.i386.rpm ia64: 54f132a54ad12115cd8f3289cfb19c3c python-2.3.4-14.3.ia64.rpm b58697dedc25b259f53b4a1c2600e9af python-debuginfo-2.3.4-14.3.ia64.rpm b926a960dd693a2c68f417cb709f8f72 python-devel-2.3.4-14.3.ia64.rpm 0cd0c817921b4acf6b3093017302497c python-docs-2.3.4-14.3.ia64.rpm 3b618ab235a709c92a47d5b9c3c99a9c python-tools-2.3.4-14.3.ia64.rpm 45bf62592d6ea608d3cde2843444f021 tkinter-2.3.4-14.3.ia64.rpm ppc: 7da257f798eba9dd049681325b99a688 python-2.3.4-14.3.ppc.rpm 979f91ead60ad5a16134af1a1bab0673 python-debuginfo-2.3.4-14.3.ppc.rpm fcca089e509abe70e99907a028ea5e54 python-devel-2.3.4-14.3.ppc.rpm f79cda57f4daf646765d144256669c18 python-docs-2.3.4-14.3.ppc.rpm 6c4d7d3cc8318431808076953c72faf0 python-tools-2.3.4-14.3.ppc.rpm 3795d5229135336249a8f190ecf391b1 tkinter-2.3.4-14.3.ppc.rpm s390: 75743f9134b65b15531fd54441bc2074 python-2.3.4-14.3.s390.rpm 63e55bfca293aa0bd0fc3a9698055297 python-debuginfo-2.3.4-14.3.s390.rpm 5fd3244000892911334f7010529d0b7e python-devel-2.3.4-14.3.s390.rpm fdda555ab73dbf88b399f9997cc1cd2f python-docs-2.3.4-14.3.s390.rpm e0784b78a875e072e52bf6e5b1289555 python-tools-2.3.4-14.3.s390.rpm edbd15c9cd96d53581b2634cde714a18 tkinter-2.3.4-14.3.s390.rpm s390x: fbf37d4cc36b601c137e291fd760fc21 python-2.3.4-14.3.s390x.rpm dd0473e9dfab38025035c6fa29d6ab92 python-debuginfo-2.3.4-14.3.s390x.rpm 3cac0c4e00681da4bdbb3e3ea3d34f5e python-devel-2.3.4-14.3.s390x.rpm 94a85e10ef45b34ec2771007ed020a4a python-docs-2.3.4-14.3.s390x.rpm 87362e01198a3e4e90a0363106446510 python-tools-2.3.4-14.3.s390x.rpm 9b6f208be55ef77e869be749343d7eef tkinter-2.3.4-14.3.s390x.rpm x86_64: 629204e2dfb213386bd616acf9c77f00 python-2.3.4-14.3.x86_64.rpm 0b4389017feedec4b372d215d7e30bd2 python-debuginfo-2.3.4-14.3.x86_64.rpm f21880ce6f9bb3638fe221b9300200a7 python-devel-2.3.4-14.3.x86_64.rpm ac59cfd06813a19a38f6771af45b1372 python-docs-2.3.4-14.3.x86_64.rpm 883f381cf0d71afb267782d0e7c0bf55 python-tools-2.3.4-14.3.x86_64.rpm 22ab34f9f5f8d46141e0e08b45cc3c62 tkinter-2.3.4-14.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/python-2.3.4-14.3.src.rpm b77a2036a4496f91b19cf2bfc228ef9d python-2.3.4-14.3.src.rpm i386: 588b1be239522d3e55b89bbb21d6ceec python-2.3.4-14.3.i386.rpm f3db32a8d02225747ccd3a1e163644c6 python-debuginfo-2.3.4-14.3.i386.rpm 3431de9944ebcb847be132b64e87e513 python-devel-2.3.4-14.3.i386.rpm c5b70323157c303f143db6d3ba369f58 python-docs-2.3.4-14.3.i386.rpm 06aab46ed671d94158d0d0b814b8427b python-tools-2.3.4-14.3.i386.rpm 3e78a7ef509eb7d19ed6aac9fa6c6546 tkinter-2.3.4-14.3.i386.rpm x86_64: 629204e2dfb213386bd616acf9c77f00 python-2.3.4-14.3.x86_64.rpm 0b4389017feedec4b372d215d7e30bd2 python-debuginfo-2.3.4-14.3.x86_64.rpm f21880ce6f9bb3638fe221b9300200a7 python-devel-2.3.4-14.3.x86_64.rpm ac59cfd06813a19a38f6771af45b1372 python-docs-2.3.4-14.3.x86_64.rpm 883f381cf0d71afb267782d0e7c0bf55 python-tools-2.3.4-14.3.x86_64.rpm 22ab34f9f5f8d46141e0e08b45cc3c62 tkinter-2.3.4-14.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/python-2.3.4-14.3.src.rpm b77a2036a4496f91b19cf2bfc228ef9d python-2.3.4-14.3.src.rpm i386: 588b1be239522d3e55b89bbb21d6ceec python-2.3.4-14.3.i386.rpm f3db32a8d02225747ccd3a1e163644c6 python-debuginfo-2.3.4-14.3.i386.rpm 3431de9944ebcb847be132b64e87e513 python-devel-2.3.4-14.3.i386.rpm c5b70323157c303f143db6d3ba369f58 python-docs-2.3.4-14.3.i386.rpm 06aab46ed671d94158d0d0b814b8427b python-tools-2.3.4-14.3.i386.rpm 3e78a7ef509eb7d19ed6aac9fa6c6546 tkinter-2.3.4-14.3.i386.rpm ia64: 54f132a54ad12115cd8f3289cfb19c3c python-2.3.4-14.3.ia64.rpm b58697dedc25b259f53b4a1c2600e9af python-debuginfo-2.3.4-14.3.ia64.rpm b926a960dd693a2c68f417cb709f8f72 python-devel-2.3.4-14.3.ia64.rpm 0cd0c817921b4acf6b3093017302497c python-docs-2.3.4-14.3.ia64.rpm 3b618ab235a709c92a47d5b9c3c99a9c python-tools-2.3.4-14.3.ia64.rpm 45bf62592d6ea608d3cde2843444f021 tkinter-2.3.4-14.3.ia64.rpm x86_64: 629204e2dfb213386bd616acf9c77f00 python-2.3.4-14.3.x86_64.rpm 0b4389017feedec4b372d215d7e30bd2 python-debuginfo-2.3.4-14.3.x86_64.rpm f21880ce6f9bb3638fe221b9300200a7 python-devel-2.3.4-14.3.x86_64.rpm ac59cfd06813a19a38f6771af45b1372 python-docs-2.3.4-14.3.x86_64.rpm 883f381cf0d71afb267782d0e7c0bf55 python-tools-2.3.4-14.3.x86_64.rpm 22ab34f9f5f8d46141e0e08b45cc3c62 tkinter-2.3.4-14.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/python-2.3.4-14.3.src.rpm b77a2036a4496f91b19cf2bfc228ef9d python-2.3.4-14.3.src.rpm i386: 588b1be239522d3e55b89bbb21d6ceec python-2.3.4-14.3.i386.rpm f3db32a8d02225747ccd3a1e163644c6 python-debuginfo-2.3.4-14.3.i386.rpm 3431de9944ebcb847be132b64e87e513 python-devel-2.3.4-14.3.i386.rpm c5b70323157c303f143db6d3ba369f58 python-docs-2.3.4-14.3.i386.rpm 06aab46ed671d94158d0d0b814b8427b python-tools-2.3.4-14.3.i386.rpm 3e78a7ef509eb7d19ed6aac9fa6c6546 tkinter-2.3.4-14.3.i386.rpm ia64: 54f132a54ad12115cd8f3289cfb19c3c python-2.3.4-14.3.ia64.rpm b58697dedc25b259f53b4a1c2600e9af python-debuginfo-2.3.4-14.3.ia64.rpm b926a960dd693a2c68f417cb709f8f72 python-devel-2.3.4-14.3.ia64.rpm 0cd0c817921b4acf6b3093017302497c python-docs-2.3.4-14.3.ia64.rpm 3b618ab235a709c92a47d5b9c3c99a9c python-tools-2.3.4-14.3.ia64.rpm 45bf62592d6ea608d3cde2843444f021 tkinter-2.3.4-14.3.ia64.rpm x86_64: 629204e2dfb213386bd616acf9c77f00 python-2.3.4-14.3.x86_64.rpm 0b4389017feedec4b372d215d7e30bd2 python-debuginfo-2.3.4-14.3.x86_64.rpm f21880ce6f9bb3638fe221b9300200a7 python-devel-2.3.4-14.3.x86_64.rpm ac59cfd06813a19a38f6771af45b1372 python-docs-2.3.4-14.3.x86_64.rpm 883f381cf0d71afb267782d0e7c0bf55 python-tools-2.3.4-14.3.x86_64.rpm 22ab34f9f5f8d46141e0e08b45cc3c62 tkinter-2.3.4-14.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4980 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFKsWiXlSAg2UNWIIRAsMxAJsGg8xVk/q0TFW1599G55i5mb+CNQCgiXXG CTCTXJtQNossU9qiyBvkz9U= =4hbK -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Oct 18 04:55:22 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Oct 2006 00:55:22 -0400 Subject: [RHSA-2006:0720-01] Critical: kdelibs security update Message-ID: <200610180455.k9I4tM1M005738@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: kdelibs security update Advisory ID: RHSA-2006:0720-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0720.html Issue date: 2006-10-18 Updated on: 2006-10-18 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-4811 - --------------------------------------------------------------------- 1. Summary: Updated kdelibs packages that correct an integer overflow flaw are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The kdelibs package provides libraries for the K Desktop Environment (KDE). Qt is a GUI software toolkit for the X Window System. An integer overflow flaw was found in the way Qt handled pixmap images. The KDE khtml library uses Qt in such a way that untrusted parameters could be passed to Qt, triggering the overflow. An attacker could for example create a malicious web page that when viewed by a victim in the Konqueror browser would cause Konqueror to crash or possibly execute arbitrary code with the privileges of the victim. (CVE-2006-4811) Users of KDE should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 210742 - CVE-2006-4811 qt integer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3 kdelibs-2.2.2-21.EL2.src.rpm i386: e0ee638b0a77beb375bc060bfaca2641 arts-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20 kdelibs-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7 kdelibs-devel-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a kdelibs-sound-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24 kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm ia64: f380e28d6a7d8fe6a9ad2b85db431afe arts-2.2.2-21.EL2.ia64.rpm d36cf8ece25170b621ec363fdaf1c4d7 kdelibs-2.2.2-21.EL2.ia64.rpm 00d5b7cea3e8180f4b75d12162939ffb kdelibs-devel-2.2.2-21.EL2.ia64.rpm d6df99d11aec63bd41fd1c4729500f33 kdelibs-sound-2.2.2-21.EL2.ia64.rpm 294cbf6d4556abe209000a77fe7158c9 kdelibs-sound-devel-2.2.2-21.EL2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3 kdelibs-2.2.2-21.EL2.src.rpm ia64: f380e28d6a7d8fe6a9ad2b85db431afe arts-2.2.2-21.EL2.ia64.rpm d36cf8ece25170b621ec363fdaf1c4d7 kdelibs-2.2.2-21.EL2.ia64.rpm 00d5b7cea3e8180f4b75d12162939ffb kdelibs-devel-2.2.2-21.EL2.ia64.rpm d6df99d11aec63bd41fd1c4729500f33 kdelibs-sound-2.2.2-21.EL2.ia64.rpm 294cbf6d4556abe209000a77fe7158c9 kdelibs-sound-devel-2.2.2-21.EL2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3 kdelibs-2.2.2-21.EL2.src.rpm i386: e0ee638b0a77beb375bc060bfaca2641 arts-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20 kdelibs-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7 kdelibs-devel-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a kdelibs-sound-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24 kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kdelibs-2.2.2-21.EL2.src.rpm 7bb39d081bee9bfa1413e78c9ff0f2b3 kdelibs-2.2.2-21.EL2.src.rpm i386: e0ee638b0a77beb375bc060bfaca2641 arts-2.2.2-21.EL2.i386.rpm 03967e80022cf2761be284aa53261e20 kdelibs-2.2.2-21.EL2.i386.rpm 53a1ce03e3f18ef2cd2ebea9ed7435b7 kdelibs-devel-2.2.2-21.EL2.i386.rpm 2c25355a146310d01eef70852d00339a kdelibs-sound-2.2.2-21.EL2.i386.rpm 47e69160a42afe9e96ea35ac0eac4c24 kdelibs-sound-devel-2.2.2-21.EL2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92 kdelibs-3.1.3-6.12.src.rpm i386: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8 kdelibs-devel-3.1.3-6.12.i386.rpm ia64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm e82d1157966f70ecc76b52b24daf0e4e kdelibs-3.1.3-6.12.ia64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm e512dc01b3317adbe33ecf80e177c8b4 kdelibs-debuginfo-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d kdelibs-devel-3.1.3-6.12.ia64.rpm ppc: 21d58199f68c8397123a2588353804d4 kdelibs-3.1.3-6.12.ppc.rpm 648937ed5e2debab9a20c359fd98366e kdelibs-3.1.3-6.12.ppc64.rpm 6ae93eca4d0ab2e147814a5fe65f090e kdelibs-debuginfo-3.1.3-6.12.ppc.rpm c775cd973afff159cf0d0a675bcca9ac kdelibs-debuginfo-3.1.3-6.12.ppc64.rpm a42a48b95f9a99818162c5935126b095 kdelibs-devel-3.1.3-6.12.ppc.rpm s390: 56c438a932ba65b4cd8cb5eb762c13e2 kdelibs-3.1.3-6.12.s390.rpm f9e71ed2eafc6dfc8b9c05e98a29977b kdelibs-debuginfo-3.1.3-6.12.s390.rpm a0d89f77b3bbea0645dd4a647fd54418 kdelibs-devel-3.1.3-6.12.s390.rpm s390x: 56c438a932ba65b4cd8cb5eb762c13e2 kdelibs-3.1.3-6.12.s390.rpm 95a04b9f581838eeb9a5a460888b395d kdelibs-3.1.3-6.12.s390x.rpm f9e71ed2eafc6dfc8b9c05e98a29977b kdelibs-debuginfo-3.1.3-6.12.s390.rpm 6bf6754fa06c51e1325d84a519e84ace kdelibs-debuginfo-3.1.3-6.12.s390x.rpm 4900daf824ed5a24a7be87951abc7e46 kdelibs-devel-3.1.3-6.12.s390x.rpm x86_64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 05cddb98cc096807430e17eab725d811 kdelibs-3.1.3-6.12.x86_64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 489fc6bab15b4271e0f7959dc843cbd2 kdelibs-debuginfo-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd kdelibs-devel-3.1.3-6.12.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92 kdelibs-3.1.3-6.12.src.rpm i386: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8 kdelibs-devel-3.1.3-6.12.i386.rpm x86_64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 05cddb98cc096807430e17eab725d811 kdelibs-3.1.3-6.12.x86_64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 489fc6bab15b4271e0f7959dc843cbd2 kdelibs-debuginfo-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd kdelibs-devel-3.1.3-6.12.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92 kdelibs-3.1.3-6.12.src.rpm i386: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8 kdelibs-devel-3.1.3-6.12.i386.rpm ia64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm e82d1157966f70ecc76b52b24daf0e4e kdelibs-3.1.3-6.12.ia64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm e512dc01b3317adbe33ecf80e177c8b4 kdelibs-debuginfo-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d kdelibs-devel-3.1.3-6.12.ia64.rpm x86_64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 05cddb98cc096807430e17eab725d811 kdelibs-3.1.3-6.12.x86_64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 489fc6bab15b4271e0f7959dc843cbd2 kdelibs-debuginfo-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd kdelibs-devel-3.1.3-6.12.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kdelibs-3.1.3-6.12.src.rpm cdeb513ec6b326e719373afb39420b92 kdelibs-3.1.3-6.12.src.rpm i386: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 1d572edb05e3c2fe8c5d77941a568cb8 kdelibs-devel-3.1.3-6.12.i386.rpm ia64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm e82d1157966f70ecc76b52b24daf0e4e kdelibs-3.1.3-6.12.ia64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm e512dc01b3317adbe33ecf80e177c8b4 kdelibs-debuginfo-3.1.3-6.12.ia64.rpm 53b498e76562c78677ecba5849c8fe1d kdelibs-devel-3.1.3-6.12.ia64.rpm x86_64: 403f8d641cfeda9efd11a3c977b8afe7 kdelibs-3.1.3-6.12.i386.rpm 05cddb98cc096807430e17eab725d811 kdelibs-3.1.3-6.12.x86_64.rpm 58ee9b6c0d991f6574ff77dea86cea62 kdelibs-debuginfo-3.1.3-6.12.i386.rpm 489fc6bab15b4271e0f7959dc843cbd2 kdelibs-debuginfo-3.1.3-6.12.x86_64.rpm 2ec6fcb91b8cf102e915755dd08632bd kdelibs-devel-3.1.3-6.12.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170 kdelibs-3.3.1-6.RHEL4.src.rpm i386: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da kdelibs-devel-3.3.1-6.RHEL4.i386.rpm ia64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm e123583a0a21fb489563815c9c9d1868 kdelibs-3.3.1-6.RHEL4.ia64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm bba59d8b12cb7258260f1c2f328433c3 kdelibs-debuginfo-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5 kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm ppc: c18280f098ff9b6d99dd58ad51782041 kdelibs-3.3.1-6.RHEL4.ppc.rpm 1c334f023c58a14d572454e9b45f1b2b kdelibs-3.3.1-6.RHEL4.ppc64.rpm deb54fac47c6418b098e9b96b3906c4e kdelibs-debuginfo-3.3.1-6.RHEL4.ppc.rpm 2f06ccb2ffecf0d06df4f2e62f8463b4 kdelibs-debuginfo-3.3.1-6.RHEL4.ppc64.rpm 095995d375aa9760e4a4c1bdb9388634 kdelibs-devel-3.3.1-6.RHEL4.ppc.rpm s390: 85f41346ff63f6d21f39dd3febbec970 kdelibs-3.3.1-6.RHEL4.s390.rpm 3b948e3ddc6de216f06b2f09a34f5ba2 kdelibs-debuginfo-3.3.1-6.RHEL4.s390.rpm 8ec078b136feb262c48b44ed36c5dc2e kdelibs-devel-3.3.1-6.RHEL4.s390.rpm s390x: 85f41346ff63f6d21f39dd3febbec970 kdelibs-3.3.1-6.RHEL4.s390.rpm 9e610b0137cce3c69aa0e07a937171e1 kdelibs-3.3.1-6.RHEL4.s390x.rpm 3b948e3ddc6de216f06b2f09a34f5ba2 kdelibs-debuginfo-3.3.1-6.RHEL4.s390.rpm 53c751ceb0962651490067fa8007a88f kdelibs-debuginfo-3.3.1-6.RHEL4.s390x.rpm f9cbe45ea627ac1239568ec1a71052fb kdelibs-devel-3.3.1-6.RHEL4.s390x.rpm x86_64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 84bbed7e29aaab4bba60154ff934985c kdelibs-3.3.1-6.RHEL4.x86_64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm c52c0a3bc9f90a3e389e38534d8a65a4 kdelibs-debuginfo-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65 kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170 kdelibs-3.3.1-6.RHEL4.src.rpm i386: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da kdelibs-devel-3.3.1-6.RHEL4.i386.rpm x86_64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 84bbed7e29aaab4bba60154ff934985c kdelibs-3.3.1-6.RHEL4.x86_64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm c52c0a3bc9f90a3e389e38534d8a65a4 kdelibs-debuginfo-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65 kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170 kdelibs-3.3.1-6.RHEL4.src.rpm i386: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da kdelibs-devel-3.3.1-6.RHEL4.i386.rpm ia64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm e123583a0a21fb489563815c9c9d1868 kdelibs-3.3.1-6.RHEL4.ia64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm bba59d8b12cb7258260f1c2f328433c3 kdelibs-debuginfo-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5 kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm x86_64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 84bbed7e29aaab4bba60154ff934985c kdelibs-3.3.1-6.RHEL4.x86_64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm c52c0a3bc9f90a3e389e38534d8a65a4 kdelibs-debuginfo-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65 kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-6.RHEL4.src.rpm d07aedc884e8060bb5cbadce17445170 kdelibs-3.3.1-6.RHEL4.src.rpm i386: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm d86a20d022f4ea51d8875b487c1c75da kdelibs-devel-3.3.1-6.RHEL4.i386.rpm ia64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm e123583a0a21fb489563815c9c9d1868 kdelibs-3.3.1-6.RHEL4.ia64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm bba59d8b12cb7258260f1c2f328433c3 kdelibs-debuginfo-3.3.1-6.RHEL4.ia64.rpm 44fa4375f7b78e612f9b04b11d8bf8f5 kdelibs-devel-3.3.1-6.RHEL4.ia64.rpm x86_64: 39ca7148c5937f9884163764ade919c6 kdelibs-3.3.1-6.RHEL4.i386.rpm 84bbed7e29aaab4bba60154ff934985c kdelibs-3.3.1-6.RHEL4.x86_64.rpm 7d142be854bb659f6fda5e9e5e18c6a6 kdelibs-debuginfo-3.3.1-6.RHEL4.i386.rpm c52c0a3bc9f90a3e389e38534d8a65a4 kdelibs-debuginfo-3.3.1-6.RHEL4.x86_64.rpm cde349bab7f05a191e2d8cdbd150be65 kdelibs-devel-3.3.1-6.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4811 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFNbOiXlSAg2UNWIIRAiHVAJ9NU65n/TiNPMMV04OYUpkMCePE9ACffcLu OFYfCSbDBf0qbywdShmTKSw= =hyRA -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Oct 19 12:54:33 2006 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 19 Oct 2006 08:54:33 -0400 Subject: [RHSA-2006:0710-01] Important: kernel security update Message-ID: <200610191254.k9JCsXKg009391@porkchop.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2006:0710-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0710.html Issue date: 2006-10-19 Updated on: 2006-10-19 Product: Red Hat Enterprise Linux Keywords: taroon kernel security errata Obsoletes: RHSA-2006:0437 CVE Names: CVE-2006-1864 CVE-2006-2071 CVE-2006-2935 CVE-2006-4342 CVE-2006-4997 CVE-2006-5174 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the IPC shared-memory implementation that allowed a local user to cause a denial of service (deadlock) that resulted in freezing the system (CVE-2006-4342, Important) * an information leak in the copy_from_user() implementation on s390 and s390x platforms that allowed a local user to read arbitrary kernel memory (CVE-2006-5174, Important) * a flaw in the ATM subsystem affecting systems with installed ATM hardware and configured ATM support that allowed a remote user to cause a denial of service (panic) by accessing socket buffer memory after it has been freed (CVE-2006-4997, Moderate) * a directory traversal vulnerability in smbfs that allowed a local user to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences (CVE-2006-1864, Moderate) * a flaw in the mprotect system call that allowed enabling write permission for a read-only attachment of shared memory (CVE-2006-2071, Moderate) * a flaw in the DVD handling of the CDROM driver that could be used together with a custom built USB device to gain root privileges (CVE-2006-2935, Moderate) In addition to the security issues described above, a bug fix for a clock skew problem (which could lead to unintended keyboard repeat under X11) was also included. The problem only occurred when running the 32-bit x86 kernel on 64-bit dual-core x86_64 hardware. Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 169428 - repetitive keystroke issue on both RH3 U5 32bit and RH4 U1 32bit. 189436 - CVE-2006-1864 smbfs chroot issue 190074 - CVE-2006-2071 mprotect gives write permission to a readonly attachment 197672 - CVE-2006-2935 Possible buffer overflow in DVD handling 205618 - CVE-2006-4342 shmat hangs by simultaneous shmctl(IPC_RMID) 206270 - CVE-2006-4997 IP over ATM clip_mkip dereference freed pointer 209436 - CVE-2006-5174 copy_from_user information leak on s390 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-47.0.1.EL.src.rpm fe57bb5ba14c1f2410b158ed5900f8af kernel-2.4.21-47.0.1.EL.src.rpm i386: 0f313988a3b5ee1c13eef6ac33f90366 kernel-2.4.21-47.0.1.EL.athlon.rpm 69feb474be6b1bee161180ccc07891b6 kernel-2.4.21-47.0.1.EL.i686.rpm cfeeab04ef806f0f067975b6d652053f kernel-BOOT-2.4.21-47.0.1.EL.i386.rpm 0b580ecfd116199f4dd8c92111e7af2d kernel-debuginfo-2.4.21-47.0.1.EL.athlon.rpm 584ac1201581a453f48da2d6bcb78e7c kernel-debuginfo-2.4.21-47.0.1.EL.i386.rpm d72dca6f97c717b4ce0e7698016fcad4 kernel-debuginfo-2.4.21-47.0.1.EL.i686.rpm 6792b74295d0ece09cd1c108c9d8f23e kernel-doc-2.4.21-47.0.1.EL.i386.rpm 4ec2c0fa1fbf3017bdaf36c6ae8f75a3 kernel-hugemem-2.4.21-47.0.1.EL.i686.rpm 3617b38352971c71c64d5560db52b3ad kernel-hugemem-unsupported-2.4.21-47.0.1.EL.i686.rpm 51ae45ba954b3ff40f4f162c369fefbe kernel-smp-2.4.21-47.0.1.EL.athlon.rpm e4cf369455f6ae40d67e29711bee6519 kernel-smp-2.4.21-47.0.1.EL.i686.rpm 91abcffc492b21a8953a2745ddbed3e2 kernel-smp-unsupported-2.4.21-47.0.1.EL.athlon.rpm 40510c2d3066d9b789ec669be6d70dfb kernel-smp-unsupported-2.4.21-47.0.1.EL.i686.rpm cef35a37a7bc657f5e6989fa5e1b5d47 kernel-source-2.4.21-47.0.1.EL.i386.rpm b0c04546c3d59e4d6646123d41ecdc35 kernel-unsupported-2.4.21-47.0.1.EL.athlon.rpm 49b1c869f5e57f0e4996d65f2af6abba kernel-unsupported-2.4.21-47.0.1.EL.i686.rpm ia64: 47f0a4f327831bc6410334a6a4455e21 kernel-2.4.21-47.0.1.EL.ia64.rpm 0d06dd40f1920fc487a9f85e57de6234 kernel-debuginfo-2.4.21-47.0.1.EL.ia64.rpm 5c292c4491643ee45a1b97dcdbdd2847 kernel-doc-2.4.21-47.0.1.EL.ia64.rpm bec034502e425f71d4283caffbce0b1b kernel-source-2.4.21-47.0.1.EL.ia64.rpm 1ba8b8f6b004e84ff7c14cdd240fa4bc kernel-unsupported-2.4.21-47.0.1.EL.ia64.rpm ppc: 2f96672418b277c5e3a58dff0d68b029 kernel-2.4.21-47.0.1.EL.ppc64iseries.rpm e85ec012314131b50d8fe46c682d358f kernel-2.4.21-47.0.1.EL.ppc64pseries.rpm fbbfbb2d1a2527058dfae7b75f553c1c kernel-debuginfo-2.4.21-47.0.1.EL.ppc64.rpm 069b9d978dcf771836d6a779b0a1fe70 kernel-debuginfo-2.4.21-47.0.1.EL.ppc64iseries.rpm b10dd5d39b92aa8a88e57f24c6f024af kernel-debuginfo-2.4.21-47.0.1.EL.ppc64pseries.rpm 2698e18f678563138bef3261dea9759f kernel-doc-2.4.21-47.0.1.EL.ppc64.rpm 9eab3900eb6956ae11be1ed1548d3153 kernel-source-2.4.21-47.0.1.EL.ppc64.rpm 157ccc0bdf87ed876355e55e94e3d43b kernel-unsupported-2.4.21-47.0.1.EL.ppc64iseries.rpm 782224ea0019ca9cef8a21540f5227d7 kernel-unsupported-2.4.21-47.0.1.EL.ppc64pseries.rpm s390: 80aad86ed64d189d9ba16d2ec37c61d1 kernel-2.4.21-47.0.1.EL.s390.rpm a256d51fa8ed3d633638717d86973351 kernel-debuginfo-2.4.21-47.0.1.EL.s390.rpm 0981d57893d93eb7c47dd52c4e5695b6 kernel-doc-2.4.21-47.0.1.EL.s390.rpm d2d86901a3bb6ec15a5b52cdfefcb697 kernel-source-2.4.21-47.0.1.EL.s390.rpm e0c0c89de07cf2e0958247eea2d7a6ec kernel-unsupported-2.4.21-47.0.1.EL.s390.rpm s390x: 3b4e35b36335ff8464bd355c3e215c62 kernel-2.4.21-47.0.1.EL.s390x.rpm 98256fe095ed60fac7acb95786f2f825 kernel-debuginfo-2.4.21-47.0.1.EL.s390x.rpm 46853dab961b6f0259847c313bc2c74c kernel-doc-2.4.21-47.0.1.EL.s390x.rpm f88b41322834d7de02030a79607748e8 kernel-source-2.4.21-47.0.1.EL.s390x.rpm adfcb3d2981bf71d5684828d5c4bcdbe kernel-unsupported-2.4.21-47.0.1.EL.s390x.rpm x86_64: ff59e82c378d27a85273dfe2c2ecf198 kernel-2.4.21-47.0.1.EL.ia32e.rpm 3eac97481cabbf31b26b658d77ef3145 kernel-2.4.21-47.0.1.EL.x86_64.rpm a7238213f3d21fedc7119cda744b5840 kernel-debuginfo-2.4.21-47.0.1.EL.ia32e.rpm 383b6deb766f4193d01f227486ff73bc kernel-debuginfo-2.4.21-47.0.1.EL.x86_64.rpm 66af96af71704aaaa39ad359dd641cd2 kernel-doc-2.4.21-47.0.1.EL.x86_64.rpm 95823cfe05beddc2de47ea0ddb87f2aa kernel-smp-2.4.21-47.0.1.EL.x86_64.rpm 502f7c42a96d3b40c09f4e708a326ca4 kernel-smp-unsupported-2.4.21-47.0.1.EL.x86_64.rpm f76a70595a8cbbff038fdc83e8eb818a kernel-source-2.4.21-47.0.1.EL.x86_64.rpm 8e2e4813caec5884256374c62f823f7d kernel-unsupported-2.4.21-47.0.1.EL.ia32e.rpm d0b7dda546e145208f4193b0e0d901bb kernel-unsupported-2.4.21-47.0.1.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-47.0.1.EL.src.rpm fe57bb5ba14c1f2410b158ed5900f8af kernel-2.4.21-47.0.1.EL.src.rpm i386: 0f313988a3b5ee1c13eef6ac33f90366 kernel-2.4.21-47.0.1.EL.athlon.rpm 69feb474be6b1bee161180ccc07891b6 kernel-2.4.21-47.0.1.EL.i686.rpm cfeeab04ef806f0f067975b6d652053f kernel-BOOT-2.4.21-47.0.1.EL.i386.rpm 0b580ecfd116199f4dd8c92111e7af2d kernel-debuginfo-2.4.21-47.0.1.EL.athlon.rpm 584ac1201581a453f48da2d6bcb78e7c kernel-debuginfo-2.4.21-47.0.1.EL.i386.rpm d72dca6f97c717b4ce0e7698016fcad4 kernel-debuginfo-2.4.21-47.0.1.EL.i686.rpm 6792b74295d0ece09cd1c108c9d8f23e kernel-doc-2.4.21-47.0.1.EL.i386.rpm 4ec2c0fa1fbf3017bdaf36c6ae8f75a3 kernel-hugemem-2.4.21-47.0.1.EL.i686.rpm 3617b38352971c71c64d5560db52b3ad kernel-hugemem-unsupported-2.4.21-47.0.1.EL.i686.rpm 51ae45ba954b3ff40f4f162c369fefbe kernel-smp-2.4.21-47.0.1.EL.athlon.rpm e4cf369455f6ae40d67e29711bee6519 kernel-smp-2.4.21-47.0.1.EL.i686.rpm 91abcffc492b21a8953a2745ddbed3e2 kernel-smp-unsupported-2.4.21-47.0.1.EL.athlon.rpm 40510c2d3066d9b789ec669be6d70dfb kernel-smp-unsupported-2.4.21-47.0.1.EL.i686.rpm cef35a37a7bc657f5e6989fa5e1b5d47 kernel-source-2.4.21-47.0.1.EL.i386.rpm b0c04546c3d59e4d6646123d41ecdc35 kernel-unsupported-2.4.21-47.0.1.EL.athlon.rpm 49b1c869f5e57f0e4996d65f2af6abba kernel-unsupported-2.4.21-47.0.1.EL.i686.rpm x86_64: ff59e82c378d27a85273dfe2c2ecf198 kernel-2.4.21-47.0.1.EL.ia32e.rpm 3eac97481cabbf31b26b658d77ef3145 kernel-2.4.21-47.0.1.EL.x86_64.rpm a7238213f3d21fedc7119cda744b5840 kernel-debuginfo-2.4.21-47.0.1.EL.ia32e.rpm 383b6deb766f4193d01f227486ff73bc kernel-debuginfo-2.4.21-47.0.1.EL.x86_64.rpm 66af96af71704aaaa39ad359dd641cd2 kernel-doc-2.4.21-47.0.1.EL.x86_64.rpm 95823cfe05beddc2de47ea0ddb87f2aa kernel-smp-2.4.21-47.0.1.EL.x86_64.rpm 502f7c42a96d3b40c09f4e708a326ca4 kernel-smp-unsupported-2.4.21-47.0.1.EL.x86_64.rpm f76a70595a8cbbff038fdc83e8eb818a kernel-source-2.4.21-47.0.1.EL.x86_64.rpm 8e2e4813caec5884256374c62f823f7d kernel-unsupported-2.4.21-47.0.1.EL.ia32e.rpm d0b7dda546e145208f4193b0e0d901bb kernel-unsupported-2.4.21-47.0.1.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-47.0.1.EL.src.rpm fe57bb5ba14c1f2410b158ed5900f8af kernel-2.4.21-47.0.1.EL.src.rpm i386: 0f313988a3b5ee1c13eef6ac33f90366 kernel-2.4.21-47.0.1.EL.athlon.rpm 69feb474be6b1bee161180ccc07891b6 kernel-2.4.21-47.0.1.EL.i686.rpm cfeeab04ef806f0f067975b6d652053f kernel-BOOT-2.4.21-47.0.1.EL.i386.rpm 0b580ecfd116199f4dd8c92111e7af2d kernel-debuginfo-2.4.21-47.0.1.EL.athlon.rpm 584ac1201581a453f48da2d6bcb78e7c kernel-debuginfo-2.4.21-47.0.1.EL.i386.rpm d72dca6f97c717b4ce0e7698016fcad4 kernel-debuginfo-2.4.21-47.0.1.EL.i686.rpm 6792b74295d0ece09cd1c108c9d8f23e kernel-doc-2.4.21-47.0.1.EL.i386.rpm 4ec2c0fa1fbf3017bdaf36c6ae8f75a3 kernel-hugemem-2.4.21-47.0.1.EL.i686.rpm 3617b38352971c71c64d5560db52b3ad kernel-hugemem-unsupported-2.4.21-47.0.1.EL.i686.rpm 51ae45ba954b3ff40f4f162c369fefbe kernel-smp-2.4.21-47.0.1.EL.athlon.rpm e4cf369455f6ae40d67e29711bee6519 kernel-smp-2.4.21-47.0.1.EL.i686.rpm 91abcffc492b21a8953a2745ddbed3e2 kernel-smp-unsupported-2.4.21-47.0.1.EL.athlon.rpm 40510c2d3066d9b789ec669be6d70dfb kernel-smp-unsupported-2.4.21-47.0.1.EL.i686.rpm cef35a37a7bc657f5e6989fa5e1b5d47 kernel-source-2.4.21-47.0.1.EL.i386.rpm b0c04546c3d59e4d6646123d41ecdc35 kernel-unsupported-2.4.21-47.0.1.EL.athlon.rpm 49b1c869f5e57f0e4996d65f2af6abba kernel-unsupported-2.4.21-47.0.1.EL.i686.rpm ia64: 47f0a4f327831bc6410334a6a4455e21 kernel-2.4.21-47.0.1.EL.ia64.rpm 0d06dd40f1920fc487a9f85e57de6234 kernel-debuginfo-2.4.21-47.0.1.EL.ia64.rpm 5c292c4491643ee45a1b97dcdbdd2847 kernel-doc-2.4.21-47.0.1.EL.ia64.rpm bec034502e425f71d4283caffbce0b1b kernel-source-2.4.21-47.0.1.EL.ia64.rpm 1ba8b8f6b004e84ff7c14cdd240fa4bc kernel-unsupported-2.4.21-47.0.1.EL.ia64.rpm x86_64: ff59e82c378d27a85273dfe2c2ecf198 kernel-2.4.21-47.0.1.EL.ia32e.rpm 3eac97481cabbf31b26b658d77ef3145 kernel-2.4.21-47.0.1.EL.x86_64.rpm a7238213f3d21fedc7119cda744b5840 kernel-debuginfo-2.4.21-47.0.1.EL.ia32e.rpm 383b6deb766f4193d01f227486ff73bc kernel-debuginfo-2.4.21-47.0.1.EL.x86_64.rpm 66af96af71704aaaa39ad359dd641cd2 kernel-doc-2.4.21-47.0.1.EL.x86_64.rpm 95823cfe05beddc2de47ea0ddb87f2aa kernel-smp-2.4.21-47.0.1.EL.x86_64.rpm 502f7c42a96d3b40c09f4e708a326ca4 kernel-smp-unsupported-2.4.21-47.0.1.EL.x86_64.rpm f76a70595a8cbbff038fdc83e8eb818a kernel-source-2.4.21-47.0.1.EL.x86_64.rpm 8e2e4813caec5884256374c62f823f7d kernel-unsupported-2.4.21-47.0.1.EL.ia32e.rpm d0b7dda546e145208f4193b0e0d901bb kernel-unsupported-2.4.21-47.0.1.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-47.0.1.EL.src.rpm fe57bb5ba14c1f2410b158ed5900f8af kernel-2.4.21-47.0.1.EL.src.rpm i386: 0f313988a3b5ee1c13eef6ac33f90366 kernel-2.4.21-47.0.1.EL.athlon.rpm 69feb474be6b1bee161180ccc07891b6 kernel-2.4.21-47.0.1.EL.i686.rpm cfeeab04ef806f0f067975b6d652053f kernel-BOOT-2.4.21-47.0.1.EL.i386.rpm 0b580ecfd116199f4dd8c92111e7af2d kernel-debuginfo-2.4.21-47.0.1.EL.athlon.rpm 584ac1201581a453f48da2d6bcb78e7c kernel-debuginfo-2.4.21-47.0.1.EL.i386.rpm d72dca6f97c717b4ce0e7698016fcad4 kernel-debuginfo-2.4.21-47.0.1.EL.i686.rpm 6792b74295d0ece09cd1c108c9d8f23e kernel-doc-2.4.21-47.0.1.EL.i386.rpm 4ec2c0fa1fbf3017bdaf36c6ae8f75a3 kernel-hugemem-2.4.21-47.0.1.EL.i686.rpm 3617b38352971c71c64d5560db52b3ad kernel-hugemem-unsupported-2.4.21-47.0.1.EL.i686.rpm 51ae45ba954b3ff40f4f162c369fefbe kernel-smp-2.4.21-47.0.1.EL.athlon.rpm e4cf369455f6ae40d67e29711bee6519 kernel-smp-2.4.21-47.0.1.EL.i686.rpm 91abcffc492b21a8953a2745ddbed3e2 kernel-smp-unsupported-2.4.21-47.0.1.EL.athlon.rpm 40510c2d3066d9b789ec669be6d70dfb kernel-smp-unsupported-2.4.21-47.0.1.EL.i686.rpm cef35a37a7bc657f5e6989fa5e1b5d47 kernel-source-2.4.21-47.0.1.EL.i386.rpm b0c04546c3d59e4d6646123d41ecdc35 kernel-unsupported-2.4.21-47.0.1.EL.athlon.rpm 49b1c869f5e57f0e4996d65f2af6abba kernel-unsupported-2.4.21-47.0.1.EL.i686.rpm ia64: 47f0a4f327831bc6410334a6a4455e21 kernel-2.4.21-47.0.1.EL.ia64.rpm 0d06dd40f1920fc487a9f85e57de6234 kernel-debuginfo-2.4.21-47.0.1.EL.ia64.rpm 5c292c4491643ee45a1b97dcdbdd2847 kernel-doc-2.4.21-47.0.1.EL.ia64.rpm bec034502e425f71d4283caffbce0b1b kernel-source-2.4.21-47.0.1.EL.ia64.rpm 1ba8b8f6b004e84ff7c14cdd240fa4bc kernel-unsupported-2.4.21-47.0.1.EL.ia64.rpm x86_64: ff59e82c378d27a85273dfe2c2ecf198 kernel-2.4.21-47.0.1.EL.ia32e.rpm 3eac97481cabbf31b26b658d77ef3145 kernel-2.4.21-47.0.1.EL.x86_64.rpm a7238213f3d21fedc7119cda744b5840 kernel-debuginfo-2.4.21-47.0.1.EL.ia32e.rpm 383b6deb766f4193d01f227486ff73bc kernel-debuginfo-2.4.21-47.0.1.EL.x86_64.rpm 66af96af71704aaaa39ad359dd641cd2 kernel-doc-2.4.21-47.0.1.EL.x86_64.rpm 95823cfe05beddc2de47ea0ddb87f2aa kernel-smp-2.4.21-47.0.1.EL.x86_64.rpm 502f7c42a96d3b40c09f4e708a326ca4 kernel-smp-unsupported-2.4.21-47.0.1.EL.x86_64.rpm f76a70595a8cbbff038fdc83e8eb818a kernel-source-2.4.21-47.0.1.EL.x86_64.rpm 8e2e4813caec5884256374c62f823f7d kernel-unsupported-2.4.21-47.0.1.EL.ia32e.rpm d0b7dda546e145208f4193b0e0d901bb kernel-unsupported-2.4.21-47.0.1.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2935 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4342 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4997 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5174 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQFFN3VzXlSAg2UNWIIRAh2QAKCn5vgWiviudS3OQHjKoR4BoxWc3wCgmA/X HrXdltG0ynoiQj+S8KEj2Vc= =Y8xq -----END PGP SIGNATURE-----