From bugzilla at redhat.com Tue Feb 6 18:47:24 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 6 Feb 2007 13:47:24 -0500 Subject: [RHSA-2007:0044-01] Moderate: bind security update Message-ID: <200702061847.l16IlPbr011316@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2007:0044-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0044.html Issue date: 2007-02-06 Updated on: 2007-02-06 Product: Red Hat Enterprise Linux Keywords: named bind dnssec CVE Names: CVE-2007-0494 - --------------------------------------------------------------------- 1. Summary: Updated bind packages that fix a security issue and a bug are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: ISC BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. A flaw was found in the way BIND processed certain DNS query responses. On servers that had enabled DNSSEC validation, this could allow an remote attacker to cause a denial of service. (CVE-2007-0494) For users of Red Hat Enterprise Linux 3, the previous BIND update caused an incompatible change to the default configuration that resulted in rndc not sharing the key with the named daemon. This update corrects this bug and restores the behavior prior to that update. Updating the bind package in Red Hat Enterprise Linux 3 could result in nonfunctional configuration in case the bind-libs package was not updated. This update corrects this bug by adding the correct dependency on bind-libs. Users of BIND are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 202012 - rndc.conf change breaks working bind config 225222 - CVE-2007-0494 BIND dnssec denial of service 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/bind-9.2.1-8.EL2.src.rpm d8f23376454f32474f0e53bdbdbb5d4b bind-9.2.1-8.EL2.src.rpm i386: 1ecd0d71d82fbe8a75ff7c592ac346e0 bind-9.2.1-8.EL2.i386.rpm 6fd8e75bd3c756929a302be674e7fa97 bind-devel-9.2.1-8.EL2.i386.rpm 7b23dca5b2a20899ba12020447f403f6 bind-utils-9.2.1-8.EL2.i386.rpm ia64: 3a362d35294d9d5b6e8a62d4afa9ef26 bind-9.2.1-8.EL2.ia64.rpm ad3959b76e8b76fda231b607351b0ca1 bind-devel-9.2.1-8.EL2.ia64.rpm 93707a5cabc11ad87bc9956bffdcc44c bind-utils-9.2.1-8.EL2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/bind-9.2.1-8.EL2.src.rpm d8f23376454f32474f0e53bdbdbb5d4b bind-9.2.1-8.EL2.src.rpm ia64: 3a362d35294d9d5b6e8a62d4afa9ef26 bind-9.2.1-8.EL2.ia64.rpm ad3959b76e8b76fda231b607351b0ca1 bind-devel-9.2.1-8.EL2.ia64.rpm 93707a5cabc11ad87bc9956bffdcc44c bind-utils-9.2.1-8.EL2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/bind-9.2.1-8.EL2.src.rpm d8f23376454f32474f0e53bdbdbb5d4b bind-9.2.1-8.EL2.src.rpm i386: 1ecd0d71d82fbe8a75ff7c592ac346e0 bind-9.2.1-8.EL2.i386.rpm 6fd8e75bd3c756929a302be674e7fa97 bind-devel-9.2.1-8.EL2.i386.rpm 7b23dca5b2a20899ba12020447f403f6 bind-utils-9.2.1-8.EL2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/bind-9.2.1-8.EL2.src.rpm d8f23376454f32474f0e53bdbdbb5d4b bind-9.2.1-8.EL2.src.rpm i386: 1ecd0d71d82fbe8a75ff7c592ac346e0 bind-9.2.1-8.EL2.i386.rpm 6fd8e75bd3c756929a302be674e7fa97 bind-devel-9.2.1-8.EL2.i386.rpm 7b23dca5b2a20899ba12020447f403f6 bind-utils-9.2.1-8.EL2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/bind-9.2.4-20.EL3.src.rpm 86154451b9917da4c516c2797c62034d bind-9.2.4-20.EL3.src.rpm i386: aa9cf2d30927dc26204d40945739c711 bind-9.2.4-20.EL3.i386.rpm 7b6bdb8c6c09e8040c0545e5969833d0 bind-chroot-9.2.4-20.EL3.i386.rpm dfa2459b65f894c4359c30b2c9c561e5 bind-debuginfo-9.2.4-20.EL3.i386.rpm 0218a4b812d490f1781756ffb5335d87 bind-devel-9.2.4-20.EL3.i386.rpm b13f3a6d5b894f336e64a4555d7cc570 bind-libs-9.2.4-20.EL3.i386.rpm 1748b51a80e9b89442b206810f3d34cb bind-utils-9.2.4-20.EL3.i386.rpm ia64: 3cfdd704604a915aeb47fd55759a0bd3 bind-9.2.4-20.EL3.ia64.rpm 4353ae639bd6c8caf24f412cf7d9220a bind-chroot-9.2.4-20.EL3.ia64.rpm 0f7d4a3e48a64ce96ca276b5c1096530 bind-debuginfo-9.2.4-20.EL3.ia64.rpm d7c7669d4c4dc6c49da3c5f1d1865d3a bind-devel-9.2.4-20.EL3.ia64.rpm 179e956f5dd9d6389a57e09ee9a69f79 bind-libs-9.2.4-20.EL3.ia64.rpm eed06f490bad07b63e7bcffa4ce24076 bind-utils-9.2.4-20.EL3.ia64.rpm ppc: b657f03f423bf3dbcb7761756f2bd1a4 bind-9.2.4-20.EL3.ppc.rpm 33885a49f1f3283d4c2f76da9810ce1d bind-chroot-9.2.4-20.EL3.ppc.rpm 1de0d3172a1769e51fad19f251313737 bind-debuginfo-9.2.4-20.EL3.ppc.rpm 694359505aaa6803bd7560318e735c62 bind-devel-9.2.4-20.EL3.ppc.rpm 67543414af6e004531458a4d8a00e9c2 bind-libs-9.2.4-20.EL3.ppc.rpm 80575df758ee6d37325737eabe317392 bind-utils-9.2.4-20.EL3.ppc.rpm s390: 955078ffe299267e176767f121a373e6 bind-9.2.4-20.EL3.s390.rpm f7f65929398c5df4437a18f882d05d9b bind-chroot-9.2.4-20.EL3.s390.rpm f8c87445d3f119038e8eff40d1f88b20 bind-debuginfo-9.2.4-20.EL3.s390.rpm 268b388ee7d61930e39775d37a7243d2 bind-devel-9.2.4-20.EL3.s390.rpm 0d4232214c386ec6b7e320f0580f7667 bind-libs-9.2.4-20.EL3.s390.rpm a2a7f9a702e938d0bd592c02e402a773 bind-utils-9.2.4-20.EL3.s390.rpm s390x: 0be6b0ccce519b544f3841c083377ad5 bind-9.2.4-20.EL3.s390x.rpm 900aec59eaba438a6678e74f4f75bfa6 bind-chroot-9.2.4-20.EL3.s390x.rpm cac62bac6fb7c9b9c50ea13cd7ac79c3 bind-debuginfo-9.2.4-20.EL3.s390x.rpm 57a33e40e44cfe58917a1f1b74babac1 bind-devel-9.2.4-20.EL3.s390x.rpm 78e48aa9c917e255fbc45655e7be210e bind-libs-9.2.4-20.EL3.s390x.rpm 8d86be29736fc979594b7200ffc281f8 bind-utils-9.2.4-20.EL3.s390x.rpm x86_64: faf9aa94d6a15e02770e705173203e24 bind-9.2.4-20.EL3.x86_64.rpm ce8c3b43e5fd310a5a8b17523e16feb4 bind-chroot-9.2.4-20.EL3.x86_64.rpm cd4dfb09cc28fea3b4f9db03e07683b0 bind-debuginfo-9.2.4-20.EL3.x86_64.rpm e28df6b0fa20cccd0ef2831c7bcd2616 bind-devel-9.2.4-20.EL3.x86_64.rpm 9bd2134f9d5b9b926b864aee75bbbb6f bind-libs-9.2.4-20.EL3.x86_64.rpm 6af11c62abf53246aa2a94e2b4f6d2f4 bind-utils-9.2.4-20.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/bind-9.2.4-20.EL3.src.rpm 86154451b9917da4c516c2797c62034d bind-9.2.4-20.EL3.src.rpm i386: aa9cf2d30927dc26204d40945739c711 bind-9.2.4-20.EL3.i386.rpm 7b6bdb8c6c09e8040c0545e5969833d0 bind-chroot-9.2.4-20.EL3.i386.rpm dfa2459b65f894c4359c30b2c9c561e5 bind-debuginfo-9.2.4-20.EL3.i386.rpm 0218a4b812d490f1781756ffb5335d87 bind-devel-9.2.4-20.EL3.i386.rpm b13f3a6d5b894f336e64a4555d7cc570 bind-libs-9.2.4-20.EL3.i386.rpm 1748b51a80e9b89442b206810f3d34cb bind-utils-9.2.4-20.EL3.i386.rpm x86_64: faf9aa94d6a15e02770e705173203e24 bind-9.2.4-20.EL3.x86_64.rpm ce8c3b43e5fd310a5a8b17523e16feb4 bind-chroot-9.2.4-20.EL3.x86_64.rpm cd4dfb09cc28fea3b4f9db03e07683b0 bind-debuginfo-9.2.4-20.EL3.x86_64.rpm e28df6b0fa20cccd0ef2831c7bcd2616 bind-devel-9.2.4-20.EL3.x86_64.rpm 9bd2134f9d5b9b926b864aee75bbbb6f bind-libs-9.2.4-20.EL3.x86_64.rpm 6af11c62abf53246aa2a94e2b4f6d2f4 bind-utils-9.2.4-20.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/bind-9.2.4-20.EL3.src.rpm 86154451b9917da4c516c2797c62034d bind-9.2.4-20.EL3.src.rpm i386: aa9cf2d30927dc26204d40945739c711 bind-9.2.4-20.EL3.i386.rpm 7b6bdb8c6c09e8040c0545e5969833d0 bind-chroot-9.2.4-20.EL3.i386.rpm dfa2459b65f894c4359c30b2c9c561e5 bind-debuginfo-9.2.4-20.EL3.i386.rpm 0218a4b812d490f1781756ffb5335d87 bind-devel-9.2.4-20.EL3.i386.rpm b13f3a6d5b894f336e64a4555d7cc570 bind-libs-9.2.4-20.EL3.i386.rpm 1748b51a80e9b89442b206810f3d34cb bind-utils-9.2.4-20.EL3.i386.rpm ia64: 3cfdd704604a915aeb47fd55759a0bd3 bind-9.2.4-20.EL3.ia64.rpm 4353ae639bd6c8caf24f412cf7d9220a bind-chroot-9.2.4-20.EL3.ia64.rpm 0f7d4a3e48a64ce96ca276b5c1096530 bind-debuginfo-9.2.4-20.EL3.ia64.rpm d7c7669d4c4dc6c49da3c5f1d1865d3a bind-devel-9.2.4-20.EL3.ia64.rpm 179e956f5dd9d6389a57e09ee9a69f79 bind-libs-9.2.4-20.EL3.ia64.rpm eed06f490bad07b63e7bcffa4ce24076 bind-utils-9.2.4-20.EL3.ia64.rpm x86_64: faf9aa94d6a15e02770e705173203e24 bind-9.2.4-20.EL3.x86_64.rpm ce8c3b43e5fd310a5a8b17523e16feb4 bind-chroot-9.2.4-20.EL3.x86_64.rpm cd4dfb09cc28fea3b4f9db03e07683b0 bind-debuginfo-9.2.4-20.EL3.x86_64.rpm e28df6b0fa20cccd0ef2831c7bcd2616 bind-devel-9.2.4-20.EL3.x86_64.rpm 9bd2134f9d5b9b926b864aee75bbbb6f bind-libs-9.2.4-20.EL3.x86_64.rpm 6af11c62abf53246aa2a94e2b4f6d2f4 bind-utils-9.2.4-20.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/bind-9.2.4-20.EL3.src.rpm 86154451b9917da4c516c2797c62034d bind-9.2.4-20.EL3.src.rpm i386: aa9cf2d30927dc26204d40945739c711 bind-9.2.4-20.EL3.i386.rpm 7b6bdb8c6c09e8040c0545e5969833d0 bind-chroot-9.2.4-20.EL3.i386.rpm dfa2459b65f894c4359c30b2c9c561e5 bind-debuginfo-9.2.4-20.EL3.i386.rpm 0218a4b812d490f1781756ffb5335d87 bind-devel-9.2.4-20.EL3.i386.rpm b13f3a6d5b894f336e64a4555d7cc570 bind-libs-9.2.4-20.EL3.i386.rpm 1748b51a80e9b89442b206810f3d34cb bind-utils-9.2.4-20.EL3.i386.rpm ia64: 3cfdd704604a915aeb47fd55759a0bd3 bind-9.2.4-20.EL3.ia64.rpm 4353ae639bd6c8caf24f412cf7d9220a bind-chroot-9.2.4-20.EL3.ia64.rpm 0f7d4a3e48a64ce96ca276b5c1096530 bind-debuginfo-9.2.4-20.EL3.ia64.rpm d7c7669d4c4dc6c49da3c5f1d1865d3a bind-devel-9.2.4-20.EL3.ia64.rpm 179e956f5dd9d6389a57e09ee9a69f79 bind-libs-9.2.4-20.EL3.ia64.rpm eed06f490bad07b63e7bcffa4ce24076 bind-utils-9.2.4-20.EL3.ia64.rpm x86_64: faf9aa94d6a15e02770e705173203e24 bind-9.2.4-20.EL3.x86_64.rpm ce8c3b43e5fd310a5a8b17523e16feb4 bind-chroot-9.2.4-20.EL3.x86_64.rpm cd4dfb09cc28fea3b4f9db03e07683b0 bind-debuginfo-9.2.4-20.EL3.x86_64.rpm e28df6b0fa20cccd0ef2831c7bcd2616 bind-devel-9.2.4-20.EL3.x86_64.rpm 9bd2134f9d5b9b926b864aee75bbbb6f bind-libs-9.2.4-20.EL3.x86_64.rpm 6af11c62abf53246aa2a94e2b4f6d2f4 bind-utils-9.2.4-20.EL3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/bind-9.2.4-24.EL4.src.rpm b24bb090564eed7ebe3912aa09b2afe8 bind-9.2.4-24.EL4.src.rpm i386: e02951cd8d9f0b20eba6102f1ef00a63 bind-9.2.4-24.EL4.i386.rpm c9bb30b159f43872a80990707ea36cc5 bind-chroot-9.2.4-24.EL4.i386.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 310db855329308d52a4d14be04c46367 bind-devel-9.2.4-24.EL4.i386.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm d25aa4b19ca25ac900feb4bdf82a3d15 bind-utils-9.2.4-24.EL4.i386.rpm ia64: 084a024f66924681ed5f901478c7faf0 bind-9.2.4-24.EL4.ia64.rpm 4e0ebc0073e63d6b644bf4117fa5e693 bind-chroot-9.2.4-24.EL4.ia64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 1c0b2f86d522f8c2e9d12967e24909da bind-debuginfo-9.2.4-24.EL4.ia64.rpm 0068fdfc7da9d7fbcac3acf3df08930d bind-devel-9.2.4-24.EL4.ia64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm e6c70d9194dace735807704654921f5c bind-libs-9.2.4-24.EL4.ia64.rpm 05e0546d57ce1b8aaeeb28bdcb180227 bind-utils-9.2.4-24.EL4.ia64.rpm ppc: c7c4c90d28e3e128492e6f4a5456a46f bind-9.2.4-24.EL4.ppc.rpm c324cc605d72559965f81171dff2a6a7 bind-chroot-9.2.4-24.EL4.ppc.rpm 8b1f474b65316c68dbae4b718b00f7a7 bind-debuginfo-9.2.4-24.EL4.ppc.rpm 614ebb698a29d043cb5613e04c48315a bind-debuginfo-9.2.4-24.EL4.ppc64.rpm 86dc14e14766c665cee3b0df918cce30 bind-devel-9.2.4-24.EL4.ppc.rpm 06d83702b8b980ec2f4de4a9ae00d214 bind-libs-9.2.4-24.EL4.ppc.rpm 3158cf6bdc227f10477e5fcad06477a1 bind-libs-9.2.4-24.EL4.ppc64.rpm e040c41481d056ab39004c1adb76fc72 bind-utils-9.2.4-24.EL4.ppc.rpm s390: 9c7e2e5caecfb4f0fba6206feca653f9 bind-9.2.4-24.EL4.s390.rpm 7eb1bf234761567f869bff912d940a41 bind-chroot-9.2.4-24.EL4.s390.rpm 7fc1e58d1a0d1bf6188f867bda8c8241 bind-debuginfo-9.2.4-24.EL4.s390.rpm 431bb0c9c0dbcb602bc17185e03eeb9b bind-devel-9.2.4-24.EL4.s390.rpm 2ce9af4352ce0dc7219cb5be563ab0f5 bind-libs-9.2.4-24.EL4.s390.rpm 32f69d8c58f97cf24dff193828da022b bind-utils-9.2.4-24.EL4.s390.rpm s390x: 30c5d48974ac46890c0097e01cec7e6d bind-9.2.4-24.EL4.s390x.rpm b8e1b3dc11809820cd531f021418d8fc bind-chroot-9.2.4-24.EL4.s390x.rpm 7fc1e58d1a0d1bf6188f867bda8c8241 bind-debuginfo-9.2.4-24.EL4.s390.rpm 9b85730bd941ceb2e705576ce93753de bind-debuginfo-9.2.4-24.EL4.s390x.rpm c97be39876b59a90415d4887e11f8116 bind-devel-9.2.4-24.EL4.s390x.rpm 2ce9af4352ce0dc7219cb5be563ab0f5 bind-libs-9.2.4-24.EL4.s390.rpm 4cc6444b475baa074b389b2d77fa2a3a bind-libs-9.2.4-24.EL4.s390x.rpm b99e3793a36691cd03b04b71af4aaef0 bind-utils-9.2.4-24.EL4.s390x.rpm x86_64: bc0d3418346e09497bb182087e755fd4 bind-9.2.4-24.EL4.x86_64.rpm 1486a89146bb82bb4b7b4b0fe5b4c13e bind-chroot-9.2.4-24.EL4.x86_64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm a5c4110d8fa344486aae996ce996cd1b bind-debuginfo-9.2.4-24.EL4.x86_64.rpm 04425eb5c43c0c272f4afc41bc441bd1 bind-devel-9.2.4-24.EL4.x86_64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm 6c45d578e492b8bd79b5ce6996e95374 bind-libs-9.2.4-24.EL4.x86_64.rpm 47ac06d9cf2d56985f0baaf155f9e472 bind-utils-9.2.4-24.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/bind-9.2.4-24.EL4.src.rpm b24bb090564eed7ebe3912aa09b2afe8 bind-9.2.4-24.EL4.src.rpm i386: e02951cd8d9f0b20eba6102f1ef00a63 bind-9.2.4-24.EL4.i386.rpm c9bb30b159f43872a80990707ea36cc5 bind-chroot-9.2.4-24.EL4.i386.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 310db855329308d52a4d14be04c46367 bind-devel-9.2.4-24.EL4.i386.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm d25aa4b19ca25ac900feb4bdf82a3d15 bind-utils-9.2.4-24.EL4.i386.rpm x86_64: bc0d3418346e09497bb182087e755fd4 bind-9.2.4-24.EL4.x86_64.rpm 1486a89146bb82bb4b7b4b0fe5b4c13e bind-chroot-9.2.4-24.EL4.x86_64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm a5c4110d8fa344486aae996ce996cd1b bind-debuginfo-9.2.4-24.EL4.x86_64.rpm 04425eb5c43c0c272f4afc41bc441bd1 bind-devel-9.2.4-24.EL4.x86_64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm 6c45d578e492b8bd79b5ce6996e95374 bind-libs-9.2.4-24.EL4.x86_64.rpm 47ac06d9cf2d56985f0baaf155f9e472 bind-utils-9.2.4-24.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/bind-9.2.4-24.EL4.src.rpm b24bb090564eed7ebe3912aa09b2afe8 bind-9.2.4-24.EL4.src.rpm i386: e02951cd8d9f0b20eba6102f1ef00a63 bind-9.2.4-24.EL4.i386.rpm c9bb30b159f43872a80990707ea36cc5 bind-chroot-9.2.4-24.EL4.i386.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 310db855329308d52a4d14be04c46367 bind-devel-9.2.4-24.EL4.i386.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm d25aa4b19ca25ac900feb4bdf82a3d15 bind-utils-9.2.4-24.EL4.i386.rpm ia64: 084a024f66924681ed5f901478c7faf0 bind-9.2.4-24.EL4.ia64.rpm 4e0ebc0073e63d6b644bf4117fa5e693 bind-chroot-9.2.4-24.EL4.ia64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 1c0b2f86d522f8c2e9d12967e24909da bind-debuginfo-9.2.4-24.EL4.ia64.rpm 0068fdfc7da9d7fbcac3acf3df08930d bind-devel-9.2.4-24.EL4.ia64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm e6c70d9194dace735807704654921f5c bind-libs-9.2.4-24.EL4.ia64.rpm 05e0546d57ce1b8aaeeb28bdcb180227 bind-utils-9.2.4-24.EL4.ia64.rpm x86_64: bc0d3418346e09497bb182087e755fd4 bind-9.2.4-24.EL4.x86_64.rpm 1486a89146bb82bb4b7b4b0fe5b4c13e bind-chroot-9.2.4-24.EL4.x86_64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm a5c4110d8fa344486aae996ce996cd1b bind-debuginfo-9.2.4-24.EL4.x86_64.rpm 04425eb5c43c0c272f4afc41bc441bd1 bind-devel-9.2.4-24.EL4.x86_64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm 6c45d578e492b8bd79b5ce6996e95374 bind-libs-9.2.4-24.EL4.x86_64.rpm 47ac06d9cf2d56985f0baaf155f9e472 bind-utils-9.2.4-24.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/bind-9.2.4-24.EL4.src.rpm b24bb090564eed7ebe3912aa09b2afe8 bind-9.2.4-24.EL4.src.rpm i386: e02951cd8d9f0b20eba6102f1ef00a63 bind-9.2.4-24.EL4.i386.rpm c9bb30b159f43872a80990707ea36cc5 bind-chroot-9.2.4-24.EL4.i386.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 310db855329308d52a4d14be04c46367 bind-devel-9.2.4-24.EL4.i386.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm d25aa4b19ca25ac900feb4bdf82a3d15 bind-utils-9.2.4-24.EL4.i386.rpm ia64: 084a024f66924681ed5f901478c7faf0 bind-9.2.4-24.EL4.ia64.rpm 4e0ebc0073e63d6b644bf4117fa5e693 bind-chroot-9.2.4-24.EL4.ia64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm 1c0b2f86d522f8c2e9d12967e24909da bind-debuginfo-9.2.4-24.EL4.ia64.rpm 0068fdfc7da9d7fbcac3acf3df08930d bind-devel-9.2.4-24.EL4.ia64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm e6c70d9194dace735807704654921f5c bind-libs-9.2.4-24.EL4.ia64.rpm 05e0546d57ce1b8aaeeb28bdcb180227 bind-utils-9.2.4-24.EL4.ia64.rpm x86_64: bc0d3418346e09497bb182087e755fd4 bind-9.2.4-24.EL4.x86_64.rpm 1486a89146bb82bb4b7b4b0fe5b4c13e bind-chroot-9.2.4-24.EL4.x86_64.rpm 6994110b5ebb27d87da059595c55b43f bind-debuginfo-9.2.4-24.EL4.i386.rpm a5c4110d8fa344486aae996ce996cd1b bind-debuginfo-9.2.4-24.EL4.x86_64.rpm 04425eb5c43c0c272f4afc41bc441bd1 bind-devel-9.2.4-24.EL4.x86_64.rpm e48227ce06d2db58b624df3d5110954b bind-libs-9.2.4-24.EL4.i386.rpm 6c45d578e492b8bd79b5ce6996e95374 bind-libs-9.2.4-24.EL4.x86_64.rpm 47ac06d9cf2d56985f0baaf155f9e472 bind-utils-9.2.4-24.EL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0494 http://marc.theaimsgroup.com/?l=bind-announce&m=116968519300764 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFyM0bXlSAg2UNWIIRAgMkAJ9CGEYJwmm7FCmaxXbw78LrLLDCfQCdExTL oOi5NR0zEOGPi2gCvJR2SP0= =gDy2 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 7 20:00:13 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 7 Feb 2007 15:00:13 -0500 Subject: [RHSA-2007:0062-02] Critical: java-1.4.2-ibm security update Message-ID: <200702072000.l17K0FiL020416@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: java-1.4.2-ibm security update Advisory ID: RHSA-2007:0062-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0062.html Issue date: 2007-02-07 Updated on: 2007-02-07 Product: Red Hat Enterprise Linux Extras CVE Names: CVE-2006-4339 CVE-2006-6731 CVE-2006-6736 CVE-2006-6737 CVE-2006-6745 - --------------------------------------------------------------------- 1. Summary: Updated java-1.4.2-ibm packages to correct several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, ia64, x86_64 3. Problem description: IBM's 1.4.2 SR7 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. A number of security issues were found: Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Serialization flaws were discovered in the Java Runtime Environment. An untrusted applet or application could use these flaws to elevate its privileges. (CVE-2006-6745) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of java-1.4.2-ibm should upgrade to these updated packages, which contain IBM's 1.4.2 SR7 Java release which resolves these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 226981 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6745 CVE-2006-6731 CVE-2006-4339) 226984 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6745 CVE-2006-6731 CVE-2006-4339) 6. RPMs required: Red Hat Enterprise Linux AS version 3 Extras: i386: e7450b145da72cd7df3d7b9eabb672dc java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm a0658fd7cf3543965f2b6a3ff7a675ae java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm 32f05440f20c1f7a45736beba22d7bd2 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm 8c664c87d87efd40e937b9ad2ae659d5 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm 9174b55fd33680c3eaa09c2def109753 java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm 395153b4b890249469b8e1f18673f66d java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm ia64: 9571ca41f69035894760e4e9e6de61a1 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm 6cce9e4c37e6bc1b52e2201bad040ac0 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm e0dd38c2639885d1ccf964cf4e045289 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm 6e859d8ca4885c93cf08ff4d22e10b0f java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm ppc: 69ded60046e91ba9348ccff2e52ebf17 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ppc.rpm 550284dbfa734add72eca30901d83c1f java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ppc.rpm 9aa5ee3ec845826d39af26f6883f3a1b java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ppc.rpm 244ca4300d6836baedda66db772fc496 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.ppc.rpm c73781419d273f37f97d8ce82b311e06 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ppc.rpm s390: 75cd8c41222044a08be04ee95cac3a69 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.s390.rpm d9515b48f0e376124b95f863a0e119b1 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.s390.rpm 7ab30161aa45ba80855b0d2e076d26c7 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.s390.rpm 9e6b279d59ca128a8dbd13d3d606c9fe java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.s390.rpm a4bb1c49be860aab8e93b19a8176ff6c java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.s390.rpm s390x: 12c5031365228f5f19eee8a215ef9ee4 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.s390x.rpm 8409692fe20686679d58f612d717e40a java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.s390x.rpm d2d32c3276a9c00ac4734a2a8f1ffb96 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.s390x.rpm 8a16cefe0fbb4f8247759f09cdcf6785 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.s390x.rpm x86_64: 82547c355444694fd0b2b8dbb6287a12 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm 0d47bf67675dfee8814d9f5cbd430f35 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm 120deecf68b62f7263bcebbd65c6bd89 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm 7be9dc42fac394d88d3b0692e8b55d88 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm Red Hat Desktop version 3 Extras: i386: e7450b145da72cd7df3d7b9eabb672dc java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm a0658fd7cf3543965f2b6a3ff7a675ae java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm 32f05440f20c1f7a45736beba22d7bd2 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm 8c664c87d87efd40e937b9ad2ae659d5 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm 9174b55fd33680c3eaa09c2def109753 java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm 395153b4b890249469b8e1f18673f66d java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm x86_64: 82547c355444694fd0b2b8dbb6287a12 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm 0d47bf67675dfee8814d9f5cbd430f35 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm 120deecf68b62f7263bcebbd65c6bd89 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm 7be9dc42fac394d88d3b0692e8b55d88 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3 Extras: i386: e7450b145da72cd7df3d7b9eabb672dc java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm a0658fd7cf3543965f2b6a3ff7a675ae java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm 32f05440f20c1f7a45736beba22d7bd2 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm 8c664c87d87efd40e937b9ad2ae659d5 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm 9174b55fd33680c3eaa09c2def109753 java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm 395153b4b890249469b8e1f18673f66d java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm ia64: 9571ca41f69035894760e4e9e6de61a1 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm 6cce9e4c37e6bc1b52e2201bad040ac0 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm e0dd38c2639885d1ccf964cf4e045289 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm 6e859d8ca4885c93cf08ff4d22e10b0f java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm x86_64: 82547c355444694fd0b2b8dbb6287a12 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm 0d47bf67675dfee8814d9f5cbd430f35 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm 120deecf68b62f7263bcebbd65c6bd89 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm 7be9dc42fac394d88d3b0692e8b55d88 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3 Extras: i386: e7450b145da72cd7df3d7b9eabb672dc java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.i386.rpm a0658fd7cf3543965f2b6a3ff7a675ae java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.i386.rpm 32f05440f20c1f7a45736beba22d7bd2 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.i386.rpm 8c664c87d87efd40e937b9ad2ae659d5 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el3.i386.rpm 9174b55fd33680c3eaa09c2def109753 java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el3.i386.rpm 395153b4b890249469b8e1f18673f66d java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.i386.rpm ia64: 9571ca41f69035894760e4e9e6de61a1 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.ia64.rpm 6cce9e4c37e6bc1b52e2201bad040ac0 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.ia64.rpm e0dd38c2639885d1ccf964cf4e045289 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.ia64.rpm 6e859d8ca4885c93cf08ff4d22e10b0f java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.ia64.rpm x86_64: 82547c355444694fd0b2b8dbb6287a12 java-1.4.2-ibm-1.4.2.7-1jpp.4.el3.x86_64.rpm 0d47bf67675dfee8814d9f5cbd430f35 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el3.x86_64.rpm 120deecf68b62f7263bcebbd65c6bd89 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el3.x86_64.rpm 7be9dc42fac394d88d3b0692e8b55d88 java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4 Extras: i386: b7264df6d752971972379c417acdd542 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm c74450baebca6f946e30e75f38675e15 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm 5e28c4902e574860651c603b26f8e437 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm 130198d2be48375779e309cd7aa9ddcd java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm 76f4fe9ec6e40c550d04ba215b56649a java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm 06f53b5223f6cb0989eb6d2c1c709ace java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm 3937cebe4d2430437d8376c071ff3f6e java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm ia64: 91095470fd69f0f9d7632236120e7d0a java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm 971f88fbd24d4bc41f20291aa4386347 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm 40425175a220f0f780eb5dca44dfa55e java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm 753c21317025a630423d2c205968c1ea java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm ppc: d6df0373e049ef2b4603b7ae51d133a3 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ppc.rpm b2c6b236dafbb63472bd3fce88593fb6 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ppc.rpm 09c905c7b0997db62830bc2cb0c087f4 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ppc.rpm 2d75e1570dcf7d9bd40ade448a652583 java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.ppc.rpm c0a9a08712bc162e66ecd4c21962c083 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.ppc.rpm 6fb51c79625fc5e7d2e0657211dc372c java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ppc.rpm s390: 1047e8cd790022fb4d4a9e4e51689d89 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.s390.rpm cbf3ee99f0d886ee7b286bfc327fa33e java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.s390.rpm f5bd779019897c4d7acaca6db3ec3ddf java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.s390.rpm e85b10f20043b11acc4143dfb23da242 java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.s390.rpm 9f86a4f4e4a7d0a774e3e720c2a3ebfb java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.s390.rpm s390x: c5d86501250a1bc8626b1a9840f2ef0a java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.s390x.rpm d900d6335508f7ec99262ad8e76b35dc java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.s390x.rpm 5e0d2f22106c6737eba6ebed99ed63b4 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.s390x.rpm c5f5a4b28adf551cffc4a3872b65420c java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.s390x.rpm x86_64: e0efba6fedf580dc163d3363f1f58f9d java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm 7d2ea6f7b85d9b6679418735388463bd java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm 04ca69cd86facb7e6da94dca5f7c4741 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm 6686e763dbe66aa089d9f5952af474af java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm e6ac211159748fac80c30ea6838b769a java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: b7264df6d752971972379c417acdd542 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm c74450baebca6f946e30e75f38675e15 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm 5e28c4902e574860651c603b26f8e437 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm 130198d2be48375779e309cd7aa9ddcd java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm 76f4fe9ec6e40c550d04ba215b56649a java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm 06f53b5223f6cb0989eb6d2c1c709ace java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm 3937cebe4d2430437d8376c071ff3f6e java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm x86_64: e0efba6fedf580dc163d3363f1f58f9d java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm 7d2ea6f7b85d9b6679418735388463bd java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm 04ca69cd86facb7e6da94dca5f7c4741 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm 6686e763dbe66aa089d9f5952af474af java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm e6ac211159748fac80c30ea6838b769a java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: b7264df6d752971972379c417acdd542 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm c74450baebca6f946e30e75f38675e15 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm 5e28c4902e574860651c603b26f8e437 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm 130198d2be48375779e309cd7aa9ddcd java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm 76f4fe9ec6e40c550d04ba215b56649a java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm 06f53b5223f6cb0989eb6d2c1c709ace java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm 3937cebe4d2430437d8376c071ff3f6e java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm ia64: 91095470fd69f0f9d7632236120e7d0a java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm 971f88fbd24d4bc41f20291aa4386347 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm 40425175a220f0f780eb5dca44dfa55e java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm 753c21317025a630423d2c205968c1ea java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm x86_64: e0efba6fedf580dc163d3363f1f58f9d java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm 7d2ea6f7b85d9b6679418735388463bd java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm 04ca69cd86facb7e6da94dca5f7c4741 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm 6686e763dbe66aa089d9f5952af474af java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm e6ac211159748fac80c30ea6838b769a java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: b7264df6d752971972379c417acdd542 java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.i386.rpm c74450baebca6f946e30e75f38675e15 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.i386.rpm 5e28c4902e574860651c603b26f8e437 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.i386.rpm 130198d2be48375779e309cd7aa9ddcd java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.i386.rpm 76f4fe9ec6e40c550d04ba215b56649a java-1.4.2-ibm-jdbc-1.4.2.7-1jpp.4.el4.i386.rpm 06f53b5223f6cb0989eb6d2c1c709ace java-1.4.2-ibm-plugin-1.4.2.7-1jpp.4.el4.i386.rpm 3937cebe4d2430437d8376c071ff3f6e java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.i386.rpm ia64: 91095470fd69f0f9d7632236120e7d0a java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.ia64.rpm 971f88fbd24d4bc41f20291aa4386347 java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.ia64.rpm 40425175a220f0f780eb5dca44dfa55e java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.ia64.rpm 753c21317025a630423d2c205968c1ea java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.ia64.rpm x86_64: e0efba6fedf580dc163d3363f1f58f9d java-1.4.2-ibm-1.4.2.7-1jpp.4.el4.x86_64.rpm 7d2ea6f7b85d9b6679418735388463bd java-1.4.2-ibm-demo-1.4.2.7-1jpp.4.el4.x86_64.rpm 04ca69cd86facb7e6da94dca5f7c4741 java-1.4.2-ibm-devel-1.4.2.7-1jpp.4.el4.x86_64.rpm 6686e763dbe66aa089d9f5952af474af java-1.4.2-ibm-javacomm-1.4.2.7-1jpp.4.el4.x86_64.rpm e6ac211159748fac80c30ea6838b769a java-1.4.2-ibm-src-1.4.2.7-1jpp.4.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6745 http://www-128.ibm.com/developerworks/java/jdk/alerts/ http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFyi+8XlSAg2UNWIIRAqxmAJ9kUQbmruGzvYg2ETmG7UpixwOqfACgwsU5 OaUT+XxVODUOQakqcyikbH4= =t+i5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 7 20:00:51 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 7 Feb 2007 15:00:51 -0500 Subject: [RHSA-2007:0064-01] Moderate: postgresql security update Message-ID: <200702072001.l17K11c1020515@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2007:0064-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0064.html Issue date: 2007-02-07 Updated on: 2007-02-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-5540 CVE-2007-0555 - --------------------------------------------------------------------- 1. Summary: Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of commands which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user would need to have permissions to drop and add database tables to be able to exploit this issue (CVE-2007-0555). A denial of service flaw was found affecting the PostgreSQL server running on Red Hat Enterprise Linux 4 systems. An authenticated user could execute an SQL command which could crash the PostgreSQL server. (CVE-2006-5540) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 7.4.16 or 7.3.18, which correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 212358 - CVE-2006-5540 New version fixes three different crash vulnerabilities 225493 - CVE-2007-0555 PostgreSQL arbitrary memory read flaw 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rh-postgresql-7.3.18-1.src.rpm 3275a2557c4ad39c9c9f53cc76e5f7bc rh-postgresql-7.3.18-1.src.rpm i386: 07bfd36f8e45296c5b4e33d615ee9343 rh-postgresql-7.3.18-1.i386.rpm dc21c7da6c845058294585502f631420 rh-postgresql-contrib-7.3.18-1.i386.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm f62cfeac0ff29d1d32faf896718e5f2e rh-postgresql-devel-7.3.18-1.i386.rpm 87dffab9c50b6e2409fc797d32e64a5e rh-postgresql-docs-7.3.18-1.i386.rpm 2aaadefdf7b6cda3617abede5fa4a763 rh-postgresql-jdbc-7.3.18-1.i386.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm f8d5e41ebcf932af8a1e040d0783a210 rh-postgresql-pl-7.3.18-1.i386.rpm d32d4ffce4ae666c3bbb448ede1388c2 rh-postgresql-python-7.3.18-1.i386.rpm 94576318c381fee5d6b430414f469609 rh-postgresql-server-7.3.18-1.i386.rpm 6d489d71e7e330363297b491cdf47f54 rh-postgresql-tcl-7.3.18-1.i386.rpm 0182f21585ad849e276648b2bc82cdac rh-postgresql-test-7.3.18-1.i386.rpm ia64: 3aa0bb037fcf18b83ddf9002256d8ecc rh-postgresql-7.3.18-1.ia64.rpm 45e3b1fc6850b257071934b1edcdc8e9 rh-postgresql-contrib-7.3.18-1.ia64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm d09929204400d5f2aa128daa46ccf6e4 rh-postgresql-debuginfo-7.3.18-1.ia64.rpm 8483a2e5a04b6a0254657d7e09d53600 rh-postgresql-devel-7.3.18-1.ia64.rpm e88384674c0a7c03a6ecdad56183756f rh-postgresql-docs-7.3.18-1.ia64.rpm a07adee41977e353df00b60667b57122 rh-postgresql-jdbc-7.3.18-1.ia64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 7d680b89fbb6fc1cb04f1af0cc024d47 rh-postgresql-libs-7.3.18-1.ia64.rpm 69d1e056d772e5c4aaef43b0b3b9fe31 rh-postgresql-pl-7.3.18-1.ia64.rpm 103492f6397b850f60aa2716c7cc8fc2 rh-postgresql-python-7.3.18-1.ia64.rpm b9de4dfaf45f2ac9e628b58b28738eed rh-postgresql-server-7.3.18-1.ia64.rpm 1e4a962996cbe5ae9a51e7d0aa043c9f rh-postgresql-tcl-7.3.18-1.ia64.rpm 93c1c209fd0b6bdc803c2efad52ba084 rh-postgresql-test-7.3.18-1.ia64.rpm ppc: 6ac35c71017f2cfa4f28d89c09e72226 rh-postgresql-7.3.18-1.ppc.rpm bd0e549be7d5d4a4a5fa6d6beeb47029 rh-postgresql-contrib-7.3.18-1.ppc.rpm 4d5d9b244a12462edd63bb4cc582d8e2 rh-postgresql-debuginfo-7.3.18-1.ppc.rpm b840e7408c505deefd0db60b0c1c655b rh-postgresql-devel-7.3.18-1.ppc.rpm ce9c55c776b4860dc031911582d9463c rh-postgresql-docs-7.3.18-1.ppc.rpm 7893fd579ea46d40a4a48d44e1ed665a rh-postgresql-jdbc-7.3.18-1.ppc.rpm 6f0c68a0fa42598d3e60cad1ab966935 rh-postgresql-libs-7.3.18-1.ppc.rpm 046afb031ed44ebbe2bc8f5e86c2269e rh-postgresql-libs-7.3.18-1.ppc64.rpm 3921950f1290649247cca74b0eb299a8 rh-postgresql-pl-7.3.18-1.ppc.rpm 1fc2ad9440e30ded50ce9a4fdc3b9bcb rh-postgresql-python-7.3.18-1.ppc.rpm 3a48d916575f5566ffcdd4233c2e3b63 rh-postgresql-server-7.3.18-1.ppc.rpm bb939e05eded435ffdbbff5837f5459e rh-postgresql-tcl-7.3.18-1.ppc.rpm cc57d8e7434c590c6a7c267311975000 rh-postgresql-test-7.3.18-1.ppc.rpm s390: e339da66604d31ed3b70987903e07bc8 rh-postgresql-7.3.18-1.s390.rpm 2b7ff072f02a34687d5b47300de65448 rh-postgresql-contrib-7.3.18-1.s390.rpm d71efd6d63373870509418a77f5f6894 rh-postgresql-debuginfo-7.3.18-1.s390.rpm c6bd20f30874d92e160db6c4421b0c77 rh-postgresql-devel-7.3.18-1.s390.rpm b8f04e2c1855d1e6d00bed1221c27521 rh-postgresql-docs-7.3.18-1.s390.rpm 72cca384288384cfb53bdd31b4ec3472 rh-postgresql-jdbc-7.3.18-1.s390.rpm a6c232bd32c4dcb4ff80f202e0bb86ce rh-postgresql-libs-7.3.18-1.s390.rpm 04822d3c08b5a097857035dd58058284 rh-postgresql-pl-7.3.18-1.s390.rpm 7eca3b4295d74d773b189d0b021b03a4 rh-postgresql-python-7.3.18-1.s390.rpm cb24f0a2ae8c38a4d3f5edb779617fe3 rh-postgresql-server-7.3.18-1.s390.rpm 08ea17c6b7969f316600e6d5c5e048d1 rh-postgresql-tcl-7.3.18-1.s390.rpm 3c0facbe7839ebbd615f85fb4c1aca94 rh-postgresql-test-7.3.18-1.s390.rpm s390x: 14610f392373b2e1cde02782f32dae23 rh-postgresql-7.3.18-1.s390x.rpm 24320ea621e93a2357f6e3415d7804b3 rh-postgresql-contrib-7.3.18-1.s390x.rpm d71efd6d63373870509418a77f5f6894 rh-postgresql-debuginfo-7.3.18-1.s390.rpm 9c2f1d72376fa832d228503740abc1b5 rh-postgresql-debuginfo-7.3.18-1.s390x.rpm c31c10e961898faeb1ecb686e069d3a6 rh-postgresql-devel-7.3.18-1.s390x.rpm 1940862772f62ca6a739c6b3cde2edb2 rh-postgresql-docs-7.3.18-1.s390x.rpm 7c2190860d001d526c65cb6476dbafe7 rh-postgresql-jdbc-7.3.18-1.s390x.rpm a6c232bd32c4dcb4ff80f202e0bb86ce rh-postgresql-libs-7.3.18-1.s390.rpm a491f499ccd820f63ad35abbc0976998 rh-postgresql-libs-7.3.18-1.s390x.rpm bceaae154f09010c9ab8fa7387c41a36 rh-postgresql-pl-7.3.18-1.s390x.rpm b63a46c9d1ae837ee416a61e0953e6cc rh-postgresql-python-7.3.18-1.s390x.rpm af38a1cf8ae0263a8965ae77a345e8fd rh-postgresql-server-7.3.18-1.s390x.rpm 9df5b9f6449445908fc2ea088349d2ff rh-postgresql-tcl-7.3.18-1.s390x.rpm 37ab83f9e7336a5395a5641f0cb7a555 rh-postgresql-test-7.3.18-1.s390x.rpm x86_64: 76a3183d01aee92e304fc2871926cb79 rh-postgresql-7.3.18-1.x86_64.rpm 8f7eecfe5647a8b21c5a2326619847a3 rh-postgresql-contrib-7.3.18-1.x86_64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm 7d1f1a164bbcd561e2d56c6832381aac rh-postgresql-debuginfo-7.3.18-1.x86_64.rpm daf743203e5c3471d0f2c4f25cfc961e rh-postgresql-devel-7.3.18-1.x86_64.rpm d89db4edbafb5adf99c688cd5b268910 rh-postgresql-docs-7.3.18-1.x86_64.rpm 2bba717770c6c7a0b7711fbbb29fa774 rh-postgresql-jdbc-7.3.18-1.x86_64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 65fe743dd6add9ae2084d9bd82ffe3ca rh-postgresql-libs-7.3.18-1.x86_64.rpm c976ba94924d7f304873aaacbab8f82a rh-postgresql-pl-7.3.18-1.x86_64.rpm e96b77ab643700cb51f78f0d846d7ab0 rh-postgresql-python-7.3.18-1.x86_64.rpm b3728db6ba3b798c49bd40fb21d10cb6 rh-postgresql-server-7.3.18-1.x86_64.rpm b9457102f474cf17ea71c2806e8f8452 rh-postgresql-tcl-7.3.18-1.x86_64.rpm bff01c8de6b7571d7442070551be2e3a rh-postgresql-test-7.3.18-1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rh-postgresql-7.3.18-1.src.rpm 3275a2557c4ad39c9c9f53cc76e5f7bc rh-postgresql-7.3.18-1.src.rpm i386: 07bfd36f8e45296c5b4e33d615ee9343 rh-postgresql-7.3.18-1.i386.rpm dc21c7da6c845058294585502f631420 rh-postgresql-contrib-7.3.18-1.i386.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm f62cfeac0ff29d1d32faf896718e5f2e rh-postgresql-devel-7.3.18-1.i386.rpm 87dffab9c50b6e2409fc797d32e64a5e rh-postgresql-docs-7.3.18-1.i386.rpm 2aaadefdf7b6cda3617abede5fa4a763 rh-postgresql-jdbc-7.3.18-1.i386.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm f8d5e41ebcf932af8a1e040d0783a210 rh-postgresql-pl-7.3.18-1.i386.rpm d32d4ffce4ae666c3bbb448ede1388c2 rh-postgresql-python-7.3.18-1.i386.rpm 94576318c381fee5d6b430414f469609 rh-postgresql-server-7.3.18-1.i386.rpm 6d489d71e7e330363297b491cdf47f54 rh-postgresql-tcl-7.3.18-1.i386.rpm 0182f21585ad849e276648b2bc82cdac rh-postgresql-test-7.3.18-1.i386.rpm x86_64: 76a3183d01aee92e304fc2871926cb79 rh-postgresql-7.3.18-1.x86_64.rpm 8f7eecfe5647a8b21c5a2326619847a3 rh-postgresql-contrib-7.3.18-1.x86_64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm 7d1f1a164bbcd561e2d56c6832381aac rh-postgresql-debuginfo-7.3.18-1.x86_64.rpm daf743203e5c3471d0f2c4f25cfc961e rh-postgresql-devel-7.3.18-1.x86_64.rpm d89db4edbafb5adf99c688cd5b268910 rh-postgresql-docs-7.3.18-1.x86_64.rpm 2bba717770c6c7a0b7711fbbb29fa774 rh-postgresql-jdbc-7.3.18-1.x86_64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 65fe743dd6add9ae2084d9bd82ffe3ca rh-postgresql-libs-7.3.18-1.x86_64.rpm c976ba94924d7f304873aaacbab8f82a rh-postgresql-pl-7.3.18-1.x86_64.rpm e96b77ab643700cb51f78f0d846d7ab0 rh-postgresql-python-7.3.18-1.x86_64.rpm b3728db6ba3b798c49bd40fb21d10cb6 rh-postgresql-server-7.3.18-1.x86_64.rpm b9457102f474cf17ea71c2806e8f8452 rh-postgresql-tcl-7.3.18-1.x86_64.rpm bff01c8de6b7571d7442070551be2e3a rh-postgresql-test-7.3.18-1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rh-postgresql-7.3.18-1.src.rpm 3275a2557c4ad39c9c9f53cc76e5f7bc rh-postgresql-7.3.18-1.src.rpm i386: 07bfd36f8e45296c5b4e33d615ee9343 rh-postgresql-7.3.18-1.i386.rpm dc21c7da6c845058294585502f631420 rh-postgresql-contrib-7.3.18-1.i386.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm f62cfeac0ff29d1d32faf896718e5f2e rh-postgresql-devel-7.3.18-1.i386.rpm 87dffab9c50b6e2409fc797d32e64a5e rh-postgresql-docs-7.3.18-1.i386.rpm 2aaadefdf7b6cda3617abede5fa4a763 rh-postgresql-jdbc-7.3.18-1.i386.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm f8d5e41ebcf932af8a1e040d0783a210 rh-postgresql-pl-7.3.18-1.i386.rpm d32d4ffce4ae666c3bbb448ede1388c2 rh-postgresql-python-7.3.18-1.i386.rpm 94576318c381fee5d6b430414f469609 rh-postgresql-server-7.3.18-1.i386.rpm 6d489d71e7e330363297b491cdf47f54 rh-postgresql-tcl-7.3.18-1.i386.rpm 0182f21585ad849e276648b2bc82cdac rh-postgresql-test-7.3.18-1.i386.rpm ia64: 3aa0bb037fcf18b83ddf9002256d8ecc rh-postgresql-7.3.18-1.ia64.rpm 45e3b1fc6850b257071934b1edcdc8e9 rh-postgresql-contrib-7.3.18-1.ia64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm d09929204400d5f2aa128daa46ccf6e4 rh-postgresql-debuginfo-7.3.18-1.ia64.rpm 8483a2e5a04b6a0254657d7e09d53600 rh-postgresql-devel-7.3.18-1.ia64.rpm e88384674c0a7c03a6ecdad56183756f rh-postgresql-docs-7.3.18-1.ia64.rpm a07adee41977e353df00b60667b57122 rh-postgresql-jdbc-7.3.18-1.ia64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 7d680b89fbb6fc1cb04f1af0cc024d47 rh-postgresql-libs-7.3.18-1.ia64.rpm 69d1e056d772e5c4aaef43b0b3b9fe31 rh-postgresql-pl-7.3.18-1.ia64.rpm 103492f6397b850f60aa2716c7cc8fc2 rh-postgresql-python-7.3.18-1.ia64.rpm b9de4dfaf45f2ac9e628b58b28738eed rh-postgresql-server-7.3.18-1.ia64.rpm 1e4a962996cbe5ae9a51e7d0aa043c9f rh-postgresql-tcl-7.3.18-1.ia64.rpm 93c1c209fd0b6bdc803c2efad52ba084 rh-postgresql-test-7.3.18-1.ia64.rpm x86_64: 76a3183d01aee92e304fc2871926cb79 rh-postgresql-7.3.18-1.x86_64.rpm 8f7eecfe5647a8b21c5a2326619847a3 rh-postgresql-contrib-7.3.18-1.x86_64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm 7d1f1a164bbcd561e2d56c6832381aac rh-postgresql-debuginfo-7.3.18-1.x86_64.rpm daf743203e5c3471d0f2c4f25cfc961e rh-postgresql-devel-7.3.18-1.x86_64.rpm d89db4edbafb5adf99c688cd5b268910 rh-postgresql-docs-7.3.18-1.x86_64.rpm 2bba717770c6c7a0b7711fbbb29fa774 rh-postgresql-jdbc-7.3.18-1.x86_64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 65fe743dd6add9ae2084d9bd82ffe3ca rh-postgresql-libs-7.3.18-1.x86_64.rpm c976ba94924d7f304873aaacbab8f82a rh-postgresql-pl-7.3.18-1.x86_64.rpm e96b77ab643700cb51f78f0d846d7ab0 rh-postgresql-python-7.3.18-1.x86_64.rpm b3728db6ba3b798c49bd40fb21d10cb6 rh-postgresql-server-7.3.18-1.x86_64.rpm b9457102f474cf17ea71c2806e8f8452 rh-postgresql-tcl-7.3.18-1.x86_64.rpm bff01c8de6b7571d7442070551be2e3a rh-postgresql-test-7.3.18-1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rh-postgresql-7.3.18-1.src.rpm 3275a2557c4ad39c9c9f53cc76e5f7bc rh-postgresql-7.3.18-1.src.rpm i386: 07bfd36f8e45296c5b4e33d615ee9343 rh-postgresql-7.3.18-1.i386.rpm dc21c7da6c845058294585502f631420 rh-postgresql-contrib-7.3.18-1.i386.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm f62cfeac0ff29d1d32faf896718e5f2e rh-postgresql-devel-7.3.18-1.i386.rpm 87dffab9c50b6e2409fc797d32e64a5e rh-postgresql-docs-7.3.18-1.i386.rpm 2aaadefdf7b6cda3617abede5fa4a763 rh-postgresql-jdbc-7.3.18-1.i386.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm f8d5e41ebcf932af8a1e040d0783a210 rh-postgresql-pl-7.3.18-1.i386.rpm d32d4ffce4ae666c3bbb448ede1388c2 rh-postgresql-python-7.3.18-1.i386.rpm 94576318c381fee5d6b430414f469609 rh-postgresql-server-7.3.18-1.i386.rpm 6d489d71e7e330363297b491cdf47f54 rh-postgresql-tcl-7.3.18-1.i386.rpm 0182f21585ad849e276648b2bc82cdac rh-postgresql-test-7.3.18-1.i386.rpm ia64: 3aa0bb037fcf18b83ddf9002256d8ecc rh-postgresql-7.3.18-1.ia64.rpm 45e3b1fc6850b257071934b1edcdc8e9 rh-postgresql-contrib-7.3.18-1.ia64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm d09929204400d5f2aa128daa46ccf6e4 rh-postgresql-debuginfo-7.3.18-1.ia64.rpm 8483a2e5a04b6a0254657d7e09d53600 rh-postgresql-devel-7.3.18-1.ia64.rpm e88384674c0a7c03a6ecdad56183756f rh-postgresql-docs-7.3.18-1.ia64.rpm a07adee41977e353df00b60667b57122 rh-postgresql-jdbc-7.3.18-1.ia64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 7d680b89fbb6fc1cb04f1af0cc024d47 rh-postgresql-libs-7.3.18-1.ia64.rpm 69d1e056d772e5c4aaef43b0b3b9fe31 rh-postgresql-pl-7.3.18-1.ia64.rpm 103492f6397b850f60aa2716c7cc8fc2 rh-postgresql-python-7.3.18-1.ia64.rpm b9de4dfaf45f2ac9e628b58b28738eed rh-postgresql-server-7.3.18-1.ia64.rpm 1e4a962996cbe5ae9a51e7d0aa043c9f rh-postgresql-tcl-7.3.18-1.ia64.rpm 93c1c209fd0b6bdc803c2efad52ba084 rh-postgresql-test-7.3.18-1.ia64.rpm x86_64: 76a3183d01aee92e304fc2871926cb79 rh-postgresql-7.3.18-1.x86_64.rpm 8f7eecfe5647a8b21c5a2326619847a3 rh-postgresql-contrib-7.3.18-1.x86_64.rpm b67653f6df46561770f1ee413f51cac8 rh-postgresql-debuginfo-7.3.18-1.i386.rpm 7d1f1a164bbcd561e2d56c6832381aac rh-postgresql-debuginfo-7.3.18-1.x86_64.rpm daf743203e5c3471d0f2c4f25cfc961e rh-postgresql-devel-7.3.18-1.x86_64.rpm d89db4edbafb5adf99c688cd5b268910 rh-postgresql-docs-7.3.18-1.x86_64.rpm 2bba717770c6c7a0b7711fbbb29fa774 rh-postgresql-jdbc-7.3.18-1.x86_64.rpm 7c80e948422e8d8427c691984f6434c5 rh-postgresql-libs-7.3.18-1.i386.rpm 65fe743dd6add9ae2084d9bd82ffe3ca rh-postgresql-libs-7.3.18-1.x86_64.rpm c976ba94924d7f304873aaacbab8f82a rh-postgresql-pl-7.3.18-1.x86_64.rpm e96b77ab643700cb51f78f0d846d7ab0 rh-postgresql-python-7.3.18-1.x86_64.rpm b3728db6ba3b798c49bd40fb21d10cb6 rh-postgresql-server-7.3.18-1.x86_64.rpm b9457102f474cf17ea71c2806e8f8452 rh-postgresql-tcl-7.3.18-1.x86_64.rpm bff01c8de6b7571d7442070551be2e3a rh-postgresql-test-7.3.18-1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postgresql-7.4.16-1.RHEL4.1.src.rpm e1ce8e27d5284fea7d628438ba056933 postgresql-7.4.16-1.RHEL4.1.src.rpm i386: a3bedcda1bec6c5c76105598c19272c4 postgresql-7.4.16-1.RHEL4.1.i386.rpm 830f45b62a34b36fe216f3542f6af47a postgresql-contrib-7.4.16-1.RHEL4.1.i386.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm 560210c1b60151aa237a30d27e6c4dd7 postgresql-devel-7.4.16-1.RHEL4.1.i386.rpm fb907029098e5df59c78cf235b771723 postgresql-docs-7.4.16-1.RHEL4.1.i386.rpm 666005fa672f07f2e8c0623bb181aad0 postgresql-jdbc-7.4.16-1.RHEL4.1.i386.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 79244410c0e04ecf4ec92c04f43b1907 postgresql-pl-7.4.16-1.RHEL4.1.i386.rpm 701479a87191492a3cecb4959b1d7faf postgresql-python-7.4.16-1.RHEL4.1.i386.rpm 0841c9816745e15a240cc5e855159ccd postgresql-server-7.4.16-1.RHEL4.1.i386.rpm dbaad44773a7237abb1bd0ecece21ef0 postgresql-tcl-7.4.16-1.RHEL4.1.i386.rpm b92edef121863144ddafb1a4e9990d0a postgresql-test-7.4.16-1.RHEL4.1.i386.rpm ia64: 577450fe486e220f26584ebdce86aacf postgresql-7.4.16-1.RHEL4.1.ia64.rpm 88cab6393a910b1f42042cf51a6d806c postgresql-contrib-7.4.16-1.RHEL4.1.ia64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm caf03d5cdab15ad344aa935b083cf530 postgresql-debuginfo-7.4.16-1.RHEL4.1.ia64.rpm bdcbf40d554dd887839b1129347b06b5 postgresql-devel-7.4.16-1.RHEL4.1.ia64.rpm 36c60f8a00e84d2e41b3aa45dec5a65c postgresql-docs-7.4.16-1.RHEL4.1.ia64.rpm 84281a9a39c40e74e8dc9ef93c032fff postgresql-jdbc-7.4.16-1.RHEL4.1.ia64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm c2549032197f99404771742f7762dd63 postgresql-libs-7.4.16-1.RHEL4.1.ia64.rpm d13178b89ffbb93fbbb2c12d72423711 postgresql-pl-7.4.16-1.RHEL4.1.ia64.rpm 7b73d772b1616d80ef1f56ede82c41b7 postgresql-python-7.4.16-1.RHEL4.1.ia64.rpm 1fdfa5cc368205fcd0a27a71dd8af986 postgresql-server-7.4.16-1.RHEL4.1.ia64.rpm 39599e66a886d74c6a4951041d069c9e postgresql-tcl-7.4.16-1.RHEL4.1.ia64.rpm 7d256bcb2c79505985a13059934933d0 postgresql-test-7.4.16-1.RHEL4.1.ia64.rpm ppc: 146fe204063f52a4f9c17d679d0eca06 postgresql-7.4.16-1.RHEL4.1.ppc.rpm 2d3c429885dfb92c1857bb88b5e0971b postgresql-contrib-7.4.16-1.RHEL4.1.ppc.rpm a76d3a8ce6ad6e3bc5c2952d7dfca9f6 postgresql-debuginfo-7.4.16-1.RHEL4.1.ppc.rpm 46237dfc75aabe019916d05c318220c0 postgresql-debuginfo-7.4.16-1.RHEL4.1.ppc64.rpm 3c07f03f819fbea01f5adae5b8604fce postgresql-devel-7.4.16-1.RHEL4.1.ppc.rpm 6400cd79dd5137f1841a8c7ebcfff474 postgresql-docs-7.4.16-1.RHEL4.1.ppc.rpm c65bb94db2e724a6eb7e1e8501cdf295 postgresql-jdbc-7.4.16-1.RHEL4.1.ppc.rpm 33fff0f554943af615c4b5aecbadfeaa postgresql-libs-7.4.16-1.RHEL4.1.ppc.rpm 5287fe45fe6207bb502ef33324323905 postgresql-libs-7.4.16-1.RHEL4.1.ppc64.rpm ea7a636bf1435f765b7d8d5abf543ac6 postgresql-pl-7.4.16-1.RHEL4.1.ppc.rpm 55c46942e89b16acf5db237569e219cb postgresql-python-7.4.16-1.RHEL4.1.ppc.rpm b72969fa5e9421c5a0f96f51756427f2 postgresql-server-7.4.16-1.RHEL4.1.ppc.rpm 023d121df455ea4e2fbadb94fb563e4c postgresql-tcl-7.4.16-1.RHEL4.1.ppc.rpm 8afde74a8260dc63aeffca68ded2f308 postgresql-test-7.4.16-1.RHEL4.1.ppc.rpm s390: 49e238b193748c5741e1c420ac55aad2 postgresql-7.4.16-1.RHEL4.1.s390.rpm 629d1bba9adb4e593119cf4d42e01232 postgresql-contrib-7.4.16-1.RHEL4.1.s390.rpm 95fcf024ee315ec57636685735ded629 postgresql-debuginfo-7.4.16-1.RHEL4.1.s390.rpm 6e6f38265b5b6b5ad9c620ef79235003 postgresql-devel-7.4.16-1.RHEL4.1.s390.rpm 7da8f6e31c7c05f6d411ce8e874244cf postgresql-docs-7.4.16-1.RHEL4.1.s390.rpm bf2712f75c5d7bf86bb53641fadb2880 postgresql-jdbc-7.4.16-1.RHEL4.1.s390.rpm 4635fd52f2db1b9b0c8c7742b1f924a9 postgresql-libs-7.4.16-1.RHEL4.1.s390.rpm d5e2a24fd6c3c91e87689d46bcb239e0 postgresql-pl-7.4.16-1.RHEL4.1.s390.rpm 5dbc889a1ff405d3ca83295403022b18 postgresql-python-7.4.16-1.RHEL4.1.s390.rpm b283d7c1eb49ed36d223759b1beeaf0a postgresql-server-7.4.16-1.RHEL4.1.s390.rpm 996e2592b50bde5efd279833a5ac43a7 postgresql-tcl-7.4.16-1.RHEL4.1.s390.rpm af8f56d7f0917a4bbcb50b9ec3acff57 postgresql-test-7.4.16-1.RHEL4.1.s390.rpm s390x: 5a9eb67a082e214559c56cadd53f9a39 postgresql-7.4.16-1.RHEL4.1.s390x.rpm 26688b2b5bc0f1a4d50acf5a0756aab4 postgresql-contrib-7.4.16-1.RHEL4.1.s390x.rpm 95fcf024ee315ec57636685735ded629 postgresql-debuginfo-7.4.16-1.RHEL4.1.s390.rpm bd012f7eebc2c263685d4a42c270d9b9 postgresql-debuginfo-7.4.16-1.RHEL4.1.s390x.rpm 99cc2fd811edc867670e7d36275c37c1 postgresql-devel-7.4.16-1.RHEL4.1.s390x.rpm d239e12b8a75b8c1e7ff3a83c8de049f postgresql-docs-7.4.16-1.RHEL4.1.s390x.rpm 12b6752151d0b7048fffe26a583c46f5 postgresql-jdbc-7.4.16-1.RHEL4.1.s390x.rpm 4635fd52f2db1b9b0c8c7742b1f924a9 postgresql-libs-7.4.16-1.RHEL4.1.s390.rpm d7c4e5a6adb42bdd81c446adfe432a95 postgresql-libs-7.4.16-1.RHEL4.1.s390x.rpm 837fe91bec61ad2e7bb091b69f6cc919 postgresql-pl-7.4.16-1.RHEL4.1.s390x.rpm fd0fdd5b029c22595a5638dc58c40ad3 postgresql-python-7.4.16-1.RHEL4.1.s390x.rpm 49c0bf8f242cc647e4d992f6db96e47c postgresql-server-7.4.16-1.RHEL4.1.s390x.rpm f1eddcddd84b7a246295eac4f90ce234 postgresql-tcl-7.4.16-1.RHEL4.1.s390x.rpm 9ba97fd413f74e5f3222eda5c3263799 postgresql-test-7.4.16-1.RHEL4.1.s390x.rpm x86_64: 8c8323f854ee7ee5376ac793005d783d postgresql-7.4.16-1.RHEL4.1.x86_64.rpm d0acc96f796c76a27cfad73a55781a46 postgresql-contrib-7.4.16-1.RHEL4.1.x86_64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm b08e71ba7676bedb869f569394d4a794 postgresql-debuginfo-7.4.16-1.RHEL4.1.x86_64.rpm d838d8d08deffdb439a06f0a4ce7ba35 postgresql-devel-7.4.16-1.RHEL4.1.x86_64.rpm fbb90a0c41952355990a6b615dd96ef6 postgresql-docs-7.4.16-1.RHEL4.1.x86_64.rpm 373c2231cc533d662983ee1cd0e01445 postgresql-jdbc-7.4.16-1.RHEL4.1.x86_64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 8169006278fe665bece07f96629ee07e postgresql-libs-7.4.16-1.RHEL4.1.x86_64.rpm d196a6b05761ef88efff0addf65d1e34 postgresql-pl-7.4.16-1.RHEL4.1.x86_64.rpm 2dabd3e4f8fbe717d465ff1a2b2d1852 postgresql-python-7.4.16-1.RHEL4.1.x86_64.rpm 2c4fd8aa271e65a81e7789530afcc9e2 postgresql-server-7.4.16-1.RHEL4.1.x86_64.rpm 349d55a543166c39494786c1e7aecee9 postgresql-tcl-7.4.16-1.RHEL4.1.x86_64.rpm 0a93a145cb5e1f17dba77c5889c9c904 postgresql-test-7.4.16-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postgresql-7.4.16-1.RHEL4.1.src.rpm e1ce8e27d5284fea7d628438ba056933 postgresql-7.4.16-1.RHEL4.1.src.rpm i386: a3bedcda1bec6c5c76105598c19272c4 postgresql-7.4.16-1.RHEL4.1.i386.rpm 830f45b62a34b36fe216f3542f6af47a postgresql-contrib-7.4.16-1.RHEL4.1.i386.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm 560210c1b60151aa237a30d27e6c4dd7 postgresql-devel-7.4.16-1.RHEL4.1.i386.rpm fb907029098e5df59c78cf235b771723 postgresql-docs-7.4.16-1.RHEL4.1.i386.rpm 666005fa672f07f2e8c0623bb181aad0 postgresql-jdbc-7.4.16-1.RHEL4.1.i386.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 79244410c0e04ecf4ec92c04f43b1907 postgresql-pl-7.4.16-1.RHEL4.1.i386.rpm 701479a87191492a3cecb4959b1d7faf postgresql-python-7.4.16-1.RHEL4.1.i386.rpm 0841c9816745e15a240cc5e855159ccd postgresql-server-7.4.16-1.RHEL4.1.i386.rpm dbaad44773a7237abb1bd0ecece21ef0 postgresql-tcl-7.4.16-1.RHEL4.1.i386.rpm b92edef121863144ddafb1a4e9990d0a postgresql-test-7.4.16-1.RHEL4.1.i386.rpm x86_64: 8c8323f854ee7ee5376ac793005d783d postgresql-7.4.16-1.RHEL4.1.x86_64.rpm d0acc96f796c76a27cfad73a55781a46 postgresql-contrib-7.4.16-1.RHEL4.1.x86_64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm b08e71ba7676bedb869f569394d4a794 postgresql-debuginfo-7.4.16-1.RHEL4.1.x86_64.rpm d838d8d08deffdb439a06f0a4ce7ba35 postgresql-devel-7.4.16-1.RHEL4.1.x86_64.rpm fbb90a0c41952355990a6b615dd96ef6 postgresql-docs-7.4.16-1.RHEL4.1.x86_64.rpm 373c2231cc533d662983ee1cd0e01445 postgresql-jdbc-7.4.16-1.RHEL4.1.x86_64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 8169006278fe665bece07f96629ee07e postgresql-libs-7.4.16-1.RHEL4.1.x86_64.rpm d196a6b05761ef88efff0addf65d1e34 postgresql-pl-7.4.16-1.RHEL4.1.x86_64.rpm 2dabd3e4f8fbe717d465ff1a2b2d1852 postgresql-python-7.4.16-1.RHEL4.1.x86_64.rpm 2c4fd8aa271e65a81e7789530afcc9e2 postgresql-server-7.4.16-1.RHEL4.1.x86_64.rpm 349d55a543166c39494786c1e7aecee9 postgresql-tcl-7.4.16-1.RHEL4.1.x86_64.rpm 0a93a145cb5e1f17dba77c5889c9c904 postgresql-test-7.4.16-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postgresql-7.4.16-1.RHEL4.1.src.rpm e1ce8e27d5284fea7d628438ba056933 postgresql-7.4.16-1.RHEL4.1.src.rpm i386: a3bedcda1bec6c5c76105598c19272c4 postgresql-7.4.16-1.RHEL4.1.i386.rpm 830f45b62a34b36fe216f3542f6af47a postgresql-contrib-7.4.16-1.RHEL4.1.i386.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm 560210c1b60151aa237a30d27e6c4dd7 postgresql-devel-7.4.16-1.RHEL4.1.i386.rpm fb907029098e5df59c78cf235b771723 postgresql-docs-7.4.16-1.RHEL4.1.i386.rpm 666005fa672f07f2e8c0623bb181aad0 postgresql-jdbc-7.4.16-1.RHEL4.1.i386.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 79244410c0e04ecf4ec92c04f43b1907 postgresql-pl-7.4.16-1.RHEL4.1.i386.rpm 701479a87191492a3cecb4959b1d7faf postgresql-python-7.4.16-1.RHEL4.1.i386.rpm 0841c9816745e15a240cc5e855159ccd postgresql-server-7.4.16-1.RHEL4.1.i386.rpm dbaad44773a7237abb1bd0ecece21ef0 postgresql-tcl-7.4.16-1.RHEL4.1.i386.rpm b92edef121863144ddafb1a4e9990d0a postgresql-test-7.4.16-1.RHEL4.1.i386.rpm ia64: 577450fe486e220f26584ebdce86aacf postgresql-7.4.16-1.RHEL4.1.ia64.rpm 88cab6393a910b1f42042cf51a6d806c postgresql-contrib-7.4.16-1.RHEL4.1.ia64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm caf03d5cdab15ad344aa935b083cf530 postgresql-debuginfo-7.4.16-1.RHEL4.1.ia64.rpm bdcbf40d554dd887839b1129347b06b5 postgresql-devel-7.4.16-1.RHEL4.1.ia64.rpm 36c60f8a00e84d2e41b3aa45dec5a65c postgresql-docs-7.4.16-1.RHEL4.1.ia64.rpm 84281a9a39c40e74e8dc9ef93c032fff postgresql-jdbc-7.4.16-1.RHEL4.1.ia64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm c2549032197f99404771742f7762dd63 postgresql-libs-7.4.16-1.RHEL4.1.ia64.rpm d13178b89ffbb93fbbb2c12d72423711 postgresql-pl-7.4.16-1.RHEL4.1.ia64.rpm 7b73d772b1616d80ef1f56ede82c41b7 postgresql-python-7.4.16-1.RHEL4.1.ia64.rpm 1fdfa5cc368205fcd0a27a71dd8af986 postgresql-server-7.4.16-1.RHEL4.1.ia64.rpm 39599e66a886d74c6a4951041d069c9e postgresql-tcl-7.4.16-1.RHEL4.1.ia64.rpm 7d256bcb2c79505985a13059934933d0 postgresql-test-7.4.16-1.RHEL4.1.ia64.rpm x86_64: 8c8323f854ee7ee5376ac793005d783d postgresql-7.4.16-1.RHEL4.1.x86_64.rpm d0acc96f796c76a27cfad73a55781a46 postgresql-contrib-7.4.16-1.RHEL4.1.x86_64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm b08e71ba7676bedb869f569394d4a794 postgresql-debuginfo-7.4.16-1.RHEL4.1.x86_64.rpm d838d8d08deffdb439a06f0a4ce7ba35 postgresql-devel-7.4.16-1.RHEL4.1.x86_64.rpm fbb90a0c41952355990a6b615dd96ef6 postgresql-docs-7.4.16-1.RHEL4.1.x86_64.rpm 373c2231cc533d662983ee1cd0e01445 postgresql-jdbc-7.4.16-1.RHEL4.1.x86_64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 8169006278fe665bece07f96629ee07e postgresql-libs-7.4.16-1.RHEL4.1.x86_64.rpm d196a6b05761ef88efff0addf65d1e34 postgresql-pl-7.4.16-1.RHEL4.1.x86_64.rpm 2dabd3e4f8fbe717d465ff1a2b2d1852 postgresql-python-7.4.16-1.RHEL4.1.x86_64.rpm 2c4fd8aa271e65a81e7789530afcc9e2 postgresql-server-7.4.16-1.RHEL4.1.x86_64.rpm 349d55a543166c39494786c1e7aecee9 postgresql-tcl-7.4.16-1.RHEL4.1.x86_64.rpm 0a93a145cb5e1f17dba77c5889c9c904 postgresql-test-7.4.16-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postgresql-7.4.16-1.RHEL4.1.src.rpm e1ce8e27d5284fea7d628438ba056933 postgresql-7.4.16-1.RHEL4.1.src.rpm i386: a3bedcda1bec6c5c76105598c19272c4 postgresql-7.4.16-1.RHEL4.1.i386.rpm 830f45b62a34b36fe216f3542f6af47a postgresql-contrib-7.4.16-1.RHEL4.1.i386.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm 560210c1b60151aa237a30d27e6c4dd7 postgresql-devel-7.4.16-1.RHEL4.1.i386.rpm fb907029098e5df59c78cf235b771723 postgresql-docs-7.4.16-1.RHEL4.1.i386.rpm 666005fa672f07f2e8c0623bb181aad0 postgresql-jdbc-7.4.16-1.RHEL4.1.i386.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 79244410c0e04ecf4ec92c04f43b1907 postgresql-pl-7.4.16-1.RHEL4.1.i386.rpm 701479a87191492a3cecb4959b1d7faf postgresql-python-7.4.16-1.RHEL4.1.i386.rpm 0841c9816745e15a240cc5e855159ccd postgresql-server-7.4.16-1.RHEL4.1.i386.rpm dbaad44773a7237abb1bd0ecece21ef0 postgresql-tcl-7.4.16-1.RHEL4.1.i386.rpm b92edef121863144ddafb1a4e9990d0a postgresql-test-7.4.16-1.RHEL4.1.i386.rpm ia64: 577450fe486e220f26584ebdce86aacf postgresql-7.4.16-1.RHEL4.1.ia64.rpm 88cab6393a910b1f42042cf51a6d806c postgresql-contrib-7.4.16-1.RHEL4.1.ia64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm caf03d5cdab15ad344aa935b083cf530 postgresql-debuginfo-7.4.16-1.RHEL4.1.ia64.rpm bdcbf40d554dd887839b1129347b06b5 postgresql-devel-7.4.16-1.RHEL4.1.ia64.rpm 36c60f8a00e84d2e41b3aa45dec5a65c postgresql-docs-7.4.16-1.RHEL4.1.ia64.rpm 84281a9a39c40e74e8dc9ef93c032fff postgresql-jdbc-7.4.16-1.RHEL4.1.ia64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm c2549032197f99404771742f7762dd63 postgresql-libs-7.4.16-1.RHEL4.1.ia64.rpm d13178b89ffbb93fbbb2c12d72423711 postgresql-pl-7.4.16-1.RHEL4.1.ia64.rpm 7b73d772b1616d80ef1f56ede82c41b7 postgresql-python-7.4.16-1.RHEL4.1.ia64.rpm 1fdfa5cc368205fcd0a27a71dd8af986 postgresql-server-7.4.16-1.RHEL4.1.ia64.rpm 39599e66a886d74c6a4951041d069c9e postgresql-tcl-7.4.16-1.RHEL4.1.ia64.rpm 7d256bcb2c79505985a13059934933d0 postgresql-test-7.4.16-1.RHEL4.1.ia64.rpm x86_64: 8c8323f854ee7ee5376ac793005d783d postgresql-7.4.16-1.RHEL4.1.x86_64.rpm d0acc96f796c76a27cfad73a55781a46 postgresql-contrib-7.4.16-1.RHEL4.1.x86_64.rpm e9b15e2b47f803e5008492a8e76882dd postgresql-debuginfo-7.4.16-1.RHEL4.1.i386.rpm b08e71ba7676bedb869f569394d4a794 postgresql-debuginfo-7.4.16-1.RHEL4.1.x86_64.rpm d838d8d08deffdb439a06f0a4ce7ba35 postgresql-devel-7.4.16-1.RHEL4.1.x86_64.rpm fbb90a0c41952355990a6b615dd96ef6 postgresql-docs-7.4.16-1.RHEL4.1.x86_64.rpm 373c2231cc533d662983ee1cd0e01445 postgresql-jdbc-7.4.16-1.RHEL4.1.x86_64.rpm 123aa5356b6c811b9b038521d7ee1260 postgresql-libs-7.4.16-1.RHEL4.1.i386.rpm 8169006278fe665bece07f96629ee07e postgresql-libs-7.4.16-1.RHEL4.1.x86_64.rpm d196a6b05761ef88efff0addf65d1e34 postgresql-pl-7.4.16-1.RHEL4.1.x86_64.rpm 2dabd3e4f8fbe717d465ff1a2b2d1852 postgresql-python-7.4.16-1.RHEL4.1.x86_64.rpm 2c4fd8aa271e65a81e7789530afcc9e2 postgresql-server-7.4.16-1.RHEL4.1.x86_64.rpm 349d55a543166c39494786c1e7aecee9 postgresql-tcl-7.4.16-1.RHEL4.1.x86_64.rpm 0a93a145cb5e1f17dba77c5889c9c904 postgresql-test-7.4.16-1.RHEL4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5540 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFyi/gXlSAg2UNWIIRAiBBAJ94P7ffKZx9NLEoPkmqoNzWdBIysgCfX/Jp 5f4WcSGCEsorN5lTt2kaIZI= =TkBy -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 7 20:01:27 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 7 Feb 2007 15:01:27 -0500 Subject: [RHSA-2007:0067-01] Moderate: postgresql security update Message-ID: <200702072001.l17K1UB9020549@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2007:0067-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0067.html Issue date: 2007-02-07 Updated on: 2007-02-07 Product: Red Hat Application Stack CVE Names: CVE-2007-0555 CVE-2007-0556 CVE-2006-5540 CVE-2006-5541 CVE-2006-5542 - --------------------------------------------------------------------- 1. Summary: Updated postgresql packages that fix several security vulnerabilities are now available for the Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PostgreSQL is an advanced Object-Relational database management system (DBMS). Two flaws were found in the way the PostgreSQL server handles certain SQL-language functions. An authenticated user could execute a sequence of command which could crash the PostgreSQL server or possibly read from arbitrary memory locations. A user must have permissions to drop and add database tables to exploit this flaw. (CVE-2007-0555, CVE-2007-0556) Several denial of service flaws were found in the PostgreSQL server. An authenticated user could execute an SQL command which could crash the PostgreSQL server. (CVE-2006-5540, CVE-2006-5541, CVE-2006-5542) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.7, which corrects these issues. Note: The original PostgreSQL 8.1.7 security patch contained an error; this release includes the updated patch and so is equivalent to the soon-to-be-released 8.1.8. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 225543 - CVE-2007-0555 PostgreSQL arbitrary memory read flaws (CVE-2007-0556) 227299 - CVE-2006-5540 New version fixes three different crash vulnerabilities (CVE-2006-5541, CVE-2006-5542) 227542 - Attribute type error when updating varchar column 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/postgresql-8.1.7-3.el4s1.1.src.rpm 45bcce54c270fd2f45d2699acff84f15 postgresql-8.1.7-3.el4s1.1.src.rpm i386: c6a46625d9bea44b11124d3a66d96e9b postgresql-8.1.7-3.el4s1.1.i386.rpm df169915db46942012553d8081a4b3e5 postgresql-contrib-8.1.7-3.el4s1.1.i386.rpm 5e371f2543c84a7b39114b9e2b196d50 postgresql-debuginfo-8.1.7-3.el4s1.1.i386.rpm 9cda736cdb9a5693ee58755e597fe642 postgresql-devel-8.1.7-3.el4s1.1.i386.rpm 3987bad06885307647eeb306343afdc4 postgresql-docs-8.1.7-3.el4s1.1.i386.rpm f01b6879753c511e872d9a9280a17457 postgresql-libs-8.1.7-3.el4s1.1.i386.rpm e67b3a9842f3e7df38728b039ff39a07 postgresql-pl-8.1.7-3.el4s1.1.i386.rpm 07ec3d3cdab7acfd656526a2307f4f82 postgresql-python-8.1.7-3.el4s1.1.i386.rpm e0a1a1e8fd021aa8f48525964c91d404 postgresql-server-8.1.7-3.el4s1.1.i386.rpm 44960f2637577c4af090044005e77d6f postgresql-tcl-8.1.7-3.el4s1.1.i386.rpm a079aa11e843f8cd39d64d12e84c4c6e postgresql-test-8.1.7-3.el4s1.1.i386.rpm x86_64: c254f9f1b3f7d65b39f7e32132c94376 postgresql-8.1.7-3.el4s1.1.x86_64.rpm ccdcf0cddc657b4dcf14f4a0b55cc668 postgresql-contrib-8.1.7-3.el4s1.1.x86_64.rpm 5e371f2543c84a7b39114b9e2b196d50 postgresql-debuginfo-8.1.7-3.el4s1.1.i386.rpm 22e892be6b087d3184b6e5d9bc283a19 postgresql-debuginfo-8.1.7-3.el4s1.1.x86_64.rpm 9a93c6cf1e6e3924ea032be6e7e07716 postgresql-devel-8.1.7-3.el4s1.1.x86_64.rpm 5c14bb68f28ef09d925e81ca0179ce61 postgresql-docs-8.1.7-3.el4s1.1.x86_64.rpm f01b6879753c511e872d9a9280a17457 postgresql-libs-8.1.7-3.el4s1.1.i386.rpm b73d1df15aaed9c98d248e369cb36839 postgresql-libs-8.1.7-3.el4s1.1.x86_64.rpm 0179aa38ed819c9127f0581f6176f522 postgresql-pl-8.1.7-3.el4s1.1.x86_64.rpm ce253fbaf33d46734431ac4e7e02ac8a postgresql-python-8.1.7-3.el4s1.1.x86_64.rpm e9d1dd41d9b2c5b40cd675c0346c2f83 postgresql-server-8.1.7-3.el4s1.1.x86_64.rpm d6dcb504c7775094c2de709151d9d170 postgresql-tcl-8.1.7-3.el4s1.1.x86_64.rpm 93ce219b21d4ef3611c2491c9546c35f postgresql-test-8.1.7-3.el4s1.1.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/postgresql-8.1.7-3.el4s1.1.src.rpm 45bcce54c270fd2f45d2699acff84f15 postgresql-8.1.7-3.el4s1.1.src.rpm i386: c6a46625d9bea44b11124d3a66d96e9b postgresql-8.1.7-3.el4s1.1.i386.rpm df169915db46942012553d8081a4b3e5 postgresql-contrib-8.1.7-3.el4s1.1.i386.rpm 5e371f2543c84a7b39114b9e2b196d50 postgresql-debuginfo-8.1.7-3.el4s1.1.i386.rpm 9cda736cdb9a5693ee58755e597fe642 postgresql-devel-8.1.7-3.el4s1.1.i386.rpm 3987bad06885307647eeb306343afdc4 postgresql-docs-8.1.7-3.el4s1.1.i386.rpm f01b6879753c511e872d9a9280a17457 postgresql-libs-8.1.7-3.el4s1.1.i386.rpm e67b3a9842f3e7df38728b039ff39a07 postgresql-pl-8.1.7-3.el4s1.1.i386.rpm 07ec3d3cdab7acfd656526a2307f4f82 postgresql-python-8.1.7-3.el4s1.1.i386.rpm e0a1a1e8fd021aa8f48525964c91d404 postgresql-server-8.1.7-3.el4s1.1.i386.rpm 44960f2637577c4af090044005e77d6f postgresql-tcl-8.1.7-3.el4s1.1.i386.rpm a079aa11e843f8cd39d64d12e84c4c6e postgresql-test-8.1.7-3.el4s1.1.i386.rpm x86_64: c254f9f1b3f7d65b39f7e32132c94376 postgresql-8.1.7-3.el4s1.1.x86_64.rpm ccdcf0cddc657b4dcf14f4a0b55cc668 postgresql-contrib-8.1.7-3.el4s1.1.x86_64.rpm 5e371f2543c84a7b39114b9e2b196d50 postgresql-debuginfo-8.1.7-3.el4s1.1.i386.rpm 22e892be6b087d3184b6e5d9bc283a19 postgresql-debuginfo-8.1.7-3.el4s1.1.x86_64.rpm 9a93c6cf1e6e3924ea032be6e7e07716 postgresql-devel-8.1.7-3.el4s1.1.x86_64.rpm 5c14bb68f28ef09d925e81ca0179ce61 postgresql-docs-8.1.7-3.el4s1.1.x86_64.rpm f01b6879753c511e872d9a9280a17457 postgresql-libs-8.1.7-3.el4s1.1.i386.rpm b73d1df15aaed9c98d248e369cb36839 postgresql-libs-8.1.7-3.el4s1.1.x86_64.rpm 0179aa38ed819c9127f0581f6176f522 postgresql-pl-8.1.7-3.el4s1.1.x86_64.rpm ce253fbaf33d46734431ac4e7e02ac8a postgresql-python-8.1.7-3.el4s1.1.x86_64.rpm e9d1dd41d9b2c5b40cd675c0346c2f83 postgresql-server-8.1.7-3.el4s1.1.x86_64.rpm d6dcb504c7775094c2de709151d9d170 postgresql-tcl-8.1.7-3.el4s1.1.x86_64.rpm 93ce219b21d4ef3611c2491c9546c35f postgresql-test-8.1.7-3.el4s1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0556 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5540 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5541 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5542 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFyjANXlSAg2UNWIIRAl0dAKCnTiii4u8LzvZ8zMVDG3ecFBSlfACfbJm+ 3ivmH1ga5Yo0xZhILjJmAho= =64QJ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 8 08:41:25 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 8 Feb 2007 03:41:25 -0500 Subject: [RHSA-2007:0008-01] Moderate: dbus security update Message-ID: <200702080841.l188fPk2017728@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: dbus security update Advisory ID: RHSA-2007:0008-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0008.html Issue date: 2007-02-08 Updated on: 2007-02-08 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6107 - --------------------------------------------------------------------- 1. Summary: Updated dbus packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: D-BUS is a system for sending messages between applications. It is used both for the systemwide message bus service, and as a per-user-login-session messaging facility. Kimmo H?m?l?inen discovered a flaw in the way D-BUS processes certain messages. It is possible for a local unprivileged D-BUS process to disrupt the ability of another D-BUS process to receive messages. (CVE-2006-6107) Users of dbus are advised to upgrade to these updated packages, which contain backported patches to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 218055 - CVE-2006-6107 D-Bus denial of service 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/dbus-0.22-12.EL.8.src.rpm 379fdd3f9afb34124fa9b88deb440e3f dbus-0.22-12.EL.8.src.rpm i386: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm b8a46001a416b2e36f5da1e6868c91ec dbus-devel-0.22-12.EL.8.i386.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8e5eadeb5be39e139885336011551656 dbus-python-0.22-12.EL.8.i386.rpm 2f9d064981b12a7f4cb8cf74d6142de5 dbus-x11-0.22-12.EL.8.i386.rpm ia64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm dd584d93cd98e8ebc3331e5c5d938b87 dbus-0.22-12.EL.8.ia64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm 872bafd3dbb945e65141d63418ee9592 dbus-debuginfo-0.22-12.EL.8.ia64.rpm a294a24161855aa73d4a9d83e4f3a107 dbus-devel-0.22-12.EL.8.ia64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm b07996f3ebf2331958a1adfd230302cc dbus-glib-0.22-12.EL.8.ia64.rpm c7406fea694e12487aa8213142ed66ea dbus-python-0.22-12.EL.8.ia64.rpm 7097ef62d6917170005f000a14a54fe7 dbus-x11-0.22-12.EL.8.ia64.rpm ppc: acaed9d78ce157ef8b15e19692c832c1 dbus-0.22-12.EL.8.ppc.rpm 87db84625d2e27f3b0c168e2f1e34a18 dbus-0.22-12.EL.8.ppc64.rpm a9f3006c196b42ee882baced9a29f821 dbus-debuginfo-0.22-12.EL.8.ppc.rpm c40f580e5fc221bedfdbe209172fa671 dbus-debuginfo-0.22-12.EL.8.ppc64.rpm d4adf9454e5303fdcaab8c43805a212c dbus-devel-0.22-12.EL.8.ppc.rpm 1a66a5a36be6167dff2558866ab34d9c dbus-glib-0.22-12.EL.8.ppc.rpm e28bef04fa98091747deef3b121fec18 dbus-glib-0.22-12.EL.8.ppc64.rpm 60c70fee76a3a98c6cf46629901b2ed3 dbus-python-0.22-12.EL.8.ppc.rpm 02a34c40ade9386f829e0bbf12dc8036 dbus-x11-0.22-12.EL.8.ppc.rpm s390: 2aec70890676846f00be1fd5ed9f4a9c dbus-0.22-12.EL.8.s390.rpm 995ca549549fa390bb04fee99726f683 dbus-debuginfo-0.22-12.EL.8.s390.rpm ba507082ec7e13a57cbf9d2addf18e9d dbus-devel-0.22-12.EL.8.s390.rpm 79ebed9e812ce4760fcbd4bb7fa8efb7 dbus-glib-0.22-12.EL.8.s390.rpm f1be5d2e04c8e0698caddc9d0af40ab2 dbus-python-0.22-12.EL.8.s390.rpm 11ca54506fedf365fab62e025d7b742b dbus-x11-0.22-12.EL.8.s390.rpm s390x: 2aec70890676846f00be1fd5ed9f4a9c dbus-0.22-12.EL.8.s390.rpm 38a9c1c9838f1fc0ffe7e8c62259a4e9 dbus-0.22-12.EL.8.s390x.rpm 995ca549549fa390bb04fee99726f683 dbus-debuginfo-0.22-12.EL.8.s390.rpm 146b6a51d985cec520b70d2e39353c95 dbus-debuginfo-0.22-12.EL.8.s390x.rpm d17fd60137f8fc012826cb5c2fb1c798 dbus-devel-0.22-12.EL.8.s390x.rpm 79ebed9e812ce4760fcbd4bb7fa8efb7 dbus-glib-0.22-12.EL.8.s390.rpm 5608a1394e595ee7560bc2080b54524e dbus-glib-0.22-12.EL.8.s390x.rpm 6afc6054de436384a71951c4ca7c1083 dbus-python-0.22-12.EL.8.s390x.rpm aa63335eff72a01edf6c3c8709257100 dbus-x11-0.22-12.EL.8.s390x.rpm x86_64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm ac83105ce8b120ec537a3ea54da1e37d dbus-0.22-12.EL.8.x86_64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm e6beedfb77d864db50af50524560ddf2 dbus-debuginfo-0.22-12.EL.8.x86_64.rpm 1b248af405670382e31b06c4fa52fa36 dbus-devel-0.22-12.EL.8.x86_64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8c41138bbf9127bbb2d799f566ce3a8a dbus-glib-0.22-12.EL.8.x86_64.rpm 920cf9a273c521118e374230690a3df6 dbus-python-0.22-12.EL.8.x86_64.rpm 847b2400eee82a36e3542b2f4f2d4947 dbus-x11-0.22-12.EL.8.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/dbus-0.22-12.EL.8.src.rpm 379fdd3f9afb34124fa9b88deb440e3f dbus-0.22-12.EL.8.src.rpm i386: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm b8a46001a416b2e36f5da1e6868c91ec dbus-devel-0.22-12.EL.8.i386.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8e5eadeb5be39e139885336011551656 dbus-python-0.22-12.EL.8.i386.rpm 2f9d064981b12a7f4cb8cf74d6142de5 dbus-x11-0.22-12.EL.8.i386.rpm x86_64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm ac83105ce8b120ec537a3ea54da1e37d dbus-0.22-12.EL.8.x86_64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm e6beedfb77d864db50af50524560ddf2 dbus-debuginfo-0.22-12.EL.8.x86_64.rpm 1b248af405670382e31b06c4fa52fa36 dbus-devel-0.22-12.EL.8.x86_64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8c41138bbf9127bbb2d799f566ce3a8a dbus-glib-0.22-12.EL.8.x86_64.rpm 920cf9a273c521118e374230690a3df6 dbus-python-0.22-12.EL.8.x86_64.rpm 847b2400eee82a36e3542b2f4f2d4947 dbus-x11-0.22-12.EL.8.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/dbus-0.22-12.EL.8.src.rpm 379fdd3f9afb34124fa9b88deb440e3f dbus-0.22-12.EL.8.src.rpm i386: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm b8a46001a416b2e36f5da1e6868c91ec dbus-devel-0.22-12.EL.8.i386.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8e5eadeb5be39e139885336011551656 dbus-python-0.22-12.EL.8.i386.rpm 2f9d064981b12a7f4cb8cf74d6142de5 dbus-x11-0.22-12.EL.8.i386.rpm ia64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm dd584d93cd98e8ebc3331e5c5d938b87 dbus-0.22-12.EL.8.ia64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm 872bafd3dbb945e65141d63418ee9592 dbus-debuginfo-0.22-12.EL.8.ia64.rpm a294a24161855aa73d4a9d83e4f3a107 dbus-devel-0.22-12.EL.8.ia64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm b07996f3ebf2331958a1adfd230302cc dbus-glib-0.22-12.EL.8.ia64.rpm c7406fea694e12487aa8213142ed66ea dbus-python-0.22-12.EL.8.ia64.rpm 7097ef62d6917170005f000a14a54fe7 dbus-x11-0.22-12.EL.8.ia64.rpm x86_64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm ac83105ce8b120ec537a3ea54da1e37d dbus-0.22-12.EL.8.x86_64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm e6beedfb77d864db50af50524560ddf2 dbus-debuginfo-0.22-12.EL.8.x86_64.rpm 1b248af405670382e31b06c4fa52fa36 dbus-devel-0.22-12.EL.8.x86_64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8c41138bbf9127bbb2d799f566ce3a8a dbus-glib-0.22-12.EL.8.x86_64.rpm 920cf9a273c521118e374230690a3df6 dbus-python-0.22-12.EL.8.x86_64.rpm 847b2400eee82a36e3542b2f4f2d4947 dbus-x11-0.22-12.EL.8.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/dbus-0.22-12.EL.8.src.rpm 379fdd3f9afb34124fa9b88deb440e3f dbus-0.22-12.EL.8.src.rpm i386: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm b8a46001a416b2e36f5da1e6868c91ec dbus-devel-0.22-12.EL.8.i386.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8e5eadeb5be39e139885336011551656 dbus-python-0.22-12.EL.8.i386.rpm 2f9d064981b12a7f4cb8cf74d6142de5 dbus-x11-0.22-12.EL.8.i386.rpm ia64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm dd584d93cd98e8ebc3331e5c5d938b87 dbus-0.22-12.EL.8.ia64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm 872bafd3dbb945e65141d63418ee9592 dbus-debuginfo-0.22-12.EL.8.ia64.rpm a294a24161855aa73d4a9d83e4f3a107 dbus-devel-0.22-12.EL.8.ia64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm b07996f3ebf2331958a1adfd230302cc dbus-glib-0.22-12.EL.8.ia64.rpm c7406fea694e12487aa8213142ed66ea dbus-python-0.22-12.EL.8.ia64.rpm 7097ef62d6917170005f000a14a54fe7 dbus-x11-0.22-12.EL.8.ia64.rpm x86_64: e81002d1ca5787e89458cd7d5bb04dd5 dbus-0.22-12.EL.8.i386.rpm ac83105ce8b120ec537a3ea54da1e37d dbus-0.22-12.EL.8.x86_64.rpm 987a9f27799464897a63534b25ae3a8f dbus-debuginfo-0.22-12.EL.8.i386.rpm e6beedfb77d864db50af50524560ddf2 dbus-debuginfo-0.22-12.EL.8.x86_64.rpm 1b248af405670382e31b06c4fa52fa36 dbus-devel-0.22-12.EL.8.x86_64.rpm 5ba2eefce27c72524c7c5cdb1b6e2224 dbus-glib-0.22-12.EL.8.i386.rpm 8c41138bbf9127bbb2d799f566ce3a8a dbus-glib-0.22-12.EL.8.x86_64.rpm 920cf9a273c521118e374230690a3df6 dbus-python-0.22-12.EL.8.x86_64.rpm 847b2400eee82a36e3542b2f4f2d4947 dbus-x11-0.22-12.EL.8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6107 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFyuIjXlSAg2UNWIIRApIjAKCxh133rdAGHarhjGA3X7T1pTi3SACglW7x et3poRJOaO1f3Pn5TLB+eo4= =0+2B -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 8 17:02:54 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 8 Feb 2007 12:02:54 -0500 Subject: [RHSA-2007:0072-01] Critical: IBMJava2 security update Message-ID: <200702081702.l18H2sNL029626@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: IBMJava2 security update Advisory ID: RHSA-2007:0072-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0072.html Issue date: 2007-02-08 Updated on: 2007-02-08 Product: Red Hat Enterprise Linux Obsoletes: RHBA-2007:0023 RHEA-2007:0024 CVE Names: CVE-2006-4339 CVE-2006-6731 CVE-2006-6736 CVE-2006-6737 - --------------------------------------------------------------------- 1. Summary: IBMJava2-JRE and IBMJava2-SDK packages that correct several security issues are available for Red Hat Enterprise Linux 2.1. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: IBM's 1.3.1 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of IBMJava2 should upgrade to these updated packages, which contain IBM's 1.3.1 SR10a Java release which resolves these issues. Please note that the packages in this erratum are the same as those we released on January 24th 2007 with advisories RHBA-2007:0023 and RHEA-2007:0024. We have issued this security update as these previous advisories did not specify that they fixed critical security issues. If you have already updated to those versions of IBMJava you will not need to apply this update. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 226996 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6731 CVE-2006-4339) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/IBMJava2-JRE-1.3.1-12.src.rpm e7699267331fb93d254adad6d45b8d63 IBMJava2-JRE-1.3.1-12.src.rpm ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/IBMJava2-SDK-1.3.1-11.src.rpm b6871fc6d7be29b3786eaa448c9f11c1 IBMJava2-SDK-1.3.1-11.src.rpm i386: 269290c07d286343ea614f2bb343b7d3 IBMJava2-JRE-1.3.1-12.i386.rpm 3e0d926828b12065841f0e225e3e652d IBMJava2-SDK-1.3.1-11.i386.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/IBMJava2-JRE-1.3.1-12.src.rpm e7699267331fb93d254adad6d45b8d63 IBMJava2-JRE-1.3.1-12.src.rpm ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/IBMJava2-SDK-1.3.1-11.src.rpm b6871fc6d7be29b3786eaa448c9f11c1 IBMJava2-SDK-1.3.1-11.src.rpm i386: 269290c07d286343ea614f2bb343b7d3 IBMJava2-JRE-1.3.1-12.i386.rpm 3e0d926828b12065841f0e225e3e652d IBMJava2-SDK-1.3.1-11.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/IBMJava2-JRE-1.3.1-12.src.rpm e7699267331fb93d254adad6d45b8d63 IBMJava2-JRE-1.3.1-12.src.rpm ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/IBMJava2-SDK-1.3.1-11.src.rpm b6871fc6d7be29b3786eaa448c9f11c1 IBMJava2-SDK-1.3.1-11.src.rpm i386: 269290c07d286343ea614f2bb343b7d3 IBMJava2-JRE-1.3.1-12.i386.rpm 3e0d926828b12065841f0e225e3e652d IBMJava2-SDK-1.3.1-11.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6737 http://www-128.ibm.com/developerworks/java/jdk/alerts/ http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFy1eyXlSAg2UNWIIRAoMFAJ9RJ/2Wsu7WJ4e7ClbTH0/rBTCTwQCgnwbb qIWTqeacO0fWcS1oTBgkK7I= =BuhQ -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Feb 9 16:27:34 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 9 Feb 2007 11:27:34 -0500 Subject: [RHSA-2007:0073-01] Critical: java-1.5.0-ibm security update Message-ID: <200702091627.l19GRYh2022703@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: java-1.5.0-ibm security update Advisory ID: RHSA-2007:0073-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0073.html Issue date: 2007-02-09 Updated on: 2007-02-09 Product: Red Hat Enterprise Linux Extras Obsoletes: RHEA-2007:0027 CVE Names: CVE-2006-4339 CVE-2006-6731 CVE-2006-6736 CVE-2006-6737 CVE-2006-6745 - --------------------------------------------------------------------- 1. Summary: java-1.5.0-ibm packages that correct several security issues are available for Red Hat Enterprise Linux 4 Extras. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Problem description: IBM's 1.5.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. Vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these vulnerabilities to access data from other applets. (CVE-2006-6736, CVE-2006-6737) Serialization flaws were discovered in the Java Runtime Environment. An untrusted applet or application could use these flaws to elevate its privileges. (CVE-2006-6745) Buffer overflow vulnerabilities were discovered in the Java Runtime Environment. An untrusted applet could use these flaws to elevate its privileges, possibly reading and writing local files or executing local applications. (CVE-2006-6731) Daniel Bleichenbacher discovered an attack on PKCS #1 v1.5 signatures. Where an RSA key with exponent 3 is used it may be possible for an attacker to forge a PKCS #1 v1.5 signature that would be incorrectly verified by implementations that do not check for excess data in the RSA exponentiation result of the signature. (CVE-2006-4339) All users of java-ibm-1.5.0 should upgrade to these packages, which contain IBM's 1.5.0 SR3 Java release which resolves these issues. Please note that the packages in this erratum are identical to those we released on January 24th 2007 in advisory RHEA-2007:0027. We have issued this security update because when we released RHEA-2007:0027 we were not aware that it contained fixes for security issues. If you have already updated to those packages you will not need to apply this update. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 227990 - CVE-2006-6736 Multiple JRE flaws (CVE-2006-6737 CVE-2006-6745 CVE-2006-6731 CVE-2006-4339) 6. RPMs required: Red Hat Enterprise Linux AS version 4 Extras: i386: b67fc6c6d9feea933d088dc62c6f4cbc java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.i386.rpm ff5e70fb869a0e5809c9412dab37beba java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.i386.rpm 9a6030c81894e02ba3468231000d7dd0 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.i386.rpm 305487b94a158e6f4650bf8a5344e7d5 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.i386.rpm cdfff7b0c17af7f74c6b7cc0997ff6d5 java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.i386.rpm 976a34a3b3443aac3d817526710d802c java-1.5.0-ibm-plugin-1.5.0.3-1jpp.3.el4.i386.rpm 52321637b5330aeb675579705605c734 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.i386.rpm ppc: 2fe83ca7ec1ca133b3f8317547e3f273 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.ppc.rpm eb516a10d2470b9a418a36d4f21f9a78 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.ppc.rpm 0ccf358682c76242ea60662ff40e7c43 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.ppc.rpm b500aad75868c075e16788c1d786dccf java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.ppc.rpm b619093731e096af4949b72ff982b6ca java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.ppc.rpm db04baa7ecc079981f8d2a19af81ace1 java-1.5.0-ibm-plugin-1.5.0.3-1jpp.3.el4.ppc.rpm 6c4d83eee888f0c7665e01b416c264ae java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.ppc.rpm s390: 4ba21c2cdae2a1ef4e58840ad833e9a0 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.s390.rpm 115c4afc374dc7c02479c9a5b94922a0 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.s390.rpm 64da33008e9d625bf50d0824832caba2 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.s390.rpm 161710bcac5f0c3492f141e3316828e7 java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.s390.rpm 281cff793123a37c13160aa819417124 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.s390.rpm s390x: 55ececa007e534f5e27ac5291c6ffb48 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.s390x.rpm 22d24231609afff610dc089415b4a91a java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.s390x.rpm 236ca00cb7add0571df0985381a377eb java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.s390x.rpm e49a180a24e81be67bab59f52769c597 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.s390x.rpm x86_64: 9534b0f12f981f71a94103f90ec80b60 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.x86_64.rpm 0a76b8a704280936931b23e6638644c2 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.x86_64.rpm 1e5c8aa0927e9114b1f4de7e6030b397 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.x86_64.rpm 25ae36a6aa824ce3e30bc6ed35bf3659 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.x86_64.rpm 67d22d181c1cef2a66f5077b41a8ee7d java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: b67fc6c6d9feea933d088dc62c6f4cbc java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.i386.rpm ff5e70fb869a0e5809c9412dab37beba java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.i386.rpm 9a6030c81894e02ba3468231000d7dd0 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.i386.rpm 305487b94a158e6f4650bf8a5344e7d5 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.i386.rpm cdfff7b0c17af7f74c6b7cc0997ff6d5 java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.i386.rpm 976a34a3b3443aac3d817526710d802c java-1.5.0-ibm-plugin-1.5.0.3-1jpp.3.el4.i386.rpm 52321637b5330aeb675579705605c734 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.i386.rpm x86_64: 9534b0f12f981f71a94103f90ec80b60 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.x86_64.rpm 0a76b8a704280936931b23e6638644c2 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.x86_64.rpm 1e5c8aa0927e9114b1f4de7e6030b397 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.x86_64.rpm 25ae36a6aa824ce3e30bc6ed35bf3659 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.x86_64.rpm 67d22d181c1cef2a66f5077b41a8ee7d java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: b67fc6c6d9feea933d088dc62c6f4cbc java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.i386.rpm ff5e70fb869a0e5809c9412dab37beba java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.i386.rpm 9a6030c81894e02ba3468231000d7dd0 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.i386.rpm 305487b94a158e6f4650bf8a5344e7d5 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.i386.rpm cdfff7b0c17af7f74c6b7cc0997ff6d5 java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.i386.rpm 976a34a3b3443aac3d817526710d802c java-1.5.0-ibm-plugin-1.5.0.3-1jpp.3.el4.i386.rpm 52321637b5330aeb675579705605c734 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.i386.rpm x86_64: 9534b0f12f981f71a94103f90ec80b60 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.x86_64.rpm 0a76b8a704280936931b23e6638644c2 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.x86_64.rpm 1e5c8aa0927e9114b1f4de7e6030b397 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.x86_64.rpm 25ae36a6aa824ce3e30bc6ed35bf3659 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.x86_64.rpm 67d22d181c1cef2a66f5077b41a8ee7d java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: b67fc6c6d9feea933d088dc62c6f4cbc java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.i386.rpm ff5e70fb869a0e5809c9412dab37beba java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.i386.rpm 9a6030c81894e02ba3468231000d7dd0 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.i386.rpm 305487b94a158e6f4650bf8a5344e7d5 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.i386.rpm cdfff7b0c17af7f74c6b7cc0997ff6d5 java-1.5.0-ibm-jdbc-1.5.0.3-1jpp.3.el4.i386.rpm 976a34a3b3443aac3d817526710d802c java-1.5.0-ibm-plugin-1.5.0.3-1jpp.3.el4.i386.rpm 52321637b5330aeb675579705605c734 java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.i386.rpm x86_64: 9534b0f12f981f71a94103f90ec80b60 java-1.5.0-ibm-1.5.0.3-1jpp.3.el4.x86_64.rpm 0a76b8a704280936931b23e6638644c2 java-1.5.0-ibm-demo-1.5.0.3-1jpp.3.el4.x86_64.rpm 1e5c8aa0927e9114b1f4de7e6030b397 java-1.5.0-ibm-devel-1.5.0.3-1jpp.3.el4.x86_64.rpm 25ae36a6aa824ce3e30bc6ed35bf3659 java-1.5.0-ibm-javacomm-1.5.0.3-1jpp.3.el4.x86_64.rpm 67d22d181c1cef2a66f5077b41a8ee7d java-1.5.0-ibm-src-1.5.0.3-1jpp.3.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6745 http://www-128.ibm.com/developerworks/java/jdk/alerts/ http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFFzKDuXlSAg2UNWIIRAkmeAJ9AMk7GXsV2mQ3PQVvkmDfLAnqK8wCdHZbA A8qqc+McewzA7EZKhdWmtLI= =5lep -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 15 16:42:12 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 15 Feb 2007 11:42:12 -0500 Subject: [RHSA-2007:0015-01] Moderate: ImageMagick security update Message-ID: <200702151642.l1FGgCCa005614@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ImageMagick security update Advisory ID: RHSA-2007:0015-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0015.html Issue date: 2007-02-15 Updated on: 2007-02-15 Product: Red Hat Enterprise Linux Keywords: heap buffer overflow PALM DCM SGI DisplayImageCommand CVE Names: CVE-2006-2440 CVE-2006-5456 CVE-2006-5868 - --------------------------------------------------------------------- 1. Summary: Updated ImageMagick packages that correct several security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Several security flaws were discovered in the way ImageMagick decodes DCM, PALM, and SGI graphic files. An attacker may be able to execute arbitrary code on a victim's machine if they were able to trick the victim into opening a specially crafted image file (CVE-2006-5456, CVE-2006-5868). A heap overflow flaw was found in ImageMagick. An attacker may be able to execute arbitrary code on a victim's machine if they were able to trick the victim into opening a specially crafted file (CVE-2006-2440). This issue only affected the version of ImageMagick distributed with Red Hat Enterprise Linux 4. Users of ImageMagick should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 192278 - CVE-2006-2440 ImageMagick heap overflow 210921 - CVE-2006-5456 Overflows in GraphicsMagick and ImageMagick's DCM and PALM handling routines 217558 - CVE-2006-5868 Insufficient boundary check in ImageMagick's SGIDecode() 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/ImageMagick-5.3.8-18.src.rpm 5b13d2b87e699fa3ecc4861df2c21d85 ImageMagick-5.3.8-18.src.rpm i386: 109a54c8115e9f929a120fe907ac1bbe ImageMagick-5.3.8-18.i386.rpm 60cf95f3801824d731cfe3d93f3cc516 ImageMagick-c++-5.3.8-18.i386.rpm edb9abb15ef1cc8591236a5f5dd8dee5 ImageMagick-c++-devel-5.3.8-18.i386.rpm fae9ae59ec43099ff7eeae3c3f04b6fc ImageMagick-devel-5.3.8-18.i386.rpm ceec4698e6267617714a29671e7e4b64 ImageMagick-perl-5.3.8-18.i386.rpm ia64: 54b13bbeeca97ca66b702f007ebd9503 ImageMagick-5.3.8-18.ia64.rpm e5d8dfdd4c976643759ba672776e6c08 ImageMagick-c++-5.3.8-18.ia64.rpm bebe9a5db3becec10f24c928a07ab4f5 ImageMagick-c++-devel-5.3.8-18.ia64.rpm 1e0d98e9a9f1cf0b82fc1fa320e85c1d ImageMagick-devel-5.3.8-18.ia64.rpm c8c3614e04ba85f6aa978314b7d6a1d8 ImageMagick-perl-5.3.8-18.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/ImageMagick-5.3.8-18.src.rpm 5b13d2b87e699fa3ecc4861df2c21d85 ImageMagick-5.3.8-18.src.rpm ia64: 54b13bbeeca97ca66b702f007ebd9503 ImageMagick-5.3.8-18.ia64.rpm e5d8dfdd4c976643759ba672776e6c08 ImageMagick-c++-5.3.8-18.ia64.rpm bebe9a5db3becec10f24c928a07ab4f5 ImageMagick-c++-devel-5.3.8-18.ia64.rpm 1e0d98e9a9f1cf0b82fc1fa320e85c1d ImageMagick-devel-5.3.8-18.ia64.rpm c8c3614e04ba85f6aa978314b7d6a1d8 ImageMagick-perl-5.3.8-18.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/ImageMagick-5.3.8-18.src.rpm 5b13d2b87e699fa3ecc4861df2c21d85 ImageMagick-5.3.8-18.src.rpm i386: 109a54c8115e9f929a120fe907ac1bbe ImageMagick-5.3.8-18.i386.rpm 60cf95f3801824d731cfe3d93f3cc516 ImageMagick-c++-5.3.8-18.i386.rpm edb9abb15ef1cc8591236a5f5dd8dee5 ImageMagick-c++-devel-5.3.8-18.i386.rpm fae9ae59ec43099ff7eeae3c3f04b6fc ImageMagick-devel-5.3.8-18.i386.rpm ceec4698e6267617714a29671e7e4b64 ImageMagick-perl-5.3.8-18.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/ImageMagick-5.3.8-18.src.rpm 5b13d2b87e699fa3ecc4861df2c21d85 ImageMagick-5.3.8-18.src.rpm i386: 109a54c8115e9f929a120fe907ac1bbe ImageMagick-5.3.8-18.i386.rpm 60cf95f3801824d731cfe3d93f3cc516 ImageMagick-c++-5.3.8-18.i386.rpm edb9abb15ef1cc8591236a5f5dd8dee5 ImageMagick-c++-devel-5.3.8-18.i386.rpm fae9ae59ec43099ff7eeae3c3f04b6fc ImageMagick-devel-5.3.8-18.i386.rpm ceec4698e6267617714a29671e7e4b64 ImageMagick-perl-5.3.8-18.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/ImageMagick-5.5.6-24.src.rpm 3bc950ceb552980d3f1c21bae5315d7e ImageMagick-5.5.6-24.src.rpm i386: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ece4528cde3b2482ed05c51733a4e5c3 ImageMagick-c++-devel-5.5.6-24.i386.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 11c8fcd1c18be1adabbf54f850185805 ImageMagick-devel-5.5.6-24.i386.rpm 78d0675a445d7335a9b8bf9d2544d50d ImageMagick-perl-5.5.6-24.i386.rpm ia64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm 91906175b71992a300ca3573609465e7 ImageMagick-5.5.6-24.ia64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ce2ce7cea7ca24c3c203c8c09e3a0f37 ImageMagick-c++-5.5.6-24.ia64.rpm ad06eb6b80e032228d9e31a819dcc3b7 ImageMagick-c++-devel-5.5.6-24.ia64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 5c6167a5c7057b600f14477facbaddcb ImageMagick-debuginfo-5.5.6-24.ia64.rpm a90e21b07eb4c75e122d727e59a10898 ImageMagick-devel-5.5.6-24.ia64.rpm 33398fd39d8b4ff5679044c0ed863250 ImageMagick-perl-5.5.6-24.ia64.rpm ppc: cc732e4a0bd23788e9ea0dd66db1c8cb ImageMagick-5.5.6-24.ppc.rpm 69e719534910f8c71ae95d503071b056 ImageMagick-5.5.6-24.ppc64.rpm c505c387cb23b76ad5e02b94da5f5077 ImageMagick-c++-5.5.6-24.ppc.rpm 302d02b3c23fef2264a57dba732af8fc ImageMagick-c++-5.5.6-24.ppc64.rpm 85de69a83083a37591bc42b3c01ea6c3 ImageMagick-c++-devel-5.5.6-24.ppc.rpm 6f07575361511a9f40da41a9d914fe29 ImageMagick-debuginfo-5.5.6-24.ppc.rpm 7de70179c8f23c44395210a2e571f1c8 ImageMagick-debuginfo-5.5.6-24.ppc64.rpm 0940ea72f42211f04db878d44f03d845 ImageMagick-devel-5.5.6-24.ppc.rpm a69bf168bf9e0449d5a6270f85fe0a70 ImageMagick-perl-5.5.6-24.ppc.rpm s390: 6d2b5fa36d929e8c353868e8dfd6b95f ImageMagick-5.5.6-24.s390.rpm c80729516bf2844dce872359d22d4304 ImageMagick-c++-5.5.6-24.s390.rpm b3c83844aeb38ebcfc329f24bed31dc1 ImageMagick-c++-devel-5.5.6-24.s390.rpm 302e4a738a6cea21e235bc2b6b43f720 ImageMagick-debuginfo-5.5.6-24.s390.rpm 4b761fada146122d861a6da0e1a6c11c ImageMagick-devel-5.5.6-24.s390.rpm 9c42eceb1da913f05c5886d409d9e533 ImageMagick-perl-5.5.6-24.s390.rpm s390x: 6d2b5fa36d929e8c353868e8dfd6b95f ImageMagick-5.5.6-24.s390.rpm 83a48034d40a65268c92cd6d3fa0923e ImageMagick-5.5.6-24.s390x.rpm c80729516bf2844dce872359d22d4304 ImageMagick-c++-5.5.6-24.s390.rpm 7c330f27b091c3e4ef1ae772a0d08c3d ImageMagick-c++-5.5.6-24.s390x.rpm a8db406b8b6ca650f96a86733ebfb490 ImageMagick-c++-devel-5.5.6-24.s390x.rpm 302e4a738a6cea21e235bc2b6b43f720 ImageMagick-debuginfo-5.5.6-24.s390.rpm 9c3ce4f5ba73df47171fe4eac2f86959 ImageMagick-debuginfo-5.5.6-24.s390x.rpm 71607e82232dd8733ddd76caba6e755d ImageMagick-devel-5.5.6-24.s390x.rpm 722afd966930b322bce57fa5067a6343 ImageMagick-perl-5.5.6-24.s390x.rpm x86_64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm db92a0a1333d240dbd1b6385471dba5d ImageMagick-5.5.6-24.x86_64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm eccf9720c31adb5ee69b14225160ac3c ImageMagick-c++-5.5.6-24.x86_64.rpm ab1c05b920996aed894619f5751f6b29 ImageMagick-c++-devel-5.5.6-24.x86_64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 53d697504893ba7b59343e4f84b64602 ImageMagick-debuginfo-5.5.6-24.x86_64.rpm d2e2dab017e2269d1d56f485b65ac575 ImageMagick-devel-5.5.6-24.x86_64.rpm 5e1adfa36e1f65b2376d9db34a4c225c ImageMagick-perl-5.5.6-24.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/ImageMagick-5.5.6-24.src.rpm 3bc950ceb552980d3f1c21bae5315d7e ImageMagick-5.5.6-24.src.rpm i386: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ece4528cde3b2482ed05c51733a4e5c3 ImageMagick-c++-devel-5.5.6-24.i386.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 11c8fcd1c18be1adabbf54f850185805 ImageMagick-devel-5.5.6-24.i386.rpm 78d0675a445d7335a9b8bf9d2544d50d ImageMagick-perl-5.5.6-24.i386.rpm x86_64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm db92a0a1333d240dbd1b6385471dba5d ImageMagick-5.5.6-24.x86_64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm eccf9720c31adb5ee69b14225160ac3c ImageMagick-c++-5.5.6-24.x86_64.rpm ab1c05b920996aed894619f5751f6b29 ImageMagick-c++-devel-5.5.6-24.x86_64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 53d697504893ba7b59343e4f84b64602 ImageMagick-debuginfo-5.5.6-24.x86_64.rpm d2e2dab017e2269d1d56f485b65ac575 ImageMagick-devel-5.5.6-24.x86_64.rpm 5e1adfa36e1f65b2376d9db34a4c225c ImageMagick-perl-5.5.6-24.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/ImageMagick-5.5.6-24.src.rpm 3bc950ceb552980d3f1c21bae5315d7e ImageMagick-5.5.6-24.src.rpm i386: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ece4528cde3b2482ed05c51733a4e5c3 ImageMagick-c++-devel-5.5.6-24.i386.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 11c8fcd1c18be1adabbf54f850185805 ImageMagick-devel-5.5.6-24.i386.rpm 78d0675a445d7335a9b8bf9d2544d50d ImageMagick-perl-5.5.6-24.i386.rpm ia64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm 91906175b71992a300ca3573609465e7 ImageMagick-5.5.6-24.ia64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ce2ce7cea7ca24c3c203c8c09e3a0f37 ImageMagick-c++-5.5.6-24.ia64.rpm ad06eb6b80e032228d9e31a819dcc3b7 ImageMagick-c++-devel-5.5.6-24.ia64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 5c6167a5c7057b600f14477facbaddcb ImageMagick-debuginfo-5.5.6-24.ia64.rpm a90e21b07eb4c75e122d727e59a10898 ImageMagick-devel-5.5.6-24.ia64.rpm 33398fd39d8b4ff5679044c0ed863250 ImageMagick-perl-5.5.6-24.ia64.rpm x86_64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm db92a0a1333d240dbd1b6385471dba5d ImageMagick-5.5.6-24.x86_64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm eccf9720c31adb5ee69b14225160ac3c ImageMagick-c++-5.5.6-24.x86_64.rpm ab1c05b920996aed894619f5751f6b29 ImageMagick-c++-devel-5.5.6-24.x86_64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 53d697504893ba7b59343e4f84b64602 ImageMagick-debuginfo-5.5.6-24.x86_64.rpm d2e2dab017e2269d1d56f485b65ac575 ImageMagick-devel-5.5.6-24.x86_64.rpm 5e1adfa36e1f65b2376d9db34a4c225c ImageMagick-perl-5.5.6-24.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/ImageMagick-5.5.6-24.src.rpm 3bc950ceb552980d3f1c21bae5315d7e ImageMagick-5.5.6-24.src.rpm i386: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ece4528cde3b2482ed05c51733a4e5c3 ImageMagick-c++-devel-5.5.6-24.i386.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 11c8fcd1c18be1adabbf54f850185805 ImageMagick-devel-5.5.6-24.i386.rpm 78d0675a445d7335a9b8bf9d2544d50d ImageMagick-perl-5.5.6-24.i386.rpm ia64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm 91906175b71992a300ca3573609465e7 ImageMagick-5.5.6-24.ia64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm ce2ce7cea7ca24c3c203c8c09e3a0f37 ImageMagick-c++-5.5.6-24.ia64.rpm ad06eb6b80e032228d9e31a819dcc3b7 ImageMagick-c++-devel-5.5.6-24.ia64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 5c6167a5c7057b600f14477facbaddcb ImageMagick-debuginfo-5.5.6-24.ia64.rpm a90e21b07eb4c75e122d727e59a10898 ImageMagick-devel-5.5.6-24.ia64.rpm 33398fd39d8b4ff5679044c0ed863250 ImageMagick-perl-5.5.6-24.ia64.rpm x86_64: 6a55ce27a37b9e59756aa204084a3e19 ImageMagick-5.5.6-24.i386.rpm db92a0a1333d240dbd1b6385471dba5d ImageMagick-5.5.6-24.x86_64.rpm e87155faf7715f7885590812b35a49fd ImageMagick-c++-5.5.6-24.i386.rpm eccf9720c31adb5ee69b14225160ac3c ImageMagick-c++-5.5.6-24.x86_64.rpm ab1c05b920996aed894619f5751f6b29 ImageMagick-c++-devel-5.5.6-24.x86_64.rpm 675c74666d0b011c18ec7e79d8ddb039 ImageMagick-debuginfo-5.5.6-24.i386.rpm 53d697504893ba7b59343e4f84b64602 ImageMagick-debuginfo-5.5.6-24.x86_64.rpm d2e2dab017e2269d1d56f485b65ac575 ImageMagick-devel-5.5.6-24.x86_64.rpm 5e1adfa36e1f65b2376d9db34a4c225c ImageMagick-perl-5.5.6-24.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/ImageMagick-6.0.7.1-16.0.3.src.rpm 8ba50344d72fa3ed2dc8f13885033f16 ImageMagick-6.0.7.1-16.0.3.src.rpm i386: 403efb368019b49e27d607b787f0bcfc ImageMagick-6.0.7.1-16.0.3.i386.rpm af1dd3384e84f325712103903e936b79 ImageMagick-c++-6.0.7.1-16.0.3.i386.rpm 6b240b1bcaa2d8963cd0b7e063ed06e3 ImageMagick-c++-devel-6.0.7.1-16.0.3.i386.rpm 560989c86b5dac1a634fb99d14d73b6d ImageMagick-debuginfo-6.0.7.1-16.0.3.i386.rpm 847a3979f10ee0d50b53d26e66353474 ImageMagick-devel-6.0.7.1-16.0.3.i386.rpm ec32e050f5a54e53a13c69729af6c569 ImageMagick-perl-6.0.7.1-16.0.3.i386.rpm ia64: f3eb1fa2d4dc6eb774d9bff138abba47 ImageMagick-6.0.7.1-16.0.3.ia64.rpm 4948ce851716710e00f705e3e0aeaea8 ImageMagick-c++-6.0.7.1-16.0.3.ia64.rpm 8f250177128cbb3d1afcff6a5522d674 ImageMagick-c++-devel-6.0.7.1-16.0.3.ia64.rpm 6e69adcf540d3b634275bc2a3daaee05 ImageMagick-debuginfo-6.0.7.1-16.0.3.ia64.rpm dbff630e687031a7fa88a14e209cb2fe ImageMagick-devel-6.0.7.1-16.0.3.ia64.rpm 86e458c7092ff28a074a628c69b059dc ImageMagick-perl-6.0.7.1-16.0.3.ia64.rpm ppc: f83a39b89723bb17fe8b39ed91808bf9 ImageMagick-6.0.7.1-16.0.3.ppc.rpm 9c08581e5afaa18b76f3f8573cd85689 ImageMagick-c++-6.0.7.1-16.0.3.ppc.rpm 24a1de0bf0b7e20a9d1d0b6c8ae770d9 ImageMagick-c++-devel-6.0.7.1-16.0.3.ppc.rpm 653b1b42b1756e9754c0e1fada2065d9 ImageMagick-debuginfo-6.0.7.1-16.0.3.ppc.rpm 04c4e8ebe931a369303446e2b256e809 ImageMagick-devel-6.0.7.1-16.0.3.ppc.rpm e615284fbbef05effbc75741b4ad166f ImageMagick-perl-6.0.7.1-16.0.3.ppc.rpm s390: fa0be9e39c21e2614df650f7c6df01a0 ImageMagick-6.0.7.1-16.0.3.s390.rpm 9ae1153b5507ee12b1d0b8a70128c361 ImageMagick-c++-6.0.7.1-16.0.3.s390.rpm f8ea16d5933639c687d2600c613198b5 ImageMagick-c++-devel-6.0.7.1-16.0.3.s390.rpm f470da4fc5732ef4c4b7f02a90a02180 ImageMagick-debuginfo-6.0.7.1-16.0.3.s390.rpm 8e220d50cc09ca1b9db38df6dbf3d338 ImageMagick-devel-6.0.7.1-16.0.3.s390.rpm 20f51c2c36b0f5659def080b054e0189 ImageMagick-perl-6.0.7.1-16.0.3.s390.rpm s390x: 7629763b389c6aadd7c6787b3e321e02 ImageMagick-6.0.7.1-16.0.3.s390x.rpm 4a5bb45313add5ad8881e90a25038efd ImageMagick-c++-6.0.7.1-16.0.3.s390x.rpm 01be6d16a163a13ba0f7ea653f7d5199 ImageMagick-c++-devel-6.0.7.1-16.0.3.s390x.rpm be2fddd6c5266e84f5e1559a007c64b2 ImageMagick-debuginfo-6.0.7.1-16.0.3.s390x.rpm dffeb8afca405a2fc05f8d3ae738a983 ImageMagick-devel-6.0.7.1-16.0.3.s390x.rpm 1e14883652257e2b5a4de605ecf40797 ImageMagick-perl-6.0.7.1-16.0.3.s390x.rpm x86_64: 2c561526d05cab194880c3b51c7d81b9 ImageMagick-6.0.7.1-16.0.3.x86_64.rpm 6e9e51c2fbef3f88a954af41f2598d8e ImageMagick-c++-6.0.7.1-16.0.3.x86_64.rpm 9c5c0a0bedc7fa1cc63e79adb6450cdb ImageMagick-c++-devel-6.0.7.1-16.0.3.x86_64.rpm a1733c01e15c84860543120d14ca94b3 ImageMagick-debuginfo-6.0.7.1-16.0.3.x86_64.rpm 1a83c8311f29525e2361d0ffd8a4980b ImageMagick-devel-6.0.7.1-16.0.3.x86_64.rpm bc758e97974722c09746f100e7aa614a ImageMagick-perl-6.0.7.1-16.0.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/ImageMagick-6.0.7.1-16.0.3.src.rpm 8ba50344d72fa3ed2dc8f13885033f16 ImageMagick-6.0.7.1-16.0.3.src.rpm i386: 403efb368019b49e27d607b787f0bcfc ImageMagick-6.0.7.1-16.0.3.i386.rpm af1dd3384e84f325712103903e936b79 ImageMagick-c++-6.0.7.1-16.0.3.i386.rpm 6b240b1bcaa2d8963cd0b7e063ed06e3 ImageMagick-c++-devel-6.0.7.1-16.0.3.i386.rpm 560989c86b5dac1a634fb99d14d73b6d ImageMagick-debuginfo-6.0.7.1-16.0.3.i386.rpm 847a3979f10ee0d50b53d26e66353474 ImageMagick-devel-6.0.7.1-16.0.3.i386.rpm ec32e050f5a54e53a13c69729af6c569 ImageMagick-perl-6.0.7.1-16.0.3.i386.rpm x86_64: 2c561526d05cab194880c3b51c7d81b9 ImageMagick-6.0.7.1-16.0.3.x86_64.rpm 6e9e51c2fbef3f88a954af41f2598d8e ImageMagick-c++-6.0.7.1-16.0.3.x86_64.rpm 9c5c0a0bedc7fa1cc63e79adb6450cdb ImageMagick-c++-devel-6.0.7.1-16.0.3.x86_64.rpm a1733c01e15c84860543120d14ca94b3 ImageMagick-debuginfo-6.0.7.1-16.0.3.x86_64.rpm 1a83c8311f29525e2361d0ffd8a4980b ImageMagick-devel-6.0.7.1-16.0.3.x86_64.rpm bc758e97974722c09746f100e7aa614a ImageMagick-perl-6.0.7.1-16.0.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/ImageMagick-6.0.7.1-16.0.3.src.rpm 8ba50344d72fa3ed2dc8f13885033f16 ImageMagick-6.0.7.1-16.0.3.src.rpm i386: 403efb368019b49e27d607b787f0bcfc ImageMagick-6.0.7.1-16.0.3.i386.rpm af1dd3384e84f325712103903e936b79 ImageMagick-c++-6.0.7.1-16.0.3.i386.rpm 6b240b1bcaa2d8963cd0b7e063ed06e3 ImageMagick-c++-devel-6.0.7.1-16.0.3.i386.rpm 560989c86b5dac1a634fb99d14d73b6d ImageMagick-debuginfo-6.0.7.1-16.0.3.i386.rpm 847a3979f10ee0d50b53d26e66353474 ImageMagick-devel-6.0.7.1-16.0.3.i386.rpm ec32e050f5a54e53a13c69729af6c569 ImageMagick-perl-6.0.7.1-16.0.3.i386.rpm ia64: f3eb1fa2d4dc6eb774d9bff138abba47 ImageMagick-6.0.7.1-16.0.3.ia64.rpm 4948ce851716710e00f705e3e0aeaea8 ImageMagick-c++-6.0.7.1-16.0.3.ia64.rpm 8f250177128cbb3d1afcff6a5522d674 ImageMagick-c++-devel-6.0.7.1-16.0.3.ia64.rpm 6e69adcf540d3b634275bc2a3daaee05 ImageMagick-debuginfo-6.0.7.1-16.0.3.ia64.rpm dbff630e687031a7fa88a14e209cb2fe ImageMagick-devel-6.0.7.1-16.0.3.ia64.rpm 86e458c7092ff28a074a628c69b059dc ImageMagick-perl-6.0.7.1-16.0.3.ia64.rpm x86_64: 2c561526d05cab194880c3b51c7d81b9 ImageMagick-6.0.7.1-16.0.3.x86_64.rpm 6e9e51c2fbef3f88a954af41f2598d8e ImageMagick-c++-6.0.7.1-16.0.3.x86_64.rpm 9c5c0a0bedc7fa1cc63e79adb6450cdb ImageMagick-c++-devel-6.0.7.1-16.0.3.x86_64.rpm a1733c01e15c84860543120d14ca94b3 ImageMagick-debuginfo-6.0.7.1-16.0.3.x86_64.rpm 1a83c8311f29525e2361d0ffd8a4980b ImageMagick-devel-6.0.7.1-16.0.3.x86_64.rpm bc758e97974722c09746f100e7aa614a ImageMagick-perl-6.0.7.1-16.0.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/ImageMagick-6.0.7.1-16.0.3.src.rpm 8ba50344d72fa3ed2dc8f13885033f16 ImageMagick-6.0.7.1-16.0.3.src.rpm i386: 403efb368019b49e27d607b787f0bcfc ImageMagick-6.0.7.1-16.0.3.i386.rpm af1dd3384e84f325712103903e936b79 ImageMagick-c++-6.0.7.1-16.0.3.i386.rpm 6b240b1bcaa2d8963cd0b7e063ed06e3 ImageMagick-c++-devel-6.0.7.1-16.0.3.i386.rpm 560989c86b5dac1a634fb99d14d73b6d ImageMagick-debuginfo-6.0.7.1-16.0.3.i386.rpm 847a3979f10ee0d50b53d26e66353474 ImageMagick-devel-6.0.7.1-16.0.3.i386.rpm ec32e050f5a54e53a13c69729af6c569 ImageMagick-perl-6.0.7.1-16.0.3.i386.rpm ia64: f3eb1fa2d4dc6eb774d9bff138abba47 ImageMagick-6.0.7.1-16.0.3.ia64.rpm 4948ce851716710e00f705e3e0aeaea8 ImageMagick-c++-6.0.7.1-16.0.3.ia64.rpm 8f250177128cbb3d1afcff6a5522d674 ImageMagick-c++-devel-6.0.7.1-16.0.3.ia64.rpm 6e69adcf540d3b634275bc2a3daaee05 ImageMagick-debuginfo-6.0.7.1-16.0.3.ia64.rpm dbff630e687031a7fa88a14e209cb2fe ImageMagick-devel-6.0.7.1-16.0.3.ia64.rpm 86e458c7092ff28a074a628c69b059dc ImageMagick-perl-6.0.7.1-16.0.3.ia64.rpm x86_64: 2c561526d05cab194880c3b51c7d81b9 ImageMagick-6.0.7.1-16.0.3.x86_64.rpm 6e9e51c2fbef3f88a954af41f2598d8e ImageMagick-c++-6.0.7.1-16.0.3.x86_64.rpm 9c5c0a0bedc7fa1cc63e79adb6450cdb ImageMagick-c++-devel-6.0.7.1-16.0.3.x86_64.rpm a1733c01e15c84860543120d14ca94b3 ImageMagick-debuginfo-6.0.7.1-16.0.3.x86_64.rpm 1a83c8311f29525e2361d0ffd8a4980b ImageMagick-devel-6.0.7.1-16.0.3.x86_64.rpm bc758e97974722c09746f100e7aa614a ImageMagick-perl-6.0.7.1-16.0.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2440 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5868 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF1I1dXlSAg2UNWIIRAlWpAKChw1ZDVPW3eWo38tgk2cqHMRotrACgwvSf vQbWvqfQ8/4dZDupRJ9UqUo= =E85G -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 15 19:14:28 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 15 Feb 2007 14:14:28 -0500 Subject: [RHSA-2007:0060-01] Moderate: samba security update Message-ID: <200702151914.l1FJES8C022487@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: samba security update Advisory ID: RHSA-2007:0060-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0060.html Issue date: 2007-02-15 Updated on: 2007-02-15 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0452 - --------------------------------------------------------------------- 1. Summary: Updated samba packages that fix a denial of service vulnerability are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Samba provides file and printer sharing services to SMB/CIFS clients. A denial of service flaw was found in Samba's smbd daemon process. An authenticated user could send a specially crafted request which would cause a smbd child process to enter an infinite loop condition. By opening multiple CIFS sessions, an attacker could exhaust system resources. (CVE-2007-0452) Users of Samba should update to these packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 225513 - CVE-2007-0452 Samba smbd denial of service 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.12.src.rpm ce0b9cb53d9cf6bfc5af08fa9073854b samba-3.0.9-1.3E.12.src.rpm i386: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 4635cec25aee298559b255e13c03d120 samba-client-3.0.9-1.3E.12.i386.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm 48a2f32186634fdf8098fec5e4eb2fb6 samba-swat-3.0.9-1.3E.12.i386.rpm ia64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 552d12e87a248312f3dd6d8b51e96543 samba-3.0.9-1.3E.12.ia64.rpm 001b99b0dde1e515328bc4294ae1ddf5 samba-client-3.0.9-1.3E.12.ia64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 810fef4ebf8c43e1d5ba8ede1aeec341 samba-common-3.0.9-1.3E.12.ia64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm d8458b16b67e29509b4493a46e6f81e4 samba-debuginfo-3.0.9-1.3E.12.ia64.rpm fed5300109f4c7bee3cd39bfcdce2ddd samba-swat-3.0.9-1.3E.12.ia64.rpm ppc: c57b6c0c1ec865da6fbc2d550567e16a samba-3.0.9-1.3E.12.ppc.rpm 3709c77a9889d420c20b84f9d919e2b0 samba-3.0.9-1.3E.12.ppc64.rpm 453cee4be52d1c1167a3e6382878c6a1 samba-client-3.0.9-1.3E.12.ppc.rpm 1b1f00ceac2c9b9f66eb81f9faa2d33d samba-common-3.0.9-1.3E.12.ppc.rpm c5db2a59e12f8630a820afdb21b26cf4 samba-common-3.0.9-1.3E.12.ppc64.rpm ed688d8a52259b0e351ab4ae1a69686d samba-debuginfo-3.0.9-1.3E.12.ppc.rpm c7408b1b2f98c05a02bf91980441710e samba-debuginfo-3.0.9-1.3E.12.ppc64.rpm 991745bbdfb2069199689cc0e8179b6b samba-swat-3.0.9-1.3E.12.ppc.rpm s390: 7185d1b7ed4c6b343d84d244367c897a samba-3.0.9-1.3E.12.s390.rpm ff558106c6014a615853c70b61c06bf3 samba-client-3.0.9-1.3E.12.s390.rpm 16474921e54290ffacd0fc0805bbe774 samba-common-3.0.9-1.3E.12.s390.rpm 8a839ba8935a17a4223a84db98b80174 samba-debuginfo-3.0.9-1.3E.12.s390.rpm 0ca534cd4d38b52aa2347ca9aa19c6ef samba-swat-3.0.9-1.3E.12.s390.rpm s390x: 7185d1b7ed4c6b343d84d244367c897a samba-3.0.9-1.3E.12.s390.rpm c81db71ca4876f6788cd3d7985807685 samba-3.0.9-1.3E.12.s390x.rpm 13f16b8478a3d725371ab044f3e111ff samba-client-3.0.9-1.3E.12.s390x.rpm 16474921e54290ffacd0fc0805bbe774 samba-common-3.0.9-1.3E.12.s390.rpm fd75dfd2ca23dfe8dafa3949b08f0cb8 samba-common-3.0.9-1.3E.12.s390x.rpm 8a839ba8935a17a4223a84db98b80174 samba-debuginfo-3.0.9-1.3E.12.s390.rpm dae5dd427cbac8636d255832634f97aa samba-debuginfo-3.0.9-1.3E.12.s390x.rpm fca36a55d6fe5a58da7ed44fb62a26c9 samba-swat-3.0.9-1.3E.12.s390x.rpm x86_64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm ff486898c3851908d571941737bb2a43 samba-3.0.9-1.3E.12.x86_64.rpm 2f49ffe467a09e8a454e63a1f43f8de1 samba-client-3.0.9-1.3E.12.x86_64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 660e34b273f4e47bc19ba5f3862b0b74 samba-common-3.0.9-1.3E.12.x86_64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm dab9942f2074de02cebe3855133cd677 samba-debuginfo-3.0.9-1.3E.12.x86_64.rpm 73a3404ce273ee85b5ebee7ad1462d9b samba-swat-3.0.9-1.3E.12.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.12.src.rpm ce0b9cb53d9cf6bfc5af08fa9073854b samba-3.0.9-1.3E.12.src.rpm i386: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 4635cec25aee298559b255e13c03d120 samba-client-3.0.9-1.3E.12.i386.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm 48a2f32186634fdf8098fec5e4eb2fb6 samba-swat-3.0.9-1.3E.12.i386.rpm x86_64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm ff486898c3851908d571941737bb2a43 samba-3.0.9-1.3E.12.x86_64.rpm 2f49ffe467a09e8a454e63a1f43f8de1 samba-client-3.0.9-1.3E.12.x86_64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 660e34b273f4e47bc19ba5f3862b0b74 samba-common-3.0.9-1.3E.12.x86_64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm dab9942f2074de02cebe3855133cd677 samba-debuginfo-3.0.9-1.3E.12.x86_64.rpm 73a3404ce273ee85b5ebee7ad1462d9b samba-swat-3.0.9-1.3E.12.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.12.src.rpm ce0b9cb53d9cf6bfc5af08fa9073854b samba-3.0.9-1.3E.12.src.rpm i386: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 4635cec25aee298559b255e13c03d120 samba-client-3.0.9-1.3E.12.i386.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm 48a2f32186634fdf8098fec5e4eb2fb6 samba-swat-3.0.9-1.3E.12.i386.rpm ia64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 552d12e87a248312f3dd6d8b51e96543 samba-3.0.9-1.3E.12.ia64.rpm 001b99b0dde1e515328bc4294ae1ddf5 samba-client-3.0.9-1.3E.12.ia64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 810fef4ebf8c43e1d5ba8ede1aeec341 samba-common-3.0.9-1.3E.12.ia64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm d8458b16b67e29509b4493a46e6f81e4 samba-debuginfo-3.0.9-1.3E.12.ia64.rpm fed5300109f4c7bee3cd39bfcdce2ddd samba-swat-3.0.9-1.3E.12.ia64.rpm x86_64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm ff486898c3851908d571941737bb2a43 samba-3.0.9-1.3E.12.x86_64.rpm 2f49ffe467a09e8a454e63a1f43f8de1 samba-client-3.0.9-1.3E.12.x86_64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 660e34b273f4e47bc19ba5f3862b0b74 samba-common-3.0.9-1.3E.12.x86_64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm dab9942f2074de02cebe3855133cd677 samba-debuginfo-3.0.9-1.3E.12.x86_64.rpm 73a3404ce273ee85b5ebee7ad1462d9b samba-swat-3.0.9-1.3E.12.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.12.src.rpm ce0b9cb53d9cf6bfc5af08fa9073854b samba-3.0.9-1.3E.12.src.rpm i386: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 4635cec25aee298559b255e13c03d120 samba-client-3.0.9-1.3E.12.i386.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm 48a2f32186634fdf8098fec5e4eb2fb6 samba-swat-3.0.9-1.3E.12.i386.rpm ia64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm 552d12e87a248312f3dd6d8b51e96543 samba-3.0.9-1.3E.12.ia64.rpm 001b99b0dde1e515328bc4294ae1ddf5 samba-client-3.0.9-1.3E.12.ia64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 810fef4ebf8c43e1d5ba8ede1aeec341 samba-common-3.0.9-1.3E.12.ia64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm d8458b16b67e29509b4493a46e6f81e4 samba-debuginfo-3.0.9-1.3E.12.ia64.rpm fed5300109f4c7bee3cd39bfcdce2ddd samba-swat-3.0.9-1.3E.12.ia64.rpm x86_64: 12166d4a73aa9909b2633f765ca4a565 samba-3.0.9-1.3E.12.i386.rpm ff486898c3851908d571941737bb2a43 samba-3.0.9-1.3E.12.x86_64.rpm 2f49ffe467a09e8a454e63a1f43f8de1 samba-client-3.0.9-1.3E.12.x86_64.rpm a1c70fdeb6e449644e89818a01554cfa samba-common-3.0.9-1.3E.12.i386.rpm 660e34b273f4e47bc19ba5f3862b0b74 samba-common-3.0.9-1.3E.12.x86_64.rpm 29de6c41cf1488d59973d0f2b137c27d samba-debuginfo-3.0.9-1.3E.12.i386.rpm dab9942f2074de02cebe3855133cd677 samba-debuginfo-3.0.9-1.3E.12.x86_64.rpm 73a3404ce273ee85b5ebee7ad1462d9b samba-swat-3.0.9-1.3E.12.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.10-1.4E.11.src.rpm 961001510cdeddfa4ed74fdcbe40e8c0 samba-3.0.10-1.4E.11.src.rpm i386: 6e33b409bccbafd452ae01ef5e82b03b samba-3.0.10-1.4E.11.i386.rpm 0d28dc0a9ac28a5899480dbc1c4cb700 samba-client-3.0.10-1.4E.11.i386.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 5dfb23644fa46693825675a4d7f1cb46 samba-swat-3.0.10-1.4E.11.i386.rpm ia64: 1f52ff3d91cd2ec884741c0868b0d34f samba-3.0.10-1.4E.11.ia64.rpm c17cc51d1f6f3492b10dc29addbdc243 samba-client-3.0.10-1.4E.11.ia64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 3eb173d8a11469bdfaf37f26f80f5f64 samba-common-3.0.10-1.4E.11.ia64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 95c1dfd169115c071775ab36f6fd6e10 samba-debuginfo-3.0.10-1.4E.11.ia64.rpm 63fd75067e6660f03f18730cf431d1b3 samba-swat-3.0.10-1.4E.11.ia64.rpm ppc: a81592b032206e06328b8bb56a4d24cb samba-3.0.10-1.4E.11.ppc.rpm 1ca5467acd0df5f4dbee6798ad7e59c3 samba-client-3.0.10-1.4E.11.ppc.rpm d9422244703a6f40bf5546aa26810cf4 samba-common-3.0.10-1.4E.11.ppc.rpm e94cf45bd73ddeeda691aed834ca6a41 samba-common-3.0.10-1.4E.11.ppc64.rpm 4ab4bbe2ed1b6cb7f1f0f483b96f2a42 samba-debuginfo-3.0.10-1.4E.11.ppc.rpm b41451c3dfeb64ba356635fe07c02a4a samba-debuginfo-3.0.10-1.4E.11.ppc64.rpm 5c88598c976a6c6745e73afbc32a8fd3 samba-swat-3.0.10-1.4E.11.ppc.rpm s390: a37947ab2f803cdf297406fcc156e69a samba-3.0.10-1.4E.11.s390.rpm 3ec509d66e89a9793ddc46f4738a857e samba-client-3.0.10-1.4E.11.s390.rpm 4f8d41811ca547ed9ebc1c35860b6781 samba-common-3.0.10-1.4E.11.s390.rpm 026768c02a0e618fb1fae79b01671fe2 samba-debuginfo-3.0.10-1.4E.11.s390.rpm 6f3aecf60895e5972ec01a9c502878b6 samba-swat-3.0.10-1.4E.11.s390.rpm s390x: eb51ff462ba633d9f1cab2debfc15bd6 samba-3.0.10-1.4E.11.s390x.rpm 3db2a565978780a9bccbc394ce246d0e samba-client-3.0.10-1.4E.11.s390x.rpm 4f8d41811ca547ed9ebc1c35860b6781 samba-common-3.0.10-1.4E.11.s390.rpm f40c4281102069ce16dbe288470ae743 samba-common-3.0.10-1.4E.11.s390x.rpm 026768c02a0e618fb1fae79b01671fe2 samba-debuginfo-3.0.10-1.4E.11.s390.rpm 04ce93a687ab382f0bc578fa1c97cbed samba-debuginfo-3.0.10-1.4E.11.s390x.rpm f3e6afabbaad04b14420a34c92f0f520 samba-swat-3.0.10-1.4E.11.s390x.rpm x86_64: 98400a673956663d0417ab5a6de5bffe samba-3.0.10-1.4E.11.x86_64.rpm c73015399567b8e085fbf2de25fdd680 samba-client-3.0.10-1.4E.11.x86_64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 26bfe0b0ff46d5bbbfc3ae30b90e78b9 samba-common-3.0.10-1.4E.11.x86_64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 3ba0f1b55a64b5e0e37b66450dd947ae samba-debuginfo-3.0.10-1.4E.11.x86_64.rpm 9b344f69fc8294b734f32172a67e6d54 samba-swat-3.0.10-1.4E.11.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.10-1.4E.11.src.rpm 961001510cdeddfa4ed74fdcbe40e8c0 samba-3.0.10-1.4E.11.src.rpm i386: 6e33b409bccbafd452ae01ef5e82b03b samba-3.0.10-1.4E.11.i386.rpm 0d28dc0a9ac28a5899480dbc1c4cb700 samba-client-3.0.10-1.4E.11.i386.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 5dfb23644fa46693825675a4d7f1cb46 samba-swat-3.0.10-1.4E.11.i386.rpm x86_64: 98400a673956663d0417ab5a6de5bffe samba-3.0.10-1.4E.11.x86_64.rpm c73015399567b8e085fbf2de25fdd680 samba-client-3.0.10-1.4E.11.x86_64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 26bfe0b0ff46d5bbbfc3ae30b90e78b9 samba-common-3.0.10-1.4E.11.x86_64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 3ba0f1b55a64b5e0e37b66450dd947ae samba-debuginfo-3.0.10-1.4E.11.x86_64.rpm 9b344f69fc8294b734f32172a67e6d54 samba-swat-3.0.10-1.4E.11.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.10-1.4E.11.src.rpm 961001510cdeddfa4ed74fdcbe40e8c0 samba-3.0.10-1.4E.11.src.rpm i386: 6e33b409bccbafd452ae01ef5e82b03b samba-3.0.10-1.4E.11.i386.rpm 0d28dc0a9ac28a5899480dbc1c4cb700 samba-client-3.0.10-1.4E.11.i386.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 5dfb23644fa46693825675a4d7f1cb46 samba-swat-3.0.10-1.4E.11.i386.rpm ia64: 1f52ff3d91cd2ec884741c0868b0d34f samba-3.0.10-1.4E.11.ia64.rpm c17cc51d1f6f3492b10dc29addbdc243 samba-client-3.0.10-1.4E.11.ia64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 3eb173d8a11469bdfaf37f26f80f5f64 samba-common-3.0.10-1.4E.11.ia64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 95c1dfd169115c071775ab36f6fd6e10 samba-debuginfo-3.0.10-1.4E.11.ia64.rpm 63fd75067e6660f03f18730cf431d1b3 samba-swat-3.0.10-1.4E.11.ia64.rpm x86_64: 98400a673956663d0417ab5a6de5bffe samba-3.0.10-1.4E.11.x86_64.rpm c73015399567b8e085fbf2de25fdd680 samba-client-3.0.10-1.4E.11.x86_64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 26bfe0b0ff46d5bbbfc3ae30b90e78b9 samba-common-3.0.10-1.4E.11.x86_64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 3ba0f1b55a64b5e0e37b66450dd947ae samba-debuginfo-3.0.10-1.4E.11.x86_64.rpm 9b344f69fc8294b734f32172a67e6d54 samba-swat-3.0.10-1.4E.11.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.10-1.4E.11.src.rpm 961001510cdeddfa4ed74fdcbe40e8c0 samba-3.0.10-1.4E.11.src.rpm i386: 6e33b409bccbafd452ae01ef5e82b03b samba-3.0.10-1.4E.11.i386.rpm 0d28dc0a9ac28a5899480dbc1c4cb700 samba-client-3.0.10-1.4E.11.i386.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 5dfb23644fa46693825675a4d7f1cb46 samba-swat-3.0.10-1.4E.11.i386.rpm ia64: 1f52ff3d91cd2ec884741c0868b0d34f samba-3.0.10-1.4E.11.ia64.rpm c17cc51d1f6f3492b10dc29addbdc243 samba-client-3.0.10-1.4E.11.ia64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 3eb173d8a11469bdfaf37f26f80f5f64 samba-common-3.0.10-1.4E.11.ia64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 95c1dfd169115c071775ab36f6fd6e10 samba-debuginfo-3.0.10-1.4E.11.ia64.rpm 63fd75067e6660f03f18730cf431d1b3 samba-swat-3.0.10-1.4E.11.ia64.rpm x86_64: 98400a673956663d0417ab5a6de5bffe samba-3.0.10-1.4E.11.x86_64.rpm c73015399567b8e085fbf2de25fdd680 samba-client-3.0.10-1.4E.11.x86_64.rpm 80e0bb7c435af78d827f3f7d0518db00 samba-common-3.0.10-1.4E.11.i386.rpm 26bfe0b0ff46d5bbbfc3ae30b90e78b9 samba-common-3.0.10-1.4E.11.x86_64.rpm 7b4af2754c65030de72af7baf52bec62 samba-debuginfo-3.0.10-1.4E.11.i386.rpm 3ba0f1b55a64b5e0e37b66450dd947ae samba-debuginfo-3.0.10-1.4E.11.x86_64.rpm 9b344f69fc8294b734f32172a67e6d54 samba-swat-3.0.10-1.4E.11.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0452 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF1LEPXlSAg2UNWIIRAh69AJ9axJP/sx7J7ulD9Da4zUGJmzOQSQCgsdxy 3A7e7U7+4Z+43VqdI9Py8h4= =whPc -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Feb 19 19:55:45 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 19 Feb 2007 14:55:45 -0500 Subject: [RHSA-2007:0083-01] Low: mysql security update Message-ID: <200702191955.l1JJtjhu028861@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: mysql security update Advisory ID: RHSA-2007:0083-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0083.html Issue date: 2007-02-19 Updated on: 2007-02-19 Product: Red Hat Application Stack CVE Names: CVE-2006-0903 CVE-2006-3081 CVE-2006-4031 CVE-2006-4226 CVE-2006-4227 - --------------------------------------------------------------------- 1. Summary: Updated MySQL packages for the Red Hat Application Stack comprising the v1.1 release are now available. This update also resolves some minor security issues rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: Several minor security issues were found in MySQL: MySQL allowed remote authenticated users to create or access a database when the database name differed only in case from a database for which they had permissions. (CVE-2006-4226) MySQL evaluated arguments in the wrong security context which allowed remote authenticated users to gain privileges through a routine that had been made available using GRANT EXECUTE. (CVE-2006-4227) MySQL allowed a local user to access a table through a previously created MERGE table, even after the user's privileges were revoked for the original table, which might violate intended security policy. (CVE-2006-4031) MySQL allowed authenticated users to cause a denial of service (crash) via a NULL second argument to the str_to_date function. (CVE-2006-3081) MySQL allowed local authenticated users to bypass logging mechanisms via SQL queries that contain the NULL character, which were not properly handled by the mysql_real_query function. (CVE-2006-0903) Users of MySQL should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 228999 - CVE-2006-0903 Multiple minor MySQL issues (CVE-2006-3081 CVE-2006-4031 CVE-2006-4226 CVE-2006-4227) 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/mysql-5.0.30-1.el4s1.1.src.rpm b1286f8ed419eec951f02a0f17cdc5b6 mysql-5.0.30-1.el4s1.1.src.rpm i386: c1bd8eae792b620677100762b2659dac mysql-5.0.30-1.el4s1.1.i386.rpm 4a9671ac9a96e68d48a3c9aaf24e607d mysql-bench-5.0.30-1.el4s1.1.i386.rpm 13ead71f722b74d0ab6a99b2f5becc11 mysql-debuginfo-5.0.30-1.el4s1.1.i386.rpm 81fc452e5a6849a88b6db218a5c92dc7 mysql-devel-5.0.30-1.el4s1.1.i386.rpm af5162d98ff053a9e641c4284874a675 mysql-server-5.0.30-1.el4s1.1.i386.rpm 440229a542bf959f05cd22aa469948bb mysql-test-5.0.30-1.el4s1.1.i386.rpm x86_64: c1bd8eae792b620677100762b2659dac mysql-5.0.30-1.el4s1.1.i386.rpm 913c86ac256fe0e54c866dab843d3ef3 mysql-5.0.30-1.el4s1.1.x86_64.rpm d27530b3c3ebe17fbac831d2ba6997af mysql-bench-5.0.30-1.el4s1.1.x86_64.rpm 13ead71f722b74d0ab6a99b2f5becc11 mysql-debuginfo-5.0.30-1.el4s1.1.i386.rpm 4524fc0f9b297224643d5f47ec72355f mysql-debuginfo-5.0.30-1.el4s1.1.x86_64.rpm 7e72f397613fe1b20503be9bfc68f3f4 mysql-devel-5.0.30-1.el4s1.1.x86_64.rpm 5f648be2383cd82412257c8644acd0db mysql-server-5.0.30-1.el4s1.1.x86_64.rpm b5a605586daaaee0e9b8855d8d96c7cc mysql-test-5.0.30-1.el4s1.1.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/mysql-5.0.30-1.el4s1.1.src.rpm b1286f8ed419eec951f02a0f17cdc5b6 mysql-5.0.30-1.el4s1.1.src.rpm i386: c1bd8eae792b620677100762b2659dac mysql-5.0.30-1.el4s1.1.i386.rpm 4a9671ac9a96e68d48a3c9aaf24e607d mysql-bench-5.0.30-1.el4s1.1.i386.rpm 13ead71f722b74d0ab6a99b2f5becc11 mysql-debuginfo-5.0.30-1.el4s1.1.i386.rpm 81fc452e5a6849a88b6db218a5c92dc7 mysql-devel-5.0.30-1.el4s1.1.i386.rpm af5162d98ff053a9e641c4284874a675 mysql-server-5.0.30-1.el4s1.1.i386.rpm 440229a542bf959f05cd22aa469948bb mysql-test-5.0.30-1.el4s1.1.i386.rpm x86_64: c1bd8eae792b620677100762b2659dac mysql-5.0.30-1.el4s1.1.i386.rpm 913c86ac256fe0e54c866dab843d3ef3 mysql-5.0.30-1.el4s1.1.x86_64.rpm d27530b3c3ebe17fbac831d2ba6997af mysql-bench-5.0.30-1.el4s1.1.x86_64.rpm 13ead71f722b74d0ab6a99b2f5becc11 mysql-debuginfo-5.0.30-1.el4s1.1.i386.rpm 4524fc0f9b297224643d5f47ec72355f mysql-debuginfo-5.0.30-1.el4s1.1.x86_64.rpm 7e72f397613fe1b20503be9bfc68f3f4 mysql-devel-5.0.30-1.el4s1.1.x86_64.rpm 5f648be2383cd82412257c8644acd0db mysql-server-5.0.30-1.el4s1.1.x86_64.rpm b5a605586daaaee0e9b8855d8d96c7cc mysql-test-5.0.30-1.el4s1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3081 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4031 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4226 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4227 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF2gCgXlSAg2UNWIIRAj97AJkBmGp+voKqnfb+16wfDdPTeNbJzwCeJit5 KwSNbDEsmmf3mrYUo8AJ0BQ= =mFSR -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Feb 19 21:12:12 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 19 Feb 2007 16:12:12 -0500 Subject: [RHSA-2007:0076-01] Important: php security update Message-ID: <200702192112.l1JLCCvg003887@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0076-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0076.html Issue date: 2007-02-19 Updated on: 2007-02-19 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A number of buffer overflow flaws were found in the PHP session extension, the str_replace() function, and the imap_mail_compose() function. If very long strings under the control of an attacker are passed to the str_replace() function then an integer overflow could occur in memory allocation. If a script uses the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker who is able to access a PHP application affected by any these issues could trigger these flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906) If unserializing untrusted data on 64-bit platforms, the zend_hash_init() function can be forced to enter an infinite loop, consuming CPU resources for a limited length of time, until the script timeout alarm aborts execution of the script. (CVE-2007-0988) If the wddx extension is used to import WDDX data from an untrusted source, certain WDDX input packets may allow a random portion of heap memory to be exposed. (CVE-2007-0908) If the odbc_result_all() function is used to display data from a database, and the contents of the database table are under the control of an attacker, a format string vulnerability is possible which could lead to the execution of arbitrary code. (CVE-2007-0909) A one byte memory read will always occur before the beginning of a buffer, which could be triggered for example by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907) Several flaws in PHP could allows attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. Red Hat would like to thank Stefan Esser for his help diagnosing these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 228858 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988) 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm i386: 4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm ia64: 04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm 3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm ppc: 7465741a07e8d5e5702f85c704ccc2bc php-4.3.2-39.ent.ppc.rpm 5ebfe076326477485cef095fc4c25b94 php-debuginfo-4.3.2-39.ent.ppc.rpm 571565d467036b47579c1508a3703015 php-devel-4.3.2-39.ent.ppc.rpm c475fb7a8f81bb316593281efc5dda9f php-imap-4.3.2-39.ent.ppc.rpm 2412e790daa5951f66634ff70b61080d php-ldap-4.3.2-39.ent.ppc.rpm 82493eaf9f32662ed2742c8bf87f5067 php-mysql-4.3.2-39.ent.ppc.rpm ff57932d8c7d20649ec6c8e8f47933b6 php-odbc-4.3.2-39.ent.ppc.rpm f1c911a7f10b0fc5b52aba5515b44880 php-pgsql-4.3.2-39.ent.ppc.rpm s390: a2e29ef870928aa6b2feec96f69602bd php-4.3.2-39.ent.s390.rpm b75b1c3ad2c470476f193c2be83b5a6f php-debuginfo-4.3.2-39.ent.s390.rpm c78c492d448b3f654a23a895d4bfcef1 php-devel-4.3.2-39.ent.s390.rpm a0d4c13550b9483d76ab30adb5546a27 php-imap-4.3.2-39.ent.s390.rpm 2931347356432db8c09726aedf8252ef php-ldap-4.3.2-39.ent.s390.rpm 5f67485c37b9ebf8583c61c8748667b3 php-mysql-4.3.2-39.ent.s390.rpm 864de5e6321e968c427ec10eadf18929 php-odbc-4.3.2-39.ent.s390.rpm 9c9659dd8ad1efe1f8125b437eb834b9 php-pgsql-4.3.2-39.ent.s390.rpm s390x: 84217cb13326032f516c2080f81d07f0 php-4.3.2-39.ent.s390x.rpm a9743a797892495c563b49777f0bfe7e php-debuginfo-4.3.2-39.ent.s390x.rpm 1e6d9d709d3fa232dbeb025837d8de88 php-devel-4.3.2-39.ent.s390x.rpm 58418ba5e99cdda2782bc978ae37c727 php-imap-4.3.2-39.ent.s390x.rpm 03b1e6d2b6191e50468c203ca7633894 php-ldap-4.3.2-39.ent.s390x.rpm 03048c57fd7d242fde135d1c418c7c5b php-mysql-4.3.2-39.ent.s390x.rpm dde98c2319a57db8f94a90dd674c5837 php-odbc-4.3.2-39.ent.s390x.rpm cada85f8c79710c38cba22fa1096a04c php-pgsql-4.3.2-39.ent.s390x.rpm x86_64: d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm 38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm i386: 4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm x86_64: d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm 38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm i386: 4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm ia64: 04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm 3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm x86_64: d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm 38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm i386: 4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm ia64: 04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm 3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm x86_64: d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm 38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm i386: 144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm 90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm ia64: 199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm ppc: 4c6db07fe089fef7f36b7bc077b716d3 php-4.3.9-3.22.3.ppc.rpm beca9f4732d60b2c8e68a08f2ac91bc7 php-debuginfo-4.3.9-3.22.3.ppc.rpm 62097749817eee902a9b80384cc8d59c php-devel-4.3.9-3.22.3.ppc.rpm 9d00fabdbc9fd0915f9b85beb9efd2eb php-domxml-4.3.9-3.22.3.ppc.rpm ac71759c8b4ef95b06fefe86b6e4341d php-gd-4.3.9-3.22.3.ppc.rpm df5b079c0688d34d124970817b4ba0fe php-imap-4.3.9-3.22.3.ppc.rpm 9047a48cd3991369483acc2e7f72c48a php-ldap-4.3.9-3.22.3.ppc.rpm cc0468ff78fb1405314128adba5b4347 php-mbstring-4.3.9-3.22.3.ppc.rpm 1f6079f3a80e697196747ed401e77a06 php-mysql-4.3.9-3.22.3.ppc.rpm bfa51d88bf8c52bc51edf9a9e06cea60 php-ncurses-4.3.9-3.22.3.ppc.rpm 0ebdfcc733aa21f10d1bf8639054cf7a php-odbc-4.3.9-3.22.3.ppc.rpm df4889b7caf343e6c9d3f9971c5882df php-pear-4.3.9-3.22.3.ppc.rpm 2e6c51f81322fec95fdf3af8a835df46 php-pgsql-4.3.9-3.22.3.ppc.rpm 1ad1067065a1e6b55954f102cefacecc php-snmp-4.3.9-3.22.3.ppc.rpm 2edb715c10def75b6c92b8c5253e5b37 php-xmlrpc-4.3.9-3.22.3.ppc.rpm s390: 0c140ffb303370bfce0af6ac947b3bd6 php-4.3.9-3.22.3.s390.rpm 393ff435b9a477c618eab815f98b72c7 php-debuginfo-4.3.9-3.22.3.s390.rpm 66824af01d592309f5673d74ba13797a php-devel-4.3.9-3.22.3.s390.rpm 98099e79816000aa22340f30a550d7ac php-domxml-4.3.9-3.22.3.s390.rpm f3c3eb16034b039e8d1a3e77f2d4e383 php-gd-4.3.9-3.22.3.s390.rpm 7d1ecf3f77ff01249c447fb6e78757ab php-imap-4.3.9-3.22.3.s390.rpm 2f1c85fd9c6947b518d8cf275e968735 php-ldap-4.3.9-3.22.3.s390.rpm b1b767c04c83c7c70d37226de7dba8c5 php-mbstring-4.3.9-3.22.3.s390.rpm 89c43d1afe38989d87fa6a57116c9d7a php-mysql-4.3.9-3.22.3.s390.rpm c4a2ea5228fd6c22e498612fc7d2e17e php-ncurses-4.3.9-3.22.3.s390.rpm 847a8e841356375aebd4282da79955a4 php-odbc-4.3.9-3.22.3.s390.rpm 209f109e589459e4e2e19545dd4bc512 php-pear-4.3.9-3.22.3.s390.rpm c2b09474ea5073b8424680067b1ad6c4 php-pgsql-4.3.9-3.22.3.s390.rpm f96afc95bfda9c253379bbca1be10900 php-snmp-4.3.9-3.22.3.s390.rpm 5b56f025bee8ec4eb4eeb169b63d3c60 php-xmlrpc-4.3.9-3.22.3.s390.rpm s390x: 3535b24a963d2fff0d700c9713678e5e php-4.3.9-3.22.3.s390x.rpm 1cfcccdd5f0e02995a51c3ea3e849dba php-debuginfo-4.3.9-3.22.3.s390x.rpm 7949f28643e128b73bd73db619bff818 php-devel-4.3.9-3.22.3.s390x.rpm 987cbab849a42b5523d8b77d78aa9bea php-domxml-4.3.9-3.22.3.s390x.rpm 821c61382dbefca04424c88befb5681c php-gd-4.3.9-3.22.3.s390x.rpm f47ace8f09516615d873df2485bd43bd php-imap-4.3.9-3.22.3.s390x.rpm 24f06687af8986e93f25ffaf246ec493 php-ldap-4.3.9-3.22.3.s390x.rpm 7ed585f4536cc8348cec85a56ffa3b18 php-mbstring-4.3.9-3.22.3.s390x.rpm 0c6b315195f6a047e574e0e0d539fdd7 php-mysql-4.3.9-3.22.3.s390x.rpm 190521a81ca21b264c6741904fe4b53b php-ncurses-4.3.9-3.22.3.s390x.rpm bf0deae5bc75cb7fb2d2463201c5e7dd php-odbc-4.3.9-3.22.3.s390x.rpm b3711111e4b4777ef66cdaaceb6e5b89 php-pear-4.3.9-3.22.3.s390x.rpm b2272a3b079671f2c7744f2589baf475 php-pgsql-4.3.9-3.22.3.s390x.rpm 34bb6ec8d7950f30b02a1da5f9693333 php-snmp-4.3.9-3.22.3.s390x.rpm f88518164a17902d0c3f45d5e6291113 php-xmlrpc-4.3.9-3.22.3.s390x.rpm x86_64: 1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm 59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm i386: 144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm 90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm x86_64: 1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm 59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm i386: 144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm 90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm ia64: 199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm x86_64: 1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm 59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm i386: 144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm 90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm ia64: 199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm x86_64: 1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm 59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF2hKoXlSAg2UNWIIRAg2xAJ4uVDFUwG/D/1CWNA3F9auqYKjtJwCgq0+8 jA26yJX67GUzCLK+N8OhNVw= =oCH9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 20 12:13:43 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 20 Feb 2007 07:13:43 -0500 Subject: [RHSA-2007:0086-01] Critical: gnomemeeting security update Message-ID: <200702201213.l1KCDhXH009500@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: gnomemeeting security update Advisory ID: RHSA-2007:0086-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0086.html Issue date: 2007-02-20 Updated on: 2007-02-20 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1007 - --------------------------------------------------------------------- 1. Summary: Updated gnomemeeting packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GnomeMeeting is a tool to communicate with video and audio over the Internet. A format string flaw was found in the way GnomeMeeting processes certain messages. If a user is running GnomeMeeting, a remote attacker who can connect to GnomeMeeting could trigger this flaw and potentially execute arbitrary code with the privileges of the user. (CVE-2007-1007) Users of GnomeMeeting should upgrade to these updated packages which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 229266 - CVE-2007-1007 gnomemeeting format string flaw 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gnomemeeting-0.96.0-5.src.rpm ac32e799e8e154d52bb5532eed45d697 gnomemeeting-0.96.0-5.src.rpm i386: 8f380a83328b56bf78dd2095b2b95f9c gnomemeeting-0.96.0-5.i386.rpm 6acf855179510df1f313386e27a761df gnomemeeting-debuginfo-0.96.0-5.i386.rpm ia64: 94f7310761b1ffc4f8da7521a96f9d83 gnomemeeting-0.96.0-5.ia64.rpm fe98f0ea61a5c5730ba92030e57a55e0 gnomemeeting-debuginfo-0.96.0-5.ia64.rpm ppc: 34490a6130e9dc80c4d1eab849875166 gnomemeeting-0.96.0-5.ppc.rpm 3c27497c19592215b57e3fdb0a53d8bd gnomemeeting-debuginfo-0.96.0-5.ppc.rpm s390: 9ccdab64159ff104f6630616c704bb79 gnomemeeting-0.96.0-5.s390.rpm 5d077c3ba4e920b49091aaa4be2690a7 gnomemeeting-debuginfo-0.96.0-5.s390.rpm s390x: 3e20cffb3cef7ed4c4dfc51014c41251 gnomemeeting-0.96.0-5.s390x.rpm 059882b89d3f88e00c5671d016ca9fe1 gnomemeeting-debuginfo-0.96.0-5.s390x.rpm x86_64: dcca06f0edc48687a74cae33519e9d2a gnomemeeting-0.96.0-5.x86_64.rpm 7a6bce086b31f3c3773dc9bbd739392a gnomemeeting-debuginfo-0.96.0-5.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gnomemeeting-0.96.0-5.src.rpm ac32e799e8e154d52bb5532eed45d697 gnomemeeting-0.96.0-5.src.rpm i386: 8f380a83328b56bf78dd2095b2b95f9c gnomemeeting-0.96.0-5.i386.rpm 6acf855179510df1f313386e27a761df gnomemeeting-debuginfo-0.96.0-5.i386.rpm x86_64: dcca06f0edc48687a74cae33519e9d2a gnomemeeting-0.96.0-5.x86_64.rpm 7a6bce086b31f3c3773dc9bbd739392a gnomemeeting-debuginfo-0.96.0-5.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gnomemeeting-0.96.0-5.src.rpm ac32e799e8e154d52bb5532eed45d697 gnomemeeting-0.96.0-5.src.rpm i386: 8f380a83328b56bf78dd2095b2b95f9c gnomemeeting-0.96.0-5.i386.rpm 6acf855179510df1f313386e27a761df gnomemeeting-debuginfo-0.96.0-5.i386.rpm ia64: 94f7310761b1ffc4f8da7521a96f9d83 gnomemeeting-0.96.0-5.ia64.rpm fe98f0ea61a5c5730ba92030e57a55e0 gnomemeeting-debuginfo-0.96.0-5.ia64.rpm x86_64: dcca06f0edc48687a74cae33519e9d2a gnomemeeting-0.96.0-5.x86_64.rpm 7a6bce086b31f3c3773dc9bbd739392a gnomemeeting-debuginfo-0.96.0-5.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gnomemeeting-0.96.0-5.src.rpm ac32e799e8e154d52bb5532eed45d697 gnomemeeting-0.96.0-5.src.rpm i386: 8f380a83328b56bf78dd2095b2b95f9c gnomemeeting-0.96.0-5.i386.rpm 6acf855179510df1f313386e27a761df gnomemeeting-debuginfo-0.96.0-5.i386.rpm ia64: 94f7310761b1ffc4f8da7521a96f9d83 gnomemeeting-0.96.0-5.ia64.rpm fe98f0ea61a5c5730ba92030e57a55e0 gnomemeeting-debuginfo-0.96.0-5.ia64.rpm x86_64: dcca06f0edc48687a74cae33519e9d2a gnomemeeting-0.96.0-5.x86_64.rpm 7a6bce086b31f3c3773dc9bbd739392a gnomemeeting-debuginfo-0.96.0-5.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gnomemeeting-1.0.2-9.src.rpm 9f1d929179537ac609955111fc9f5208 gnomemeeting-1.0.2-9.src.rpm i386: 2d23f5e0bfa1edbf4fb441640236c417 gnomemeeting-1.0.2-9.i386.rpm 84f14bbf85b86fa15226db946561cb0d gnomemeeting-debuginfo-1.0.2-9.i386.rpm ia64: a87c964ab2d41d4f600b90db543432b2 gnomemeeting-1.0.2-9.ia64.rpm 9922ba7389d8e237f3f9589b1cbfd5e5 gnomemeeting-debuginfo-1.0.2-9.ia64.rpm ppc: e316b1cef291ff616ef20db452cc1b52 gnomemeeting-1.0.2-9.ppc.rpm 082e4afa5ffec7dda08e20604e9f578c gnomemeeting-debuginfo-1.0.2-9.ppc.rpm s390: 511e0a08386dae55dec50c55ae2fb2e7 gnomemeeting-1.0.2-9.s390.rpm 20326cfc92c85ad03df39e35a2cb2584 gnomemeeting-debuginfo-1.0.2-9.s390.rpm s390x: c6896eab5949424468f835d4e692d008 gnomemeeting-1.0.2-9.s390x.rpm d4da67acffdbe86c29de33bc7ac14f5b gnomemeeting-debuginfo-1.0.2-9.s390x.rpm x86_64: e6ab1cfeaa3137de1bf610fdda011e24 gnomemeeting-1.0.2-9.x86_64.rpm ccb0867a4c112b387724cc9fd19300e8 gnomemeeting-debuginfo-1.0.2-9.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gnomemeeting-1.0.2-9.src.rpm 9f1d929179537ac609955111fc9f5208 gnomemeeting-1.0.2-9.src.rpm i386: 2d23f5e0bfa1edbf4fb441640236c417 gnomemeeting-1.0.2-9.i386.rpm 84f14bbf85b86fa15226db946561cb0d gnomemeeting-debuginfo-1.0.2-9.i386.rpm x86_64: e6ab1cfeaa3137de1bf610fdda011e24 gnomemeeting-1.0.2-9.x86_64.rpm ccb0867a4c112b387724cc9fd19300e8 gnomemeeting-debuginfo-1.0.2-9.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gnomemeeting-1.0.2-9.src.rpm 9f1d929179537ac609955111fc9f5208 gnomemeeting-1.0.2-9.src.rpm i386: 2d23f5e0bfa1edbf4fb441640236c417 gnomemeeting-1.0.2-9.i386.rpm 84f14bbf85b86fa15226db946561cb0d gnomemeeting-debuginfo-1.0.2-9.i386.rpm ia64: a87c964ab2d41d4f600b90db543432b2 gnomemeeting-1.0.2-9.ia64.rpm 9922ba7389d8e237f3f9589b1cbfd5e5 gnomemeeting-debuginfo-1.0.2-9.ia64.rpm x86_64: e6ab1cfeaa3137de1bf610fdda011e24 gnomemeeting-1.0.2-9.x86_64.rpm ccb0867a4c112b387724cc9fd19300e8 gnomemeeting-debuginfo-1.0.2-9.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gnomemeeting-1.0.2-9.src.rpm 9f1d929179537ac609955111fc9f5208 gnomemeeting-1.0.2-9.src.rpm i386: 2d23f5e0bfa1edbf4fb441640236c417 gnomemeeting-1.0.2-9.i386.rpm 84f14bbf85b86fa15226db946561cb0d gnomemeeting-debuginfo-1.0.2-9.i386.rpm ia64: a87c964ab2d41d4f600b90db543432b2 gnomemeeting-1.0.2-9.ia64.rpm 9922ba7389d8e237f3f9589b1cbfd5e5 gnomemeeting-debuginfo-1.0.2-9.ia64.rpm x86_64: e6ab1cfeaa3137de1bf610fdda011e24 gnomemeeting-1.0.2-9.x86_64.rpm ccb0867a4c112b387724cc9fd19300e8 gnomemeeting-debuginfo-1.0.2-9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1007 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF2uXsXlSAg2UNWIIRArhWAKCmXeEkWUjruVIFbg7WOf0V8uK1DACfb4gu ziOl1//Ob50FSPpijIndnhI= =m2Tt -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 20 16:58:00 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 20 Feb 2007 11:58:00 -0500 Subject: [RHSA-2007:0010-01] Moderate: koffice security update Message-ID: <200702201658.l1KGw1Fj005460@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: koffice security update Advisory ID: RHSA-2007:0010-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0010.html Issue date: 2007-02-20 Updated on: 2007-02-20 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6120 - --------------------------------------------------------------------- 1. Summary: Updated KOffice packages that fix a security issue are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: KOffice is a collection of productivity applications for the K Desktop Environment (KDE) GUI desktop. An integer overflow bug was found in KOffice's PPT file processor. An attacker could create a malicious PPT file that could cause KOffice to execute arbitrary code if the file was opened by a victim. (CVE-2006-6120) All users of KOffice are advised to upgrade to these updated packages, which contains a backported patch to correct this issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 217738 - CVE-2006-6120 koffice integer overflow 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/koffice-1.1.1-2.3.src.rpm 52c3cfb9b5eb38f1c99b53dc5d8d56df koffice-1.1.1-2.3.src.rpm i386: 843f35a9ef08270d9dec5d5c071756d8 koffice-1.1.1-2.3.i386.rpm af4bdfbdb50dd1da6527f0d3f54762f8 koffice-devel-1.1.1-2.3.i386.rpm ia64: 522af4bed9d2feee80f67bb75b22e918 koffice-1.1.1-2.3.ia64.rpm 0fe4d6181a1b302bb8e7417a381f3b3b koffice-devel-1.1.1-2.3.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/koffice-1.1.1-2.3.src.rpm 52c3cfb9b5eb38f1c99b53dc5d8d56df koffice-1.1.1-2.3.src.rpm ia64: 522af4bed9d2feee80f67bb75b22e918 koffice-1.1.1-2.3.ia64.rpm 0fe4d6181a1b302bb8e7417a381f3b3b koffice-devel-1.1.1-2.3.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/koffice-1.1.1-2.3.src.rpm 52c3cfb9b5eb38f1c99b53dc5d8d56df koffice-1.1.1-2.3.src.rpm i386: 843f35a9ef08270d9dec5d5c071756d8 koffice-1.1.1-2.3.i386.rpm af4bdfbdb50dd1da6527f0d3f54762f8 koffice-devel-1.1.1-2.3.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/koffice-1.1.1-2.3.src.rpm 52c3cfb9b5eb38f1c99b53dc5d8d56df koffice-1.1.1-2.3.src.rpm i386: 843f35a9ef08270d9dec5d5c071756d8 koffice-1.1.1-2.3.i386.rpm af4bdfbdb50dd1da6527f0d3f54762f8 koffice-devel-1.1.1-2.3.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6120 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF2yiOXlSAg2UNWIIRAu6GAJwODd2M54kOGaBode9vSbDIDIT9SwCgmS8M XWrGaEDi6a8qZwwkpISs3pw= =HgGy -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 21 12:44:48 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 21 Feb 2007 07:44:48 -0500 Subject: [RHSA-2007:0081-01] Important: php security update Message-ID: <200702211244.l1LCimGe004625@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0081-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0081.html Issue date: 2007-02-21 Updated on: 2007-02-21 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A number of buffer overflow flaws were found in the PHP session extension; the str_replace() function; and the imap_mail_compose() function. If very long strings were passed to the str_replace() function, an integer overflow could occur in memory allocation. If a script used the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker with access to a PHP application affected by any these issues could trigger the flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906) When unserializing untrusted data on 64-bit platforms, the zend_hash_init() function could be forced into an infinite loop, consuming CPU resources for a limited time, until the script timeout alarm aborted execution of the script. (CVE-2007-0988) If the wddx extension was used to import WDDX data from an untrusted source, certain WDDX input packets could expose a random portion of heap memory. (CVE-2007-0908) If the odbc_result_all() function was used to display data from a database, and the database table contents were under an attacker's control, a format string vulnerability was possible which could allow arbitrary code execution. (CVE-2007-0909) A one byte memory read always occurs before the beginning of a buffer. This could be triggered, for example, by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907) Several flaws in PHP could allow attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. Red Hat would like to thank Stefan Esser for his help diagnosing these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 229332 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/php-4.1.2-2.14.src.rpm 3c1babd0b650d968fb05c3fc941e1328 php-4.1.2-2.14.src.rpm i386: a4e8107d7d04c391924e1a489c4e8b1f php-4.1.2-2.14.i386.rpm 3eb84ba09f48aafdd82fd273847c0ab7 php-devel-4.1.2-2.14.i386.rpm 547ee3ef9a42650b7968ca5d847cb362 php-imap-4.1.2-2.14.i386.rpm 27ad3782dd0bd6c398f6759c615a7a8e php-ldap-4.1.2-2.14.i386.rpm 8f5cb33e88ebc83c80fd69608daa943b php-manual-4.1.2-2.14.i386.rpm 13f14591befae51d6c2072e29190510e php-mysql-4.1.2-2.14.i386.rpm 3c5a5d6027e2f960091044d63205e00b php-odbc-4.1.2-2.14.i386.rpm b14c7e1d15965c39febb475897ec9602 php-pgsql-4.1.2-2.14.i386.rpm ia64: e62f6a7585c07440f283543af205720c php-4.1.2-2.14.ia64.rpm ddb2e7b85468f5c222ba1f09fcfdad9c php-devel-4.1.2-2.14.ia64.rpm b8f556303277dc3847d24acff42d530f php-imap-4.1.2-2.14.ia64.rpm 444ae771d27b6eb5a4b9fc20df23ee46 php-ldap-4.1.2-2.14.ia64.rpm d95de85e804a28dfbf0e1cf2dee9b184 php-manual-4.1.2-2.14.ia64.rpm 5e8f596c3109b090b1de0b40faa3575c php-mysql-4.1.2-2.14.ia64.rpm b017004385456310eaf7108b5e48a1fd php-odbc-4.1.2-2.14.ia64.rpm 2b0984f7324d18f6f605b16ab0e0bcc1 php-pgsql-4.1.2-2.14.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/php-4.1.2-2.14.src.rpm 3c1babd0b650d968fb05c3fc941e1328 php-4.1.2-2.14.src.rpm ia64: e62f6a7585c07440f283543af205720c php-4.1.2-2.14.ia64.rpm ddb2e7b85468f5c222ba1f09fcfdad9c php-devel-4.1.2-2.14.ia64.rpm b8f556303277dc3847d24acff42d530f php-imap-4.1.2-2.14.ia64.rpm 444ae771d27b6eb5a4b9fc20df23ee46 php-ldap-4.1.2-2.14.ia64.rpm d95de85e804a28dfbf0e1cf2dee9b184 php-manual-4.1.2-2.14.ia64.rpm 5e8f596c3109b090b1de0b40faa3575c php-mysql-4.1.2-2.14.ia64.rpm b017004385456310eaf7108b5e48a1fd php-odbc-4.1.2-2.14.ia64.rpm 2b0984f7324d18f6f605b16ab0e0bcc1 php-pgsql-4.1.2-2.14.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/php-4.1.2-2.14.src.rpm 3c1babd0b650d968fb05c3fc941e1328 php-4.1.2-2.14.src.rpm i386: a4e8107d7d04c391924e1a489c4e8b1f php-4.1.2-2.14.i386.rpm 3eb84ba09f48aafdd82fd273847c0ab7 php-devel-4.1.2-2.14.i386.rpm 547ee3ef9a42650b7968ca5d847cb362 php-imap-4.1.2-2.14.i386.rpm 27ad3782dd0bd6c398f6759c615a7a8e php-ldap-4.1.2-2.14.i386.rpm 8f5cb33e88ebc83c80fd69608daa943b php-manual-4.1.2-2.14.i386.rpm 13f14591befae51d6c2072e29190510e php-mysql-4.1.2-2.14.i386.rpm 3c5a5d6027e2f960091044d63205e00b php-odbc-4.1.2-2.14.i386.rpm b14c7e1d15965c39febb475897ec9602 php-pgsql-4.1.2-2.14.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/php-4.1.2-2.14.src.rpm 3c1babd0b650d968fb05c3fc941e1328 php-4.1.2-2.14.src.rpm i386: a4e8107d7d04c391924e1a489c4e8b1f php-4.1.2-2.14.i386.rpm 3eb84ba09f48aafdd82fd273847c0ab7 php-devel-4.1.2-2.14.i386.rpm 547ee3ef9a42650b7968ca5d847cb362 php-imap-4.1.2-2.14.i386.rpm 27ad3782dd0bd6c398f6759c615a7a8e php-ldap-4.1.2-2.14.i386.rpm 8f5cb33e88ebc83c80fd69608daa943b php-manual-4.1.2-2.14.i386.rpm 13f14591befae51d6c2072e29190510e php-mysql-4.1.2-2.14.i386.rpm 3c5a5d6027e2f960091044d63205e00b php-odbc-4.1.2-2.14.i386.rpm b14c7e1d15965c39febb475897ec9602 php-pgsql-4.1.2-2.14.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF3D69XlSAg2UNWIIRAsjOAKCrC1uXzG5muVKFx77qJoxZRY7hWwCfY+0D 3QvYMxpASUIPkt1TLv7kc4c= =W5Yx -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Feb 21 18:46:53 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 21 Feb 2007 13:46:53 -0500 Subject: [RHSA-2007:0074-01] Important: spamassassin security update Message-ID: <200702211846.l1LIkrvC011197@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: spamassassin security update Advisory ID: RHSA-2007:0074-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0074.html Issue date: 2007-02-21 Updated on: 2007-02-21 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-0451 - --------------------------------------------------------------------- 1. Summary: Updated spamassassin packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: SpamAssassin provides a way to reduce unsolicited commercial email (spam) from incoming email. A flaw was found in the way SpamAssassin processes HTML email containing URIs. A carefully crafted mail message could cause SpamAssassin to consume significant resources. If a number of these messages are sent, this could lead to a denial of service, potentially delaying or preventing the delivery of email. (CVE-2007-0451) Users of SpamAssassin should upgrade to these updated packages which contain version 3.1.8 which is not vulnerable to these issues. This is an upgrade from SpamAssassin version 3.0.6 to 3.1.8, which contains many bug fixes and spam detection enhancements. Further details are available in the SpamAssassin 3.1 changelog and upgrade guide. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 228586 - CVE-2007-0451 Spamassassin DoS 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/spamassassin-3.1.8-2.el4.src.rpm 57202e94f86776ca7ac6e262b252c75a spamassassin-3.1.8-2.el4.src.rpm i386: 96fe40f8db5b09d9c26cd81ec5443b0b spamassassin-3.1.8-2.el4.i386.rpm 2f2cb0c33b2f0f2d24207578416dd187 spamassassin-debuginfo-3.1.8-2.el4.i386.rpm ia64: 8d3424dad7b608dd8e93faf6d4605c19 spamassassin-3.1.8-2.el4.ia64.rpm debd3351b802cf9a8ef5b7513b74a69d spamassassin-debuginfo-3.1.8-2.el4.ia64.rpm ppc: ac4f13c18fc9ac8dd0233429e772faaa spamassassin-3.1.8-2.el4.ppc.rpm 327c922ee04cd02f9262cb065c75a3ed spamassassin-debuginfo-3.1.8-2.el4.ppc.rpm s390: 575418188b8636bd3c3d92d6b2da0b72 spamassassin-3.1.8-2.el4.s390.rpm 1cb1b745ef0f4984743ea9a2aff8d1ea spamassassin-debuginfo-3.1.8-2.el4.s390.rpm s390x: 811672c5407382dc56f44075474a92c5 spamassassin-3.1.8-2.el4.s390x.rpm e0813b2a4ed92138dbc50e448a26ac39 spamassassin-debuginfo-3.1.8-2.el4.s390x.rpm x86_64: 8fb1ac7609deaaf4f5df2eb281813d06 spamassassin-3.1.8-2.el4.x86_64.rpm acf37fb745b593306ea8928dbe65da66 spamassassin-debuginfo-3.1.8-2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/spamassassin-3.1.8-2.el4.src.rpm 57202e94f86776ca7ac6e262b252c75a spamassassin-3.1.8-2.el4.src.rpm i386: 96fe40f8db5b09d9c26cd81ec5443b0b spamassassin-3.1.8-2.el4.i386.rpm 2f2cb0c33b2f0f2d24207578416dd187 spamassassin-debuginfo-3.1.8-2.el4.i386.rpm x86_64: 8fb1ac7609deaaf4f5df2eb281813d06 spamassassin-3.1.8-2.el4.x86_64.rpm acf37fb745b593306ea8928dbe65da66 spamassassin-debuginfo-3.1.8-2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/spamassassin-3.1.8-2.el4.src.rpm 57202e94f86776ca7ac6e262b252c75a spamassassin-3.1.8-2.el4.src.rpm i386: 96fe40f8db5b09d9c26cd81ec5443b0b spamassassin-3.1.8-2.el4.i386.rpm 2f2cb0c33b2f0f2d24207578416dd187 spamassassin-debuginfo-3.1.8-2.el4.i386.rpm ia64: 8d3424dad7b608dd8e93faf6d4605c19 spamassassin-3.1.8-2.el4.ia64.rpm debd3351b802cf9a8ef5b7513b74a69d spamassassin-debuginfo-3.1.8-2.el4.ia64.rpm x86_64: 8fb1ac7609deaaf4f5df2eb281813d06 spamassassin-3.1.8-2.el4.x86_64.rpm acf37fb745b593306ea8928dbe65da66 spamassassin-debuginfo-3.1.8-2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/spamassassin-3.1.8-2.el4.src.rpm 57202e94f86776ca7ac6e262b252c75a spamassassin-3.1.8-2.el4.src.rpm i386: 96fe40f8db5b09d9c26cd81ec5443b0b spamassassin-3.1.8-2.el4.i386.rpm 2f2cb0c33b2f0f2d24207578416dd187 spamassassin-debuginfo-3.1.8-2.el4.i386.rpm ia64: 8d3424dad7b608dd8e93faf6d4605c19 spamassassin-3.1.8-2.el4.ia64.rpm debd3351b802cf9a8ef5b7513b74a69d spamassassin-debuginfo-3.1.8-2.el4.ia64.rpm x86_64: 8fb1ac7609deaaf4f5df2eb281813d06 spamassassin-3.1.8-2.el4.x86_64.rpm acf37fb745b593306ea8928dbe65da66 spamassassin-debuginfo-3.1.8-2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0451 http://svn.apache.org/repos/asf/spamassassin/branches/3.1/UPGRADE http://svn.apache.org/repos/asf/spamassassin/branches/3.1/Changes http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF3JOcXlSAg2UNWIIRAqssAJ9ZhPZkDjPZYWNylo9N9MrFLMvs3ACbBESs 4t6dbUTJaJhhLK1MnjNAPBk= =77iy -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Feb 22 11:13:08 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 22 Feb 2007 06:13:08 -0500 Subject: [RHSA-2007:0088-01] Important: php security update Message-ID: <200702221113.l1MBD8Ce031391@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0088-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0088.html Issue date: 2007-02-22 Updated on: 2007-02-22 Product: Red Hat Application Stack CVE Names: CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A number of buffer overflow flaws were found in the PHP session extension; the str_replace() function; and the imap_mail_compose() function. If very long strings were passed to the str_replace() function, an integer overflow could occur in memory allocation. If a script used the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker with access to a PHP application affected by any these issues could trigger the flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906) When unserializing untrusted data on 64-bit platforms, the zend_hash_init() function could be forced into an infinite loop, consuming CPU resources for a limited time, until the script timeout alarm aborted execution of the script. (CVE-2007-0988) If the wddx extension was used to import WDDX data from an untrusted source, certain WDDX input packets could expose a random portion of heap memory. (CVE-2007-0908) If the odbc_result_all() function was used to display data from a database, and the database table contents were under an attacker's control, a format string vulnerability was possible which could allow arbitrary code execution. (CVE-2007-0909) A one byte memory read always occurs before the beginning of a buffer. This could be triggered, for example, by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907) Several flaws in PHP could allow attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910) Red Hat would like to thank Stefan Esser for his help diagnosing these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 229337 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988) 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.5.src.rpm 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.5.src.rpm 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF3Xq8XlSAg2UNWIIRAhyAAJ0VW5uMUdJPbAMlKL/HCeomv/WnIgCfTRgW 31rxkqofwf6aYAXCukY6IiI= =//rW -----END PGP SIGNATURE----- From bugzilla at redhat.com Sat Feb 24 03:11:44 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 23 Feb 2007 22:11:44 -0500 Subject: [RHSA-2007:0077-01] Critical: seamonkey security update Message-ID: <200702240311.l1O3Bi9i015781@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2007:0077-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0077.html Issue date: 2007-02-23 Updated on: 2007-02-23 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6077 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0777 CVE-2007-0778 CVE-2007-0779 CVE-2007-0780 CVE-2007-0800 CVE-2007-0981 CVE-2007-0995 CVE-2007-0996 - --------------------------------------------------------------------- 1. Summary: Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in SeaMonkey crashing or executing arbitrary code as the user running SeaMonkey. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way SeaMonkey processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way SeaMonkey cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way SeaMonkey displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running SeaMonkey. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way SeaMonkey handled the "location.hostname" value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.8 that corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 204589 - mozilla-config points to the wrong places 229805 - CVE-2007-0775 Multiple Seamonkey flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/seamonkey-1.0.8-0.1.el2.src.rpm 39d880aad29e3f51e07a9b4d6f25e2cc seamonkey-1.0.8-0.1.el2.src.rpm i386: da3d22f28c19c89aacb6482877d68dce seamonkey-1.0.8-0.1.el2.i386.rpm 264a5f3969f815ace28b027070885dea seamonkey-chat-1.0.8-0.1.el2.i386.rpm 4f18e11647ba4325ff18dcaf43b67a44 seamonkey-devel-1.0.8-0.1.el2.i386.rpm 0580a43a7ff40844e8131a2665f9dcef seamonkey-dom-inspector-1.0.8-0.1.el2.i386.rpm 4b3e456989e24c13da26b53b313c5a39 seamonkey-js-debugger-1.0.8-0.1.el2.i386.rpm 7798bae69f31dc0eca56471f5b407a04 seamonkey-mail-1.0.8-0.1.el2.i386.rpm 885cb4726a8b07511014d50151a15ee6 seamonkey-nspr-1.0.8-0.1.el2.i386.rpm 2db1b5b2f1135fee3fea6883b83bf170 seamonkey-nspr-devel-1.0.8-0.1.el2.i386.rpm 1eabd4f304e7e70654fbcc117c8d83c7 seamonkey-nss-1.0.8-0.1.el2.i386.rpm 73a3586dc107e87867d301de7b05582b seamonkey-nss-devel-1.0.8-0.1.el2.i386.rpm ia64: e749cd761e0644ebfce03d24751f3df6 seamonkey-1.0.8-0.1.el2.ia64.rpm 74c8c47184dd8878e7a4a3f050766481 seamonkey-chat-1.0.8-0.1.el2.ia64.rpm 93678fecbb9b4e043718af2bf5d15056 seamonkey-devel-1.0.8-0.1.el2.ia64.rpm 3a2071697d0a07f8d6549ec8d74162ee seamonkey-dom-inspector-1.0.8-0.1.el2.ia64.rpm e0856fbb982d7e12bb30d102fb21752e seamonkey-js-debugger-1.0.8-0.1.el2.ia64.rpm 40158f0905485ac02542c77e0a824611 seamonkey-mail-1.0.8-0.1.el2.ia64.rpm 8ea66a98269b061be72d240f02285c6f seamonkey-nspr-1.0.8-0.1.el2.ia64.rpm cfe078264e88c7df80630542b2cf9130 seamonkey-nspr-devel-1.0.8-0.1.el2.ia64.rpm e942fd31657a736f0b0ef4d348b10101 seamonkey-nss-1.0.8-0.1.el2.ia64.rpm d117b39a0a7a19ee5bd367e5998705b8 seamonkey-nss-devel-1.0.8-0.1.el2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/seamonkey-1.0.8-0.1.el2.src.rpm 39d880aad29e3f51e07a9b4d6f25e2cc seamonkey-1.0.8-0.1.el2.src.rpm ia64: e749cd761e0644ebfce03d24751f3df6 seamonkey-1.0.8-0.1.el2.ia64.rpm 74c8c47184dd8878e7a4a3f050766481 seamonkey-chat-1.0.8-0.1.el2.ia64.rpm 93678fecbb9b4e043718af2bf5d15056 seamonkey-devel-1.0.8-0.1.el2.ia64.rpm 3a2071697d0a07f8d6549ec8d74162ee seamonkey-dom-inspector-1.0.8-0.1.el2.ia64.rpm e0856fbb982d7e12bb30d102fb21752e seamonkey-js-debugger-1.0.8-0.1.el2.ia64.rpm 40158f0905485ac02542c77e0a824611 seamonkey-mail-1.0.8-0.1.el2.ia64.rpm 8ea66a98269b061be72d240f02285c6f seamonkey-nspr-1.0.8-0.1.el2.ia64.rpm cfe078264e88c7df80630542b2cf9130 seamonkey-nspr-devel-1.0.8-0.1.el2.ia64.rpm e942fd31657a736f0b0ef4d348b10101 seamonkey-nss-1.0.8-0.1.el2.ia64.rpm d117b39a0a7a19ee5bd367e5998705b8 seamonkey-nss-devel-1.0.8-0.1.el2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/seamonkey-1.0.8-0.1.el2.src.rpm 39d880aad29e3f51e07a9b4d6f25e2cc seamonkey-1.0.8-0.1.el2.src.rpm i386: da3d22f28c19c89aacb6482877d68dce seamonkey-1.0.8-0.1.el2.i386.rpm 264a5f3969f815ace28b027070885dea seamonkey-chat-1.0.8-0.1.el2.i386.rpm 4f18e11647ba4325ff18dcaf43b67a44 seamonkey-devel-1.0.8-0.1.el2.i386.rpm 0580a43a7ff40844e8131a2665f9dcef seamonkey-dom-inspector-1.0.8-0.1.el2.i386.rpm 4b3e456989e24c13da26b53b313c5a39 seamonkey-js-debugger-1.0.8-0.1.el2.i386.rpm 7798bae69f31dc0eca56471f5b407a04 seamonkey-mail-1.0.8-0.1.el2.i386.rpm 885cb4726a8b07511014d50151a15ee6 seamonkey-nspr-1.0.8-0.1.el2.i386.rpm 2db1b5b2f1135fee3fea6883b83bf170 seamonkey-nspr-devel-1.0.8-0.1.el2.i386.rpm 1eabd4f304e7e70654fbcc117c8d83c7 seamonkey-nss-1.0.8-0.1.el2.i386.rpm 73a3586dc107e87867d301de7b05582b seamonkey-nss-devel-1.0.8-0.1.el2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/seamonkey-1.0.8-0.1.el2.src.rpm 39d880aad29e3f51e07a9b4d6f25e2cc seamonkey-1.0.8-0.1.el2.src.rpm i386: da3d22f28c19c89aacb6482877d68dce seamonkey-1.0.8-0.1.el2.i386.rpm 264a5f3969f815ace28b027070885dea seamonkey-chat-1.0.8-0.1.el2.i386.rpm 4f18e11647ba4325ff18dcaf43b67a44 seamonkey-devel-1.0.8-0.1.el2.i386.rpm 0580a43a7ff40844e8131a2665f9dcef seamonkey-dom-inspector-1.0.8-0.1.el2.i386.rpm 4b3e456989e24c13da26b53b313c5a39 seamonkey-js-debugger-1.0.8-0.1.el2.i386.rpm 7798bae69f31dc0eca56471f5b407a04 seamonkey-mail-1.0.8-0.1.el2.i386.rpm 885cb4726a8b07511014d50151a15ee6 seamonkey-nspr-1.0.8-0.1.el2.i386.rpm 2db1b5b2f1135fee3fea6883b83bf170 seamonkey-nspr-devel-1.0.8-0.1.el2.i386.rpm 1eabd4f304e7e70654fbcc117c8d83c7 seamonkey-nss-1.0.8-0.1.el2.i386.rpm 73a3586dc107e87867d301de7b05582b seamonkey-nss-devel-1.0.8-0.1.el2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.8-0.1.el3.src.rpm d9c0432dac707bef181baa7bd7783621 seamonkey-1.0.8-0.1.el3.src.rpm i386: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 1bdeef2a7890159e42bc4a3ef3ea8828 seamonkey-chat-1.0.8-0.1.el3.i386.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 8dfcb296b1edaa838657c50e131de322 seamonkey-devel-1.0.8-0.1.el3.i386.rpm c69293ccddbdbdc41782a6b1812b61a2 seamonkey-dom-inspector-1.0.8-0.1.el3.i386.rpm 1a8a44d4b23f32c10f85258fbe22854d seamonkey-js-debugger-1.0.8-0.1.el3.i386.rpm 881b5c47ad0c2718aaca18bb6f6c528c seamonkey-mail-1.0.8-0.1.el3.i386.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm c00b6e04a32fb82d07968ceca0aaead8 seamonkey-nspr-devel-1.0.8-0.1.el3.i386.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm 60a0fd64c9ea163f150a49c16f0a9d78 seamonkey-nss-devel-1.0.8-0.1.el3.i386.rpm ia64: 3cee7adae6f8a6cc4656fb4ac050d2eb seamonkey-1.0.8-0.1.el3.ia64.rpm 5e22c5b9c11316d7de7316a8e73a89eb seamonkey-chat-1.0.8-0.1.el3.ia64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm de2a81cb447b0e9478731b7e46de04f5 seamonkey-debuginfo-1.0.8-0.1.el3.ia64.rpm 1262efad6404a89696775b6594df015d seamonkey-devel-1.0.8-0.1.el3.ia64.rpm 28490a881b2657cf1f3152fb80ae18df seamonkey-dom-inspector-1.0.8-0.1.el3.ia64.rpm 53efd630d8d664f57959255615a558f9 seamonkey-js-debugger-1.0.8-0.1.el3.ia64.rpm 95f27c1956cc94bf6374444afad14fad seamonkey-mail-1.0.8-0.1.el3.ia64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm 7d5e7fc6de15902287df2cd4859d410a seamonkey-nspr-1.0.8-0.1.el3.ia64.rpm 50fae7d63a57bec9621e965e13fdb361 seamonkey-nspr-devel-1.0.8-0.1.el3.ia64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm d9038c88088661ab945f2025d78939e5 seamonkey-nss-1.0.8-0.1.el3.ia64.rpm 82ecdbab3635936529aa7c64ef2ad0ac seamonkey-nss-devel-1.0.8-0.1.el3.ia64.rpm ppc: 77d03878a25566282851d87f30f64f54 seamonkey-1.0.8-0.1.el3.ppc.rpm 6453f88294c6fdb48cb27acd3ea7939e seamonkey-chat-1.0.8-0.1.el3.ppc.rpm 4c93e360f1a02a4f36a01ab386e4f075 seamonkey-debuginfo-1.0.8-0.1.el3.ppc.rpm f02b801914b1efec1ee6ef0007847ea1 seamonkey-devel-1.0.8-0.1.el3.ppc.rpm 51dd80b7d021eed27c481cedfcc480c9 seamonkey-dom-inspector-1.0.8-0.1.el3.ppc.rpm daa3feeb55f496a97df9d1e8f4a50cce seamonkey-js-debugger-1.0.8-0.1.el3.ppc.rpm 4ed0d3c2d8953d98eb78c099cdeba6c6 seamonkey-mail-1.0.8-0.1.el3.ppc.rpm d21db73f7748d31afa05086fd2e7e54d seamonkey-nspr-1.0.8-0.1.el3.ppc.rpm 9019e050efbc015bd8e28cb847c66e50 seamonkey-nspr-devel-1.0.8-0.1.el3.ppc.rpm b6a8effb97e3309f9c8c1eeb81691d4d seamonkey-nss-1.0.8-0.1.el3.ppc.rpm 0883f9fc3884ce9e8e1b63e1d6db73cf seamonkey-nss-devel-1.0.8-0.1.el3.ppc.rpm s390: a5aa2c403d1f174a0532a5a1d335d17e seamonkey-1.0.8-0.1.el3.s390.rpm 42bd67d158c8e9e07f0acf8802f204ec seamonkey-chat-1.0.8-0.1.el3.s390.rpm f754f6eeec383bb8ebb8e8942df77f0a seamonkey-debuginfo-1.0.8-0.1.el3.s390.rpm d21f2cff878249e5e7d761acffd1c936 seamonkey-devel-1.0.8-0.1.el3.s390.rpm e0ea936c5bdbdfdcdee1bd711f664290 seamonkey-dom-inspector-1.0.8-0.1.el3.s390.rpm e302013721dd2d104311be76c905ee29 seamonkey-js-debugger-1.0.8-0.1.el3.s390.rpm 0157aefaf03b9375690c1317fcf9a3ca seamonkey-mail-1.0.8-0.1.el3.s390.rpm e32ef6a80ad82c696ef8fee3ad98682a seamonkey-nspr-1.0.8-0.1.el3.s390.rpm a84ae7c4d46513507687565e209c58fb seamonkey-nspr-devel-1.0.8-0.1.el3.s390.rpm d43d345c16ebd5b802dc55ea490e5b79 seamonkey-nss-1.0.8-0.1.el3.s390.rpm ce5546ce5e69cc65a7cb470dff6f4a91 seamonkey-nss-devel-1.0.8-0.1.el3.s390.rpm s390x: a63a68b9e1aa82aff5b8502c12b7f7a6 seamonkey-1.0.8-0.1.el3.s390x.rpm 7c9154b6edc0392fd9f9f15c592942e3 seamonkey-chat-1.0.8-0.1.el3.s390x.rpm 371c1a7ae6f93c86b97d4602fb868a03 seamonkey-debuginfo-1.0.8-0.1.el3.s390x.rpm 29c18a69b52c39f2ce8a4ed644816965 seamonkey-devel-1.0.8-0.1.el3.s390x.rpm 60586f71134b064688edee64d4c9de4c seamonkey-dom-inspector-1.0.8-0.1.el3.s390x.rpm 09ceb8e9dd21f38d5bcefd1599ad5c11 seamonkey-js-debugger-1.0.8-0.1.el3.s390x.rpm 44ed6b5030e669bb52a435e4f81e6ff4 seamonkey-mail-1.0.8-0.1.el3.s390x.rpm e32ef6a80ad82c696ef8fee3ad98682a seamonkey-nspr-1.0.8-0.1.el3.s390.rpm 1d5f7cb65369bdfd5386100dd3e72fd9 seamonkey-nspr-1.0.8-0.1.el3.s390x.rpm 76fecddfea37238f1e5f10c9ac2641d6 seamonkey-nspr-devel-1.0.8-0.1.el3.s390x.rpm d43d345c16ebd5b802dc55ea490e5b79 seamonkey-nss-1.0.8-0.1.el3.s390.rpm 92c91b0d7058834ce14a95005f76993d seamonkey-nss-1.0.8-0.1.el3.s390x.rpm b375727f68ec92b287b55f37e1a13b12 seamonkey-nss-devel-1.0.8-0.1.el3.s390x.rpm x86_64: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 58d678dafb0f2e97967de754e5111cac seamonkey-1.0.8-0.1.el3.x86_64.rpm 77885a5baee9afdddf9ed6f3612b2a4c seamonkey-chat-1.0.8-0.1.el3.x86_64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 639ece1f7226b8e7b25fadd209dc4f33 seamonkey-debuginfo-1.0.8-0.1.el3.x86_64.rpm c9048de5da8fa83a0f1e7d6b4fbb0ead seamonkey-devel-1.0.8-0.1.el3.x86_64.rpm 7ee075fa9702c36a514de4d575b9ae8e seamonkey-dom-inspector-1.0.8-0.1.el3.x86_64.rpm 7c10397261a53697820fb2574490f390 seamonkey-js-debugger-1.0.8-0.1.el3.x86_64.rpm 9d89e65394eef9ca9874567a09f23ba5 seamonkey-mail-1.0.8-0.1.el3.x86_64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm b71f32d60d8a6492c39868d6677ff15a seamonkey-nspr-1.0.8-0.1.el3.x86_64.rpm 4dbc63a76557c64d919d83735fe72de4 seamonkey-nspr-devel-1.0.8-0.1.el3.x86_64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm e0f3e5ef4a474dcedb51db957ee00f40 seamonkey-nss-1.0.8-0.1.el3.x86_64.rpm e25a251ac1a056ee2e8c077e77317232 seamonkey-nss-devel-1.0.8-0.1.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.8-0.1.el3.src.rpm d9c0432dac707bef181baa7bd7783621 seamonkey-1.0.8-0.1.el3.src.rpm i386: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 1bdeef2a7890159e42bc4a3ef3ea8828 seamonkey-chat-1.0.8-0.1.el3.i386.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 8dfcb296b1edaa838657c50e131de322 seamonkey-devel-1.0.8-0.1.el3.i386.rpm c69293ccddbdbdc41782a6b1812b61a2 seamonkey-dom-inspector-1.0.8-0.1.el3.i386.rpm 1a8a44d4b23f32c10f85258fbe22854d seamonkey-js-debugger-1.0.8-0.1.el3.i386.rpm 881b5c47ad0c2718aaca18bb6f6c528c seamonkey-mail-1.0.8-0.1.el3.i386.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm c00b6e04a32fb82d07968ceca0aaead8 seamonkey-nspr-devel-1.0.8-0.1.el3.i386.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm 60a0fd64c9ea163f150a49c16f0a9d78 seamonkey-nss-devel-1.0.8-0.1.el3.i386.rpm x86_64: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 58d678dafb0f2e97967de754e5111cac seamonkey-1.0.8-0.1.el3.x86_64.rpm 77885a5baee9afdddf9ed6f3612b2a4c seamonkey-chat-1.0.8-0.1.el3.x86_64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 639ece1f7226b8e7b25fadd209dc4f33 seamonkey-debuginfo-1.0.8-0.1.el3.x86_64.rpm c9048de5da8fa83a0f1e7d6b4fbb0ead seamonkey-devel-1.0.8-0.1.el3.x86_64.rpm 7ee075fa9702c36a514de4d575b9ae8e seamonkey-dom-inspector-1.0.8-0.1.el3.x86_64.rpm 7c10397261a53697820fb2574490f390 seamonkey-js-debugger-1.0.8-0.1.el3.x86_64.rpm 9d89e65394eef9ca9874567a09f23ba5 seamonkey-mail-1.0.8-0.1.el3.x86_64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm b71f32d60d8a6492c39868d6677ff15a seamonkey-nspr-1.0.8-0.1.el3.x86_64.rpm 4dbc63a76557c64d919d83735fe72de4 seamonkey-nspr-devel-1.0.8-0.1.el3.x86_64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm e0f3e5ef4a474dcedb51db957ee00f40 seamonkey-nss-1.0.8-0.1.el3.x86_64.rpm e25a251ac1a056ee2e8c077e77317232 seamonkey-nss-devel-1.0.8-0.1.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.8-0.1.el3.src.rpm d9c0432dac707bef181baa7bd7783621 seamonkey-1.0.8-0.1.el3.src.rpm i386: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 1bdeef2a7890159e42bc4a3ef3ea8828 seamonkey-chat-1.0.8-0.1.el3.i386.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 8dfcb296b1edaa838657c50e131de322 seamonkey-devel-1.0.8-0.1.el3.i386.rpm c69293ccddbdbdc41782a6b1812b61a2 seamonkey-dom-inspector-1.0.8-0.1.el3.i386.rpm 1a8a44d4b23f32c10f85258fbe22854d seamonkey-js-debugger-1.0.8-0.1.el3.i386.rpm 881b5c47ad0c2718aaca18bb6f6c528c seamonkey-mail-1.0.8-0.1.el3.i386.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm c00b6e04a32fb82d07968ceca0aaead8 seamonkey-nspr-devel-1.0.8-0.1.el3.i386.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm 60a0fd64c9ea163f150a49c16f0a9d78 seamonkey-nss-devel-1.0.8-0.1.el3.i386.rpm ia64: 3cee7adae6f8a6cc4656fb4ac050d2eb seamonkey-1.0.8-0.1.el3.ia64.rpm 5e22c5b9c11316d7de7316a8e73a89eb seamonkey-chat-1.0.8-0.1.el3.ia64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm de2a81cb447b0e9478731b7e46de04f5 seamonkey-debuginfo-1.0.8-0.1.el3.ia64.rpm 1262efad6404a89696775b6594df015d seamonkey-devel-1.0.8-0.1.el3.ia64.rpm 28490a881b2657cf1f3152fb80ae18df seamonkey-dom-inspector-1.0.8-0.1.el3.ia64.rpm 53efd630d8d664f57959255615a558f9 seamonkey-js-debugger-1.0.8-0.1.el3.ia64.rpm 95f27c1956cc94bf6374444afad14fad seamonkey-mail-1.0.8-0.1.el3.ia64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm 7d5e7fc6de15902287df2cd4859d410a seamonkey-nspr-1.0.8-0.1.el3.ia64.rpm 50fae7d63a57bec9621e965e13fdb361 seamonkey-nspr-devel-1.0.8-0.1.el3.ia64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm d9038c88088661ab945f2025d78939e5 seamonkey-nss-1.0.8-0.1.el3.ia64.rpm 82ecdbab3635936529aa7c64ef2ad0ac seamonkey-nss-devel-1.0.8-0.1.el3.ia64.rpm x86_64: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 58d678dafb0f2e97967de754e5111cac seamonkey-1.0.8-0.1.el3.x86_64.rpm 77885a5baee9afdddf9ed6f3612b2a4c seamonkey-chat-1.0.8-0.1.el3.x86_64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 639ece1f7226b8e7b25fadd209dc4f33 seamonkey-debuginfo-1.0.8-0.1.el3.x86_64.rpm c9048de5da8fa83a0f1e7d6b4fbb0ead seamonkey-devel-1.0.8-0.1.el3.x86_64.rpm 7ee075fa9702c36a514de4d575b9ae8e seamonkey-dom-inspector-1.0.8-0.1.el3.x86_64.rpm 7c10397261a53697820fb2574490f390 seamonkey-js-debugger-1.0.8-0.1.el3.x86_64.rpm 9d89e65394eef9ca9874567a09f23ba5 seamonkey-mail-1.0.8-0.1.el3.x86_64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm b71f32d60d8a6492c39868d6677ff15a seamonkey-nspr-1.0.8-0.1.el3.x86_64.rpm 4dbc63a76557c64d919d83735fe72de4 seamonkey-nspr-devel-1.0.8-0.1.el3.x86_64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm e0f3e5ef4a474dcedb51db957ee00f40 seamonkey-nss-1.0.8-0.1.el3.x86_64.rpm e25a251ac1a056ee2e8c077e77317232 seamonkey-nss-devel-1.0.8-0.1.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.8-0.1.el3.src.rpm d9c0432dac707bef181baa7bd7783621 seamonkey-1.0.8-0.1.el3.src.rpm i386: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 1bdeef2a7890159e42bc4a3ef3ea8828 seamonkey-chat-1.0.8-0.1.el3.i386.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 8dfcb296b1edaa838657c50e131de322 seamonkey-devel-1.0.8-0.1.el3.i386.rpm c69293ccddbdbdc41782a6b1812b61a2 seamonkey-dom-inspector-1.0.8-0.1.el3.i386.rpm 1a8a44d4b23f32c10f85258fbe22854d seamonkey-js-debugger-1.0.8-0.1.el3.i386.rpm 881b5c47ad0c2718aaca18bb6f6c528c seamonkey-mail-1.0.8-0.1.el3.i386.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm c00b6e04a32fb82d07968ceca0aaead8 seamonkey-nspr-devel-1.0.8-0.1.el3.i386.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm 60a0fd64c9ea163f150a49c16f0a9d78 seamonkey-nss-devel-1.0.8-0.1.el3.i386.rpm ia64: 3cee7adae6f8a6cc4656fb4ac050d2eb seamonkey-1.0.8-0.1.el3.ia64.rpm 5e22c5b9c11316d7de7316a8e73a89eb seamonkey-chat-1.0.8-0.1.el3.ia64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm de2a81cb447b0e9478731b7e46de04f5 seamonkey-debuginfo-1.0.8-0.1.el3.ia64.rpm 1262efad6404a89696775b6594df015d seamonkey-devel-1.0.8-0.1.el3.ia64.rpm 28490a881b2657cf1f3152fb80ae18df seamonkey-dom-inspector-1.0.8-0.1.el3.ia64.rpm 53efd630d8d664f57959255615a558f9 seamonkey-js-debugger-1.0.8-0.1.el3.ia64.rpm 95f27c1956cc94bf6374444afad14fad seamonkey-mail-1.0.8-0.1.el3.ia64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm 7d5e7fc6de15902287df2cd4859d410a seamonkey-nspr-1.0.8-0.1.el3.ia64.rpm 50fae7d63a57bec9621e965e13fdb361 seamonkey-nspr-devel-1.0.8-0.1.el3.ia64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm d9038c88088661ab945f2025d78939e5 seamonkey-nss-1.0.8-0.1.el3.ia64.rpm 82ecdbab3635936529aa7c64ef2ad0ac seamonkey-nss-devel-1.0.8-0.1.el3.ia64.rpm x86_64: 2a6e1bd4bebb86c3ec9e5ac7654d5a1e seamonkey-1.0.8-0.1.el3.i386.rpm 58d678dafb0f2e97967de754e5111cac seamonkey-1.0.8-0.1.el3.x86_64.rpm 77885a5baee9afdddf9ed6f3612b2a4c seamonkey-chat-1.0.8-0.1.el3.x86_64.rpm 2e01227642c02d6e5f82217af32e94e6 seamonkey-debuginfo-1.0.8-0.1.el3.i386.rpm 639ece1f7226b8e7b25fadd209dc4f33 seamonkey-debuginfo-1.0.8-0.1.el3.x86_64.rpm c9048de5da8fa83a0f1e7d6b4fbb0ead seamonkey-devel-1.0.8-0.1.el3.x86_64.rpm 7ee075fa9702c36a514de4d575b9ae8e seamonkey-dom-inspector-1.0.8-0.1.el3.x86_64.rpm 7c10397261a53697820fb2574490f390 seamonkey-js-debugger-1.0.8-0.1.el3.x86_64.rpm 9d89e65394eef9ca9874567a09f23ba5 seamonkey-mail-1.0.8-0.1.el3.x86_64.rpm c9389de45d3d0f751e902ea4003d56ed seamonkey-nspr-1.0.8-0.1.el3.i386.rpm b71f32d60d8a6492c39868d6677ff15a seamonkey-nspr-1.0.8-0.1.el3.x86_64.rpm 4dbc63a76557c64d919d83735fe72de4 seamonkey-nspr-devel-1.0.8-0.1.el3.x86_64.rpm 2615bc36969370b66fd80025409e60ff seamonkey-nss-1.0.8-0.1.el3.i386.rpm e0f3e5ef4a474dcedb51db957ee00f40 seamonkey-nss-1.0.8-0.1.el3.x86_64.rpm e25a251ac1a056ee2e8c077e77317232 seamonkey-nss-devel-1.0.8-0.1.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/devhelp-0.10-0.7.el4.src.rpm a7f99203ff09b10414224ee195b86984 devhelp-0.10-0.7.el4.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.8-0.1.el4.src.rpm 3b5379b498327acaca9a3667d5b2d167 seamonkey-1.0.8-0.1.el4.src.rpm i386: da5cbb74822b4ecf6bcb6ef1c4d4bf31 devhelp-0.10-0.7.el4.i386.rpm fc612902ccc2b60c1d063124ee432c19 devhelp-debuginfo-0.10-0.7.el4.i386.rpm 7a6b87e57b497aa1869e2ed2c2ea19dd devhelp-devel-0.10-0.7.el4.i386.rpm e621eb35b3e4299af003bd15d9f41f58 seamonkey-1.0.8-0.1.el4.i386.rpm 5eba76356fa0720b47f5a2c7ae80b147 seamonkey-chat-1.0.8-0.1.el4.i386.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 3176df8ed772f3c82bdcea5b51772e7f seamonkey-devel-1.0.8-0.1.el4.i386.rpm 9e7e4a1557a88ad7ce1830741f8bae68 seamonkey-dom-inspector-1.0.8-0.1.el4.i386.rpm 9bcabc447dae113d5a9b93ec06817438 seamonkey-js-debugger-1.0.8-0.1.el4.i386.rpm cf922931516e8907041d5410015b4131 seamonkey-mail-1.0.8-0.1.el4.i386.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm f7d0c66ed0c14578a4e3a50560c892ae seamonkey-nspr-devel-1.0.8-0.1.el4.i386.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm a44467cd4d67ffd4024f4112b94504a0 seamonkey-nss-devel-1.0.8-0.1.el4.i386.rpm ia64: d6e4836af1f9fc37d73a981e25def5d6 seamonkey-1.0.8-0.1.el4.ia64.rpm f704d0e34baebf5d171985fd7563b3a7 seamonkey-chat-1.0.8-0.1.el4.ia64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 1b4beec7d1b8c233218d2caf94d0de12 seamonkey-debuginfo-1.0.8-0.1.el4.ia64.rpm abc2b9d6de06ac157d6e061b359581d2 seamonkey-devel-1.0.8-0.1.el4.ia64.rpm c8f0755c9bf719c2f4cd4f30610a90de seamonkey-dom-inspector-1.0.8-0.1.el4.ia64.rpm 5826c8a4a9c808851857037af3e86f6d seamonkey-js-debugger-1.0.8-0.1.el4.ia64.rpm f2f19aa6b12849fd4bd4be7cca5bf3db seamonkey-mail-1.0.8-0.1.el4.ia64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm ce460822031d3e127de6a4dff937243f seamonkey-nspr-1.0.8-0.1.el4.ia64.rpm cb228a1fefb73023dff832281f04da7f seamonkey-nspr-devel-1.0.8-0.1.el4.ia64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm 28c95fd78764092dd85d7cdec15810c1 seamonkey-nss-1.0.8-0.1.el4.ia64.rpm 84a9888a9b11cd5d69e822d1882a1684 seamonkey-nss-devel-1.0.8-0.1.el4.ia64.rpm ppc: 976ee42a5ebc31f22f9acaea03d85488 devhelp-0.10-0.7.el4.ppc.rpm 9ed66c497003d8db2d8a06cb6f338f7e devhelp-debuginfo-0.10-0.7.el4.ppc.rpm d8ec3f049fc6c54e4a2e97766608023c devhelp-devel-0.10-0.7.el4.ppc.rpm 070c0d15ad58a28c7e9398fee2034b2f seamonkey-1.0.8-0.1.el4.ppc.rpm 103f8683dd691fc6577eef35d1d382df seamonkey-chat-1.0.8-0.1.el4.ppc.rpm e0f4b6a4c5cfac949fd637841d88878d seamonkey-debuginfo-1.0.8-0.1.el4.ppc.rpm c0fc5b7374d1e5fe865cf895370203ba seamonkey-devel-1.0.8-0.1.el4.ppc.rpm 1dbe916ae2bce866eb1c92a792037200 seamonkey-dom-inspector-1.0.8-0.1.el4.ppc.rpm 49c0fc00d4f9d2d4552f2ff4adca1a29 seamonkey-js-debugger-1.0.8-0.1.el4.ppc.rpm 8a2eb63b5a2c0728e96c923ca0aca763 seamonkey-mail-1.0.8-0.1.el4.ppc.rpm a9c059263e592c93829117d9b0cfae6a seamonkey-nspr-1.0.8-0.1.el4.ppc.rpm a60a08fb7b1a0419b1481843fc00661d seamonkey-nspr-devel-1.0.8-0.1.el4.ppc.rpm 2ef4d3f59b3af191d20c2dfeefcd7337 seamonkey-nss-1.0.8-0.1.el4.ppc.rpm af9f46d44d0e22aa02d4865508cacc07 seamonkey-nss-devel-1.0.8-0.1.el4.ppc.rpm s390: 0eb8fc03560e4f5de390752045bf5e0f seamonkey-1.0.8-0.1.el4.s390.rpm 6fe593ec9bdc146fd34738c3817a02ac seamonkey-chat-1.0.8-0.1.el4.s390.rpm cd635043ee43391143f949a41c6fde86 seamonkey-debuginfo-1.0.8-0.1.el4.s390.rpm 71e82e3cf2aa073e3f9c6df99d3aad3c seamonkey-devel-1.0.8-0.1.el4.s390.rpm c5a041d03912dee91a2b48d0fde6e679 seamonkey-dom-inspector-1.0.8-0.1.el4.s390.rpm 736a8827e98ef2870ff664abb6f14eb5 seamonkey-js-debugger-1.0.8-0.1.el4.s390.rpm 88f4b8bb936a311e86448ecc071c7e6e seamonkey-mail-1.0.8-0.1.el4.s390.rpm 834d2f56576fa72dcc64e1831a323743 seamonkey-nspr-1.0.8-0.1.el4.s390.rpm 2c880469ef60cfe902257bfb2db35039 seamonkey-nspr-devel-1.0.8-0.1.el4.s390.rpm 63e15c1fb915d57d163b4b991d47d8f2 seamonkey-nss-1.0.8-0.1.el4.s390.rpm e5d46f0dabd50ef24646657069fd47f9 seamonkey-nss-devel-1.0.8-0.1.el4.s390.rpm s390x: d1404cfd22dde0619d0ea0ea00a9ccd1 seamonkey-1.0.8-0.1.el4.s390x.rpm 9859f3e1f0f70a14eb9ee231a020524a seamonkey-chat-1.0.8-0.1.el4.s390x.rpm cd635043ee43391143f949a41c6fde86 seamonkey-debuginfo-1.0.8-0.1.el4.s390.rpm 1c547a8fde9a8b98197083bc04c22c6b seamonkey-debuginfo-1.0.8-0.1.el4.s390x.rpm a4f520e25b9ab7c916c93dad69e1fc64 seamonkey-devel-1.0.8-0.1.el4.s390x.rpm dd99dff3cd8203d93c394c01e1b6a8aa seamonkey-dom-inspector-1.0.8-0.1.el4.s390x.rpm d22104b0c78404ab3a7c61e74afc5760 seamonkey-js-debugger-1.0.8-0.1.el4.s390x.rpm 3d30ea603f769a0a09873742b755b9f1 seamonkey-mail-1.0.8-0.1.el4.s390x.rpm 834d2f56576fa72dcc64e1831a323743 seamonkey-nspr-1.0.8-0.1.el4.s390.rpm d6c410c5354d4b9cccce829598219d74 seamonkey-nspr-1.0.8-0.1.el4.s390x.rpm 31e359ae8d26edfc4177d65f2f0948b6 seamonkey-nspr-devel-1.0.8-0.1.el4.s390x.rpm 63e15c1fb915d57d163b4b991d47d8f2 seamonkey-nss-1.0.8-0.1.el4.s390.rpm fb9d3423dad45702a5da8bde632ea933 seamonkey-nss-1.0.8-0.1.el4.s390x.rpm 09e68658104d87f0f9dc7c37f25e7ee5 seamonkey-nss-devel-1.0.8-0.1.el4.s390x.rpm x86_64: a3d961f678b9a6d9dd441fd6d8de14eb devhelp-0.10-0.7.el4.x86_64.rpm 3613a069a2a8a2b39e0f1d73f83339e9 devhelp-debuginfo-0.10-0.7.el4.x86_64.rpm f53da4b46c4a48584a060e0068bfb963 devhelp-devel-0.10-0.7.el4.x86_64.rpm b4aea5a678774182616d40c9becaf4f9 seamonkey-1.0.8-0.1.el4.x86_64.rpm a167d259cc94c2d369cc6f712b20dfd3 seamonkey-chat-1.0.8-0.1.el4.x86_64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 52f6b99b5339cdca4b07d35625a27c47 seamonkey-debuginfo-1.0.8-0.1.el4.x86_64.rpm 6755ac0942c51c6f578a30046e7b7e5b seamonkey-devel-1.0.8-0.1.el4.x86_64.rpm e602f18822356863bc40897fff02f86d seamonkey-dom-inspector-1.0.8-0.1.el4.x86_64.rpm 2ba77e5e76c66879578415b217f4aafe seamonkey-js-debugger-1.0.8-0.1.el4.x86_64.rpm 8a5c9c8f3baffe5a491d28969de4b19a seamonkey-mail-1.0.8-0.1.el4.x86_64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm 1adf186c710ae7e04a883e8a2e8371f5 seamonkey-nspr-1.0.8-0.1.el4.x86_64.rpm 89e51ec25b6ecfa053502102f78fc0d5 seamonkey-nspr-devel-1.0.8-0.1.el4.x86_64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm bec59764bb9193b9150e3b713732d76e seamonkey-nss-1.0.8-0.1.el4.x86_64.rpm 97dbb84efdaa9293562868dfe7840129 seamonkey-nss-devel-1.0.8-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/devhelp-0.10-0.7.el4.src.rpm a7f99203ff09b10414224ee195b86984 devhelp-0.10-0.7.el4.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.8-0.1.el4.src.rpm 3b5379b498327acaca9a3667d5b2d167 seamonkey-1.0.8-0.1.el4.src.rpm i386: da5cbb74822b4ecf6bcb6ef1c4d4bf31 devhelp-0.10-0.7.el4.i386.rpm fc612902ccc2b60c1d063124ee432c19 devhelp-debuginfo-0.10-0.7.el4.i386.rpm 7a6b87e57b497aa1869e2ed2c2ea19dd devhelp-devel-0.10-0.7.el4.i386.rpm e621eb35b3e4299af003bd15d9f41f58 seamonkey-1.0.8-0.1.el4.i386.rpm 5eba76356fa0720b47f5a2c7ae80b147 seamonkey-chat-1.0.8-0.1.el4.i386.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 3176df8ed772f3c82bdcea5b51772e7f seamonkey-devel-1.0.8-0.1.el4.i386.rpm 9e7e4a1557a88ad7ce1830741f8bae68 seamonkey-dom-inspector-1.0.8-0.1.el4.i386.rpm 9bcabc447dae113d5a9b93ec06817438 seamonkey-js-debugger-1.0.8-0.1.el4.i386.rpm cf922931516e8907041d5410015b4131 seamonkey-mail-1.0.8-0.1.el4.i386.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm f7d0c66ed0c14578a4e3a50560c892ae seamonkey-nspr-devel-1.0.8-0.1.el4.i386.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm a44467cd4d67ffd4024f4112b94504a0 seamonkey-nss-devel-1.0.8-0.1.el4.i386.rpm x86_64: a3d961f678b9a6d9dd441fd6d8de14eb devhelp-0.10-0.7.el4.x86_64.rpm 3613a069a2a8a2b39e0f1d73f83339e9 devhelp-debuginfo-0.10-0.7.el4.x86_64.rpm f53da4b46c4a48584a060e0068bfb963 devhelp-devel-0.10-0.7.el4.x86_64.rpm b4aea5a678774182616d40c9becaf4f9 seamonkey-1.0.8-0.1.el4.x86_64.rpm a167d259cc94c2d369cc6f712b20dfd3 seamonkey-chat-1.0.8-0.1.el4.x86_64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 52f6b99b5339cdca4b07d35625a27c47 seamonkey-debuginfo-1.0.8-0.1.el4.x86_64.rpm 6755ac0942c51c6f578a30046e7b7e5b seamonkey-devel-1.0.8-0.1.el4.x86_64.rpm e602f18822356863bc40897fff02f86d seamonkey-dom-inspector-1.0.8-0.1.el4.x86_64.rpm 2ba77e5e76c66879578415b217f4aafe seamonkey-js-debugger-1.0.8-0.1.el4.x86_64.rpm 8a5c9c8f3baffe5a491d28969de4b19a seamonkey-mail-1.0.8-0.1.el4.x86_64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm 1adf186c710ae7e04a883e8a2e8371f5 seamonkey-nspr-1.0.8-0.1.el4.x86_64.rpm 89e51ec25b6ecfa053502102f78fc0d5 seamonkey-nspr-devel-1.0.8-0.1.el4.x86_64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm bec59764bb9193b9150e3b713732d76e seamonkey-nss-1.0.8-0.1.el4.x86_64.rpm 97dbb84efdaa9293562868dfe7840129 seamonkey-nss-devel-1.0.8-0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/devhelp-0.10-0.7.el4.src.rpm a7f99203ff09b10414224ee195b86984 devhelp-0.10-0.7.el4.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.8-0.1.el4.src.rpm 3b5379b498327acaca9a3667d5b2d167 seamonkey-1.0.8-0.1.el4.src.rpm i386: da5cbb74822b4ecf6bcb6ef1c4d4bf31 devhelp-0.10-0.7.el4.i386.rpm fc612902ccc2b60c1d063124ee432c19 devhelp-debuginfo-0.10-0.7.el4.i386.rpm 7a6b87e57b497aa1869e2ed2c2ea19dd devhelp-devel-0.10-0.7.el4.i386.rpm e621eb35b3e4299af003bd15d9f41f58 seamonkey-1.0.8-0.1.el4.i386.rpm 5eba76356fa0720b47f5a2c7ae80b147 seamonkey-chat-1.0.8-0.1.el4.i386.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 3176df8ed772f3c82bdcea5b51772e7f seamonkey-devel-1.0.8-0.1.el4.i386.rpm 9e7e4a1557a88ad7ce1830741f8bae68 seamonkey-dom-inspector-1.0.8-0.1.el4.i386.rpm 9bcabc447dae113d5a9b93ec06817438 seamonkey-js-debugger-1.0.8-0.1.el4.i386.rpm cf922931516e8907041d5410015b4131 seamonkey-mail-1.0.8-0.1.el4.i386.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm f7d0c66ed0c14578a4e3a50560c892ae seamonkey-nspr-devel-1.0.8-0.1.el4.i386.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm a44467cd4d67ffd4024f4112b94504a0 seamonkey-nss-devel-1.0.8-0.1.el4.i386.rpm ia64: d6e4836af1f9fc37d73a981e25def5d6 seamonkey-1.0.8-0.1.el4.ia64.rpm f704d0e34baebf5d171985fd7563b3a7 seamonkey-chat-1.0.8-0.1.el4.ia64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 1b4beec7d1b8c233218d2caf94d0de12 seamonkey-debuginfo-1.0.8-0.1.el4.ia64.rpm abc2b9d6de06ac157d6e061b359581d2 seamonkey-devel-1.0.8-0.1.el4.ia64.rpm c8f0755c9bf719c2f4cd4f30610a90de seamonkey-dom-inspector-1.0.8-0.1.el4.ia64.rpm 5826c8a4a9c808851857037af3e86f6d seamonkey-js-debugger-1.0.8-0.1.el4.ia64.rpm f2f19aa6b12849fd4bd4be7cca5bf3db seamonkey-mail-1.0.8-0.1.el4.ia64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm ce460822031d3e127de6a4dff937243f seamonkey-nspr-1.0.8-0.1.el4.ia64.rpm cb228a1fefb73023dff832281f04da7f seamonkey-nspr-devel-1.0.8-0.1.el4.ia64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm 28c95fd78764092dd85d7cdec15810c1 seamonkey-nss-1.0.8-0.1.el4.ia64.rpm 84a9888a9b11cd5d69e822d1882a1684 seamonkey-nss-devel-1.0.8-0.1.el4.ia64.rpm x86_64: a3d961f678b9a6d9dd441fd6d8de14eb devhelp-0.10-0.7.el4.x86_64.rpm 3613a069a2a8a2b39e0f1d73f83339e9 devhelp-debuginfo-0.10-0.7.el4.x86_64.rpm f53da4b46c4a48584a060e0068bfb963 devhelp-devel-0.10-0.7.el4.x86_64.rpm b4aea5a678774182616d40c9becaf4f9 seamonkey-1.0.8-0.1.el4.x86_64.rpm a167d259cc94c2d369cc6f712b20dfd3 seamonkey-chat-1.0.8-0.1.el4.x86_64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 52f6b99b5339cdca4b07d35625a27c47 seamonkey-debuginfo-1.0.8-0.1.el4.x86_64.rpm 6755ac0942c51c6f578a30046e7b7e5b seamonkey-devel-1.0.8-0.1.el4.x86_64.rpm e602f18822356863bc40897fff02f86d seamonkey-dom-inspector-1.0.8-0.1.el4.x86_64.rpm 2ba77e5e76c66879578415b217f4aafe seamonkey-js-debugger-1.0.8-0.1.el4.x86_64.rpm 8a5c9c8f3baffe5a491d28969de4b19a seamonkey-mail-1.0.8-0.1.el4.x86_64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm 1adf186c710ae7e04a883e8a2e8371f5 seamonkey-nspr-1.0.8-0.1.el4.x86_64.rpm 89e51ec25b6ecfa053502102f78fc0d5 seamonkey-nspr-devel-1.0.8-0.1.el4.x86_64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm bec59764bb9193b9150e3b713732d76e seamonkey-nss-1.0.8-0.1.el4.x86_64.rpm 97dbb84efdaa9293562868dfe7840129 seamonkey-nss-devel-1.0.8-0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/devhelp-0.10-0.7.el4.src.rpm a7f99203ff09b10414224ee195b86984 devhelp-0.10-0.7.el4.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.8-0.1.el4.src.rpm 3b5379b498327acaca9a3667d5b2d167 seamonkey-1.0.8-0.1.el4.src.rpm i386: da5cbb74822b4ecf6bcb6ef1c4d4bf31 devhelp-0.10-0.7.el4.i386.rpm fc612902ccc2b60c1d063124ee432c19 devhelp-debuginfo-0.10-0.7.el4.i386.rpm 7a6b87e57b497aa1869e2ed2c2ea19dd devhelp-devel-0.10-0.7.el4.i386.rpm e621eb35b3e4299af003bd15d9f41f58 seamonkey-1.0.8-0.1.el4.i386.rpm 5eba76356fa0720b47f5a2c7ae80b147 seamonkey-chat-1.0.8-0.1.el4.i386.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 3176df8ed772f3c82bdcea5b51772e7f seamonkey-devel-1.0.8-0.1.el4.i386.rpm 9e7e4a1557a88ad7ce1830741f8bae68 seamonkey-dom-inspector-1.0.8-0.1.el4.i386.rpm 9bcabc447dae113d5a9b93ec06817438 seamonkey-js-debugger-1.0.8-0.1.el4.i386.rpm cf922931516e8907041d5410015b4131 seamonkey-mail-1.0.8-0.1.el4.i386.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm f7d0c66ed0c14578a4e3a50560c892ae seamonkey-nspr-devel-1.0.8-0.1.el4.i386.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm a44467cd4d67ffd4024f4112b94504a0 seamonkey-nss-devel-1.0.8-0.1.el4.i386.rpm ia64: d6e4836af1f9fc37d73a981e25def5d6 seamonkey-1.0.8-0.1.el4.ia64.rpm f704d0e34baebf5d171985fd7563b3a7 seamonkey-chat-1.0.8-0.1.el4.ia64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 1b4beec7d1b8c233218d2caf94d0de12 seamonkey-debuginfo-1.0.8-0.1.el4.ia64.rpm abc2b9d6de06ac157d6e061b359581d2 seamonkey-devel-1.0.8-0.1.el4.ia64.rpm c8f0755c9bf719c2f4cd4f30610a90de seamonkey-dom-inspector-1.0.8-0.1.el4.ia64.rpm 5826c8a4a9c808851857037af3e86f6d seamonkey-js-debugger-1.0.8-0.1.el4.ia64.rpm f2f19aa6b12849fd4bd4be7cca5bf3db seamonkey-mail-1.0.8-0.1.el4.ia64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm ce460822031d3e127de6a4dff937243f seamonkey-nspr-1.0.8-0.1.el4.ia64.rpm cb228a1fefb73023dff832281f04da7f seamonkey-nspr-devel-1.0.8-0.1.el4.ia64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm 28c95fd78764092dd85d7cdec15810c1 seamonkey-nss-1.0.8-0.1.el4.ia64.rpm 84a9888a9b11cd5d69e822d1882a1684 seamonkey-nss-devel-1.0.8-0.1.el4.ia64.rpm x86_64: a3d961f678b9a6d9dd441fd6d8de14eb devhelp-0.10-0.7.el4.x86_64.rpm 3613a069a2a8a2b39e0f1d73f83339e9 devhelp-debuginfo-0.10-0.7.el4.x86_64.rpm f53da4b46c4a48584a060e0068bfb963 devhelp-devel-0.10-0.7.el4.x86_64.rpm b4aea5a678774182616d40c9becaf4f9 seamonkey-1.0.8-0.1.el4.x86_64.rpm a167d259cc94c2d369cc6f712b20dfd3 seamonkey-chat-1.0.8-0.1.el4.x86_64.rpm bed8c2cd6767db3fb2beb244f6f4d9d8 seamonkey-debuginfo-1.0.8-0.1.el4.i386.rpm 52f6b99b5339cdca4b07d35625a27c47 seamonkey-debuginfo-1.0.8-0.1.el4.x86_64.rpm 6755ac0942c51c6f578a30046e7b7e5b seamonkey-devel-1.0.8-0.1.el4.x86_64.rpm e602f18822356863bc40897fff02f86d seamonkey-dom-inspector-1.0.8-0.1.el4.x86_64.rpm 2ba77e5e76c66879578415b217f4aafe seamonkey-js-debugger-1.0.8-0.1.el4.x86_64.rpm 8a5c9c8f3baffe5a491d28969de4b19a seamonkey-mail-1.0.8-0.1.el4.x86_64.rpm adce235489a2b56887dbf8c752467b37 seamonkey-nspr-1.0.8-0.1.el4.i386.rpm 1adf186c710ae7e04a883e8a2e8371f5 seamonkey-nspr-1.0.8-0.1.el4.x86_64.rpm 89e51ec25b6ecfa053502102f78fc0d5 seamonkey-nspr-devel-1.0.8-0.1.el4.x86_64.rpm fc93912e0ac211c37c0f0d8828b801d3 seamonkey-nss-1.0.8-0.1.el4.i386.rpm bec59764bb9193b9150e3b713732d76e seamonkey-nss-1.0.8-0.1.el4.x86_64.rpm 97dbb84efdaa9293562868dfe7840129 seamonkey-nss-devel-1.0.8-0.1.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF36znXlSAg2UNWIIRAvk7AKCmguYTeRYI3p13dRlANzmvoW/PawCgiWhr 51cZn6p/VIUS0vwkxHJGgMw= =JkzM -----END PGP SIGNATURE----- From bugzilla at redhat.com Sat Feb 24 03:11:55 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 23 Feb 2007 22:11:55 -0500 Subject: [RHSA-2007:0079-01] Critical: Firefox security update Message-ID: <200702240311.l1O3BtUL015785@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: Firefox security update Advisory ID: RHSA-2007:0079-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0079.html Issue date: 2007-02-23 Updated on: 2007-02-23 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6077 CVE-2007-0008 CVE-2007-0009 CVE-2007-0775 CVE-2007-0777 CVE-2007-0778 CVE-2007-0779 CVE-2007-0780 CVE-2007-0800 CVE-2007-0981 CVE-2007-0995 CVE-2007-0996 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A malicious web page could execute JavaScript code in such a way that may result in Firefox crashing or executing arbitrary code as the user running Firefox. (CVE-2007-0775, CVE-2007-0777) Several cross-site scripting (XSS) flaws were found in the way Firefox processed certain malformed web pages. A malicious web page could display misleading information which may result in a user unknowingly divulging sensitive information such as a password. (CVE-2006-6077, CVE-2007-0995, CVE-2007-0996) A flaw was found in the way Firefox cached web pages on the local disk. A malicious web page may be able to inject arbitrary HTML into a browsing session if the user reloads a targeted site. (CVE-2007-0778) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking a user into thinking they are visiting a different site. (CVE-2007-0779) Two flaws were found in the way Firefox displayed blocked popup windows. If a user can be convinced to open a blocked popup, it is possible to read arbitrary local files, or conduct an XSS attack against the user. (CVE-2007-0780, CVE-2007-0800) Two buffer overflow flaws were found in the Network Security Services (NSS) code for processing the SSLv2 protocol. Connecting to a malicious secure web server could cause the execution of arbitrary code as the user running Firefox. (CVE-2007-0008, CVE-2007-0009) A flaw was found in the way Firefox handled the "location.hostname" value during certain browser domain checks. This flaw could allow a malicious web site to set domain cookies for an arbitrary site, or possibly perform an XSS attack. (CVE-2007-0981) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.10 that corrects these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 202352 - Firefox 1.5.0.5 startup script not updated for the add-on based locale 229802 - CVE-2007-0775 Multiple Firefox flaws (CVE-2007-0777, CVE-2007-0995, CVE-2007-0996, CVE-2006-6077, CVE-2007-0778, CVE-2007-0779, CVE-2007-0780, CVE-2007-0800, CVE-2007-0008, CVE-2007-0009, CVE-2007-0981) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.5.0.10-0.1.el4.src.rpm fd579d11e1a502a2173ab1780820a26a firefox-1.5.0.10-0.1.el4.src.rpm i386: 4cd4889a0517e9f6e78af778756d4a41 firefox-1.5.0.10-0.1.el4.i386.rpm c4840c2a2df9811d80d87c8238fae948 firefox-debuginfo-1.5.0.10-0.1.el4.i386.rpm ia64: 09bfead1018fad7afc4594a8e8e7bd26 firefox-1.5.0.10-0.1.el4.ia64.rpm 4feb8d321f7d93bbd6ae42fdbc164811 firefox-debuginfo-1.5.0.10-0.1.el4.ia64.rpm ppc: 1da627d9f44db48109bfa18a3f0cc2e5 firefox-1.5.0.10-0.1.el4.ppc.rpm 76cb837a3c265a6faebd428dfde2f81c firefox-debuginfo-1.5.0.10-0.1.el4.ppc.rpm s390: cfb43f8a002a70513d5cfc098884d52e firefox-1.5.0.10-0.1.el4.s390.rpm 958ca23c23d5ecb5a0f3c47a97928982 firefox-debuginfo-1.5.0.10-0.1.el4.s390.rpm s390x: 32df66e4d963123c0ca4b2cc645de754 firefox-1.5.0.10-0.1.el4.s390x.rpm dcf052a65ad856dca60bbde4c1d829e0 firefox-debuginfo-1.5.0.10-0.1.el4.s390x.rpm x86_64: 2483e1863a431c2ac987cb17c169219a firefox-1.5.0.10-0.1.el4.x86_64.rpm 028dabf45cdabdf78ac9650963ac5592 firefox-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.5.0.10-0.1.el4.src.rpm fd579d11e1a502a2173ab1780820a26a firefox-1.5.0.10-0.1.el4.src.rpm i386: 4cd4889a0517e9f6e78af778756d4a41 firefox-1.5.0.10-0.1.el4.i386.rpm c4840c2a2df9811d80d87c8238fae948 firefox-debuginfo-1.5.0.10-0.1.el4.i386.rpm x86_64: 2483e1863a431c2ac987cb17c169219a firefox-1.5.0.10-0.1.el4.x86_64.rpm 028dabf45cdabdf78ac9650963ac5592 firefox-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.5.0.10-0.1.el4.src.rpm fd579d11e1a502a2173ab1780820a26a firefox-1.5.0.10-0.1.el4.src.rpm i386: 4cd4889a0517e9f6e78af778756d4a41 firefox-1.5.0.10-0.1.el4.i386.rpm c4840c2a2df9811d80d87c8238fae948 firefox-debuginfo-1.5.0.10-0.1.el4.i386.rpm ia64: 09bfead1018fad7afc4594a8e8e7bd26 firefox-1.5.0.10-0.1.el4.ia64.rpm 4feb8d321f7d93bbd6ae42fdbc164811 firefox-debuginfo-1.5.0.10-0.1.el4.ia64.rpm x86_64: 2483e1863a431c2ac987cb17c169219a firefox-1.5.0.10-0.1.el4.x86_64.rpm 028dabf45cdabdf78ac9650963ac5592 firefox-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.5.0.10-0.1.el4.src.rpm fd579d11e1a502a2173ab1780820a26a firefox-1.5.0.10-0.1.el4.src.rpm i386: 4cd4889a0517e9f6e78af778756d4a41 firefox-1.5.0.10-0.1.el4.i386.rpm c4840c2a2df9811d80d87c8238fae948 firefox-debuginfo-1.5.0.10-0.1.el4.i386.rpm ia64: 09bfead1018fad7afc4594a8e8e7bd26 firefox-1.5.0.10-0.1.el4.ia64.rpm 4feb8d321f7d93bbd6ae42fdbc164811 firefox-debuginfo-1.5.0.10-0.1.el4.ia64.rpm x86_64: 2483e1863a431c2ac987cb17c169219a firefox-1.5.0.10-0.1.el4.x86_64.rpm 028dabf45cdabdf78ac9650963ac5592 firefox-debuginfo-1.5.0.10-0.1.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6077 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0008 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0009 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0775 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0777 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0778 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0779 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0981 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0995 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0996 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF36z4XlSAg2UNWIIRAjX4AKCcTBIFM3iFPcH0T5QdBUCZDOAVVQCeOETX JS/jGKR/8K0bnAlhkBja1Rc= =/wrs -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Feb 27 08:55:02 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 27 Feb 2007 03:55:02 -0500 Subject: [RHSA-2007:0085-01] Important: kernel security update Message-ID: <200702270855.l1R8t2eB017896@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2007:0085-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0085.html Issue date: 2007-02-27 Updated on: 2007-02-27 Product: Red Hat Enterprise Linux Keywords: nahant kernel update Obsoletes: RHSA-2007:0014 CVE Names: CVE-2007-0001 CVE-2007-0006 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix two security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for two security issues: * a flaw in the key serial number collision avoidance algorithm of the keyctl subsystem that allowed a local user to cause a denial of service (CVE-2007-0006, Important) * a flaw in the file watch implementation of the audit subsystems that allowed a local user to cause a denial of service (panic). To exploit this flaw a privileged user must have previously created a watch for a file (CVE-2007-0001, Moderate) In addition to the security issues described above, a fix for the SCTP subsystem to address a system crash which may be experienced in Telco environments has been included. Red Hat Enterprise Linux 4 users are advised to upgrade their kernels to the packages associated with their machine architecture and configurations as listed in this erratum. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 223129 - CVE-2007-0001 kernel panic watching /etc/passwd 223818 - kernel panic in sctp module 227495 - CVE-2007-0006 Key serial number collision problem 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm 1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm i386: 7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm 6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm 9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm 059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm 4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm ia64: 31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm 54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm 711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm 626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm noarch: 183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm ppc: 31fed3bedefad58ca137070a474993e3 kernel-2.6.9-42.0.10.EL.ppc64.rpm 12b8793caffe9a8e423c5aae114ab278 kernel-2.6.9-42.0.10.EL.ppc64iseries.rpm 2439f728fa4cc955b3f32e3293cce5f3 kernel-debuginfo-2.6.9-42.0.10.EL.ppc64.rpm 8e4fad77b36cd1ad85d46c6ff4dc1208 kernel-debuginfo-2.6.9-42.0.10.EL.ppc64iseries.rpm c31267fbcde1bdfa00b01d9c899c919b kernel-devel-2.6.9-42.0.10.EL.ppc64.rpm ae25e38f5f61abe14d7f4a39125cb225 kernel-devel-2.6.9-42.0.10.EL.ppc64iseries.rpm 6b65bb861d10908820f4790af8e82cd0 kernel-largesmp-2.6.9-42.0.10.EL.ppc64.rpm a26c7771ca2169f32c5ed60e30c5a487 kernel-largesmp-devel-2.6.9-42.0.10.EL.ppc64.rpm s390: ef8c8d9026aa6d070425e156f84a0126 kernel-2.6.9-42.0.10.EL.s390.rpm e4c0c1858459b58d18d7c6b2d02ef02c kernel-debuginfo-2.6.9-42.0.10.EL.s390.rpm 145f8e9fa674a5971069130bbac83477 kernel-devel-2.6.9-42.0.10.EL.s390.rpm s390x: 1b26a95bff6b75b5aa159f41e1655c57 kernel-2.6.9-42.0.10.EL.s390x.rpm cacb81d2e9207105cbbb736281d060ec kernel-debuginfo-2.6.9-42.0.10.EL.s390x.rpm 90c31342fcb6a911fabdbd1f933e87e7 kernel-devel-2.6.9-42.0.10.EL.s390x.rpm x86_64: cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm 69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm 4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm 97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm 1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm i386: 7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm 6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm 9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm 059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm 4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm noarch: 183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm x86_64: cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm 69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm 4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm 97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm 1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm i386: 7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm 6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm 9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm 059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm 4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm ia64: 31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm 54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm 711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm 626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm noarch: 183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm x86_64: cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm 69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm 4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm 97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-42.0.10.EL.src.rpm 1c365c7e860a5befc863fe3ddcd99348 kernel-2.6.9-42.0.10.EL.src.rpm i386: 7b18d06a3323f40304e6d2220b814cc9 kernel-2.6.9-42.0.10.EL.i686.rpm 6ec86856eec04bd71b1fe33215a0c0fd kernel-debuginfo-2.6.9-42.0.10.EL.i686.rpm 9fa98cea9b4347f1bb934c955e12777c kernel-devel-2.6.9-42.0.10.EL.i686.rpm abea2f5ae09397381300f476e1c851d3 kernel-hugemem-2.6.9-42.0.10.EL.i686.rpm 059ef62c55b663de5cf3493f68edb61a kernel-hugemem-devel-2.6.9-42.0.10.EL.i686.rpm a6b7c14dd615c2ba596218f99d6dc791 kernel-smp-2.6.9-42.0.10.EL.i686.rpm 4eef61b5cafa9decc595a7ad8777dce0 kernel-smp-devel-2.6.9-42.0.10.EL.i686.rpm ia64: 31e428fd48ade503595dc8d29db7a2b9 kernel-2.6.9-42.0.10.EL.ia64.rpm 54e4ef98367ded5742d321f5cc7fb355 kernel-debuginfo-2.6.9-42.0.10.EL.ia64.rpm f5cab16944e31dd7638b04338e32a5b7 kernel-devel-2.6.9-42.0.10.EL.ia64.rpm 711277591463504287acbffd0895feba kernel-largesmp-2.6.9-42.0.10.EL.ia64.rpm 626a89962ecce7d2fd0e836e8639f396 kernel-largesmp-devel-2.6.9-42.0.10.EL.ia64.rpm noarch: 183fe23ac5e8be41adf6c05d81b76555 kernel-doc-2.6.9-42.0.10.EL.noarch.rpm x86_64: cc5299e4937f5400436ba973bad7f015 kernel-2.6.9-42.0.10.EL.x86_64.rpm b7feda4cd3d988a19d36b5339de39fdf kernel-debuginfo-2.6.9-42.0.10.EL.x86_64.rpm 69fb41d441f99bd76e785c1a18bbbdf7 kernel-devel-2.6.9-42.0.10.EL.x86_64.rpm 4f5febec6e24716343a059b0f664a93d kernel-largesmp-2.6.9-42.0.10.EL.x86_64.rpm b4f5e823899006fe7e192afecb908cb1 kernel-largesmp-devel-2.6.9-42.0.10.EL.x86_64.rpm 97db663987ed857dae4d1dac6b4c2eb9 kernel-smp-2.6.9-42.0.10.EL.x86_64.rpm a761c5d60b8fdff8d06578339c1e6df7 kernel-smp-devel-2.6.9-42.0.10.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0006 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFF4/HfXlSAg2UNWIIRAg99AKCIpM/pcv0qXPzHSn2L+41esL+y9ACfS824 NFIDu7yIfcdmobGyI9bXml0= =/pec -----END PGP SIGNATURE-----