From bugzilla at redhat.com Wed Aug 1 09:49:42 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 1 Aug 2007 05:49:42 -0400 Subject: [RHSA-2007:0731-01] Important: tetex security update Message-ID: <200708010949.l719nhRs004421@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: tetex security update Advisory ID: RHSA-2007:0731-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0731.html Issue date: 2007-08-01 Updated on: 2007-08-01 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-3387 - --------------------------------------------------------------------- 1. Summary: Updated tetex packages that fix a security issue in PDF handling are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: TeTeX is an implementation of TeX. TeX takes a text file and a set of formatting commands as input and creates a typesetter-independent .dvi (DeVice Independent) file as output. Maurycy Prodeus discovered an integer overflow flaw in the processing of PDF files. An attacker could create a malicious PDF file that would cause TeTeX to crash or potentially execute arbitrary code when opened. (CVE-2007-3387) All users of TeTeX should upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 248194 - CVE-2007-3387 xpdf integer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/tetex-1.0.7-38.5E.11.src.rpm c6efe8aa0821599c4c0263ad002cfc9b tetex-1.0.7-38.5E.11.src.rpm i386: 0bd41e3e75ec5ceb07fdbddaafecb107 tetex-1.0.7-38.5E.11.i386.rpm 2c6938ded62e97ff033dbd4efde87c30 tetex-afm-1.0.7-38.5E.11.i386.rpm ed99e7e2c6092b7adc5e1a82fadb84ce tetex-doc-1.0.7-38.5E.11.i386.rpm 8420e9c640b2e687ed93de467b63f288 tetex-dvilj-1.0.7-38.5E.11.i386.rpm 63c12e71603a68007fadafbb45958600 tetex-dvips-1.0.7-38.5E.11.i386.rpm 31009b37c6133f633395c73dcbe1a642 tetex-fonts-1.0.7-38.5E.11.i386.rpm 9818038e4908b92e323c1714ed94a6e8 tetex-latex-1.0.7-38.5E.11.i386.rpm 0458118bbc1df32cffaf58c14de65c78 tetex-xdvi-1.0.7-38.5E.11.i386.rpm ia64: 2130c6493833db702ac4cddac79df9e0 tetex-1.0.7-38.5E.11.ia64.rpm 7ad53ec6a5b25a74205f8d8abacbe16d tetex-afm-1.0.7-38.5E.11.ia64.rpm a7bd51bb3829c712977b1f595371f693 tetex-doc-1.0.7-38.5E.11.ia64.rpm 2ed3c6e279a1da13961e7d3267eef44e tetex-dvilj-1.0.7-38.5E.11.ia64.rpm e30ab30f61d2546ccc14e86ebb33ae5b tetex-dvips-1.0.7-38.5E.11.ia64.rpm dbc5221da073021d509dbad208236bec tetex-fonts-1.0.7-38.5E.11.ia64.rpm c3b0d072b49a8b542dae284dc4595ebc tetex-latex-1.0.7-38.5E.11.ia64.rpm 8ebda7ce15d92a177b1a042660302059 tetex-xdvi-1.0.7-38.5E.11.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/tetex-1.0.7-38.5E.11.src.rpm c6efe8aa0821599c4c0263ad002cfc9b tetex-1.0.7-38.5E.11.src.rpm ia64: 2130c6493833db702ac4cddac79df9e0 tetex-1.0.7-38.5E.11.ia64.rpm 7ad53ec6a5b25a74205f8d8abacbe16d tetex-afm-1.0.7-38.5E.11.ia64.rpm a7bd51bb3829c712977b1f595371f693 tetex-doc-1.0.7-38.5E.11.ia64.rpm 2ed3c6e279a1da13961e7d3267eef44e tetex-dvilj-1.0.7-38.5E.11.ia64.rpm e30ab30f61d2546ccc14e86ebb33ae5b tetex-dvips-1.0.7-38.5E.11.ia64.rpm dbc5221da073021d509dbad208236bec tetex-fonts-1.0.7-38.5E.11.ia64.rpm c3b0d072b49a8b542dae284dc4595ebc tetex-latex-1.0.7-38.5E.11.ia64.rpm 8ebda7ce15d92a177b1a042660302059 tetex-xdvi-1.0.7-38.5E.11.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/tetex-1.0.7-38.5E.11.src.rpm c6efe8aa0821599c4c0263ad002cfc9b tetex-1.0.7-38.5E.11.src.rpm i386: 0bd41e3e75ec5ceb07fdbddaafecb107 tetex-1.0.7-38.5E.11.i386.rpm 2c6938ded62e97ff033dbd4efde87c30 tetex-afm-1.0.7-38.5E.11.i386.rpm ed99e7e2c6092b7adc5e1a82fadb84ce tetex-doc-1.0.7-38.5E.11.i386.rpm 8420e9c640b2e687ed93de467b63f288 tetex-dvilj-1.0.7-38.5E.11.i386.rpm 63c12e71603a68007fadafbb45958600 tetex-dvips-1.0.7-38.5E.11.i386.rpm 31009b37c6133f633395c73dcbe1a642 tetex-fonts-1.0.7-38.5E.11.i386.rpm 9818038e4908b92e323c1714ed94a6e8 tetex-latex-1.0.7-38.5E.11.i386.rpm 0458118bbc1df32cffaf58c14de65c78 tetex-xdvi-1.0.7-38.5E.11.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/tetex-1.0.7-38.5E.11.src.rpm c6efe8aa0821599c4c0263ad002cfc9b tetex-1.0.7-38.5E.11.src.rpm i386: 0bd41e3e75ec5ceb07fdbddaafecb107 tetex-1.0.7-38.5E.11.i386.rpm 2c6938ded62e97ff033dbd4efde87c30 tetex-afm-1.0.7-38.5E.11.i386.rpm ed99e7e2c6092b7adc5e1a82fadb84ce tetex-doc-1.0.7-38.5E.11.i386.rpm 8420e9c640b2e687ed93de467b63f288 tetex-dvilj-1.0.7-38.5E.11.i386.rpm 63c12e71603a68007fadafbb45958600 tetex-dvips-1.0.7-38.5E.11.i386.rpm 31009b37c6133f633395c73dcbe1a642 tetex-fonts-1.0.7-38.5E.11.i386.rpm 9818038e4908b92e323c1714ed94a6e8 tetex-latex-1.0.7-38.5E.11.i386.rpm 0458118bbc1df32cffaf58c14de65c78 tetex-xdvi-1.0.7-38.5E.11.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/tetex-1.0.7-67.10.src.rpm aa051257e1adb124b4b40c817b4946aa tetex-1.0.7-67.10.src.rpm i386: ef330bb1d8adca39bea3b3238f4bef39 tetex-1.0.7-67.10.i386.rpm 2b96107e9346a5bb12c7a056367dabb5 tetex-afm-1.0.7-67.10.i386.rpm 7e004f237006c95b3c940bef07ee1c61 tetex-debuginfo-1.0.7-67.10.i386.rpm ffdba625e8b18d0cce239b0670c32ff0 tetex-dvips-1.0.7-67.10.i386.rpm 8bc7ff599a657096d0b8ff760edbeaee tetex-fonts-1.0.7-67.10.i386.rpm 030e64d66e533dfe15db359d0c205657 tetex-latex-1.0.7-67.10.i386.rpm b8fd53dbe233ef9bfe50cf79d1d59c17 tetex-xdvi-1.0.7-67.10.i386.rpm ia64: ef6fb8731648a97ea3e48d86233b878f tetex-1.0.7-67.10.ia64.rpm c64cdcae4f8e5b501f620e8068f52701 tetex-afm-1.0.7-67.10.ia64.rpm 3d5a6c427b0d3806f711ca91c624d0cd tetex-debuginfo-1.0.7-67.10.ia64.rpm 6b9192f2ed5e7bc760ae62232311f3c4 tetex-dvips-1.0.7-67.10.ia64.rpm eec2ef4466c4d27f53503bc2a3bad1ff tetex-fonts-1.0.7-67.10.ia64.rpm 7625c9a13933e14fa0b7483efda311e8 tetex-latex-1.0.7-67.10.ia64.rpm 8f6eaf55d35c7941f3c9a8372b89a6ec tetex-xdvi-1.0.7-67.10.ia64.rpm ppc: 8076ae977b8cd06318f4e61ed0877dc5 tetex-1.0.7-67.10.ppc.rpm 2c131bd0a74d57eedb3cae9a2f61f031 tetex-afm-1.0.7-67.10.ppc.rpm d4af5ab485cc5bce5e18cb8a13f448b9 tetex-debuginfo-1.0.7-67.10.ppc.rpm ecdda8a0495408aea995de9ab26a4f81 tetex-dvips-1.0.7-67.10.ppc.rpm 353676c65599d9e7284d53495f194102 tetex-fonts-1.0.7-67.10.ppc.rpm f4e79e0aef96e52620f8da565446ab64 tetex-latex-1.0.7-67.10.ppc.rpm 0ae5a81a8005ca5e5dac3957a8fa95a7 tetex-xdvi-1.0.7-67.10.ppc.rpm s390: 815f0bb384327ea0a9a767ff4a84d04d tetex-1.0.7-67.10.s390.rpm d4581e2e7df283eeb236bacba2c29e71 tetex-afm-1.0.7-67.10.s390.rpm ac92babbd74713b319c54d58b23c98f0 tetex-debuginfo-1.0.7-67.10.s390.rpm 74b9c79a417313d50aa8b65e348b603f tetex-dvips-1.0.7-67.10.s390.rpm f131ae9f3fea62f6d95c6f9fce96f2d0 tetex-fonts-1.0.7-67.10.s390.rpm b98b1dea8add01a8c02a001a771ca649 tetex-latex-1.0.7-67.10.s390.rpm 64f058444dcc36e403dd9e4033986a99 tetex-xdvi-1.0.7-67.10.s390.rpm s390x: 1f2b168628a73e0c52839dace235f4e7 tetex-1.0.7-67.10.s390x.rpm 6db2a6606edb78494b9cfd8bada54b50 tetex-afm-1.0.7-67.10.s390x.rpm 1db266816b8241f4745bf79d8ee32d5d tetex-debuginfo-1.0.7-67.10.s390x.rpm 94e7195378f7fc8395863d5893d4479e tetex-dvips-1.0.7-67.10.s390x.rpm 2471cd0ef9649577003eb2798be94691 tetex-fonts-1.0.7-67.10.s390x.rpm e228b5c0aa51ff09f7edda8a31f13152 tetex-latex-1.0.7-67.10.s390x.rpm ab0d26e7361285ce80dddde78a263c45 tetex-xdvi-1.0.7-67.10.s390x.rpm x86_64: 455368464bd129649d9bc2806253db8c tetex-1.0.7-67.10.x86_64.rpm 11a0ab01f205305c76f2346749bfbb18 tetex-afm-1.0.7-67.10.x86_64.rpm 28a75c4f371b6b306a7e369be45ddd7d tetex-debuginfo-1.0.7-67.10.x86_64.rpm 19bc33ff02afc1c5f7ec461032c4df2c tetex-dvips-1.0.7-67.10.x86_64.rpm 23e3aebdb07b3dab4bf6b816d5d64934 tetex-fonts-1.0.7-67.10.x86_64.rpm b2d2607656210b023af65c58d9af2446 tetex-latex-1.0.7-67.10.x86_64.rpm cc66435076340bbea3790118c18b58c2 tetex-xdvi-1.0.7-67.10.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/tetex-1.0.7-67.10.src.rpm aa051257e1adb124b4b40c817b4946aa tetex-1.0.7-67.10.src.rpm i386: ef330bb1d8adca39bea3b3238f4bef39 tetex-1.0.7-67.10.i386.rpm 2b96107e9346a5bb12c7a056367dabb5 tetex-afm-1.0.7-67.10.i386.rpm 7e004f237006c95b3c940bef07ee1c61 tetex-debuginfo-1.0.7-67.10.i386.rpm ffdba625e8b18d0cce239b0670c32ff0 tetex-dvips-1.0.7-67.10.i386.rpm 8bc7ff599a657096d0b8ff760edbeaee tetex-fonts-1.0.7-67.10.i386.rpm 030e64d66e533dfe15db359d0c205657 tetex-latex-1.0.7-67.10.i386.rpm b8fd53dbe233ef9bfe50cf79d1d59c17 tetex-xdvi-1.0.7-67.10.i386.rpm x86_64: 455368464bd129649d9bc2806253db8c tetex-1.0.7-67.10.x86_64.rpm 11a0ab01f205305c76f2346749bfbb18 tetex-afm-1.0.7-67.10.x86_64.rpm 28a75c4f371b6b306a7e369be45ddd7d tetex-debuginfo-1.0.7-67.10.x86_64.rpm 19bc33ff02afc1c5f7ec461032c4df2c tetex-dvips-1.0.7-67.10.x86_64.rpm 23e3aebdb07b3dab4bf6b816d5d64934 tetex-fonts-1.0.7-67.10.x86_64.rpm b2d2607656210b023af65c58d9af2446 tetex-latex-1.0.7-67.10.x86_64.rpm cc66435076340bbea3790118c18b58c2 tetex-xdvi-1.0.7-67.10.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/tetex-1.0.7-67.10.src.rpm aa051257e1adb124b4b40c817b4946aa tetex-1.0.7-67.10.src.rpm i386: ef330bb1d8adca39bea3b3238f4bef39 tetex-1.0.7-67.10.i386.rpm 2b96107e9346a5bb12c7a056367dabb5 tetex-afm-1.0.7-67.10.i386.rpm 7e004f237006c95b3c940bef07ee1c61 tetex-debuginfo-1.0.7-67.10.i386.rpm ffdba625e8b18d0cce239b0670c32ff0 tetex-dvips-1.0.7-67.10.i386.rpm 8bc7ff599a657096d0b8ff760edbeaee tetex-fonts-1.0.7-67.10.i386.rpm 030e64d66e533dfe15db359d0c205657 tetex-latex-1.0.7-67.10.i386.rpm b8fd53dbe233ef9bfe50cf79d1d59c17 tetex-xdvi-1.0.7-67.10.i386.rpm ia64: ef6fb8731648a97ea3e48d86233b878f tetex-1.0.7-67.10.ia64.rpm c64cdcae4f8e5b501f620e8068f52701 tetex-afm-1.0.7-67.10.ia64.rpm 3d5a6c427b0d3806f711ca91c624d0cd tetex-debuginfo-1.0.7-67.10.ia64.rpm 6b9192f2ed5e7bc760ae62232311f3c4 tetex-dvips-1.0.7-67.10.ia64.rpm eec2ef4466c4d27f53503bc2a3bad1ff tetex-fonts-1.0.7-67.10.ia64.rpm 7625c9a13933e14fa0b7483efda311e8 tetex-latex-1.0.7-67.10.ia64.rpm 8f6eaf55d35c7941f3c9a8372b89a6ec tetex-xdvi-1.0.7-67.10.ia64.rpm x86_64: 455368464bd129649d9bc2806253db8c tetex-1.0.7-67.10.x86_64.rpm 11a0ab01f205305c76f2346749bfbb18 tetex-afm-1.0.7-67.10.x86_64.rpm 28a75c4f371b6b306a7e369be45ddd7d tetex-debuginfo-1.0.7-67.10.x86_64.rpm 19bc33ff02afc1c5f7ec461032c4df2c tetex-dvips-1.0.7-67.10.x86_64.rpm 23e3aebdb07b3dab4bf6b816d5d64934 tetex-fonts-1.0.7-67.10.x86_64.rpm b2d2607656210b023af65c58d9af2446 tetex-latex-1.0.7-67.10.x86_64.rpm cc66435076340bbea3790118c18b58c2 tetex-xdvi-1.0.7-67.10.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/tetex-1.0.7-67.10.src.rpm aa051257e1adb124b4b40c817b4946aa tetex-1.0.7-67.10.src.rpm i386: ef330bb1d8adca39bea3b3238f4bef39 tetex-1.0.7-67.10.i386.rpm 2b96107e9346a5bb12c7a056367dabb5 tetex-afm-1.0.7-67.10.i386.rpm 7e004f237006c95b3c940bef07ee1c61 tetex-debuginfo-1.0.7-67.10.i386.rpm ffdba625e8b18d0cce239b0670c32ff0 tetex-dvips-1.0.7-67.10.i386.rpm 8bc7ff599a657096d0b8ff760edbeaee tetex-fonts-1.0.7-67.10.i386.rpm 030e64d66e533dfe15db359d0c205657 tetex-latex-1.0.7-67.10.i386.rpm b8fd53dbe233ef9bfe50cf79d1d59c17 tetex-xdvi-1.0.7-67.10.i386.rpm ia64: ef6fb8731648a97ea3e48d86233b878f tetex-1.0.7-67.10.ia64.rpm c64cdcae4f8e5b501f620e8068f52701 tetex-afm-1.0.7-67.10.ia64.rpm 3d5a6c427b0d3806f711ca91c624d0cd tetex-debuginfo-1.0.7-67.10.ia64.rpm 6b9192f2ed5e7bc760ae62232311f3c4 tetex-dvips-1.0.7-67.10.ia64.rpm eec2ef4466c4d27f53503bc2a3bad1ff tetex-fonts-1.0.7-67.10.ia64.rpm 7625c9a13933e14fa0b7483efda311e8 tetex-latex-1.0.7-67.10.ia64.rpm 8f6eaf55d35c7941f3c9a8372b89a6ec tetex-xdvi-1.0.7-67.10.ia64.rpm x86_64: 455368464bd129649d9bc2806253db8c tetex-1.0.7-67.10.x86_64.rpm 11a0ab01f205305c76f2346749bfbb18 tetex-afm-1.0.7-67.10.x86_64.rpm 28a75c4f371b6b306a7e369be45ddd7d tetex-debuginfo-1.0.7-67.10.x86_64.rpm 19bc33ff02afc1c5f7ec461032c4df2c tetex-dvips-1.0.7-67.10.x86_64.rpm 23e3aebdb07b3dab4bf6b816d5d64934 tetex-fonts-1.0.7-67.10.x86_64.rpm b2d2607656210b023af65c58d9af2446 tetex-latex-1.0.7-67.10.x86_64.rpm cc66435076340bbea3790118c18b58c2 tetex-xdvi-1.0.7-67.10.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.8.src.rpm d22891936caaee9b0a1f8904d621bad9 tetex-2.0.2-22.0.1.EL4.8.src.rpm i386: e11eb1c95555d8239c93b13ab11164f0 tetex-2.0.2-22.0.1.EL4.8.i386.rpm 6103094e37bdee9992988b97ca02c413 tetex-afm-2.0.2-22.0.1.EL4.8.i386.rpm 07c8aa60382e205723d6cc2b552bfb34 tetex-debuginfo-2.0.2-22.0.1.EL4.8.i386.rpm 500281b0317abd5bf164eb6bf20011e2 tetex-doc-2.0.2-22.0.1.EL4.8.i386.rpm b07ad9cce3b97ac08a80cf212a4ca630 tetex-dvips-2.0.2-22.0.1.EL4.8.i386.rpm b252b69e19b246826595def610b8f632 tetex-fonts-2.0.2-22.0.1.EL4.8.i386.rpm 9d915de7153f08013c4ed7af0cc8f4b9 tetex-latex-2.0.2-22.0.1.EL4.8.i386.rpm 800f2d4e29c3f220a9edf77e101581e8 tetex-xdvi-2.0.2-22.0.1.EL4.8.i386.rpm ia64: 98d1fd34f88b229e0b4882aa946d1e5f tetex-2.0.2-22.0.1.EL4.8.ia64.rpm 802d156d0ea749eeea1ab27553441a8a tetex-afm-2.0.2-22.0.1.EL4.8.ia64.rpm 5def6cac33b7903a1baa7a1f1664c361 tetex-debuginfo-2.0.2-22.0.1.EL4.8.ia64.rpm 8dc4ff7c426efad6efd9633e75bbf31b tetex-doc-2.0.2-22.0.1.EL4.8.ia64.rpm 87b91b4bf6dc14c6d1b503c73399bc89 tetex-dvips-2.0.2-22.0.1.EL4.8.ia64.rpm 1a5c179d87d3b28ff44851418632e6ea tetex-fonts-2.0.2-22.0.1.EL4.8.ia64.rpm b7f9af76d587a82a8d238d7778f67d56 tetex-latex-2.0.2-22.0.1.EL4.8.ia64.rpm 35d2046f5a61a5c36aa60cb98a748ca9 tetex-xdvi-2.0.2-22.0.1.EL4.8.ia64.rpm ppc: 41fba98bdc96fb352295045cbf8ef4fe tetex-2.0.2-22.0.1.EL4.8.ppc.rpm 37acb9ab054b9651420b1e7a4f380b37 tetex-afm-2.0.2-22.0.1.EL4.8.ppc.rpm 3a3376ad095b5afeeb7db3f30b8b97b0 tetex-debuginfo-2.0.2-22.0.1.EL4.8.ppc.rpm 855c91ebe64ba049ff6fe9d1f84149d6 tetex-doc-2.0.2-22.0.1.EL4.8.ppc.rpm 0e1d95b93f3b1d3360e517da28441619 tetex-dvips-2.0.2-22.0.1.EL4.8.ppc.rpm d0dcbb3f2cc07cdb8dacdaa6e3d849e1 tetex-fonts-2.0.2-22.0.1.EL4.8.ppc.rpm 07ad21219bded98e832e636ca35b66c2 tetex-latex-2.0.2-22.0.1.EL4.8.ppc.rpm d5a871cacd7e366242e319b712fcc151 tetex-xdvi-2.0.2-22.0.1.EL4.8.ppc.rpm s390: 69c0047c6c4be05412b58fbd8ac7851c tetex-2.0.2-22.0.1.EL4.8.s390.rpm 67350f9682719e45fb040a48f2000c5c tetex-afm-2.0.2-22.0.1.EL4.8.s390.rpm 73857ace8b20aa8c80078251f8da61b0 tetex-debuginfo-2.0.2-22.0.1.EL4.8.s390.rpm 02c8518c34d5b109941251d67a47341c tetex-doc-2.0.2-22.0.1.EL4.8.s390.rpm 23ac7d7397a7a6348cead1dbf3520fb1 tetex-dvips-2.0.2-22.0.1.EL4.8.s390.rpm b64ebb18cd1c92176e05f4d46a53af71 tetex-fonts-2.0.2-22.0.1.EL4.8.s390.rpm 086b3caf6d0eff8ffeeb89a847037196 tetex-latex-2.0.2-22.0.1.EL4.8.s390.rpm 7270e8e0229436bb907c7b175608bda3 tetex-xdvi-2.0.2-22.0.1.EL4.8.s390.rpm s390x: d2f11feb4ce37363a4e2ecd6c6ccaad6 tetex-2.0.2-22.0.1.EL4.8.s390x.rpm 5bda2752514e38aa2017ae2e8d138a4e tetex-afm-2.0.2-22.0.1.EL4.8.s390x.rpm ffc7f02f2d907a27f25c2f07d1617895 tetex-debuginfo-2.0.2-22.0.1.EL4.8.s390x.rpm c24e7250952677240375e5c5f0b157cc tetex-doc-2.0.2-22.0.1.EL4.8.s390x.rpm 5d3fb31447e1ae0a93d4fad4e5778d1b tetex-dvips-2.0.2-22.0.1.EL4.8.s390x.rpm 2a6c06dc7290e602566315bcf38796c6 tetex-fonts-2.0.2-22.0.1.EL4.8.s390x.rpm 31c0a8b85b4422023f25f690e944aa02 tetex-latex-2.0.2-22.0.1.EL4.8.s390x.rpm a1391809c498d0a3f2aadf43f87a7196 tetex-xdvi-2.0.2-22.0.1.EL4.8.s390x.rpm x86_64: 74d055662d126772655af14fb4eb470b tetex-2.0.2-22.0.1.EL4.8.x86_64.rpm 2158926f1107a4d76e9eadc818f4b38f tetex-afm-2.0.2-22.0.1.EL4.8.x86_64.rpm 7d6e8fc18a87b883225809b99f92a29a tetex-debuginfo-2.0.2-22.0.1.EL4.8.x86_64.rpm 090ee44d777701fab21c04f58a25496c tetex-doc-2.0.2-22.0.1.EL4.8.x86_64.rpm 2f44ce8826531ea9308c4d8af7373d00 tetex-dvips-2.0.2-22.0.1.EL4.8.x86_64.rpm 1a03b03417e600d7709f0c15b1597307 tetex-fonts-2.0.2-22.0.1.EL4.8.x86_64.rpm 8514918b3097d24c19bc08ca4e000f55 tetex-latex-2.0.2-22.0.1.EL4.8.x86_64.rpm 764dc905f12f77aff04c19d7e9bfe573 tetex-xdvi-2.0.2-22.0.1.EL4.8.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.8.src.rpm d22891936caaee9b0a1f8904d621bad9 tetex-2.0.2-22.0.1.EL4.8.src.rpm i386: e11eb1c95555d8239c93b13ab11164f0 tetex-2.0.2-22.0.1.EL4.8.i386.rpm 6103094e37bdee9992988b97ca02c413 tetex-afm-2.0.2-22.0.1.EL4.8.i386.rpm 07c8aa60382e205723d6cc2b552bfb34 tetex-debuginfo-2.0.2-22.0.1.EL4.8.i386.rpm 500281b0317abd5bf164eb6bf20011e2 tetex-doc-2.0.2-22.0.1.EL4.8.i386.rpm b07ad9cce3b97ac08a80cf212a4ca630 tetex-dvips-2.0.2-22.0.1.EL4.8.i386.rpm b252b69e19b246826595def610b8f632 tetex-fonts-2.0.2-22.0.1.EL4.8.i386.rpm 9d915de7153f08013c4ed7af0cc8f4b9 tetex-latex-2.0.2-22.0.1.EL4.8.i386.rpm 800f2d4e29c3f220a9edf77e101581e8 tetex-xdvi-2.0.2-22.0.1.EL4.8.i386.rpm x86_64: 74d055662d126772655af14fb4eb470b tetex-2.0.2-22.0.1.EL4.8.x86_64.rpm 2158926f1107a4d76e9eadc818f4b38f tetex-afm-2.0.2-22.0.1.EL4.8.x86_64.rpm 7d6e8fc18a87b883225809b99f92a29a tetex-debuginfo-2.0.2-22.0.1.EL4.8.x86_64.rpm 090ee44d777701fab21c04f58a25496c tetex-doc-2.0.2-22.0.1.EL4.8.x86_64.rpm 2f44ce8826531ea9308c4d8af7373d00 tetex-dvips-2.0.2-22.0.1.EL4.8.x86_64.rpm 1a03b03417e600d7709f0c15b1597307 tetex-fonts-2.0.2-22.0.1.EL4.8.x86_64.rpm 8514918b3097d24c19bc08ca4e000f55 tetex-latex-2.0.2-22.0.1.EL4.8.x86_64.rpm 764dc905f12f77aff04c19d7e9bfe573 tetex-xdvi-2.0.2-22.0.1.EL4.8.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.8.src.rpm d22891936caaee9b0a1f8904d621bad9 tetex-2.0.2-22.0.1.EL4.8.src.rpm i386: e11eb1c95555d8239c93b13ab11164f0 tetex-2.0.2-22.0.1.EL4.8.i386.rpm 6103094e37bdee9992988b97ca02c413 tetex-afm-2.0.2-22.0.1.EL4.8.i386.rpm 07c8aa60382e205723d6cc2b552bfb34 tetex-debuginfo-2.0.2-22.0.1.EL4.8.i386.rpm 500281b0317abd5bf164eb6bf20011e2 tetex-doc-2.0.2-22.0.1.EL4.8.i386.rpm b07ad9cce3b97ac08a80cf212a4ca630 tetex-dvips-2.0.2-22.0.1.EL4.8.i386.rpm b252b69e19b246826595def610b8f632 tetex-fonts-2.0.2-22.0.1.EL4.8.i386.rpm 9d915de7153f08013c4ed7af0cc8f4b9 tetex-latex-2.0.2-22.0.1.EL4.8.i386.rpm 800f2d4e29c3f220a9edf77e101581e8 tetex-xdvi-2.0.2-22.0.1.EL4.8.i386.rpm ia64: 98d1fd34f88b229e0b4882aa946d1e5f tetex-2.0.2-22.0.1.EL4.8.ia64.rpm 802d156d0ea749eeea1ab27553441a8a tetex-afm-2.0.2-22.0.1.EL4.8.ia64.rpm 5def6cac33b7903a1baa7a1f1664c361 tetex-debuginfo-2.0.2-22.0.1.EL4.8.ia64.rpm 8dc4ff7c426efad6efd9633e75bbf31b tetex-doc-2.0.2-22.0.1.EL4.8.ia64.rpm 87b91b4bf6dc14c6d1b503c73399bc89 tetex-dvips-2.0.2-22.0.1.EL4.8.ia64.rpm 1a5c179d87d3b28ff44851418632e6ea tetex-fonts-2.0.2-22.0.1.EL4.8.ia64.rpm b7f9af76d587a82a8d238d7778f67d56 tetex-latex-2.0.2-22.0.1.EL4.8.ia64.rpm 35d2046f5a61a5c36aa60cb98a748ca9 tetex-xdvi-2.0.2-22.0.1.EL4.8.ia64.rpm x86_64: 74d055662d126772655af14fb4eb470b tetex-2.0.2-22.0.1.EL4.8.x86_64.rpm 2158926f1107a4d76e9eadc818f4b38f tetex-afm-2.0.2-22.0.1.EL4.8.x86_64.rpm 7d6e8fc18a87b883225809b99f92a29a tetex-debuginfo-2.0.2-22.0.1.EL4.8.x86_64.rpm 090ee44d777701fab21c04f58a25496c tetex-doc-2.0.2-22.0.1.EL4.8.x86_64.rpm 2f44ce8826531ea9308c4d8af7373d00 tetex-dvips-2.0.2-22.0.1.EL4.8.x86_64.rpm 1a03b03417e600d7709f0c15b1597307 tetex-fonts-2.0.2-22.0.1.EL4.8.x86_64.rpm 8514918b3097d24c19bc08ca4e000f55 tetex-latex-2.0.2-22.0.1.EL4.8.x86_64.rpm 764dc905f12f77aff04c19d7e9bfe573 tetex-xdvi-2.0.2-22.0.1.EL4.8.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tetex-2.0.2-22.0.1.EL4.8.src.rpm d22891936caaee9b0a1f8904d621bad9 tetex-2.0.2-22.0.1.EL4.8.src.rpm i386: e11eb1c95555d8239c93b13ab11164f0 tetex-2.0.2-22.0.1.EL4.8.i386.rpm 6103094e37bdee9992988b97ca02c413 tetex-afm-2.0.2-22.0.1.EL4.8.i386.rpm 07c8aa60382e205723d6cc2b552bfb34 tetex-debuginfo-2.0.2-22.0.1.EL4.8.i386.rpm 500281b0317abd5bf164eb6bf20011e2 tetex-doc-2.0.2-22.0.1.EL4.8.i386.rpm b07ad9cce3b97ac08a80cf212a4ca630 tetex-dvips-2.0.2-22.0.1.EL4.8.i386.rpm b252b69e19b246826595def610b8f632 tetex-fonts-2.0.2-22.0.1.EL4.8.i386.rpm 9d915de7153f08013c4ed7af0cc8f4b9 tetex-latex-2.0.2-22.0.1.EL4.8.i386.rpm 800f2d4e29c3f220a9edf77e101581e8 tetex-xdvi-2.0.2-22.0.1.EL4.8.i386.rpm ia64: 98d1fd34f88b229e0b4882aa946d1e5f tetex-2.0.2-22.0.1.EL4.8.ia64.rpm 802d156d0ea749eeea1ab27553441a8a tetex-afm-2.0.2-22.0.1.EL4.8.ia64.rpm 5def6cac33b7903a1baa7a1f1664c361 tetex-debuginfo-2.0.2-22.0.1.EL4.8.ia64.rpm 8dc4ff7c426efad6efd9633e75bbf31b tetex-doc-2.0.2-22.0.1.EL4.8.ia64.rpm 87b91b4bf6dc14c6d1b503c73399bc89 tetex-dvips-2.0.2-22.0.1.EL4.8.ia64.rpm 1a5c179d87d3b28ff44851418632e6ea tetex-fonts-2.0.2-22.0.1.EL4.8.ia64.rpm b7f9af76d587a82a8d238d7778f67d56 tetex-latex-2.0.2-22.0.1.EL4.8.ia64.rpm 35d2046f5a61a5c36aa60cb98a748ca9 tetex-xdvi-2.0.2-22.0.1.EL4.8.ia64.rpm x86_64: 74d055662d126772655af14fb4eb470b tetex-2.0.2-22.0.1.EL4.8.x86_64.rpm 2158926f1107a4d76e9eadc818f4b38f tetex-afm-2.0.2-22.0.1.EL4.8.x86_64.rpm 7d6e8fc18a87b883225809b99f92a29a tetex-debuginfo-2.0.2-22.0.1.EL4.8.x86_64.rpm 090ee44d777701fab21c04f58a25496c tetex-doc-2.0.2-22.0.1.EL4.8.x86_64.rpm 2f44ce8826531ea9308c4d8af7373d00 tetex-dvips-2.0.2-22.0.1.EL4.8.x86_64.rpm 1a03b03417e600d7709f0c15b1597307 tetex-fonts-2.0.2-22.0.1.EL4.8.x86_64.rpm 8514918b3097d24c19bc08ca4e000f55 tetex-latex-2.0.2-22.0.1.EL4.8.x86_64.rpm 764dc905f12f77aff04c19d7e9bfe573 tetex-xdvi-2.0.2-22.0.1.EL4.8.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tetex-3.0-33.1.el5.src.rpm f80f3bd22227730cbebf6414d9b2fbe7 tetex-3.0-33.1.el5.src.rpm i386: 54a5e38a2a488bb0a376d981e3604abb tetex-3.0-33.1.el5.i386.rpm 05f978a76fc1ff18672547ce6ab31442 tetex-afm-3.0-33.1.el5.i386.rpm a64d4c42dcfc1dd603bca28e5b0c3f86 tetex-debuginfo-3.0-33.1.el5.i386.rpm 441412eb4adce9ba33bb5ab48d1dd81a tetex-doc-3.0-33.1.el5.i386.rpm ace6d8e471f744a2ea0007deebe2d7c5 tetex-dvips-3.0-33.1.el5.i386.rpm 7a378bca083c0e97a7cfe8ec4b1a2d9a tetex-fonts-3.0-33.1.el5.i386.rpm b4ec28f6b46f4189357c9fd32eff6b25 tetex-latex-3.0-33.1.el5.i386.rpm f5eee82a21f5c4912fefa91ddcdf4dc4 tetex-xdvi-3.0-33.1.el5.i386.rpm x86_64: c7a0e303815fb05e8f3c800476a03d11 tetex-3.0-33.1.el5.x86_64.rpm 1b8fe98648ebc5dc6569cda9bdb77318 tetex-afm-3.0-33.1.el5.x86_64.rpm a3e242db46c3622ca20a5b7023748f4b tetex-debuginfo-3.0-33.1.el5.x86_64.rpm 03930942bae9c6ad1becee3d8153e7f1 tetex-doc-3.0-33.1.el5.x86_64.rpm 45bfdf7cb324f3241b057c5090366e8e tetex-dvips-3.0-33.1.el5.x86_64.rpm 1a1e8d16af89ce84fcfda59c025e39d5 tetex-fonts-3.0-33.1.el5.x86_64.rpm 8604b028ab199297bad27be984545379 tetex-latex-3.0-33.1.el5.x86_64.rpm b177a51a6caa6362d270a182fc1490c8 tetex-xdvi-3.0-33.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tetex-3.0-33.1.el5.src.rpm f80f3bd22227730cbebf6414d9b2fbe7 tetex-3.0-33.1.el5.src.rpm i386: 54a5e38a2a488bb0a376d981e3604abb tetex-3.0-33.1.el5.i386.rpm 05f978a76fc1ff18672547ce6ab31442 tetex-afm-3.0-33.1.el5.i386.rpm a64d4c42dcfc1dd603bca28e5b0c3f86 tetex-debuginfo-3.0-33.1.el5.i386.rpm 441412eb4adce9ba33bb5ab48d1dd81a tetex-doc-3.0-33.1.el5.i386.rpm ace6d8e471f744a2ea0007deebe2d7c5 tetex-dvips-3.0-33.1.el5.i386.rpm 7a378bca083c0e97a7cfe8ec4b1a2d9a tetex-fonts-3.0-33.1.el5.i386.rpm b4ec28f6b46f4189357c9fd32eff6b25 tetex-latex-3.0-33.1.el5.i386.rpm f5eee82a21f5c4912fefa91ddcdf4dc4 tetex-xdvi-3.0-33.1.el5.i386.rpm ia64: 02290c6f68db5728b077b0019fee677d tetex-3.0-33.1.el5.ia64.rpm d784f69dee3c2bf0f27352a8d8db7a4f tetex-afm-3.0-33.1.el5.ia64.rpm c14809e02f3fe563297cf505f404ce94 tetex-debuginfo-3.0-33.1.el5.ia64.rpm 6aaac9512c0e16a62cd72760592e87dd tetex-doc-3.0-33.1.el5.ia64.rpm 1093c011c1b0bff134aef07b6956f540 tetex-dvips-3.0-33.1.el5.ia64.rpm c5b6792355e08133baa1eff46374a58e tetex-fonts-3.0-33.1.el5.ia64.rpm 27d39e868d32346e57baf101ff00c8f0 tetex-latex-3.0-33.1.el5.ia64.rpm d55aa2928ab4fbd5fc3ba2aec16ecd65 tetex-xdvi-3.0-33.1.el5.ia64.rpm ppc: 7dfbfbfaf365cad8b6bf35b48e9d390e tetex-3.0-33.1.el5.ppc.rpm 87ad19afe139407675cd1e24cd09b2dd tetex-afm-3.0-33.1.el5.ppc.rpm 89ac61fa3cd46abdab778b01a6914aa1 tetex-debuginfo-3.0-33.1.el5.ppc.rpm 5a196de61e29832c3ee847c0ebc5c203 tetex-doc-3.0-33.1.el5.ppc.rpm 758207d08488332a84910d46d74d8683 tetex-dvips-3.0-33.1.el5.ppc.rpm 65fd777f417bace1eb56c5f5c917f92a tetex-fonts-3.0-33.1.el5.ppc.rpm 6ad6de1466bdfcd381a9b8f443dd165b tetex-latex-3.0-33.1.el5.ppc.rpm c16d3110c817b39b89177d6ebcfb3077 tetex-xdvi-3.0-33.1.el5.ppc.rpm s390x: 2d41ad9934fb9694a9626b13c1a312ea tetex-3.0-33.1.el5.s390x.rpm 78d17f1a06b42a5c9e28688140022a12 tetex-afm-3.0-33.1.el5.s390x.rpm a762afb30c84b718dabebfac331c74c7 tetex-debuginfo-3.0-33.1.el5.s390x.rpm b1066270a1d2fba42ad69ec91641cb1a tetex-doc-3.0-33.1.el5.s390x.rpm d0aa9befba9a1e5ee05e97ce40631c2f tetex-dvips-3.0-33.1.el5.s390x.rpm c3566ee0142804c676f430d24c70196a tetex-fonts-3.0-33.1.el5.s390x.rpm bb4e8bdf58fb8abf6b455e5f81e3a107 tetex-latex-3.0-33.1.el5.s390x.rpm 2d811176b7b4ee6349427e42804a45e0 tetex-xdvi-3.0-33.1.el5.s390x.rpm x86_64: c7a0e303815fb05e8f3c800476a03d11 tetex-3.0-33.1.el5.x86_64.rpm 1b8fe98648ebc5dc6569cda9bdb77318 tetex-afm-3.0-33.1.el5.x86_64.rpm a3e242db46c3622ca20a5b7023748f4b tetex-debuginfo-3.0-33.1.el5.x86_64.rpm 03930942bae9c6ad1becee3d8153e7f1 tetex-doc-3.0-33.1.el5.x86_64.rpm 45bfdf7cb324f3241b057c5090366e8e tetex-dvips-3.0-33.1.el5.x86_64.rpm 1a1e8d16af89ce84fcfda59c025e39d5 tetex-fonts-3.0-33.1.el5.x86_64.rpm 8604b028ab199297bad27be984545379 tetex-latex-3.0-33.1.el5.x86_64.rpm b177a51a6caa6362d270a182fc1490c8 tetex-xdvi-3.0-33.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGsFcbXlSAg2UNWIIRAhxRAKCLXPGI1P1u78SMdAPmm6G3NaZ2zACfekcr 2iCREbMyKORFCthiJynwfLs= =dcde -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 6 16:02:25 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 6 Aug 2007 12:02:25 -0400 Subject: [RHSA-2007:0817-01] Critical: java-1.4.2-ibm security update Message-ID: <200708061602.l76G2Prr009483@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: java-1.4.2-ibm security update Advisory ID: RHSA-2007:0817-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0817.html Issue date: 2007-08-06 Updated on: 2007-08-06 Product: Red Hat Enterprise Linux Extras CVE Names: CVE-2007-2435 CVE-2007-3004 CVE-2007-3005 - --------------------------------------------------------------------- 1. Summary: Updated java-1.4.2-ibm packages to correct a set of security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras and Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: IBM's 1.4.2 SR9 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges and read and write local files that are accessible to the user running the Java Web Start application. (CVE-2007-2435) A buffer overflow in the image code JRE was found. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-3004) An unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005) All users of java-1.4.2-ibm should upgrade to these updated packages, which contain IBM's 1.4.2 SR9 Java release that resolves these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239660 - CVE-2007-2435 javaws vulnerabilities 242595 - CVE-2007-3004 Integer overflow in IBM JDK's ICC profile parser 250733 - CVE-2007-3005 Unspecified vulnerability in Sun JRE 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: 04d6aaa0e35b72a9fcbb26556e71d275 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm af77d5f5efc2045d1de2081d1f7d2877 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm 97c5722ffe804320d3b2b95d4bbabe14 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm 3b8d8baba5c1f8683e7e7169316e3f7b java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm 98be4d2efd4207eb5c14af2a1ed01273 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm 7abcc004e56e3ef9b5d25f1d44a27ac4 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm ia64: 28fd99945922f62819cdde53dc8c26f2 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm 9f3422da8ff2ee61cde668980a969f6b java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm 9cc9e19e8ee61b664509b79205b00c67 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm bbc24a0238d1049c76aa77b9170f48a7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm ppc: eea69ed310a82c164df1b4b57110df9b java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ppc.rpm ee44bc2fdc05ba8ad0d9b2af4c8cad56 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ppc.rpm 13b485208b33de64bb321f4529737a38 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ppc.rpm e6b9678c457b74b1402849110c1dd7b6 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.ppc.rpm f909cd07c1e2fbb4df8c43b2ca454bef java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ppc.rpm s390: 698b798d3149ad6868dc16e5ead5f412 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.s390.rpm 1a33df8f327b8f5de85a1fda08b12bac java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.s390.rpm 0832912c6cfdcd49c86ee807c9dfa683 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.s390.rpm 104da246f95aad972d70e691ac3a29de java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.s390.rpm 28309a6e082b8bc8f789681a8af6f19b java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.s390.rpm s390x: 3557540555757add01b2ae6fda4ff0f9 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.s390x.rpm b7c0d9ed6dd2bc96e81a6eb0362d9748 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.s390x.rpm 76dd258107957a7f89d7e08d49fd6314 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.s390x.rpm 7dc3ebff448fad2d338e206271b58304 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.s390x.rpm x86_64: 6830bcddf09b1f5b3ea96108fc948dbf java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm d37b3a02f640c144db3e5109ff378bb2 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm c21b94384213124b94888334e3813ead java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm c15efbe3f0688159bd2569ec66271c75 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm Red Hat Desktop version 3 Extras: i386: 04d6aaa0e35b72a9fcbb26556e71d275 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm af77d5f5efc2045d1de2081d1f7d2877 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm 97c5722ffe804320d3b2b95d4bbabe14 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm 3b8d8baba5c1f8683e7e7169316e3f7b java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm 98be4d2efd4207eb5c14af2a1ed01273 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm 7abcc004e56e3ef9b5d25f1d44a27ac4 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm x86_64: 6830bcddf09b1f5b3ea96108fc948dbf java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm d37b3a02f640c144db3e5109ff378bb2 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm c21b94384213124b94888334e3813ead java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm c15efbe3f0688159bd2569ec66271c75 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: 04d6aaa0e35b72a9fcbb26556e71d275 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm af77d5f5efc2045d1de2081d1f7d2877 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm 97c5722ffe804320d3b2b95d4bbabe14 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm 3b8d8baba5c1f8683e7e7169316e3f7b java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm 98be4d2efd4207eb5c14af2a1ed01273 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm 7abcc004e56e3ef9b5d25f1d44a27ac4 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm ia64: 28fd99945922f62819cdde53dc8c26f2 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm 9f3422da8ff2ee61cde668980a969f6b java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm 9cc9e19e8ee61b664509b79205b00c67 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm bbc24a0238d1049c76aa77b9170f48a7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm x86_64: 6830bcddf09b1f5b3ea96108fc948dbf java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm d37b3a02f640c144db3e5109ff378bb2 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm c21b94384213124b94888334e3813ead java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm c15efbe3f0688159bd2569ec66271c75 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: 04d6aaa0e35b72a9fcbb26556e71d275 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.i386.rpm af77d5f5efc2045d1de2081d1f7d2877 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.i386.rpm 97c5722ffe804320d3b2b95d4bbabe14 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.i386.rpm 3b8d8baba5c1f8683e7e7169316e3f7b java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el3.i386.rpm 98be4d2efd4207eb5c14af2a1ed01273 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el3.i386.rpm 7abcc004e56e3ef9b5d25f1d44a27ac4 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.i386.rpm ia64: 28fd99945922f62819cdde53dc8c26f2 java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.ia64.rpm 9f3422da8ff2ee61cde668980a969f6b java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.ia64.rpm 9cc9e19e8ee61b664509b79205b00c67 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.ia64.rpm bbc24a0238d1049c76aa77b9170f48a7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.ia64.rpm x86_64: 6830bcddf09b1f5b3ea96108fc948dbf java-1.4.2-ibm-1.4.2.9-1jpp.1.el3.x86_64.rpm d37b3a02f640c144db3e5109ff378bb2 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el3.x86_64.rpm c21b94384213124b94888334e3813ead java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el3.x86_64.rpm c15efbe3f0688159bd2569ec66271c75 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: dc5c639d0ffc69a9dc6054986d0f7475 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm 30077208696e807cc3fd50c1af192de8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm fef1778b81adb71eb73437cfb4375892 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm c03b768872cd8eccb3cddc98c2654408 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm 550ff485591ba3c3d79eec5cdf305592 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm 7c14ae33ef713e6fdddd8093595712c6 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm a882f82ec8215d688376b61186c73c7d java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm ia64: 200cef2c0b764383cc9b00c0131eced0 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm 92ad04fc150ff942b5fbd02de914476a java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm b39d988fb71a3ad7f3b94cee4a73337a java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm fbd5ac19e981070bed2eecd9c4dfccc7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm ppc: f8b356b07b6edd2af7dd7b5ca19b36e5 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ppc.rpm 4c482370c1a6fc4f71d8885a8598002b java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ppc.rpm 6a5b40eac28f8899e3ad9378aff01fcc java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ppc.rpm 9e812a14d0adbda73ee7893be0a1afe9 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.ppc.rpm e9d869110b70abe0a18c27113f239ef8 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.ppc.rpm c6a5ad813da228bcbbb6445ff8861817 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ppc.rpm s390: 8f039da92cf7abe6975859305066c6e7 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.s390.rpm 5587c21573c5de701892f00afdd52eaa java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.s390.rpm 0cc40a77b459ba9df3c4afcff24b9288 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.s390.rpm fb72a845f271dab0536f7ec6948b0547 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.s390.rpm 92aaa906ec0ba878f8cf13af190dbfed java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.s390.rpm s390x: 1e475ebdb1de79748e624a8b2e9874b4 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.s390x.rpm 5d0db452691514a9f71308bd586793b1 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.s390x.rpm 19a8570abda75c4e9695d57c7cf726f0 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.s390x.rpm 133e3831107a210bb5025a655f86bd83 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.s390x.rpm x86_64: 4c6ea77f4aa9dee1d179eed9ba430505 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm 2ee0348630bfcbebca49f76786061eb8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm 30c9b862fed96cf27f71090b86c72064 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm 60f014e4fa9795fcca9437b337fbe6ed java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm 837efa21fabbea9845bde8aa6a6a1fda java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: dc5c639d0ffc69a9dc6054986d0f7475 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm 30077208696e807cc3fd50c1af192de8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm fef1778b81adb71eb73437cfb4375892 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm c03b768872cd8eccb3cddc98c2654408 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm 550ff485591ba3c3d79eec5cdf305592 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm 7c14ae33ef713e6fdddd8093595712c6 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm a882f82ec8215d688376b61186c73c7d java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm x86_64: 4c6ea77f4aa9dee1d179eed9ba430505 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm 2ee0348630bfcbebca49f76786061eb8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm 30c9b862fed96cf27f71090b86c72064 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm 60f014e4fa9795fcca9437b337fbe6ed java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm 837efa21fabbea9845bde8aa6a6a1fda java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: dc5c639d0ffc69a9dc6054986d0f7475 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm 30077208696e807cc3fd50c1af192de8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm fef1778b81adb71eb73437cfb4375892 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm c03b768872cd8eccb3cddc98c2654408 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm 550ff485591ba3c3d79eec5cdf305592 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm 7c14ae33ef713e6fdddd8093595712c6 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm a882f82ec8215d688376b61186c73c7d java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm ia64: 200cef2c0b764383cc9b00c0131eced0 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm 92ad04fc150ff942b5fbd02de914476a java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm b39d988fb71a3ad7f3b94cee4a73337a java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm fbd5ac19e981070bed2eecd9c4dfccc7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm x86_64: 4c6ea77f4aa9dee1d179eed9ba430505 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm 2ee0348630bfcbebca49f76786061eb8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm 30c9b862fed96cf27f71090b86c72064 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm 60f014e4fa9795fcca9437b337fbe6ed java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm 837efa21fabbea9845bde8aa6a6a1fda java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: dc5c639d0ffc69a9dc6054986d0f7475 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.i386.rpm 30077208696e807cc3fd50c1af192de8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.i386.rpm fef1778b81adb71eb73437cfb4375892 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.i386.rpm c03b768872cd8eccb3cddc98c2654408 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.i386.rpm 550ff485591ba3c3d79eec5cdf305592 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el4.i386.rpm 7c14ae33ef713e6fdddd8093595712c6 java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el4.i386.rpm a882f82ec8215d688376b61186c73c7d java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.i386.rpm ia64: 200cef2c0b764383cc9b00c0131eced0 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.ia64.rpm 92ad04fc150ff942b5fbd02de914476a java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.ia64.rpm b39d988fb71a3ad7f3b94cee4a73337a java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.ia64.rpm fbd5ac19e981070bed2eecd9c4dfccc7 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.ia64.rpm x86_64: 4c6ea77f4aa9dee1d179eed9ba430505 java-1.4.2-ibm-1.4.2.9-1jpp.1.el4.x86_64.rpm 2ee0348630bfcbebca49f76786061eb8 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el4.x86_64.rpm 30c9b862fed96cf27f71090b86c72064 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el4.x86_64.rpm 60f014e4fa9795fcca9437b337fbe6ed java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el4.x86_64.rpm 837efa21fabbea9845bde8aa6a6a1fda java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: 09116a45671e40aa02acb83b8d0a274c java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm e4e6fa8acec2491b79b7134e93fcab90 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm f9eeab316a0b44cc847964ae1d65a753 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm d212edbfd0055954b5b5694a279be44b java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm c3f8887f3e6446838b3d53422b3a3801 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm 0b164d3ebdb9a1d4ee716ac48815b20f java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm dc72bb7d22d3404f9b0d201ecf648840 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm x86_64: 09116a45671e40aa02acb83b8d0a274c java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm 32e854ab75529c0b12ffa6eb24b56c96 java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.x86_64.rpm e4e6fa8acec2491b79b7134e93fcab90 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm dfe142d85599cc1c9284a36585510002 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.x86_64.rpm f9eeab316a0b44cc847964ae1d65a753 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm 18abda7de9e8e1c76289968b8ce70c41 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.x86_64.rpm d212edbfd0055954b5b5694a279be44b java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm afaa3ad14061190b608695a156814ff4 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.x86_64.rpm c3f8887f3e6446838b3d53422b3a3801 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm 0b164d3ebdb9a1d4ee716ac48815b20f java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm dc72bb7d22d3404f9b0d201ecf648840 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm 02a72071be89fc4cfaf2ecdc1ec0eb57 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: 09116a45671e40aa02acb83b8d0a274c java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm e4e6fa8acec2491b79b7134e93fcab90 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm f9eeab316a0b44cc847964ae1d65a753 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm d212edbfd0055954b5b5694a279be44b java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm c3f8887f3e6446838b3d53422b3a3801 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm 0b164d3ebdb9a1d4ee716ac48815b20f java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm dc72bb7d22d3404f9b0d201ecf648840 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm ia64: 57dba8bc18e836f7179b11115a213f49 java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.ia64.rpm 3173f4e9b97ef2f7df3540c4170c973b java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.ia64.rpm c1800547b9f47ca93b7686b57316d41d java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.ia64.rpm 253f413e52a0fdf89cd07fac94ec5e9d java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.ia64.rpm ppc: 1965d15b0c908cc9d07a48696fdbb9a3 java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.ppc.rpm a6d6153b3d25af95933454b31197fb0d java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.ppc.rpm 0b43e5c4c4fa3c5c76cf6d34808b3e1b java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.ppc.rpm 4d5417ee08f04e3c12f681915fd5dbca java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.ppc.rpm b0792fc9e2ca0a01be794b2a4b296fea java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.ppc.rpm 2d2af04c794a99cf75f377c62fe9de13 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.ppc.rpm s390x: bf0da84249812dec7a4dbd35a1abda89 java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.s390.rpm ae355d6314ab28f7095019cddeec4c2c java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.s390x.rpm 3b5664fea9196ae82ce73cc91bb2e35e java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.s390.rpm fc727367c7a3b824399d01a0af29b5bb java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.s390x.rpm 1d40bcc2eb48e69f6e099dff5251be6a java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.s390.rpm 1efe6724c6fb070f654ca5755aeae5fe java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.s390x.rpm 42a212086a95424bd78c3301fc2195ed java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.s390.rpm 8c669c0fc5d078e549a78a394b1904bf java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.s390.rpm 45f128e1c8763bbb27566367fed6adcb java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.s390x.rpm x86_64: 09116a45671e40aa02acb83b8d0a274c java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.i386.rpm 32e854ab75529c0b12ffa6eb24b56c96 java-1.4.2-ibm-1.4.2.9-1jpp.1.el5.x86_64.rpm e4e6fa8acec2491b79b7134e93fcab90 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.i386.rpm dfe142d85599cc1c9284a36585510002 java-1.4.2-ibm-demo-1.4.2.9-1jpp.1.el5.x86_64.rpm f9eeab316a0b44cc847964ae1d65a753 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.i386.rpm 18abda7de9e8e1c76289968b8ce70c41 java-1.4.2-ibm-devel-1.4.2.9-1jpp.1.el5.x86_64.rpm d212edbfd0055954b5b5694a279be44b java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.i386.rpm afaa3ad14061190b608695a156814ff4 java-1.4.2-ibm-javacomm-1.4.2.9-1jpp.1.el5.x86_64.rpm c3f8887f3e6446838b3d53422b3a3801 java-1.4.2-ibm-jdbc-1.4.2.9-1jpp.1.el5.i386.rpm 0b164d3ebdb9a1d4ee716ac48815b20f java-1.4.2-ibm-plugin-1.4.2.9-1jpp.1.el5.i386.rpm dc72bb7d22d3404f9b0d201ecf648840 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.i386.rpm 02a72071be89fc4cfaf2ecdc1ec0eb57 java-1.4.2-ibm-src-1.4.2.9-1jpp.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2435 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3004 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3005 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGt0YKXlSAg2UNWIIRAjFaAJ9xQ+XxjrkKzadAQOQBHMZDUFHTbACgu9CI T6Bze0TcMY1aeR+D9CG5oXY= =D7qk -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Aug 6 16:02:34 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 6 Aug 2007 12:02:34 -0400 Subject: [RHSA-2007:0818-01] Critical: java-1.5.0-sun security update Message-ID: <200708061602.l76G2Yek009490@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: java-1.5.0-sun security update Advisory ID: RHSA-2007:0818-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0818.html Issue date: 2007-08-06 Updated on: 2007-08-06 Product: Red Hat Enterprise Linux Extras CVE Names: CVE-2007-3503 CVE-2007-3655 CVE-2007-3698 CVE-2007-3922 - --------------------------------------------------------------------- 1. Summary: Updated java-1.5.0-sun packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Problem description: The Java Runtime Environment (JRE) contains the software and tools that users need to run applets and applications written using the Java programming language. The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503) The Java Web Start URL parsing component contained a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655) The JSSE component did not correctly process SSL/TLS handshake requests. A remote attacker who is able to connect to a JSSE-based service could trigger this flaw leading to a denial-of-service. (CVE-2007-3698) A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. (CVE-2007-3922) All users of java-sun-1.5.0 should upgrade to these packages, which contain Sun Java 1.5.0 Update 12 that corrects these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 246765 - CVE-2007-3503 HTML files generated with Javadoc are vulnerable to a XSS 248864 - CVE-2007-3655 A buffer overflow vulnerability in Java Web Start URL parsing code 249533 - CVE-2007-3922 Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions 249539 - CVE-2007-3698 Java Secure Socket Extension Does Not Correctly Process SSL/TLS Handshake Requests Resulting in a Denial of Service (DoS) Condition 6. RPMs required: Red Hat Enterprise Linux AS version 4 Extras: SRPMS: ftp://updates.redhat.com/enterprise/4AS-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm b7f11fc62108de501691fe189ff28d4d java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm i386: 5288f89064913e18146ab506c59b9f21 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm f5348203e78aa64ad19435b0648feaac java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm 83ce83af56148830f7f180c3a130b2ff java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm 5e35a59d97f96e946e6041029dc2c18e java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm e8523c770f5d5e132f805a412de1e4d4 java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm 47475bcd46e37bad046fa7eb26e75c83 java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm x86_64: c75ff10faf480c14455e17d19429e762 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm ee527a32217fb56fce9c52080959cd2a java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm 294fbe07c37991b3757e30926b1b9c46 java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm 8280e5a0c39c55fd8c4cedf1ad0f8b23 java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm 60247d67a91aac8d1bc998c4a076bfab java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm Red Hat Desktop version 4 Extras: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm b7f11fc62108de501691fe189ff28d4d java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm i386: 5288f89064913e18146ab506c59b9f21 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm f5348203e78aa64ad19435b0648feaac java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm 83ce83af56148830f7f180c3a130b2ff java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm 5e35a59d97f96e946e6041029dc2c18e java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm e8523c770f5d5e132f805a412de1e4d4 java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm 47475bcd46e37bad046fa7eb26e75c83 java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm x86_64: c75ff10faf480c14455e17d19429e762 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm ee527a32217fb56fce9c52080959cd2a java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm 294fbe07c37991b3757e30926b1b9c46 java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm 8280e5a0c39c55fd8c4cedf1ad0f8b23 java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm 60247d67a91aac8d1bc998c4a076bfab java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: SRPMS: ftp://updates.redhat.com/enterprise/4ES-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm b7f11fc62108de501691fe189ff28d4d java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm i386: 5288f89064913e18146ab506c59b9f21 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm f5348203e78aa64ad19435b0648feaac java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm 83ce83af56148830f7f180c3a130b2ff java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm 5e35a59d97f96e946e6041029dc2c18e java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm e8523c770f5d5e132f805a412de1e4d4 java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm 47475bcd46e37bad046fa7eb26e75c83 java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm x86_64: c75ff10faf480c14455e17d19429e762 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm ee527a32217fb56fce9c52080959cd2a java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm 294fbe07c37991b3757e30926b1b9c46 java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm 8280e5a0c39c55fd8c4cedf1ad0f8b23 java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm 60247d67a91aac8d1bc998c4a076bfab java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: SRPMS: ftp://updates.redhat.com/enterprise/4WS-LACD/en/os/SRPMS/java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm b7f11fc62108de501691fe189ff28d4d java-1.5.0-sun-1.5.0.12-1jpp.2.el4.src.rpm i386: 5288f89064913e18146ab506c59b9f21 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.i586.rpm f5348203e78aa64ad19435b0648feaac java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.i586.rpm 83ce83af56148830f7f180c3a130b2ff java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.i586.rpm 5e35a59d97f96e946e6041029dc2c18e java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.i586.rpm e8523c770f5d5e132f805a412de1e4d4 java-1.5.0-sun-plugin-1.5.0.12-1jpp.2.el4.i586.rpm 47475bcd46e37bad046fa7eb26e75c83 java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.i586.rpm x86_64: c75ff10faf480c14455e17d19429e762 java-1.5.0-sun-1.5.0.12-1jpp.2.el4.x86_64.rpm ee527a32217fb56fce9c52080959cd2a java-1.5.0-sun-demo-1.5.0.12-1jpp.2.el4.x86_64.rpm 294fbe07c37991b3757e30926b1b9c46 java-1.5.0-sun-devel-1.5.0.12-1jpp.2.el4.x86_64.rpm 8280e5a0c39c55fd8c4cedf1ad0f8b23 java-1.5.0-sun-jdbc-1.5.0.12-1jpp.2.el4.x86_64.rpm 60247d67a91aac8d1bc998c4a076bfab java-1.5.0-sun-src-1.5.0.12-1jpp.2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3503 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3698 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3922 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGt0YXXlSAg2UNWIIRAk7tAJ4wLagbEKeTr3fPQCHCK+5w8zsChwCfYVxP H5TPuAgc84HW7J2MnUkWBwA= =hN/8 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 7 19:42:42 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 7 Aug 2007 15:42:42 -0400 Subject: [RHSA-2007:0765-01] Moderate: libgtop2 security update Message-ID: <200708071942.l77Jgg9P003954@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: libgtop2 security update Advisory ID: RHSA-2007:0765-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0765.html Issue date: 2007-08-07 Updated on: 2007-08-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0235 - --------------------------------------------------------------------- 1. Summary: An updated libgtop2 package that fixes a security issue and a functionality bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The libgtop2 package contains a library for obtaining information about a running system, such as cpu, memory and disk usage; active processes; and PIDs. A flaw was found in the way libgtop2 handled long filenames mapped into the address space of a process. An attacker could execute arbitrary code on behalf of the user running gnome-system-monitor by executing a process and mapping a file with a specially crafted name into the processes' address space. (CVE-2007-0235) This update also fixes the following bug: * when a version of libgtop2 compiled to run on a 32-bit architecture was used to inspect a process running in 64-bit mode, it failed to report certain information regarding address space mapping correctly. All users of gnome-system-monitor are advised to upgrade to this updated libgtop2 package, which contains backported patches that resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 208265 - LTC27411-bad PROC_MAPS_FORMAT in libgtop2-devel 249884 - CVE-2007-0235 Stack overflow libgtop when pathname of mmap()-ed file is too long 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libgtop2-2.8.0-1.0.2.src.rpm 425c076a5c6159543fcfbc20b6fc9ac5 libgtop2-2.8.0-1.0.2.src.rpm i386: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 927a64489da48b73ea77de3f1edceae9 libgtop2-devel-2.8.0-1.0.2.i386.rpm ia64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5b264d5218d336cd65ba94587f84ac9b libgtop2-2.8.0-1.0.2.ia64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 89e40b3068d969b35628ccca1ac97603 libgtop2-debuginfo-2.8.0-1.0.2.ia64.rpm 48c3900aa97a2b7ccc3e2ddb2ca2b873 libgtop2-devel-2.8.0-1.0.2.ia64.rpm ppc: 52a4b97e907f6e6a090c1bd244d8e991 libgtop2-2.8.0-1.0.2.ppc.rpm 4a873066f7b56e010d70dfd0909842db libgtop2-2.8.0-1.0.2.ppc64.rpm 8f33ab89a037a0509942dd0bae36acc3 libgtop2-debuginfo-2.8.0-1.0.2.ppc.rpm db560f7f1864be584edf3d77da6d58cc libgtop2-debuginfo-2.8.0-1.0.2.ppc64.rpm 06bb7c0c7cfaaa0a853d678239c6e156 libgtop2-devel-2.8.0-1.0.2.ppc.rpm s390: 005d556948bc9d94f470a1ff94484261 libgtop2-2.8.0-1.0.2.s390.rpm 5240f27e5caf7197ac714410b0cda50c libgtop2-debuginfo-2.8.0-1.0.2.s390.rpm 1e307e77ebd76463fd59a5c654d41b88 libgtop2-devel-2.8.0-1.0.2.s390.rpm s390x: 005d556948bc9d94f470a1ff94484261 libgtop2-2.8.0-1.0.2.s390.rpm ad0bb6cc96630b89b32a37b1969aa7dc libgtop2-2.8.0-1.0.2.s390x.rpm 5240f27e5caf7197ac714410b0cda50c libgtop2-debuginfo-2.8.0-1.0.2.s390.rpm d1e6fde103b36457e5ce7e9b02f7786d libgtop2-debuginfo-2.8.0-1.0.2.s390x.rpm e80a1b3e4242255180db0c3347118d7a libgtop2-devel-2.8.0-1.0.2.s390x.rpm x86_64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 00f38cfe4a283753806b330b42b89920 libgtop2-2.8.0-1.0.2.x86_64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm e8bb1487e19c10449b4d129788254e99 libgtop2-debuginfo-2.8.0-1.0.2.x86_64.rpm 3fa1bfa0abb082308d18a4e52e79f564 libgtop2-devel-2.8.0-1.0.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libgtop2-2.8.0-1.0.2.src.rpm 425c076a5c6159543fcfbc20b6fc9ac5 libgtop2-2.8.0-1.0.2.src.rpm i386: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 927a64489da48b73ea77de3f1edceae9 libgtop2-devel-2.8.0-1.0.2.i386.rpm x86_64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 00f38cfe4a283753806b330b42b89920 libgtop2-2.8.0-1.0.2.x86_64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm e8bb1487e19c10449b4d129788254e99 libgtop2-debuginfo-2.8.0-1.0.2.x86_64.rpm 3fa1bfa0abb082308d18a4e52e79f564 libgtop2-devel-2.8.0-1.0.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libgtop2-2.8.0-1.0.2.src.rpm 425c076a5c6159543fcfbc20b6fc9ac5 libgtop2-2.8.0-1.0.2.src.rpm i386: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 927a64489da48b73ea77de3f1edceae9 libgtop2-devel-2.8.0-1.0.2.i386.rpm ia64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5b264d5218d336cd65ba94587f84ac9b libgtop2-2.8.0-1.0.2.ia64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 89e40b3068d969b35628ccca1ac97603 libgtop2-debuginfo-2.8.0-1.0.2.ia64.rpm 48c3900aa97a2b7ccc3e2ddb2ca2b873 libgtop2-devel-2.8.0-1.0.2.ia64.rpm x86_64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 00f38cfe4a283753806b330b42b89920 libgtop2-2.8.0-1.0.2.x86_64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm e8bb1487e19c10449b4d129788254e99 libgtop2-debuginfo-2.8.0-1.0.2.x86_64.rpm 3fa1bfa0abb082308d18a4e52e79f564 libgtop2-devel-2.8.0-1.0.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libgtop2-2.8.0-1.0.2.src.rpm 425c076a5c6159543fcfbc20b6fc9ac5 libgtop2-2.8.0-1.0.2.src.rpm i386: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 927a64489da48b73ea77de3f1edceae9 libgtop2-devel-2.8.0-1.0.2.i386.rpm ia64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 5b264d5218d336cd65ba94587f84ac9b libgtop2-2.8.0-1.0.2.ia64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm 89e40b3068d969b35628ccca1ac97603 libgtop2-debuginfo-2.8.0-1.0.2.ia64.rpm 48c3900aa97a2b7ccc3e2ddb2ca2b873 libgtop2-devel-2.8.0-1.0.2.ia64.rpm x86_64: e13f014a83e4f9a4c1aab65b9b26dd49 libgtop2-2.8.0-1.0.2.i386.rpm 00f38cfe4a283753806b330b42b89920 libgtop2-2.8.0-1.0.2.x86_64.rpm 5a25d86fce4de80332459a1f69fc47d4 libgtop2-debuginfo-2.8.0-1.0.2.i386.rpm e8bb1487e19c10449b4d129788254e99 libgtop2-debuginfo-2.8.0-1.0.2.x86_64.rpm 3fa1bfa0abb082308d18a4e52e79f564 libgtop2-devel-2.8.0-1.0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0235 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGuMsvXlSAg2UNWIIRAugjAJ0UOp0jq5S0jkH6R9HsP0n6s7QrWQCfXAR9 sr6MPYZbTr59wxYPNoGmvmM= =jzb9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 7 19:43:07 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 7 Aug 2007 15:43:07 -0400 Subject: [RHSA-2007:0777-01] Moderate: gdm security and bug fix update Message-ID: <200708071943.l77Jh7tt003976@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gdm security and bug fix update Advisory ID: RHSA-2007:0777-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0777.html Issue date: 2007-08-07 Updated on: 2007-08-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-3381 - --------------------------------------------------------------------- 1. Summary: An updated gdm package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. A flaw was found in the way Gdm listens on its unix domain socket. A local user could crash a running X session by writing malicious data to Gdm's unix domain socket. (CVE-2007-3381) All users of gdm should upgrade to this updated package, which contains a backported patch that resolves this issue. Red Hat would like to thank JLANTHEA for reporting this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 247655 - CVE-2007-3381 Gdm denial of service 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gdm-2.16.0-31.0.1.el5.src.rpm 219b844f9203ac31e4b077fa85e3c805 gdm-2.16.0-31.0.1.el5.src.rpm i386: 887b849a9ff2ec16736a15cd31b7c04e gdm-2.16.0-31.0.1.el5.i386.rpm 4c3485328c8057dae853522507fd06c8 gdm-debuginfo-2.16.0-31.0.1.el5.i386.rpm x86_64: 209397467cf496efbe51c289077f9aa4 gdm-2.16.0-31.0.1.el5.x86_64.rpm a23d809bee6723caf8f9405f8ea9860c gdm-debuginfo-2.16.0-31.0.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/gdm-2.16.0-31.0.1.el5.src.rpm 219b844f9203ac31e4b077fa85e3c805 gdm-2.16.0-31.0.1.el5.src.rpm i386: 887b849a9ff2ec16736a15cd31b7c04e gdm-2.16.0-31.0.1.el5.i386.rpm 4c3485328c8057dae853522507fd06c8 gdm-debuginfo-2.16.0-31.0.1.el5.i386.rpm ia64: 757c7e4ce2dcf3ba6caf53fefa9e436b gdm-2.16.0-31.0.1.el5.ia64.rpm ed9d4bef03ddf3ec9caf56cf6ee0fc81 gdm-debuginfo-2.16.0-31.0.1.el5.ia64.rpm ppc: c97a389898d1c159513778466808b332 gdm-2.16.0-31.0.1.el5.ppc.rpm 13c61bc3247af3da32c1011dfd4de9ee gdm-debuginfo-2.16.0-31.0.1.el5.ppc.rpm s390x: 16da1d3e80550a03f3add63acf410e29 gdm-2.16.0-31.0.1.el5.s390x.rpm e2f7cb8883ea4ccda31b6f5800101161 gdm-debuginfo-2.16.0-31.0.1.el5.s390x.rpm x86_64: 209397467cf496efbe51c289077f9aa4 gdm-2.16.0-31.0.1.el5.x86_64.rpm a23d809bee6723caf8f9405f8ea9860c gdm-debuginfo-2.16.0-31.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3381 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGuMs4XlSAg2UNWIIRAqmTAKCK5Xpe1LYUEDZpcuDxJ4obsOL7TQCfX5ih 0O2nrRucLBz/PIKrQ1k8T4s= =44Qx -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Aug 7 19:43:17 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 7 Aug 2007 15:43:17 -0400 Subject: [RHSA-2007:0829-01] Critical: java-1.5.0-ibm security update Message-ID: <200708071943.l77JhHgt003996@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2007:0829-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0829.html Issue date: 2007-08-07 Updated on: 2007-08-07 Product: Red Hat Enterprise Linux Extras CVE Names: CVE-2007-2435 CVE-2007-2788 CVE-2007-2789 CVE-2007-3004 CVE-2007-3005 CVE-2007-3503 CVE-2007-3655 CVE-2007-3922 - --------------------------------------------------------------------- 1. Summary: Updated java-1.5.0-ibm packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, ppc, s390x, x86_64 3. Problem description: IBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A security vulnerability in the Java Web Start component was discovered. An untrusted application could elevate it's privileges, allowing it to read and write local files that are accessible to the user running the Java Web Start application. (CVE-2007-2435) A buffer overflow in the Java Runtime Environment image handling code was found. An untrusted applet or application could use this flaw to elevate its privileges and potentially execute arbitrary code as the user running the java virtual machine. (CVE-2007-2788, CVE-2007-2789, CVE-2007-3004) An unspecified vulnerability was discovered in the Java Runtime Environment. An untrusted applet or application could cause the java virtual machine to become unresponsive. (CVE-2007-3005) The Javadoc tool was able to generate HTML documentation pages that contained cross-site scripting (XSS) vulnerabilities. A remote attacker could use this to inject arbitrary web script or HTML. (CVE-2007-3503) The Java Web Start URL parsing component contains a buffer overflow vulnerability within the parsing code for JNLP files. A remote attacker could create a malicious JNLP file that could trigger this flaw and execute arbitrary code when opened. (CVE-2007-3655) A flaw was found in the applet class loader. An untrusted applet could use this flaw to circumvent network access restrictions, possibly connecting to services hosted on the machine that executed the applet. (CVE-2007-3922) All users of java-ibm-1.5.0 should upgrade to these updated packages, which contain IBM's 1.5.0 SR5a Java release that resolves these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239660 - CVE-2007-2435 javaws vulnerabilities 242595 - CVE-2007-3004 Integer overflow in IBM JDK's ICC profile parser 246765 - CVE-2007-3503 HTML files generated with Javadoc are vulnerable to a XSS 248864 - CVE-2007-3655 A buffer overflow vulnerability in Java Web Start URL parsing code 249533 - CVE-2007-3922 Vulnerability in the Java Runtime Environment May Allow an Untrusted Applet to Circumvent Network Access Restrictions 250725 - CVE-2007-2788 Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit 250729 - CVE-2007-2789 BMP image parser vulnerability 250733 - CVE-2007-3005 Unspecified vulnerability in Sun JRE 6. RPMs required: Red Hat Enterprise Linux AS version 4 Extras: i386: f03a0b949023f7af674cb6123d8c0b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.i386.rpm 514ba2cdf984fe905023ef3137f8c694 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.i386.rpm abf1d7c47b0269002233598509526f4f java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.i386.rpm cc42fb902725004893ef74afb34ad2ed java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.i386.rpm 48e501d6ee684fda5dc086edbf7f39d0 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.i386.rpm 7422f1586b4aa396ae356d975c7b4d07 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4.i386.rpm f103cbcb03961bd51227162d9b43add0 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.i386.rpm ppc: 80d25e87c9d725749ecc7c6468567f26 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.ppc.rpm eaa0a132e164dc2917eee3fb1de4fde7 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.ppc.rpm 46df229ed548b1ea96e47ea74096dff0 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.ppc.rpm b927c7b01a7f274fba7d8ad1947d1734 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.ppc.rpm 84524729176d121a79d61c900df08c6f java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.ppc.rpm f89c2e4ca7de93506091a4bfe33d925e java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4.ppc.rpm 052566c7a7b1e5d30a143ba5330d99e2 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.ppc.rpm s390: e3a7c49d0eef762fe0b51629b58cff5d java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.s390.rpm 0ee5a83ddc19a4b2875050754fed2e7c java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.s390.rpm 90d581f8efd18918b85604424b4e808d java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.s390.rpm 26d463ee95fc4348bf2fc84542249981 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.s390.rpm a1f3607d5410dcd740aa7c52e96864f3 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.s390.rpm s390x: 3825bc7bbadd3e373a7b9976e7f459f2 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.s390x.rpm 36531b05b1bf8535e9670fd2bb21c9e5 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.s390x.rpm 0838e5b3621892896eddeb409cdf4164 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.s390x.rpm 8e72d1ce7aecb19e65ed4cd1fd3eb6e7 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.s390x.rpm x86_64: ad554406f3343e89a702612300fe3b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.x86_64.rpm ea0d3cce9cb1b4e58e61f8838bef44af java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.x86_64.rpm 571af0ab215861528cd04c43f2277a80 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.x86_64.rpm c27c5adbbbcf66b718868bae7dfa71c2 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.x86_64.rpm f41a2d5ce9916b8d9c34eb13b6ed799e java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: f03a0b949023f7af674cb6123d8c0b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.i386.rpm 514ba2cdf984fe905023ef3137f8c694 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.i386.rpm abf1d7c47b0269002233598509526f4f java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.i386.rpm cc42fb902725004893ef74afb34ad2ed java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.i386.rpm 48e501d6ee684fda5dc086edbf7f39d0 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.i386.rpm 7422f1586b4aa396ae356d975c7b4d07 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4.i386.rpm f103cbcb03961bd51227162d9b43add0 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.i386.rpm x86_64: ad554406f3343e89a702612300fe3b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.x86_64.rpm ea0d3cce9cb1b4e58e61f8838bef44af java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.x86_64.rpm 571af0ab215861528cd04c43f2277a80 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.x86_64.rpm c27c5adbbbcf66b718868bae7dfa71c2 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.x86_64.rpm f41a2d5ce9916b8d9c34eb13b6ed799e java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: f03a0b949023f7af674cb6123d8c0b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.i386.rpm 514ba2cdf984fe905023ef3137f8c694 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.i386.rpm abf1d7c47b0269002233598509526f4f java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.i386.rpm cc42fb902725004893ef74afb34ad2ed java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.i386.rpm 48e501d6ee684fda5dc086edbf7f39d0 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.i386.rpm 7422f1586b4aa396ae356d975c7b4d07 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4.i386.rpm f103cbcb03961bd51227162d9b43add0 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.i386.rpm x86_64: ad554406f3343e89a702612300fe3b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.x86_64.rpm ea0d3cce9cb1b4e58e61f8838bef44af java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.x86_64.rpm 571af0ab215861528cd04c43f2277a80 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.x86_64.rpm c27c5adbbbcf66b718868bae7dfa71c2 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.x86_64.rpm f41a2d5ce9916b8d9c34eb13b6ed799e java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: f03a0b949023f7af674cb6123d8c0b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.i386.rpm 514ba2cdf984fe905023ef3137f8c694 java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.i386.rpm abf1d7c47b0269002233598509526f4f java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.i386.rpm cc42fb902725004893ef74afb34ad2ed java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.i386.rpm 48e501d6ee684fda5dc086edbf7f39d0 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.2.el4.i386.rpm 7422f1586b4aa396ae356d975c7b4d07 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.2.el4.i386.rpm f103cbcb03961bd51227162d9b43add0 java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.i386.rpm x86_64: ad554406f3343e89a702612300fe3b91 java-1.5.0-ibm-1.5.0.5-1jpp.2.el4.x86_64.rpm ea0d3cce9cb1b4e58e61f8838bef44af java-1.5.0-ibm-demo-1.5.0.5-1jpp.2.el4.x86_64.rpm 571af0ab215861528cd04c43f2277a80 java-1.5.0-ibm-devel-1.5.0.5-1jpp.2.el4.x86_64.rpm c27c5adbbbcf66b718868bae7dfa71c2 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.2.el4.x86_64.rpm f41a2d5ce9916b8d9c34eb13b6ed799e java-1.5.0-ibm-src-1.5.0.5-1jpp.2.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: cdd0cbabd95ecc48e24240ddb991d286 java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.i386.rpm 5752527094c77e5d5e9bdedc6827ff8c java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.i386.rpm 9106590bd9595ef15f7f0a64ceaf8e7d java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.i386.rpm cd23a583b39f53bd2a3450ae3adae1c1 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.i386.rpm 8f85f3c0f2752a686f297ca4f7da61d8 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.i386.rpm 0f4d9d82d394b0dc00655879c51f8732 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5.i386.rpm bac96ce8cbf810f93e2af0bcc2cc4bad java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.i386.rpm x86_64: cdd0cbabd95ecc48e24240ddb991d286 java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.i386.rpm 0a4968e760ba7272597a0bf0c42b095f java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 5752527094c77e5d5e9bdedc6827ff8c java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.i386.rpm 698b1eb5c9cc70be15f4ee9ccd072b21 java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 9106590bd9595ef15f7f0a64ceaf8e7d java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.i386.rpm 3a1b3589e3bf480bb3930df6202d771a java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.x86_64.rpm cd23a583b39f53bd2a3450ae3adae1c1 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.i386.rpm cf3eff9be6cade6bf7a388f060540e83 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 8f85f3c0f2752a686f297ca4f7da61d8 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.i386.rpm 0f4d9d82d394b0dc00655879c51f8732 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5.i386.rpm bac96ce8cbf810f93e2af0bcc2cc4bad java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.i386.rpm c3d7f811eb870d2ebe2b46148956a944 java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: cdd0cbabd95ecc48e24240ddb991d286 java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.i386.rpm 5752527094c77e5d5e9bdedc6827ff8c java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.i386.rpm 9106590bd9595ef15f7f0a64ceaf8e7d java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.i386.rpm cd23a583b39f53bd2a3450ae3adae1c1 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.i386.rpm 8f85f3c0f2752a686f297ca4f7da61d8 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.i386.rpm 0f4d9d82d394b0dc00655879c51f8732 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5.i386.rpm bac96ce8cbf810f93e2af0bcc2cc4bad java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.i386.rpm ppc: c6cc6cf4f57c44d121ad93272de6dc5a java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.ppc.rpm 30e5e1278aca42c926bc3e50bfb21368 java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.ppc.rpm b37db5b339256fcc55a1205beb2b5db7 java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.ppc.rpm ce4abb9ab6a81d4d42a5a5b7e36c3165 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.ppc.rpm 420bad7eaeaa10e7889732694995e221 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.ppc.rpm 51386ab2985df10400a16802216aa059 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5.ppc.rpm 2aff0d96d2f6133efba5139ac0ecbc4c java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.ppc.rpm s390x: 4013abecb9cd69ce9c93cab4dafb60f5 java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.s390.rpm 2508d126568c77b569ce85685ddb28de java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.s390x.rpm 974fa192b305764ddd4ea0bd0c343a35 java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.s390.rpm 606b47fa3eb5a0ad82ab4d95997b0884 java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.s390x.rpm 2b6dab693b4b38348de47abbd971e595 java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.s390.rpm 8922fc932b1a8bd2c0cbc5886bec1427 java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.s390x.rpm ab68a26dd60e2e6756319230f59e8b66 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.s390.rpm 0741e98e9500e66113503bc5229bb139 java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.s390.rpm a069f10f50098a6de2251ac99006f030 java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.s390x.rpm x86_64: cdd0cbabd95ecc48e24240ddb991d286 java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.i386.rpm 0a4968e760ba7272597a0bf0c42b095f java-1.5.0-ibm-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 5752527094c77e5d5e9bdedc6827ff8c java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.i386.rpm 698b1eb5c9cc70be15f4ee9ccd072b21 java-1.5.0-ibm-demo-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 9106590bd9595ef15f7f0a64ceaf8e7d java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.i386.rpm 3a1b3589e3bf480bb3930df6202d771a java-1.5.0-ibm-devel-1.5.0.5-1jpp.0.1.el5.x86_64.rpm cd23a583b39f53bd2a3450ae3adae1c1 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.i386.rpm cf3eff9be6cade6bf7a388f060540e83 java-1.5.0-ibm-javacomm-1.5.0.5-1jpp.0.1.el5.x86_64.rpm 8f85f3c0f2752a686f297ca4f7da61d8 java-1.5.0-ibm-jdbc-1.5.0.5-1jpp.0.1.el5.i386.rpm 0f4d9d82d394b0dc00655879c51f8732 java-1.5.0-ibm-plugin-1.5.0.5-1jpp.0.1.el5.i386.rpm bac96ce8cbf810f93e2af0bcc2cc4bad java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.i386.rpm c3d7f811eb870d2ebe2b46148956a944 java-1.5.0-ibm-src-1.5.0.5-1jpp.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2435 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2789 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3004 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3005 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3503 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3922 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGuMtTXlSAg2UNWIIRApaWAJ4xCq4sifHenfk0jKOs2lcnwXb09QCfbnem YAyiXJsUbPooit0vp8JK7G4= =MJUt -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 8 19:04:03 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 8 Aug 2007 15:04:03 -0400 Subject: [RHSA-2007:0672-01] Important: kernel security update Message-ID: <200708081904.l78J43LT021668@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2007:0672-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0672.html Issue date: 2007-08-08 Updated on: 2007-08-08 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6054 CVE-2006-6058 CVE-2007-1217 CVE-2007-1592 CVE-2007-1353 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 (32-bit architectures). This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in IPv6 flow label handling that allowed a local user to cause a denial of service (crash). (CVE-2007-1592, Important) * a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential privilege escalation. (CVE-2007-1217, Moderate) * a flaw in the Bluetooth subsystem that allowed a local user to trigger an information leak. (CVE-2007-1353, Low) * various flaws in the supported filesystems that allowed a local privileged user to cause a denial of service. (CVE-2006-6054, CVE-2006-6058, Low) Red Hat would like to thank Ilja van Sprundel for reporting an issue fixed in this erratum. All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to these updated packages, which contain backported fixes to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 217007 - CVE-2006-6058 minix_bmap denial of service 217023 - CVE-2006-6054 ext2_check_page denial of service 231070 - CVE-2007-1217 Overflow in CAPI subsystem 233483 - CVE-2007-1592 IPv6 oops triggerable by any user 234295 - CVE-2007-1353 Bluetooth setsockopt() information leaks 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.9-e.72.src.rpm e0095f0c0117599facea3858143f0a54 kernel-2.4.9-e.72.src.rpm i386: 3c1762c99272c95caff4920b5c091600 kernel-2.4.9-e.72.athlon.rpm f337123d81f654ebea3a75642a7d8f54 kernel-2.4.9-e.72.i686.rpm 5ad8a2db60dd761078b04222c86d3c29 kernel-BOOT-2.4.9-e.72.i386.rpm a43876b373d14df0924819881add4412 kernel-debug-2.4.9-e.72.i686.rpm 18a991ba3f8bc5b0e058f302b5fc3265 kernel-doc-2.4.9-e.72.i386.rpm f11cbbd7d8e239840a241e28b8da81d9 kernel-enterprise-2.4.9-e.72.i686.rpm 015d93e6ae6bfdb58440032009c5e2e1 kernel-headers-2.4.9-e.72.i386.rpm 248b4b045b45a51e3bdc7e6d5f032ab6 kernel-smp-2.4.9-e.72.athlon.rpm 4c0389c372bb9686cb8e9a660e6741df kernel-smp-2.4.9-e.72.i686.rpm 07df232ff8d073ff90a84140d9dccef4 kernel-source-2.4.9-e.72.i386.rpm d78599b5d5eb0abb3c0d3f1e50795b3b kernel-summit-2.4.9-e.72.i686.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/kernel-2.4.9-e.72.src.rpm e0095f0c0117599facea3858143f0a54 kernel-2.4.9-e.72.src.rpm i386: 3c1762c99272c95caff4920b5c091600 kernel-2.4.9-e.72.athlon.rpm f337123d81f654ebea3a75642a7d8f54 kernel-2.4.9-e.72.i686.rpm 5ad8a2db60dd761078b04222c86d3c29 kernel-BOOT-2.4.9-e.72.i386.rpm a43876b373d14df0924819881add4412 kernel-debug-2.4.9-e.72.i686.rpm 18a991ba3f8bc5b0e058f302b5fc3265 kernel-doc-2.4.9-e.72.i386.rpm 015d93e6ae6bfdb58440032009c5e2e1 kernel-headers-2.4.9-e.72.i386.rpm 248b4b045b45a51e3bdc7e6d5f032ab6 kernel-smp-2.4.9-e.72.athlon.rpm 4c0389c372bb9686cb8e9a660e6741df kernel-smp-2.4.9-e.72.i686.rpm 07df232ff8d073ff90a84140d9dccef4 kernel-source-2.4.9-e.72.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/kernel-2.4.9-e.72.src.rpm e0095f0c0117599facea3858143f0a54 kernel-2.4.9-e.72.src.rpm i386: 3c1762c99272c95caff4920b5c091600 kernel-2.4.9-e.72.athlon.rpm f337123d81f654ebea3a75642a7d8f54 kernel-2.4.9-e.72.i686.rpm 5ad8a2db60dd761078b04222c86d3c29 kernel-BOOT-2.4.9-e.72.i386.rpm a43876b373d14df0924819881add4412 kernel-debug-2.4.9-e.72.i686.rpm 18a991ba3f8bc5b0e058f302b5fc3265 kernel-doc-2.4.9-e.72.i386.rpm f11cbbd7d8e239840a241e28b8da81d9 kernel-enterprise-2.4.9-e.72.i686.rpm 015d93e6ae6bfdb58440032009c5e2e1 kernel-headers-2.4.9-e.72.i386.rpm 248b4b045b45a51e3bdc7e6d5f032ab6 kernel-smp-2.4.9-e.72.athlon.rpm 4c0389c372bb9686cb8e9a660e6741df kernel-smp-2.4.9-e.72.i686.rpm 07df232ff8d073ff90a84140d9dccef4 kernel-source-2.4.9-e.72.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6058 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1217 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGuhOaXlSAg2UNWIIRAjtGAKCop3G5xOT3/v8IljTl23j1JdDqBQCgp9Og JQtNRKqM574mFAuolsm454s= =5zY3 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Aug 8 19:04:28 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 8 Aug 2007 15:04:28 -0400 Subject: [RHSA-2007:0673-01] Important: kernel security update Message-ID: <200708081904.l78J4Srw021732@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2007:0673-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0673.html Issue date: 2007-08-08 Updated on: 2007-08-08 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6054 CVE-2007-1217 CVE-2007-1592 CVE-2007-1353 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix a number of security issues are now available for Red Hat Enterprise Linux 2.1 (64-bit architectures). This security advisory has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in IPV6 flow label handling that allowed a local user to cause a denial of service (crash). (CVE-2007-1592, Important) * a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential privilege escalation. (CVE-2007-1217, Moderate) * a flaw in the Bluetooth subsystem that allowed a local user to trigger an information leak. (CVE-2007-1353, Low) * a flaw in the supported filesystems that allowed a local privileged user to cause a denial of service. (CVE-2006-6054, Low) Red Hat would like to thank Ilja van Sprundel for reporting an issue fixed in this erratum. All Red Hat Enterprise Linux 2.1 users are advised to upgrade their kernels to these updated packages, which contain backported fixes to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 217024 - CVE-2006-6054 ext2_check_page denial of service 231071 - CVE-2007-1217 Overflow in CAPI subsystem 233484 - CVE-2007-1592 IPv6 oops triggerable by any user 234296 - CVE-2007-1353 Bluetooth setsockopt() information leaks 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/kernel-2.4.18-e.65.src.rpm 92ccbe1005a2ad74fffc3e944f5d19c2 kernel-2.4.18-e.65.src.rpm ia64: 8e5d03bf4e79cf7b0cfd6911d3667160 kernel-2.4.18-e.65.ia64.rpm d82cbe75c5f32bff36a65d5a5d52a0ee kernel-doc-2.4.18-e.65.ia64.rpm 6093b3a6bae88873c8f0f13755d5eb47 kernel-smp-2.4.18-e.65.ia64.rpm 72346a0b751537cc181f226caed806bb kernel-source-2.4.18-e.65.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/kernel-2.4.18-e.65.src.rpm 92ccbe1005a2ad74fffc3e944f5d19c2 kernel-2.4.18-e.65.src.rpm ia64: 8e5d03bf4e79cf7b0cfd6911d3667160 kernel-2.4.18-e.65.ia64.rpm d82cbe75c5f32bff36a65d5a5d52a0ee kernel-doc-2.4.18-e.65.ia64.rpm 6093b3a6bae88873c8f0f13755d5eb47 kernel-smp-2.4.18-e.65.ia64.rpm 72346a0b751537cc181f226caed806bb kernel-source-2.4.18-e.65.ia64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1217 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGuhOzXlSAg2UNWIIRAvGVAJ92pOmN8QINKsl5+y5+gk8oe2nAdgCeLwkb hkJ2NLK0R9jbUxjB5JSLtUg= =S9ng -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 16 09:59:24 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 16 Aug 2007 05:59:24 -0400 Subject: [RHSA-2007:0671-01] Moderate: kernel security and bugfix update Message-ID: <200708160959.l7G9xOil024850@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: kernel security and bugfix update Advisory ID: RHSA-2007:0671-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0671.html Issue date: 2007-08-16 Updated on: 2007-08-16 Product: Red Hat Enterprise Linux Keywords: taroon kernel security errata Obsoletes: RHSA-2007:0436 CVE Names: CVE-2007-1217 CVE-2007-1353 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix several security issues and bugs in the Red Hat Enterprise Linux 3 kernel are now available. This security advisory has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the security issues described below: * a flaw in the ISDN CAPI subsystem that allowed a remote user to cause a denial of service or potential privilege escalation. (CVE-2007-1217, Moderate) * a flaw in the Bluetooth subsystem that allowed a local user to trigger an information leak. (CVE-2007-1353, Low) In addition to the security issues described above, fixes for the following have been included: * a race condition in the e1000 network driver that could cause ESB2 systems to be started without the RX unit being turned on. * a related e1000 bug on ESB2 systems that could cause rlogin to fail. Red Hat would like to thank Ilja van Sprundel for reporting an issue fixed in this erratum. Note: The kernel-unsupported package contains various drivers and modules that are unsupported and therefore might contain security problems that have not been addressed. All Red Hat Enterprise Linux 3 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 231069 - CVE-2007-1217 Overflow in CAPI subsystem 234294 - CVE-2007-1353 Bluetooth setsockopt() information leaks 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm 3e94648c83b62fb9cc401b53ca5f6096 kernel-2.4.21-51.EL.src.rpm i386: 1b001b9748c4626e16e3eec657b65e1b kernel-2.4.21-51.EL.athlon.rpm 81412b55ba69d85064b55114fc4cadd3 kernel-2.4.21-51.EL.i686.rpm 45e16d49aa290a4bd0efe33bba627f5b kernel-BOOT-2.4.21-51.EL.i386.rpm fded238337854d3044eb5004996b36a6 kernel-debuginfo-2.4.21-51.EL.athlon.rpm db091f1f057aa3aeb3134352151e6246 kernel-debuginfo-2.4.21-51.EL.i386.rpm 953fb8b53bf60d64a250c2d9cd6e956d kernel-debuginfo-2.4.21-51.EL.i686.rpm 32eb10ebb7e3c890cea0da9f49c6d56a kernel-doc-2.4.21-51.EL.i386.rpm d5bffec510ed2d2c09edb881bcbb19bb kernel-hugemem-2.4.21-51.EL.i686.rpm 9e4729d4981d0f371b9e34d3b04badd6 kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm 3336bf85d01e863d41a021a348088216 kernel-smp-2.4.21-51.EL.athlon.rpm b98cf89374f00c81691ee57392b1d768 kernel-smp-2.4.21-51.EL.i686.rpm f1e7de77a0acbe3d007571d38b84947a kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm 2ad659821179db2f3a78d44ce62990de kernel-smp-unsupported-2.4.21-51.EL.i686.rpm 4a2dcd9e3b3c1db9152f4415e5a1699a kernel-source-2.4.21-51.EL.i386.rpm 6aa9025e30a16389480c4ccadaa9057f kernel-unsupported-2.4.21-51.EL.athlon.rpm c442a88cf82f11be01e0a335cc3c0856 kernel-unsupported-2.4.21-51.EL.i686.rpm ia64: f43eba731b22b5956aabaccff6c70abe kernel-2.4.21-51.EL.ia64.rpm 80ed8856d2713f931b8543926d29d4a8 kernel-debuginfo-2.4.21-51.EL.ia64.rpm 2209a4a2680c0eb7acee8df8d47d4028 kernel-doc-2.4.21-51.EL.ia64.rpm 863b02755f6641944114f052ad3e9a0e kernel-source-2.4.21-51.EL.ia64.rpm 8f84b0001c83b99fddbd28bcde5f806f kernel-unsupported-2.4.21-51.EL.ia64.rpm ppc: 5da6c0c9a5f0ac9c328fdb4b711299ad kernel-2.4.21-51.EL.ppc64iseries.rpm f5400b322cfaee4392aaf3771e73d157 kernel-2.4.21-51.EL.ppc64pseries.rpm 01b2f5c1155fb3f0774eda66571b3666 kernel-debuginfo-2.4.21-51.EL.ppc64.rpm 08805438592e26ae2ba699ea1196ee1e kernel-debuginfo-2.4.21-51.EL.ppc64iseries.rpm fe6024efc0f249d880059deca27a4cf2 kernel-debuginfo-2.4.21-51.EL.ppc64pseries.rpm 5ce4268e6403de5f971457ea229e451d kernel-doc-2.4.21-51.EL.ppc64.rpm e2cddede0dbeadb64bea2266ed2a0a8d kernel-source-2.4.21-51.EL.ppc64.rpm 08561aeefce58d9a685da5da95118348 kernel-unsupported-2.4.21-51.EL.ppc64iseries.rpm 41003f17bf7da307c97b2c754a4b5621 kernel-unsupported-2.4.21-51.EL.ppc64pseries.rpm s390: 18e99d6dd147612fa221ed6c64345ed7 kernel-2.4.21-51.EL.s390.rpm 98808ddf3c5566588819ef8fc9eae930 kernel-debuginfo-2.4.21-51.EL.s390.rpm c0061a5cae943a826d56e996a22d4c1b kernel-doc-2.4.21-51.EL.s390.rpm 1e94e756a1ad2778f384639abeaac3cf kernel-source-2.4.21-51.EL.s390.rpm 3125a4e5c820acb28307d5dd1d8b624a kernel-unsupported-2.4.21-51.EL.s390.rpm s390x: 86cc02e371c1253ec2fa7ba31cb17595 kernel-2.4.21-51.EL.s390x.rpm fcf253f707acf26b668444f426c792d2 kernel-debuginfo-2.4.21-51.EL.s390x.rpm a49b8aed89e64f29505369bde2ea7e62 kernel-doc-2.4.21-51.EL.s390x.rpm 62d185eb16102d2aa8d2a82601d8768e kernel-source-2.4.21-51.EL.s390x.rpm 5968a0d4b0a129445ee801b82f3c2321 kernel-unsupported-2.4.21-51.EL.s390x.rpm x86_64: a2c87d889cbd620e5ef6012dd565785f kernel-2.4.21-51.EL.ia32e.rpm 6be6ea30748554962f126c81441768ed kernel-2.4.21-51.EL.x86_64.rpm 572777549a1530d34b8cc1c66e715471 kernel-debuginfo-2.4.21-51.EL.ia32e.rpm 9d1251676ba50ba4b4ba80b4b18d2ec4 kernel-debuginfo-2.4.21-51.EL.x86_64.rpm 21c16e560705f14421a1d669a27a54df kernel-doc-2.4.21-51.EL.x86_64.rpm aecd821b741c859535a6e2e6cf3ab0f5 kernel-smp-2.4.21-51.EL.x86_64.rpm 70a8d74ffc53e619fd8948ae76309f1b kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm 66cbc0771e3be71408cae29636881ca7 kernel-source-2.4.21-51.EL.x86_64.rpm 13078e7d42ad160d1c304f722ac0f721 kernel-unsupported-2.4.21-51.EL.ia32e.rpm ca57b82d95a3f1c3b32e632175f46898 kernel-unsupported-2.4.21-51.EL.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm 3e94648c83b62fb9cc401b53ca5f6096 kernel-2.4.21-51.EL.src.rpm i386: 1b001b9748c4626e16e3eec657b65e1b kernel-2.4.21-51.EL.athlon.rpm 81412b55ba69d85064b55114fc4cadd3 kernel-2.4.21-51.EL.i686.rpm 45e16d49aa290a4bd0efe33bba627f5b kernel-BOOT-2.4.21-51.EL.i386.rpm fded238337854d3044eb5004996b36a6 kernel-debuginfo-2.4.21-51.EL.athlon.rpm db091f1f057aa3aeb3134352151e6246 kernel-debuginfo-2.4.21-51.EL.i386.rpm 953fb8b53bf60d64a250c2d9cd6e956d kernel-debuginfo-2.4.21-51.EL.i686.rpm 32eb10ebb7e3c890cea0da9f49c6d56a kernel-doc-2.4.21-51.EL.i386.rpm d5bffec510ed2d2c09edb881bcbb19bb kernel-hugemem-2.4.21-51.EL.i686.rpm 9e4729d4981d0f371b9e34d3b04badd6 kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm 3336bf85d01e863d41a021a348088216 kernel-smp-2.4.21-51.EL.athlon.rpm b98cf89374f00c81691ee57392b1d768 kernel-smp-2.4.21-51.EL.i686.rpm f1e7de77a0acbe3d007571d38b84947a kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm 2ad659821179db2f3a78d44ce62990de kernel-smp-unsupported-2.4.21-51.EL.i686.rpm 4a2dcd9e3b3c1db9152f4415e5a1699a kernel-source-2.4.21-51.EL.i386.rpm 6aa9025e30a16389480c4ccadaa9057f kernel-unsupported-2.4.21-51.EL.athlon.rpm c442a88cf82f11be01e0a335cc3c0856 kernel-unsupported-2.4.21-51.EL.i686.rpm x86_64: a2c87d889cbd620e5ef6012dd565785f kernel-2.4.21-51.EL.ia32e.rpm 6be6ea30748554962f126c81441768ed kernel-2.4.21-51.EL.x86_64.rpm 572777549a1530d34b8cc1c66e715471 kernel-debuginfo-2.4.21-51.EL.ia32e.rpm 9d1251676ba50ba4b4ba80b4b18d2ec4 kernel-debuginfo-2.4.21-51.EL.x86_64.rpm 21c16e560705f14421a1d669a27a54df kernel-doc-2.4.21-51.EL.x86_64.rpm aecd821b741c859535a6e2e6cf3ab0f5 kernel-smp-2.4.21-51.EL.x86_64.rpm 70a8d74ffc53e619fd8948ae76309f1b kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm 66cbc0771e3be71408cae29636881ca7 kernel-source-2.4.21-51.EL.x86_64.rpm 13078e7d42ad160d1c304f722ac0f721 kernel-unsupported-2.4.21-51.EL.ia32e.rpm ca57b82d95a3f1c3b32e632175f46898 kernel-unsupported-2.4.21-51.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm 3e94648c83b62fb9cc401b53ca5f6096 kernel-2.4.21-51.EL.src.rpm i386: 1b001b9748c4626e16e3eec657b65e1b kernel-2.4.21-51.EL.athlon.rpm 81412b55ba69d85064b55114fc4cadd3 kernel-2.4.21-51.EL.i686.rpm 45e16d49aa290a4bd0efe33bba627f5b kernel-BOOT-2.4.21-51.EL.i386.rpm fded238337854d3044eb5004996b36a6 kernel-debuginfo-2.4.21-51.EL.athlon.rpm db091f1f057aa3aeb3134352151e6246 kernel-debuginfo-2.4.21-51.EL.i386.rpm 953fb8b53bf60d64a250c2d9cd6e956d kernel-debuginfo-2.4.21-51.EL.i686.rpm 32eb10ebb7e3c890cea0da9f49c6d56a kernel-doc-2.4.21-51.EL.i386.rpm d5bffec510ed2d2c09edb881bcbb19bb kernel-hugemem-2.4.21-51.EL.i686.rpm 9e4729d4981d0f371b9e34d3b04badd6 kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm 3336bf85d01e863d41a021a348088216 kernel-smp-2.4.21-51.EL.athlon.rpm b98cf89374f00c81691ee57392b1d768 kernel-smp-2.4.21-51.EL.i686.rpm f1e7de77a0acbe3d007571d38b84947a kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm 2ad659821179db2f3a78d44ce62990de kernel-smp-unsupported-2.4.21-51.EL.i686.rpm 4a2dcd9e3b3c1db9152f4415e5a1699a kernel-source-2.4.21-51.EL.i386.rpm 6aa9025e30a16389480c4ccadaa9057f kernel-unsupported-2.4.21-51.EL.athlon.rpm c442a88cf82f11be01e0a335cc3c0856 kernel-unsupported-2.4.21-51.EL.i686.rpm ia64: f43eba731b22b5956aabaccff6c70abe kernel-2.4.21-51.EL.ia64.rpm 80ed8856d2713f931b8543926d29d4a8 kernel-debuginfo-2.4.21-51.EL.ia64.rpm 2209a4a2680c0eb7acee8df8d47d4028 kernel-doc-2.4.21-51.EL.ia64.rpm 863b02755f6641944114f052ad3e9a0e kernel-source-2.4.21-51.EL.ia64.rpm 8f84b0001c83b99fddbd28bcde5f806f kernel-unsupported-2.4.21-51.EL.ia64.rpm x86_64: a2c87d889cbd620e5ef6012dd565785f kernel-2.4.21-51.EL.ia32e.rpm 6be6ea30748554962f126c81441768ed kernel-2.4.21-51.EL.x86_64.rpm 572777549a1530d34b8cc1c66e715471 kernel-debuginfo-2.4.21-51.EL.ia32e.rpm 9d1251676ba50ba4b4ba80b4b18d2ec4 kernel-debuginfo-2.4.21-51.EL.x86_64.rpm 21c16e560705f14421a1d669a27a54df kernel-doc-2.4.21-51.EL.x86_64.rpm aecd821b741c859535a6e2e6cf3ab0f5 kernel-smp-2.4.21-51.EL.x86_64.rpm 70a8d74ffc53e619fd8948ae76309f1b kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm 66cbc0771e3be71408cae29636881ca7 kernel-source-2.4.21-51.EL.x86_64.rpm 13078e7d42ad160d1c304f722ac0f721 kernel-unsupported-2.4.21-51.EL.ia32e.rpm ca57b82d95a3f1c3b32e632175f46898 kernel-unsupported-2.4.21-51.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-51.EL.src.rpm 3e94648c83b62fb9cc401b53ca5f6096 kernel-2.4.21-51.EL.src.rpm i386: 1b001b9748c4626e16e3eec657b65e1b kernel-2.4.21-51.EL.athlon.rpm 81412b55ba69d85064b55114fc4cadd3 kernel-2.4.21-51.EL.i686.rpm 45e16d49aa290a4bd0efe33bba627f5b kernel-BOOT-2.4.21-51.EL.i386.rpm fded238337854d3044eb5004996b36a6 kernel-debuginfo-2.4.21-51.EL.athlon.rpm db091f1f057aa3aeb3134352151e6246 kernel-debuginfo-2.4.21-51.EL.i386.rpm 953fb8b53bf60d64a250c2d9cd6e956d kernel-debuginfo-2.4.21-51.EL.i686.rpm 32eb10ebb7e3c890cea0da9f49c6d56a kernel-doc-2.4.21-51.EL.i386.rpm d5bffec510ed2d2c09edb881bcbb19bb kernel-hugemem-2.4.21-51.EL.i686.rpm 9e4729d4981d0f371b9e34d3b04badd6 kernel-hugemem-unsupported-2.4.21-51.EL.i686.rpm 3336bf85d01e863d41a021a348088216 kernel-smp-2.4.21-51.EL.athlon.rpm b98cf89374f00c81691ee57392b1d768 kernel-smp-2.4.21-51.EL.i686.rpm f1e7de77a0acbe3d007571d38b84947a kernel-smp-unsupported-2.4.21-51.EL.athlon.rpm 2ad659821179db2f3a78d44ce62990de kernel-smp-unsupported-2.4.21-51.EL.i686.rpm 4a2dcd9e3b3c1db9152f4415e5a1699a kernel-source-2.4.21-51.EL.i386.rpm 6aa9025e30a16389480c4ccadaa9057f kernel-unsupported-2.4.21-51.EL.athlon.rpm c442a88cf82f11be01e0a335cc3c0856 kernel-unsupported-2.4.21-51.EL.i686.rpm ia64: f43eba731b22b5956aabaccff6c70abe kernel-2.4.21-51.EL.ia64.rpm 80ed8856d2713f931b8543926d29d4a8 kernel-debuginfo-2.4.21-51.EL.ia64.rpm 2209a4a2680c0eb7acee8df8d47d4028 kernel-doc-2.4.21-51.EL.ia64.rpm 863b02755f6641944114f052ad3e9a0e kernel-source-2.4.21-51.EL.ia64.rpm 8f84b0001c83b99fddbd28bcde5f806f kernel-unsupported-2.4.21-51.EL.ia64.rpm x86_64: a2c87d889cbd620e5ef6012dd565785f kernel-2.4.21-51.EL.ia32e.rpm 6be6ea30748554962f126c81441768ed kernel-2.4.21-51.EL.x86_64.rpm 572777549a1530d34b8cc1c66e715471 kernel-debuginfo-2.4.21-51.EL.ia32e.rpm 9d1251676ba50ba4b4ba80b4b18d2ec4 kernel-debuginfo-2.4.21-51.EL.x86_64.rpm 21c16e560705f14421a1d669a27a54df kernel-doc-2.4.21-51.EL.x86_64.rpm aecd821b741c859535a6e2e6cf3ab0f5 kernel-smp-2.4.21-51.EL.x86_64.rpm 70a8d74ffc53e619fd8948ae76309f1b kernel-smp-unsupported-2.4.21-51.EL.x86_64.rpm 66cbc0771e3be71408cae29636881ca7 kernel-source-2.4.21-51.EL.x86_64.rpm 13078e7d42ad160d1c304f722ac0f721 kernel-unsupported-2.4.21-51.EL.ia32e.rpm ca57b82d95a3f1c3b32e632175f46898 kernel-unsupported-2.4.21-51.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1217 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1353 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGxB/yXlSAg2UNWIIRAuz8AJoDfmeOASkJPPZGe7MTwM9k4lU0TQCglp5/ SU92SN7NS47OjUUSedWqIpM= =hMKB -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Aug 17 08:12:02 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 17 Aug 2007 04:12:02 -0400 Subject: [RHSA-2007:0841-01] Critical: RealPlayer security update Message-ID: <200708170812.l7H8C28d005942@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: RealPlayer security update Advisory ID: RHSA-2007:0841-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0841.html Issue date: 2007-08-17 Updated on: 2007-08-17 Product: Red Hat Enterprise Linux Extras CVE Names: CVE-2007-3410 - --------------------------------------------------------------------- 1. Summary: An updated RealPlayer package that fixes a security flaw is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 3. Problem description: RealPlayer is a media player that provides media playback locally and via streaming. A buffer overflow flaw was found in the way RealPlayer processed Synchronized Multimedia Integration Language (SMIL) files. It was possible for a malformed SMIL file to execute arbitrary code with the permissions of the user running RealPlayer. (CVE-2007-3410) All users of RealPlayer are advised to upgrade to this updated package containing RealPlayer version 10.0.9 which is not vulnerable to this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 245836 - CVE-2007-3410 RealPlayer/HelixPlayer buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm x86_64: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm Red Hat Desktop version 3 Extras: i386: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm x86_64: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm x86_64: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm x86_64: 936f5bf4bdc57dadef638a9dc0349334 realplayer-10.0.9-0.rhel3.4.i386.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm x86_64: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm Red Hat Desktop version 4 Extras: i386: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm x86_64: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm x86_64: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm x86_64: f0c57148b5ab8807c684774da25c4014 RealPlayer-10.0.9-2.i386.rpm 2067e264bf98e2a88b314f5d3dbf96b2 RealPlayer-debuginfo-10.0.9-2.i386.rpm RHEL Desktop Supplementary (v. 5 client): i386: d7147c25a048a9595d740f4303f24123 RealPlayer-10.0.9-3.el5.i386.rpm e076740788c42cfe6f0d90e787a47aca RealPlayer-debuginfo-10.0.9-3.el5.i386.rpm x86_64: d7147c25a048a9595d740f4303f24123 RealPlayer-10.0.9-3.el5.i386.rpm e076740788c42cfe6f0d90e787a47aca RealPlayer-debuginfo-10.0.9-3.el5.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3410 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGxVhQXlSAg2UNWIIRAuCEAJoDRmSOHKjuMFMIaviXUkepmt3Y2QCeNkXt UU8S22WfJVQY/EP5phYoVI4= =jgHr -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 23 12:58:22 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 23 Aug 2007 08:58:22 -0400 Subject: [RHSA-2007:0860-01] Moderate: tar security update Message-ID: <200708231258.l7NCwM0g023869@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: tar security update Advisory ID: RHSA-2007:0860-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0860.html Issue date: 2007-08-23 Updated on: 2007-08-23 Product: Red Hat Enterprise Linux Keywords: symlink path traversal CVE Names: CVE-2007-4131 - --------------------------------------------------------------------- 1. Summary: Updated tar package that fixes a path traversal flaw is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The GNU tar program saves many files together in one archive and can restore individual files (or all of the files) from that archive. A path traversal flaw was discovered in the way GNU tar extracted archives. A malicious user could create a tar archive that could write to arbitrary files to which the user running GNU tar had write access. (CVE-2007-4131) Red Hat would like to thank Dmitry V. Levin for reporting this issue. Users of tar should upgrade to this updated package, which contains a replacement backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 251921 - CVE-2007-4131 tar directory traversal vulnerability 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tar-1.14-12.5.1.RHEL4.src.rpm 4cfff37413ea6e3705c1c6626e3dc4d2 tar-1.14-12.5.1.RHEL4.src.rpm i386: 87969426d39204739ccb8d167175f6ff tar-1.14-12.5.1.RHEL4.i386.rpm 8ace84439fed673b42aeb7de3c7a9373 tar-debuginfo-1.14-12.5.1.RHEL4.i386.rpm ia64: 7b87e3117a4462f7474c6552e0754950 tar-1.14-12.5.1.RHEL4.ia64.rpm 6bca94f6bb90158cea5e69d512800c01 tar-debuginfo-1.14-12.5.1.RHEL4.ia64.rpm ppc: 19d17b1237ac535046610b151a89056e tar-1.14-12.5.1.RHEL4.ppc.rpm 4a09c682416096a96bb1f5d66ef7f0d4 tar-debuginfo-1.14-12.5.1.RHEL4.ppc.rpm s390: 60663a237022be37edee7aaa4cdeb0a0 tar-1.14-12.5.1.RHEL4.s390.rpm 1d0a3442befd28b96be7904d82bf8c25 tar-debuginfo-1.14-12.5.1.RHEL4.s390.rpm s390x: d6256b8644864ff2c04d8c5c68360b4f tar-1.14-12.5.1.RHEL4.s390x.rpm 1cf61b918294b63110f5fc17ee787d1b tar-debuginfo-1.14-12.5.1.RHEL4.s390x.rpm x86_64: 253c53990cc612781107e07fb2f96a56 tar-1.14-12.5.1.RHEL4.x86_64.rpm cbc599e4dabe030318f4c2eb9a05da53 tar-debuginfo-1.14-12.5.1.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tar-1.14-12.5.1.RHEL4.src.rpm 4cfff37413ea6e3705c1c6626e3dc4d2 tar-1.14-12.5.1.RHEL4.src.rpm i386: 87969426d39204739ccb8d167175f6ff tar-1.14-12.5.1.RHEL4.i386.rpm 8ace84439fed673b42aeb7de3c7a9373 tar-debuginfo-1.14-12.5.1.RHEL4.i386.rpm x86_64: 253c53990cc612781107e07fb2f96a56 tar-1.14-12.5.1.RHEL4.x86_64.rpm cbc599e4dabe030318f4c2eb9a05da53 tar-debuginfo-1.14-12.5.1.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tar-1.14-12.5.1.RHEL4.src.rpm 4cfff37413ea6e3705c1c6626e3dc4d2 tar-1.14-12.5.1.RHEL4.src.rpm i386: 87969426d39204739ccb8d167175f6ff tar-1.14-12.5.1.RHEL4.i386.rpm 8ace84439fed673b42aeb7de3c7a9373 tar-debuginfo-1.14-12.5.1.RHEL4.i386.rpm ia64: 7b87e3117a4462f7474c6552e0754950 tar-1.14-12.5.1.RHEL4.ia64.rpm 6bca94f6bb90158cea5e69d512800c01 tar-debuginfo-1.14-12.5.1.RHEL4.ia64.rpm x86_64: 253c53990cc612781107e07fb2f96a56 tar-1.14-12.5.1.RHEL4.x86_64.rpm cbc599e4dabe030318f4c2eb9a05da53 tar-debuginfo-1.14-12.5.1.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tar-1.14-12.5.1.RHEL4.src.rpm 4cfff37413ea6e3705c1c6626e3dc4d2 tar-1.14-12.5.1.RHEL4.src.rpm i386: 87969426d39204739ccb8d167175f6ff tar-1.14-12.5.1.RHEL4.i386.rpm 8ace84439fed673b42aeb7de3c7a9373 tar-debuginfo-1.14-12.5.1.RHEL4.i386.rpm ia64: 7b87e3117a4462f7474c6552e0754950 tar-1.14-12.5.1.RHEL4.ia64.rpm 6bca94f6bb90158cea5e69d512800c01 tar-debuginfo-1.14-12.5.1.RHEL4.ia64.rpm x86_64: 253c53990cc612781107e07fb2f96a56 tar-1.14-12.5.1.RHEL4.x86_64.rpm cbc599e4dabe030318f4c2eb9a05da53 tar-debuginfo-1.14-12.5.1.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tar-1.15.1-23.0.1.el5.src.rpm 71404af2e3ee182ae0ceb49c5022c25a tar-1.15.1-23.0.1.el5.src.rpm i386: bef674d7f4a7c2b8ab199f3b0e4ffbf4 tar-1.15.1-23.0.1.el5.i386.rpm 18bbfd3ebd9d7bdbc5cedd575508e11a tar-debuginfo-1.15.1-23.0.1.el5.i386.rpm x86_64: 4e4d8558cf8ee07dcb764b68686754e5 tar-1.15.1-23.0.1.el5.x86_64.rpm 1c398dbd4c6b0f462f41c9a4669e7902 tar-debuginfo-1.15.1-23.0.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tar-1.15.1-23.0.1.el5.src.rpm 71404af2e3ee182ae0ceb49c5022c25a tar-1.15.1-23.0.1.el5.src.rpm i386: bef674d7f4a7c2b8ab199f3b0e4ffbf4 tar-1.15.1-23.0.1.el5.i386.rpm 18bbfd3ebd9d7bdbc5cedd575508e11a tar-debuginfo-1.15.1-23.0.1.el5.i386.rpm ia64: e286f927ee594d632a89aed5e84c466d tar-1.15.1-23.0.1.el5.ia64.rpm 7405e317c14ac36323d4866075be4a7e tar-debuginfo-1.15.1-23.0.1.el5.ia64.rpm ppc: 1425da0fe798ccbbd6955fad756a0b3e tar-1.15.1-23.0.1.el5.ppc.rpm 1f1eb67ab55d912d0c2a86b0206cf688 tar-debuginfo-1.15.1-23.0.1.el5.ppc.rpm s390x: 2befefb377c312ca3331d20bab123354 tar-1.15.1-23.0.1.el5.s390x.rpm 6b7337fa1f6b9789f1d0eb169b86dea9 tar-debuginfo-1.15.1-23.0.1.el5.s390x.rpm x86_64: 4e4d8558cf8ee07dcb764b68686754e5 tar-1.15.1-23.0.1.el5.x86_64.rpm 1c398dbd4c6b0f462f41c9a4669e7902 tar-debuginfo-1.15.1-23.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4131 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGzYRVXlSAg2UNWIIRAlVLAKCgv15Y6U8nfbAAkndhvRpASoXKRgCfSCF0 493VWf1WVxv5FNLZTvITS7w= =aDfC -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Aug 30 13:37:20 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 30 Aug 2007 09:37:20 -0400 Subject: [RHSA-2007:0875-01] Important: mysql security update Message-ID: <200708301337.l7UDbKkH032153@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mysql security update Advisory ID: RHSA-2007:0875-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0875.html Issue date: 2007-08-30 Updated on: 2007-08-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-3780 - --------------------------------------------------------------------- 1. Summary: Updated mysql packages that fix a security flaw are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon (mysqld) and many different client programs and libraries. A flaw was discovered in MySQL's authentication protocol. It is possible for a remote unauthenticated attacker to send a specially crafted authentication request to the MySQL server causing it to crash. (CVE-2007-3780) All users of the MySQL server are advised to upgrade to these updated packages, which contain a backported patch which fixes this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 254108 - CVE-2007-3780 mysql malformed password crasher 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/mysql-4.1.20-2.RHEL4.1.0.1.src.rpm bf73ef5a83928ae0d4df5e493f9352c6 mysql-4.1.20-2.RHEL4.1.0.1.src.rpm i386: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 90f871d896a8cea7ed7e283170dff773 mysql-bench-4.1.20-2.RHEL4.1.0.1.i386.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 734ec276c3cd75bb5ccca0fa92b03216 mysql-devel-4.1.20-2.RHEL4.1.0.1.i386.rpm edf87b81ee5bba85922f32602af777a6 mysql-server-4.1.20-2.RHEL4.1.0.1.i386.rpm ia64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 45005918de77614c6cac34a5f05de7d6 mysql-4.1.20-2.RHEL4.1.0.1.ia64.rpm a50565bc6158157c1900b0299e72de28 mysql-bench-4.1.20-2.RHEL4.1.0.1.ia64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm cdcc9584cb9275230a856e45a4e321fe mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.ia64.rpm fcbc25791972f6c35dd920507079cc56 mysql-devel-4.1.20-2.RHEL4.1.0.1.ia64.rpm 8450b60c250f548bd3a53b8cad7fc192 mysql-server-4.1.20-2.RHEL4.1.0.1.ia64.rpm ppc: e46405e7b51d2bf460d0f976bc889f45 mysql-4.1.20-2.RHEL4.1.0.1.ppc.rpm 416f5dcee34641049fa264ce86a3c748 mysql-4.1.20-2.RHEL4.1.0.1.ppc64.rpm 604842164bc03c909e2dc2fb8ce3dfaa mysql-bench-4.1.20-2.RHEL4.1.0.1.ppc.rpm 976eea272a7d295a5cfca3bdeed60f31 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.ppc.rpm f61165bd7a1410e7a451a45ea31618dd mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.ppc64.rpm d3576f4628614d0465b6fd5e2c23f7ba mysql-devel-4.1.20-2.RHEL4.1.0.1.ppc.rpm 055d1875fc2057fbe76da02a4cfce83e mysql-server-4.1.20-2.RHEL4.1.0.1.ppc.rpm s390: 963849fd650ae814a19b1f35df878ee9 mysql-4.1.20-2.RHEL4.1.0.1.s390.rpm fa25b5d80bfe55f202ed659b866bfcf2 mysql-bench-4.1.20-2.RHEL4.1.0.1.s390.rpm 3a259d3ddf418b16def066acb97b1c47 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.s390.rpm fdaf59e064049b7bd4472dc7db8827dd mysql-devel-4.1.20-2.RHEL4.1.0.1.s390.rpm 03481abe911d0b8f1883f18157d41e84 mysql-server-4.1.20-2.RHEL4.1.0.1.s390.rpm s390x: 963849fd650ae814a19b1f35df878ee9 mysql-4.1.20-2.RHEL4.1.0.1.s390.rpm c7620421b869aa9db61e0538cd5bb123 mysql-4.1.20-2.RHEL4.1.0.1.s390x.rpm 7f4dd6bd3544a95240c641865f1eef32 mysql-bench-4.1.20-2.RHEL4.1.0.1.s390x.rpm 3a259d3ddf418b16def066acb97b1c47 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.s390.rpm 6202e8f6bf64d7c3c8258c0e400ade26 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.s390x.rpm d94a615e92d10cbbe47ca3286e7e3c79 mysql-devel-4.1.20-2.RHEL4.1.0.1.s390x.rpm f4a7330baf56b26d5a8e5fa2ad8b20c0 mysql-server-4.1.20-2.RHEL4.1.0.1.s390x.rpm x86_64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm a80c2ce8d91c81a3d8026c1bab012dac mysql-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 03705e8457d35c0ce05c3953e408c597 mysql-bench-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 79f0ca34b5284acad3dac711b0a0551f mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 384af5faeeed97957d8f8e8af9ca6b21 mysql-devel-4.1.20-2.RHEL4.1.0.1.x86_64.rpm f7cd9e8bf14fd72a44f74085618bdf81 mysql-server-4.1.20-2.RHEL4.1.0.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/mysql-4.1.20-2.RHEL4.1.0.1.src.rpm bf73ef5a83928ae0d4df5e493f9352c6 mysql-4.1.20-2.RHEL4.1.0.1.src.rpm i386: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 90f871d896a8cea7ed7e283170dff773 mysql-bench-4.1.20-2.RHEL4.1.0.1.i386.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 734ec276c3cd75bb5ccca0fa92b03216 mysql-devel-4.1.20-2.RHEL4.1.0.1.i386.rpm edf87b81ee5bba85922f32602af777a6 mysql-server-4.1.20-2.RHEL4.1.0.1.i386.rpm x86_64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm a80c2ce8d91c81a3d8026c1bab012dac mysql-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 03705e8457d35c0ce05c3953e408c597 mysql-bench-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 79f0ca34b5284acad3dac711b0a0551f mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 384af5faeeed97957d8f8e8af9ca6b21 mysql-devel-4.1.20-2.RHEL4.1.0.1.x86_64.rpm f7cd9e8bf14fd72a44f74085618bdf81 mysql-server-4.1.20-2.RHEL4.1.0.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/mysql-4.1.20-2.RHEL4.1.0.1.src.rpm bf73ef5a83928ae0d4df5e493f9352c6 mysql-4.1.20-2.RHEL4.1.0.1.src.rpm i386: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 90f871d896a8cea7ed7e283170dff773 mysql-bench-4.1.20-2.RHEL4.1.0.1.i386.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 734ec276c3cd75bb5ccca0fa92b03216 mysql-devel-4.1.20-2.RHEL4.1.0.1.i386.rpm edf87b81ee5bba85922f32602af777a6 mysql-server-4.1.20-2.RHEL4.1.0.1.i386.rpm ia64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 45005918de77614c6cac34a5f05de7d6 mysql-4.1.20-2.RHEL4.1.0.1.ia64.rpm a50565bc6158157c1900b0299e72de28 mysql-bench-4.1.20-2.RHEL4.1.0.1.ia64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm cdcc9584cb9275230a856e45a4e321fe mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.ia64.rpm fcbc25791972f6c35dd920507079cc56 mysql-devel-4.1.20-2.RHEL4.1.0.1.ia64.rpm 8450b60c250f548bd3a53b8cad7fc192 mysql-server-4.1.20-2.RHEL4.1.0.1.ia64.rpm x86_64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm a80c2ce8d91c81a3d8026c1bab012dac mysql-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 03705e8457d35c0ce05c3953e408c597 mysql-bench-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 79f0ca34b5284acad3dac711b0a0551f mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 384af5faeeed97957d8f8e8af9ca6b21 mysql-devel-4.1.20-2.RHEL4.1.0.1.x86_64.rpm f7cd9e8bf14fd72a44f74085618bdf81 mysql-server-4.1.20-2.RHEL4.1.0.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/mysql-4.1.20-2.RHEL4.1.0.1.src.rpm bf73ef5a83928ae0d4df5e493f9352c6 mysql-4.1.20-2.RHEL4.1.0.1.src.rpm i386: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 90f871d896a8cea7ed7e283170dff773 mysql-bench-4.1.20-2.RHEL4.1.0.1.i386.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 734ec276c3cd75bb5ccca0fa92b03216 mysql-devel-4.1.20-2.RHEL4.1.0.1.i386.rpm edf87b81ee5bba85922f32602af777a6 mysql-server-4.1.20-2.RHEL4.1.0.1.i386.rpm ia64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm 45005918de77614c6cac34a5f05de7d6 mysql-4.1.20-2.RHEL4.1.0.1.ia64.rpm a50565bc6158157c1900b0299e72de28 mysql-bench-4.1.20-2.RHEL4.1.0.1.ia64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm cdcc9584cb9275230a856e45a4e321fe mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.ia64.rpm fcbc25791972f6c35dd920507079cc56 mysql-devel-4.1.20-2.RHEL4.1.0.1.ia64.rpm 8450b60c250f548bd3a53b8cad7fc192 mysql-server-4.1.20-2.RHEL4.1.0.1.ia64.rpm x86_64: 0191fdd6db1dd780d6c9bb864c9ed071 mysql-4.1.20-2.RHEL4.1.0.1.i386.rpm a80c2ce8d91c81a3d8026c1bab012dac mysql-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 03705e8457d35c0ce05c3953e408c597 mysql-bench-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 19e9c78362f7eabd0b27e2f3cd3ef0d2 mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.i386.rpm 79f0ca34b5284acad3dac711b0a0551f mysql-debuginfo-4.1.20-2.RHEL4.1.0.1.x86_64.rpm 384af5faeeed97957d8f8e8af9ca6b21 mysql-devel-4.1.20-2.RHEL4.1.0.1.x86_64.rpm f7cd9e8bf14fd72a44f74085618bdf81 mysql-server-4.1.20-2.RHEL4.1.0.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.22-2.1.0.1.src.rpm d49bb6674b342b792597a1cca27e43b1 mysql-5.0.22-2.1.0.1.src.rpm i386: d63b0a191afbde6fd4790b56d36c720e mysql-5.0.22-2.1.0.1.i386.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm x86_64: d63b0a191afbde6fd4790b56d36c720e mysql-5.0.22-2.1.0.1.i386.rpm 54c816ee45c5d905a0dbe2ddc12bb68f mysql-5.0.22-2.1.0.1.x86_64.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 399640b5a6f70f26bdab38b7be8271d9 mysql-debuginfo-5.0.22-2.1.0.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/mysql-5.0.22-2.1.0.1.src.rpm d49bb6674b342b792597a1cca27e43b1 mysql-5.0.22-2.1.0.1.src.rpm i386: 04f35fd3b93ac963ddc2a1bd716f2489 mysql-bench-5.0.22-2.1.0.1.i386.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 8d05e37bef9ed580426c839c9fa9767d mysql-devel-5.0.22-2.1.0.1.i386.rpm 63d88d2bcf90b71b6c5fca71894e75d0 mysql-server-5.0.22-2.1.0.1.i386.rpm 141dec71a068b8a44e6fbb0392b8e15f mysql-test-5.0.22-2.1.0.1.i386.rpm x86_64: 34c56af302cd4677e634969184371d11 mysql-bench-5.0.22-2.1.0.1.x86_64.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 399640b5a6f70f26bdab38b7be8271d9 mysql-debuginfo-5.0.22-2.1.0.1.x86_64.rpm 8d05e37bef9ed580426c839c9fa9767d mysql-devel-5.0.22-2.1.0.1.i386.rpm 30804cc400cf61e73d40ca97b97a48ea mysql-devel-5.0.22-2.1.0.1.x86_64.rpm ed2bc5b728d54c5853b7bd156aef33a7 mysql-server-5.0.22-2.1.0.1.x86_64.rpm bd2a62c8e6b2ba9cdf2fcae8c1a19b14 mysql-test-5.0.22-2.1.0.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/mysql-5.0.22-2.1.0.1.src.rpm d49bb6674b342b792597a1cca27e43b1 mysql-5.0.22-2.1.0.1.src.rpm i386: d63b0a191afbde6fd4790b56d36c720e mysql-5.0.22-2.1.0.1.i386.rpm 04f35fd3b93ac963ddc2a1bd716f2489 mysql-bench-5.0.22-2.1.0.1.i386.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 8d05e37bef9ed580426c839c9fa9767d mysql-devel-5.0.22-2.1.0.1.i386.rpm 63d88d2bcf90b71b6c5fca71894e75d0 mysql-server-5.0.22-2.1.0.1.i386.rpm 141dec71a068b8a44e6fbb0392b8e15f mysql-test-5.0.22-2.1.0.1.i386.rpm ia64: d63b0a191afbde6fd4790b56d36c720e mysql-5.0.22-2.1.0.1.i386.rpm 6d48c230c4bb593c1dcba6e59c7dcdc4 mysql-5.0.22-2.1.0.1.ia64.rpm b8d463b9e102a4b606fa98d2107d7241 mysql-bench-5.0.22-2.1.0.1.ia64.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 7908efd01405e305f7d7e432b9aa4f51 mysql-debuginfo-5.0.22-2.1.0.1.ia64.rpm dcda1776977e420d7eb62948477158b4 mysql-devel-5.0.22-2.1.0.1.ia64.rpm 1b46cc74f141e384295b9fc6347eac78 mysql-server-5.0.22-2.1.0.1.ia64.rpm f01e36b6679370142181fb8540f87786 mysql-test-5.0.22-2.1.0.1.ia64.rpm ppc: 006e3713690c9865fc39f51f4294a706 mysql-5.0.22-2.1.0.1.ppc.rpm 0d20f1853ff2fd8853bd189da3b247b5 mysql-5.0.22-2.1.0.1.ppc64.rpm e2770cbea01c318cb3c79f137f3e4bdf mysql-bench-5.0.22-2.1.0.1.ppc.rpm c72e1693ae082be7ff7edc9cbb31ecb8 mysql-debuginfo-5.0.22-2.1.0.1.ppc.rpm 17f6edab5d3376ecfbfa53035df1e01c mysql-debuginfo-5.0.22-2.1.0.1.ppc64.rpm 55f96a77cd5012bfe1dbb9416074f698 mysql-devel-5.0.22-2.1.0.1.ppc.rpm 380b6fa5af66edf427652e521a6dfbc1 mysql-devel-5.0.22-2.1.0.1.ppc64.rpm 202a313ace6bcf75e25a8869a9f31fe8 mysql-server-5.0.22-2.1.0.1.ppc.rpm b374f5278d806e15854813600cb87e5a mysql-test-5.0.22-2.1.0.1.ppc.rpm s390x: 44fe192826c75a98cf07ae3bb86f3b27 mysql-5.0.22-2.1.0.1.s390.rpm c0ff33805d8652a7f247a027409ff489 mysql-5.0.22-2.1.0.1.s390x.rpm be3d5f933cd713af65006951ab322bee mysql-bench-5.0.22-2.1.0.1.s390x.rpm 2c904cd8206dd46e6fbb59fd435d1e4b mysql-debuginfo-5.0.22-2.1.0.1.s390.rpm d7e1610d66f600eb87be8d756fb65067 mysql-debuginfo-5.0.22-2.1.0.1.s390x.rpm 7098965c92db8ef97dca519d9c8a87d4 mysql-devel-5.0.22-2.1.0.1.s390.rpm 8bcfdbe3b3527a88b33ab597399f1bdb mysql-devel-5.0.22-2.1.0.1.s390x.rpm 4a62233226170ff56df8dc5fcaa7da12 mysql-server-5.0.22-2.1.0.1.s390x.rpm 61be58fe063aa337926546e4054ad45c mysql-test-5.0.22-2.1.0.1.s390x.rpm x86_64: d63b0a191afbde6fd4790b56d36c720e mysql-5.0.22-2.1.0.1.i386.rpm 54c816ee45c5d905a0dbe2ddc12bb68f mysql-5.0.22-2.1.0.1.x86_64.rpm 34c56af302cd4677e634969184371d11 mysql-bench-5.0.22-2.1.0.1.x86_64.rpm 55ac25159dd33d42271ad92a94551f23 mysql-debuginfo-5.0.22-2.1.0.1.i386.rpm 399640b5a6f70f26bdab38b7be8271d9 mysql-debuginfo-5.0.22-2.1.0.1.x86_64.rpm 8d05e37bef9ed580426c839c9fa9767d mysql-devel-5.0.22-2.1.0.1.i386.rpm 30804cc400cf61e73d40ca97b97a48ea mysql-devel-5.0.22-2.1.0.1.x86_64.rpm ed2bc5b728d54c5853b7bd156aef33a7 mysql-server-5.0.22-2.1.0.1.x86_64.rpm bd2a62c8e6b2ba9cdf2fcae8c1a19b14 mysql-test-5.0.22-2.1.0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3780 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFG1sgJXlSAg2UNWIIRAsNnAJoCuo4Zn5JLubmbtRKvoCbhRL4oDwCgtrvW rA8KHDQYWU1nezssJpxK8Vk= =n3I+ -----END PGP SIGNATURE-----