From bugzilla at redhat.com Tue May 1 17:49:15 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:49:15 -0400 Subject: [RHSA-2007:0203-02] Low: unzip security and bug fix update Message-ID: <200705011749.l41HnFdr030486@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: unzip security and bug fix update Advisory ID: RHSA-2007:0203-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0203.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: large file toctou CVE Names: CVE-2005-2475 CVE-2005-4667 - --------------------------------------------------------------------- 1. Summary: Updated unzip packages that fix two security issues and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The unzip utility is used to list, test, or extract files from a zip archive. A race condition was found in Unzip. Local users could use this flaw to modify permissions of arbitrary files via a hard link attack on a file while it was being decompressed (CVE-2005-2475) A buffer overflow was found in Unzip command line argument handling. If a user could be tricked into running Unzip with a specially crafted long file name, an attacker could execute arbitrary code with that user's privileges. (CVE-2005-4667) As well, this update adds support for files larger than 2GB. All users of unzip should upgrade to these updated packages, which contain backported patches that resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 164927 - CVE-2005-2475 TOCTOU issue in unzip 178960 - CVE-2005-4667 unzip long filename buffer overflow 199104 - unzip has not been compiled with large file support and cannot unzip files > 2G 230558 - unzip-5.51-8 leaves files as read-only (400) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/unzip-5.51-9.EL4.5.src.rpm dde2030ecdb6904361b00056d6271c5d unzip-5.51-9.EL4.5.src.rpm i386: d694a66c36337360c4b4dc46e4295e17 unzip-5.51-9.EL4.5.i386.rpm 5dbb123e8ed4f0dffc7d6a9691eac735 unzip-debuginfo-5.51-9.EL4.5.i386.rpm ia64: fd654f89bbb37937ac5c0bdf0df80843 unzip-5.51-9.EL4.5.ia64.rpm e25f4b007bf0d17e8cdee7cd174cf48b unzip-debuginfo-5.51-9.EL4.5.ia64.rpm ppc: fea3d9b6075db7578c5d55dc10712bfc unzip-5.51-9.EL4.5.ppc.rpm eaa0d171e25e267f4acafb4e8915e3d4 unzip-debuginfo-5.51-9.EL4.5.ppc.rpm s390: e154c6e1e1d5da18a4134582fd78df6f unzip-5.51-9.EL4.5.s390.rpm f45a8c6ce1c46b81226f54d829eb4f09 unzip-debuginfo-5.51-9.EL4.5.s390.rpm s390x: dc980ef3c7de918e07ed51c73e63ba4a unzip-5.51-9.EL4.5.s390x.rpm ab39363bdc419029745e17c31c793fa9 unzip-debuginfo-5.51-9.EL4.5.s390x.rpm x86_64: c70ff5fb35d0fae41b4440361095f25b unzip-5.51-9.EL4.5.x86_64.rpm e61b242fa13104fe2b4ab1be68dac892 unzip-debuginfo-5.51-9.EL4.5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/unzip-5.51-9.EL4.5.src.rpm dde2030ecdb6904361b00056d6271c5d unzip-5.51-9.EL4.5.src.rpm i386: d694a66c36337360c4b4dc46e4295e17 unzip-5.51-9.EL4.5.i386.rpm 5dbb123e8ed4f0dffc7d6a9691eac735 unzip-debuginfo-5.51-9.EL4.5.i386.rpm x86_64: c70ff5fb35d0fae41b4440361095f25b unzip-5.51-9.EL4.5.x86_64.rpm e61b242fa13104fe2b4ab1be68dac892 unzip-debuginfo-5.51-9.EL4.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/unzip-5.51-9.EL4.5.src.rpm dde2030ecdb6904361b00056d6271c5d unzip-5.51-9.EL4.5.src.rpm i386: d694a66c36337360c4b4dc46e4295e17 unzip-5.51-9.EL4.5.i386.rpm 5dbb123e8ed4f0dffc7d6a9691eac735 unzip-debuginfo-5.51-9.EL4.5.i386.rpm ia64: fd654f89bbb37937ac5c0bdf0df80843 unzip-5.51-9.EL4.5.ia64.rpm e25f4b007bf0d17e8cdee7cd174cf48b unzip-debuginfo-5.51-9.EL4.5.ia64.rpm x86_64: c70ff5fb35d0fae41b4440361095f25b unzip-5.51-9.EL4.5.x86_64.rpm e61b242fa13104fe2b4ab1be68dac892 unzip-debuginfo-5.51-9.EL4.5.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/unzip-5.51-9.EL4.5.src.rpm dde2030ecdb6904361b00056d6271c5d unzip-5.51-9.EL4.5.src.rpm i386: d694a66c36337360c4b4dc46e4295e17 unzip-5.51-9.EL4.5.i386.rpm 5dbb123e8ed4f0dffc7d6a9691eac735 unzip-debuginfo-5.51-9.EL4.5.i386.rpm ia64: fd654f89bbb37937ac5c0bdf0df80843 unzip-5.51-9.EL4.5.ia64.rpm e25f4b007bf0d17e8cdee7cd174cf48b unzip-debuginfo-5.51-9.EL4.5.ia64.rpm x86_64: c70ff5fb35d0fae41b4440361095f25b unzip-5.51-9.EL4.5.x86_64.rpm e61b242fa13104fe2b4ab1be68dac892 unzip-debuginfo-5.51-9.EL4.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN31tXlSAg2UNWIIRAvwBAJ9e3TGUs/MntTO6nBIA/FvEqCD1NACfS2uy 6I4eZ9h0+Bj19I2AF+qRwX0= =ksGK -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:49:54 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:49:54 -0400 Subject: [RHSA-2007:0208-02] Low: w3c-libwww security and bug fix update Message-ID: <200705011749.l41HnsdV030558@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: w3c-libwww security and bug fix update Advisory ID: RHSA-2007:0208-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0208.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-3183 - --------------------------------------------------------------------- 1. Summary: Updated w3c-libwww packages that fix a security issue and a bug are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: w3c-libwww is a general-purpose web library. Several buffer overflow flaws in w3c-libwww were found. If a client application that uses w3c-libwww connected to a malicious HTTP server, it could trigger an out of bounds memory access, causing the client application to crash (CVE-2005-3183). This updated version of w3c-libwww also fixes an issue when computing MD5 sums on a 64 bit machine. Users of w3c-libwww should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 163664 - /usr/lib64/libmd5.so is broken. 169495 - CVE-2005-3183 Multiple bugs in libwww - one exploitable - in Library/src/HTBound.c 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm ppc: e20415ead6919058b5e0792e7f038201 w3c-libwww-5.4.0-10.1.RHEL4.2.ppc.rpm 54e29e788248fba9c1a1b1a21468de37 w3c-libwww-5.4.0-10.1.RHEL4.2.ppc64.rpm 6718eb3dc7804724e7d2c48f1f29b66b w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ppc.rpm 38faec06014cb339e95f4b7c4cf602d3 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ppc.rpm 6d1b95e5446ee605df8c7d1e01625209 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ppc64.rpm b4babec6d53b2d34db31be94e0dbfb26 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ppc.rpm s390: ba843212e12261ad439c9703a33f3ed6 w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm 5e6d19c48b5a5ffae7048ccab6d68d06 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390.rpm 134fd18a7741d12ad813f572793b2088 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390.rpm 2a2f963f31a9920b4577e4ce7ab39e3c w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390.rpm s390x: ba843212e12261ad439c9703a33f3ed6 w3c-libwww-5.4.0-10.1.RHEL4.2.s390.rpm ebd676d4cbc19756aabf06ba6537262c w3c-libwww-5.4.0-10.1.RHEL4.2.s390x.rpm dc750df9eb1e58bb0887e4969e3d7a8d w3c-libwww-apps-5.4.0-10.1.RHEL4.2.s390x.rpm 134fd18a7741d12ad813f572793b2088 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390.rpm 1e03d6c927269840db1520a26cf2880c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.s390x.rpm 68054495a7e29a855f85b83bac370e57 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.s390x.rpm x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm f5c93edc9bd1a7543d617a412a391ca2 w3c-libwww-5.4.0-10.1.RHEL4.2.src.rpm i386: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm e992c6ad896a93590ae4ab02b861bf72 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.i386.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 86ec9f9c056f6cc6405b1fa7dfa62d47 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.i386.rpm ia64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 363e79315dbac0a85f48848cc6d7d582 w3c-libwww-5.4.0-10.1.RHEL4.2.ia64.rpm 55c54d4dbc71f571d9445d1ef787fed8 w3c-libwww-apps-5.4.0-10.1.RHEL4.2.ia64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm 29a2d58abf333a413b046429d41fa30b w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.ia64.rpm 8f70d61a913814b945ee01cd9b1aef97 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.ia64.rpm x86_64: 449772ace23168b1490fbd57ba093861 w3c-libwww-5.4.0-10.1.RHEL4.2.i386.rpm 313ef638f3107724fb43814ab7bca32c w3c-libwww-5.4.0-10.1.RHEL4.2.x86_64.rpm 74e2e34acb1fdd4d0b2fda8b45db506c w3c-libwww-apps-5.4.0-10.1.RHEL4.2.x86_64.rpm 0385c6b1be1a0cc1656d476394b83107 w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.i386.rpm af7ab7aa6348de6c1176fae0bdf5c62c w3c-libwww-debuginfo-5.4.0-10.1.RHEL4.2.x86_64.rpm eebdfad543cc4ee56a15a6f928c833f6 w3c-libwww-devel-5.4.0-10.1.RHEL4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3183 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN32iXlSAg2UNWIIRAraNAJ0W3mm7s+/hronXSb988l+qTtJrsQCdFR05 DmK+mbsb8eNas5F9M7yj0Ks= =ajAM -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:50:12 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:50:12 -0400 Subject: [RHSA-2007:0220-02] Moderate: gcc security and bug fix update Message-ID: <200705011750.l41HoCVk031076@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gcc security and bug fix update Advisory ID: RHSA-2007:0220-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0220.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: fastjar directory traversal CVE Names: CVE-2006-3619 - --------------------------------------------------------------------- 1. Summary: Updated gcc packages that fix a security issue and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The gcc packages include C, C++, Java, Fortran 77, Objective C, and Ada 95 GNU compilers and related support libraries. J?rgen Weigert discovered a directory traversal flaw in fastjar. An attacker could create a malicious JAR file which, if unpacked using fastjar, could write to any files the victim had write access to. (CVE-2006-3619) These updated packages also fix several bugs, including: * two debug information generator bugs * two internal compiler errors In addition to this, protoize.1 and unprotoize.1 manual pages have been added to the package and __cxa_get_exception_ptr@@CXXABI_1.3.1 symbol has been added into libstdc++.so.6. For full details regarding all fixed bugs, refer to the package changelog as well as the specified list of bug reports from bugzilla. All users of gcc should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 198912 - CVE-2006-3619 Directory traversal issue in fastjar 205919 - ICE related to std::vector > > 207277 - g++: internal compiler error: Segmentation fault 207303 - cannot rebuild gcc when build_java is 0 214353 - gcc-3.4.6-3 didn't produce correct debug_line info for some kernel functions 218377 - g++ compile runs forever on test file with optimization and debug info 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gcc-3.4.6-8.src.rpm 8e6d5bcabca302c16b2a30048535ed95 gcc-3.4.6-8.src.rpm i386: e0f0b27595ba48be28632359ff165c39 cpp-3.4.6-8.i386.rpm 45c3458477b291a2697a033881df32a0 gcc-3.4.6-8.i386.rpm dd4e2d846118f1427a69a5c0f830d309 gcc-c++-3.4.6-8.i386.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm cb382c90c0d49b9a89953200e926cac7 gcc-g77-3.4.6-8.i386.rpm e18b2ecd6bc4d629669fa9cc04c13783 gcc-gnat-3.4.6-8.i386.rpm 8b1c1291089ae1563e9aab28e355edbc gcc-java-3.4.6-8.i386.rpm d78c21e48d809c73f135aeaa64c9b08c gcc-objc-3.4.6-8.i386.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm f49a9b6d82b9d927b671e554f38d3bb0 libgcj-devel-3.4.6-8.i386.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm ia64: 53151d63f347253b3cadd53c0662ec14 cpp-3.4.6-8.ia64.rpm 6877e97cf5621ddc7e5d7fae8d9c6a75 gcc-3.4.6-8.ia64.rpm 22a1d15a93c7e829374571a56a9efd10 gcc-c++-3.4.6-8.ia64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 59a46e0c30fc53d75d2de5d0605d9b9e gcc-debuginfo-3.4.6-8.ia64.rpm ad9a10b271548981be50921b0bf6809b gcc-g77-3.4.6-8.ia64.rpm e38028f17015901d79056a5b48deb15c gcc-gnat-3.4.6-8.ia64.rpm 4a0c397ee2a273abcde6ea23c193ec35 gcc-java-3.4.6-8.ia64.rpm 122c53a5d130d92bfd28a995ceb71ad3 gcc-objc-3.4.6-8.ia64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 3c31efaa2abd006aff2a8f6a6af1ca6f libf2c-3.4.6-8.ia64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 8a7350a7c6b1b039fd3b4a22793b93a5 libgcc-3.4.6-8.ia64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 1245d9cd9b0082fc7b2c6e8443b8ea68 libgcj-3.4.6-8.ia64.rpm 1515bc758b2030e9f6aabcdc1254b790 libgcj-devel-3.4.6-8.ia64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm c3942bb6d70dd577f7b22df4fdf27b79 libgnat-3.4.6-8.ia64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm c85a5ba5aecf418f354c9ddede23b517 libobjc-3.4.6-8.ia64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 0544c5cef58e795c428d0ff0a45945b1 libstdc++-3.4.6-8.ia64.rpm 5bacbaf2ec67bd447a67ce79809022ba libstdc++-devel-3.4.6-8.ia64.rpm ppc: 7bcacf33e4d080b2893c7c71f2b330fa cpp-3.4.6-8.ppc.rpm 3933ade1c97a5d3c3c05044eb984daa6 gcc-3.4.6-8.ppc.rpm aec5b2230e95ddbfc760bbd5550ad976 gcc-c++-3.4.6-8.ppc.rpm aab9558484c6f35c0f556a6f69d3720c gcc-c++-ppc32-3.4.6-8.ppc.rpm 6fba4225aff873dd46dbf6db4ba7411f gcc-debuginfo-3.4.6-8.ppc.rpm 1f27cf4fd5e7749db43d27b7422f49a7 gcc-debuginfo-3.4.6-8.ppc64.rpm de92b05d631c854c4ed607a5249d846e gcc-g77-3.4.6-8.ppc.rpm 2236e86699a53d30c61f53a60483338d gcc-gnat-3.4.6-8.ppc.rpm 6e80c51665417760754faaf19aa7097a gcc-java-3.4.6-8.ppc.rpm 98a012640f4a836127bcd14e065d6189 gcc-objc-3.4.6-8.ppc.rpm 74e9d56b3c472a9a4b8f2e3dfde8036d gcc-ppc32-3.4.6-8.ppc.rpm bc84da137a87c9cbedc5a6154d1d2ea3 libf2c-3.4.6-8.ppc.rpm 996a27956f0bc0967557985edcfa82f0 libf2c-3.4.6-8.ppc64.rpm 210c908488246b0481c62048b4d1bb5a libgcc-3.4.6-8.ppc.rpm 890daf9d58f76ee8160b242f4b7bf850 libgcc-3.4.6-8.ppc64.rpm b1be12da4e88f726354548fbc1566f4f libgcj-3.4.6-8.ppc.rpm 7952ca607d18ae24a274037dc99ffff0 libgcj-3.4.6-8.ppc64.rpm 6641f7d5d0b8aa235f70a0c0613d3661 libgcj-devel-3.4.6-8.ppc.rpm 5f3591d81cfcc9e53c0c186c03931501 libgnat-3.4.6-8.ppc.rpm 3d4ec7d0f15ad614abba76ebf47e0efe libobjc-3.4.6-8.ppc.rpm 0ff3d9983d00093c750b513c3e7c8d14 libobjc-3.4.6-8.ppc64.rpm 7103f9a707bc4313f9469a7972cebeb0 libstdc++-3.4.6-8.ppc.rpm a070d50d537574ab4dc7e914b3a7c82d libstdc++-3.4.6-8.ppc64.rpm a3bd8b792b29e1738b0dcc9eba69ff97 libstdc++-devel-3.4.6-8.ppc.rpm 637a47724a1f38dd9d24bc1fd1628c8c libstdc++-devel-3.4.6-8.ppc64.rpm s390: d014cfeb93a06eb017169ff63c0661b6 cpp-3.4.6-8.s390.rpm 7b84f19edccd4848fa9f0e3983e60ab0 gcc-3.4.6-8.s390.rpm 98de418852d2e57c4c07f2bf29bfefd8 gcc-c++-3.4.6-8.s390.rpm b0a474d524995c06ca16ec749a9e28a9 gcc-debuginfo-3.4.6-8.s390.rpm 1b9d2b645c74189c1a52dbf4e360cdd4 gcc-g77-3.4.6-8.s390.rpm e8a4662655c60504893ebbb2343eb9e0 gcc-gnat-3.4.6-8.s390.rpm 2465ea2b421adf8aa7e9da6ffb3ed78c gcc-java-3.4.6-8.s390.rpm 09cd5a8ce56af7f384a2ed9bca23f784 gcc-objc-3.4.6-8.s390.rpm 1c319c6b8ea14ea01024f57414b9abad libf2c-3.4.6-8.s390.rpm eda1a1be25206d44a3f21ada054819a1 libgcc-3.4.6-8.s390.rpm aab10079cea0a347f7ac6c4b80ee4780 libgcj-3.4.6-8.s390.rpm 6eb1fa827b941424070128b98a77f625 libgcj-devel-3.4.6-8.s390.rpm d778a79cb6250144a1212e4242cbaedc libgnat-3.4.6-8.s390.rpm f41ec334e4c57b17c38a2f4f1cd94cc7 libobjc-3.4.6-8.s390.rpm a64e290b4a83236b5dc21a23d18f3ed7 libstdc++-3.4.6-8.s390.rpm a8e598977b442c0e5df441a3a3383061 libstdc++-devel-3.4.6-8.s390.rpm s390x: fdac75f0bd52d4d84d935797ed1817db cpp-3.4.6-8.s390x.rpm 484c854725ddcff7db95f96d17498a68 gcc-3.4.6-8.s390x.rpm 43023cf38028fc21df55f83fc2c375d6 gcc-c++-3.4.6-8.s390x.rpm b0a474d524995c06ca16ec749a9e28a9 gcc-debuginfo-3.4.6-8.s390.rpm 62410b01befe2ae50e5d75c863508828 gcc-debuginfo-3.4.6-8.s390x.rpm f86fbb58956047b84d8d4009a568bd72 gcc-g77-3.4.6-8.s390x.rpm 43457662e68e3228b7364641f10699be gcc-java-3.4.6-8.s390x.rpm 0840eb9f5166ac4b604dd76a6e8ea85f gcc-objc-3.4.6-8.s390x.rpm 1c319c6b8ea14ea01024f57414b9abad libf2c-3.4.6-8.s390.rpm 311d8fe045d856061cb6584294201d6c libf2c-3.4.6-8.s390x.rpm eda1a1be25206d44a3f21ada054819a1 libgcc-3.4.6-8.s390.rpm 2f6ef4706c6b20e16af93643f10ba68c libgcc-3.4.6-8.s390x.rpm aab10079cea0a347f7ac6c4b80ee4780 libgcj-3.4.6-8.s390.rpm 60ea99c20d3c8fa9ce45870a4356cbb0 libgcj-3.4.6-8.s390x.rpm c192ebf530834ce80e891cd6935d8643 libgcj-devel-3.4.6-8.s390x.rpm d778a79cb6250144a1212e4242cbaedc libgnat-3.4.6-8.s390.rpm f41ec334e4c57b17c38a2f4f1cd94cc7 libobjc-3.4.6-8.s390.rpm 23163deb52841a42b35a58373fe97878 libobjc-3.4.6-8.s390x.rpm a64e290b4a83236b5dc21a23d18f3ed7 libstdc++-3.4.6-8.s390.rpm c297464879195fd3639b142816e3d759 libstdc++-3.4.6-8.s390x.rpm a8e598977b442c0e5df441a3a3383061 libstdc++-devel-3.4.6-8.s390.rpm 64827b2143a30bdcfd16a5cfc53c89ea libstdc++-devel-3.4.6-8.s390x.rpm x86_64: 40116339dd861a83bda482ac3ebd18fb cpp-3.4.6-8.x86_64.rpm 1b8311eac3e34d85e76a6acb5b013840 gcc-3.4.6-8.x86_64.rpm 4ee9ca08efc2baa4d3e7fe2a1961f220 gcc-c++-3.4.6-8.x86_64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 6357989477901fc4f25459251b80a8b1 gcc-debuginfo-3.4.6-8.x86_64.rpm 4a1e4092e081518bf44dad5f815ad440 gcc-g77-3.4.6-8.x86_64.rpm 03c4e9a30379f8f84cd5211c33173556 gcc-gnat-3.4.6-8.x86_64.rpm 0c12b7b8a9c44950106afe1e5ca58799 gcc-java-3.4.6-8.x86_64.rpm d01754b1bf8bd20188afd0b66de5b2f4 gcc-objc-3.4.6-8.x86_64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 351534d4346969a1f2ad59e63c2208f1 libf2c-3.4.6-8.x86_64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 5e7654868b3230e58b5bc4610f852eb1 libgcc-3.4.6-8.x86_64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 818ba6d58164f73f3c6eb7c72ed20361 libgcj-3.4.6-8.x86_64.rpm f4f754aeb2fa9385d72b0e0cba94c8b0 libgcj-devel-3.4.6-8.x86_64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm cbb86751fc904d8b5e49cc96dc06715f libgnat-3.4.6-8.x86_64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 331ca84f80b34eec096726959b67b618 libobjc-3.4.6-8.x86_64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 4d0db429dc4a86984dad3174345446ee libstdc++-3.4.6-8.x86_64.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm e0197111269e3799af9ad3fa37b857ad libstdc++-devel-3.4.6-8.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gcc-3.4.6-8.src.rpm 8e6d5bcabca302c16b2a30048535ed95 gcc-3.4.6-8.src.rpm i386: e0f0b27595ba48be28632359ff165c39 cpp-3.4.6-8.i386.rpm 45c3458477b291a2697a033881df32a0 gcc-3.4.6-8.i386.rpm dd4e2d846118f1427a69a5c0f830d309 gcc-c++-3.4.6-8.i386.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm cb382c90c0d49b9a89953200e926cac7 gcc-g77-3.4.6-8.i386.rpm e18b2ecd6bc4d629669fa9cc04c13783 gcc-gnat-3.4.6-8.i386.rpm 8b1c1291089ae1563e9aab28e355edbc gcc-java-3.4.6-8.i386.rpm d78c21e48d809c73f135aeaa64c9b08c gcc-objc-3.4.6-8.i386.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm f49a9b6d82b9d927b671e554f38d3bb0 libgcj-devel-3.4.6-8.i386.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm x86_64: 40116339dd861a83bda482ac3ebd18fb cpp-3.4.6-8.x86_64.rpm 1b8311eac3e34d85e76a6acb5b013840 gcc-3.4.6-8.x86_64.rpm 4ee9ca08efc2baa4d3e7fe2a1961f220 gcc-c++-3.4.6-8.x86_64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 6357989477901fc4f25459251b80a8b1 gcc-debuginfo-3.4.6-8.x86_64.rpm 4a1e4092e081518bf44dad5f815ad440 gcc-g77-3.4.6-8.x86_64.rpm 03c4e9a30379f8f84cd5211c33173556 gcc-gnat-3.4.6-8.x86_64.rpm 0c12b7b8a9c44950106afe1e5ca58799 gcc-java-3.4.6-8.x86_64.rpm d01754b1bf8bd20188afd0b66de5b2f4 gcc-objc-3.4.6-8.x86_64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 351534d4346969a1f2ad59e63c2208f1 libf2c-3.4.6-8.x86_64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 5e7654868b3230e58b5bc4610f852eb1 libgcc-3.4.6-8.x86_64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 818ba6d58164f73f3c6eb7c72ed20361 libgcj-3.4.6-8.x86_64.rpm f4f754aeb2fa9385d72b0e0cba94c8b0 libgcj-devel-3.4.6-8.x86_64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm cbb86751fc904d8b5e49cc96dc06715f libgnat-3.4.6-8.x86_64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 331ca84f80b34eec096726959b67b618 libobjc-3.4.6-8.x86_64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 4d0db429dc4a86984dad3174345446ee libstdc++-3.4.6-8.x86_64.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm e0197111269e3799af9ad3fa37b857ad libstdc++-devel-3.4.6-8.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gcc-3.4.6-8.src.rpm 8e6d5bcabca302c16b2a30048535ed95 gcc-3.4.6-8.src.rpm i386: e0f0b27595ba48be28632359ff165c39 cpp-3.4.6-8.i386.rpm 45c3458477b291a2697a033881df32a0 gcc-3.4.6-8.i386.rpm dd4e2d846118f1427a69a5c0f830d309 gcc-c++-3.4.6-8.i386.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm cb382c90c0d49b9a89953200e926cac7 gcc-g77-3.4.6-8.i386.rpm e18b2ecd6bc4d629669fa9cc04c13783 gcc-gnat-3.4.6-8.i386.rpm 8b1c1291089ae1563e9aab28e355edbc gcc-java-3.4.6-8.i386.rpm d78c21e48d809c73f135aeaa64c9b08c gcc-objc-3.4.6-8.i386.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm f49a9b6d82b9d927b671e554f38d3bb0 libgcj-devel-3.4.6-8.i386.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm ia64: 53151d63f347253b3cadd53c0662ec14 cpp-3.4.6-8.ia64.rpm 6877e97cf5621ddc7e5d7fae8d9c6a75 gcc-3.4.6-8.ia64.rpm 22a1d15a93c7e829374571a56a9efd10 gcc-c++-3.4.6-8.ia64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 59a46e0c30fc53d75d2de5d0605d9b9e gcc-debuginfo-3.4.6-8.ia64.rpm ad9a10b271548981be50921b0bf6809b gcc-g77-3.4.6-8.ia64.rpm e38028f17015901d79056a5b48deb15c gcc-gnat-3.4.6-8.ia64.rpm 4a0c397ee2a273abcde6ea23c193ec35 gcc-java-3.4.6-8.ia64.rpm 122c53a5d130d92bfd28a995ceb71ad3 gcc-objc-3.4.6-8.ia64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 3c31efaa2abd006aff2a8f6a6af1ca6f libf2c-3.4.6-8.ia64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 8a7350a7c6b1b039fd3b4a22793b93a5 libgcc-3.4.6-8.ia64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 1245d9cd9b0082fc7b2c6e8443b8ea68 libgcj-3.4.6-8.ia64.rpm 1515bc758b2030e9f6aabcdc1254b790 libgcj-devel-3.4.6-8.ia64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm c3942bb6d70dd577f7b22df4fdf27b79 libgnat-3.4.6-8.ia64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm c85a5ba5aecf418f354c9ddede23b517 libobjc-3.4.6-8.ia64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 0544c5cef58e795c428d0ff0a45945b1 libstdc++-3.4.6-8.ia64.rpm 5bacbaf2ec67bd447a67ce79809022ba libstdc++-devel-3.4.6-8.ia64.rpm x86_64: 40116339dd861a83bda482ac3ebd18fb cpp-3.4.6-8.x86_64.rpm 1b8311eac3e34d85e76a6acb5b013840 gcc-3.4.6-8.x86_64.rpm 4ee9ca08efc2baa4d3e7fe2a1961f220 gcc-c++-3.4.6-8.x86_64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 6357989477901fc4f25459251b80a8b1 gcc-debuginfo-3.4.6-8.x86_64.rpm 4a1e4092e081518bf44dad5f815ad440 gcc-g77-3.4.6-8.x86_64.rpm 03c4e9a30379f8f84cd5211c33173556 gcc-gnat-3.4.6-8.x86_64.rpm 0c12b7b8a9c44950106afe1e5ca58799 gcc-java-3.4.6-8.x86_64.rpm d01754b1bf8bd20188afd0b66de5b2f4 gcc-objc-3.4.6-8.x86_64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 351534d4346969a1f2ad59e63c2208f1 libf2c-3.4.6-8.x86_64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 5e7654868b3230e58b5bc4610f852eb1 libgcc-3.4.6-8.x86_64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 818ba6d58164f73f3c6eb7c72ed20361 libgcj-3.4.6-8.x86_64.rpm f4f754aeb2fa9385d72b0e0cba94c8b0 libgcj-devel-3.4.6-8.x86_64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm cbb86751fc904d8b5e49cc96dc06715f libgnat-3.4.6-8.x86_64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 331ca84f80b34eec096726959b67b618 libobjc-3.4.6-8.x86_64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 4d0db429dc4a86984dad3174345446ee libstdc++-3.4.6-8.x86_64.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm e0197111269e3799af9ad3fa37b857ad libstdc++-devel-3.4.6-8.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gcc-3.4.6-8.src.rpm 8e6d5bcabca302c16b2a30048535ed95 gcc-3.4.6-8.src.rpm i386: e0f0b27595ba48be28632359ff165c39 cpp-3.4.6-8.i386.rpm 45c3458477b291a2697a033881df32a0 gcc-3.4.6-8.i386.rpm dd4e2d846118f1427a69a5c0f830d309 gcc-c++-3.4.6-8.i386.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm cb382c90c0d49b9a89953200e926cac7 gcc-g77-3.4.6-8.i386.rpm e18b2ecd6bc4d629669fa9cc04c13783 gcc-gnat-3.4.6-8.i386.rpm 8b1c1291089ae1563e9aab28e355edbc gcc-java-3.4.6-8.i386.rpm d78c21e48d809c73f135aeaa64c9b08c gcc-objc-3.4.6-8.i386.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm f49a9b6d82b9d927b671e554f38d3bb0 libgcj-devel-3.4.6-8.i386.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm ia64: 53151d63f347253b3cadd53c0662ec14 cpp-3.4.6-8.ia64.rpm 6877e97cf5621ddc7e5d7fae8d9c6a75 gcc-3.4.6-8.ia64.rpm 22a1d15a93c7e829374571a56a9efd10 gcc-c++-3.4.6-8.ia64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 59a46e0c30fc53d75d2de5d0605d9b9e gcc-debuginfo-3.4.6-8.ia64.rpm ad9a10b271548981be50921b0bf6809b gcc-g77-3.4.6-8.ia64.rpm e38028f17015901d79056a5b48deb15c gcc-gnat-3.4.6-8.ia64.rpm 4a0c397ee2a273abcde6ea23c193ec35 gcc-java-3.4.6-8.ia64.rpm 122c53a5d130d92bfd28a995ceb71ad3 gcc-objc-3.4.6-8.ia64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 3c31efaa2abd006aff2a8f6a6af1ca6f libf2c-3.4.6-8.ia64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 8a7350a7c6b1b039fd3b4a22793b93a5 libgcc-3.4.6-8.ia64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 1245d9cd9b0082fc7b2c6e8443b8ea68 libgcj-3.4.6-8.ia64.rpm 1515bc758b2030e9f6aabcdc1254b790 libgcj-devel-3.4.6-8.ia64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm c3942bb6d70dd577f7b22df4fdf27b79 libgnat-3.4.6-8.ia64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm c85a5ba5aecf418f354c9ddede23b517 libobjc-3.4.6-8.ia64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 0544c5cef58e795c428d0ff0a45945b1 libstdc++-3.4.6-8.ia64.rpm 5bacbaf2ec67bd447a67ce79809022ba libstdc++-devel-3.4.6-8.ia64.rpm x86_64: 40116339dd861a83bda482ac3ebd18fb cpp-3.4.6-8.x86_64.rpm 1b8311eac3e34d85e76a6acb5b013840 gcc-3.4.6-8.x86_64.rpm 4ee9ca08efc2baa4d3e7fe2a1961f220 gcc-c++-3.4.6-8.x86_64.rpm 743f630cc3ad20bd6b9d30605cd9e366 gcc-debuginfo-3.4.6-8.i386.rpm 6357989477901fc4f25459251b80a8b1 gcc-debuginfo-3.4.6-8.x86_64.rpm 4a1e4092e081518bf44dad5f815ad440 gcc-g77-3.4.6-8.x86_64.rpm 03c4e9a30379f8f84cd5211c33173556 gcc-gnat-3.4.6-8.x86_64.rpm 0c12b7b8a9c44950106afe1e5ca58799 gcc-java-3.4.6-8.x86_64.rpm d01754b1bf8bd20188afd0b66de5b2f4 gcc-objc-3.4.6-8.x86_64.rpm b66377ce963df1924d37ce761ef7b5d9 libf2c-3.4.6-8.i386.rpm 351534d4346969a1f2ad59e63c2208f1 libf2c-3.4.6-8.x86_64.rpm 80f40c65a86bad306138fb9586e9784f libgcc-3.4.6-8.i386.rpm 5e7654868b3230e58b5bc4610f852eb1 libgcc-3.4.6-8.x86_64.rpm 93c6c13ae6935070365c716376a9175d libgcj-3.4.6-8.i386.rpm 818ba6d58164f73f3c6eb7c72ed20361 libgcj-3.4.6-8.x86_64.rpm f4f754aeb2fa9385d72b0e0cba94c8b0 libgcj-devel-3.4.6-8.x86_64.rpm 3380ac1171da87625b4e58b0ea6bf874 libgnat-3.4.6-8.i386.rpm cbb86751fc904d8b5e49cc96dc06715f libgnat-3.4.6-8.x86_64.rpm 1f9617dc0539352dacf37ffe0a9d2b89 libobjc-3.4.6-8.i386.rpm 331ca84f80b34eec096726959b67b618 libobjc-3.4.6-8.x86_64.rpm 97f04e3fd6cb403754d1071f3aba70b3 libstdc++-3.4.6-8.i386.rpm 4d0db429dc4a86984dad3174345446ee libstdc++-3.4.6-8.x86_64.rpm 63c52bbb40ee198b4c3b6d3d686e75ca libstdc++-devel-3.4.6-8.i386.rpm e0197111269e3799af9ad3fa37b857ad libstdc++-devel-3.4.6-8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3619 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN33RXlSAg2UNWIIRAhUCAKCxCyfgeZ4dWsm+6HyL2GmDCZkcpwCgwe1+ qJKC10PWonyu09ep1hYTf4o= =Xgjo -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:51:41 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:51:41 -0400 Subject: [RHSA-2007:0229-02] Low: gdb security and bug fix update Message-ID: <200705011751.l41Hpfqa031205@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: gdb security and bug fix update Advisory ID: RHSA-2007:0229-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0229.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: stack buffer overflow dwarf CVE Names: CVE-2006-4146 - --------------------------------------------------------------------- 1. Summary: An updated gdb package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GDB, the GNU debugger, allows debugging of programs written in C, C++, and other languages by executing them in a controlled fashion and then printing their data. Various buffer overflows and underflows were found in the DWARF expression computation stack in GDB. If a user loaded an executable containing malicious debugging information into GDB, an attacker might be able to execute arbitrary code with the privileges of the user. (CVE-2006-4146) This updated package also addresses the following issues: * Fixed bogus 0x0 unwind of the thread's topmost function clone(3). * Fixed deadlock accessing invalid address; for corrupted backtraces. * Fixed a race which occasionally left the detached processes stopped. * Fixed 'gcore' command for 32bit debugged processes on 64bit hosts. * Added support for TLS 'errno' for threaded programs missing its '-debuginfo' package.. * Suggest TLS 'errno' resolving by hand if no threading was found.. * Added a fix to prevent stepping into asynchronously invoked signal handlers. * Added a fix to avoid false warning on shared objects bfd close on Itanium. * Fixed segmentation fault on the source display by ^X 1. * Fixed object names keyboard completion. * Added a fix to avoid crash of 'info threads' if stale threads exist. * Fixed a bug where shared libraries occasionally failed to load . * Fixed handling of exec() called by a threaded debugged program. * Fixed rebuilding requirements of the gdb package itself on multilib systems. * Fixed source directory pathname detection for the edit command. All users of gdb should upgrade to this updated package, which contains backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 185337 - p errno does not work when stopped at a breakpoint 193763 - Buffer overrun in add_minsym_members 195429 - info threads crashes if zombie threads exist 202682 - print call foo where foo is in library SEGV 202689 - Cannot find user-level thread for LWP 4256: generic error 204841 - CVE-2006-4146 GDB buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gdb-6.3.0.0-1.143.el4.src.rpm ed563ce21a2006efbc0692d66be0bc53 gdb-6.3.0.0-1.143.el4.src.rpm i386: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ia64: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm 529d36635ac1f649794a221566f2338f gdb-6.3.0.0-1.143.el4.ia64.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ce560ff1d05b9de73627f650d561b831 gdb-debuginfo-6.3.0.0-1.143.el4.ia64.rpm ppc: 98566f98be211ce100067cd7b85d3509 gdb-6.3.0.0-1.143.el4.ppc64.rpm 5d5dc74b03dc8832476add8b850a09ed gdb-debuginfo-6.3.0.0-1.143.el4.ppc64.rpm s390: bc1203b4bff149f6c2ca5b69e534060b gdb-6.3.0.0-1.143.el4.s390.rpm e5e6b66defffe1f28c471d5bd877072a gdb-debuginfo-6.3.0.0-1.143.el4.s390.rpm s390x: bf0e6243efc9bbe4b99c112bb018f1b3 gdb-6.3.0.0-1.143.el4.s390x.rpm 0019f56e10a21f8a97042fb32144c86a gdb-debuginfo-6.3.0.0-1.143.el4.s390x.rpm x86_64: 1226da2eef9141ecb6c1a6f8cdd985ab gdb-6.3.0.0-1.143.el4.x86_64.rpm 665fc3e159ab7f043580b89af8900042 gdb-debuginfo-6.3.0.0-1.143.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gdb-6.3.0.0-1.143.el4.src.rpm ed563ce21a2006efbc0692d66be0bc53 gdb-6.3.0.0-1.143.el4.src.rpm i386: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm x86_64: 1226da2eef9141ecb6c1a6f8cdd985ab gdb-6.3.0.0-1.143.el4.x86_64.rpm 665fc3e159ab7f043580b89af8900042 gdb-debuginfo-6.3.0.0-1.143.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gdb-6.3.0.0-1.143.el4.src.rpm ed563ce21a2006efbc0692d66be0bc53 gdb-6.3.0.0-1.143.el4.src.rpm i386: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ia64: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm 529d36635ac1f649794a221566f2338f gdb-6.3.0.0-1.143.el4.ia64.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ce560ff1d05b9de73627f650d561b831 gdb-debuginfo-6.3.0.0-1.143.el4.ia64.rpm x86_64: 1226da2eef9141ecb6c1a6f8cdd985ab gdb-6.3.0.0-1.143.el4.x86_64.rpm 665fc3e159ab7f043580b89af8900042 gdb-debuginfo-6.3.0.0-1.143.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gdb-6.3.0.0-1.143.el4.src.rpm ed563ce21a2006efbc0692d66be0bc53 gdb-6.3.0.0-1.143.el4.src.rpm i386: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ia64: 9b62527f67a18e666b0b067bcdd41c80 gdb-6.3.0.0-1.143.el4.i386.rpm 529d36635ac1f649794a221566f2338f gdb-6.3.0.0-1.143.el4.ia64.rpm bbe7e50dad259353505bcd74e7ea94d8 gdb-debuginfo-6.3.0.0-1.143.el4.i386.rpm ce560ff1d05b9de73627f650d561b831 gdb-debuginfo-6.3.0.0-1.143.el4.ia64.rpm x86_64: 1226da2eef9141ecb6c1a6f8cdd985ab gdb-6.3.0.0-1.143.el4.x86_64.rpm 665fc3e159ab7f043580b89af8900042 gdb-debuginfo-6.3.0.0-1.143.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4146 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN34rXlSAg2UNWIIRAmb/AKDBHa0hjTKFqO+RxhRMzqXGae+xKgCgr9v5 Z8jHlpIxzEvLRaqmbKJeT3k= =TNz5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:52:16 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:52:16 -0400 Subject: [RHSA-2007:0235-02] Low: util-linux security and bug fix update Message-ID: <200705011752.l41HqGXn031265@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: util-linux security and bug fix update Advisory ID: RHSA-2007:0235-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0235.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: mount fdisk login CVE Names: CVE-2006-7108 - --------------------------------------------------------------------- 1. Summary: An updated util-linux package that corrects a security issue and fixes several bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The util-linux package contains a collection of basic system utilities. A flaw was found in the way the login process handled logins which did not require authentication. Certain processes which conduct their own authentication could allow a remote user to bypass intended access policies which would normally be enforced by the login process. (CVE-2006-7108) This update also fixes the following bugs: * The partx, addpart and delpart commands were not documented. * The "umount -l" command did not work on hung NFS mounts with cached data. * The mount command did not mount NFS V3 share where sec=none was specified. * The mount command did not read filesystem LABEL from unpartitioned disks. * The mount command did not recognize labels on VFAT filesystems. * The fdisk command did not support 4096 sector size for the "-b" option. * The mount man page did not list option "mand" or information about /etc/mtab limitations. All users of util-linux should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 169299 - umount -l should work on hung NFS mounts with cached data 177331 - CVE-2006-7108 login omits pam_acct_mgmt & pam_chauthtok when authentication is skipped. 187370 - Unable to mount NFS V3 share where sec=none is specified 188099 - can't mount iscsi ext3 fs by label. 197768 - man mount' does not list option 'mand' 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/util-linux-2.12a-16.EL4.25.src.rpm b55ecbe0eac80ed7482e5e31265eb372 util-linux-2.12a-16.EL4.25.src.rpm i386: ff7c2ff0b317f3d23d8c86f07d101c55 util-linux-2.12a-16.EL4.25.i386.rpm 5d8435d17fd695098f82bab92b67894f util-linux-debuginfo-2.12a-16.EL4.25.i386.rpm ia64: 111cedb53d72339a1eb57880a463f669 util-linux-2.12a-16.EL4.25.ia64.rpm 952ccc2d0f0255f9d534b45e3e4d5f56 util-linux-debuginfo-2.12a-16.EL4.25.ia64.rpm ppc: 900880d8faadebd6216952c6eaa8ee31 util-linux-2.12a-16.EL4.25.ppc.rpm 46ed5fd2cb84f16380a5f538b2cc6d53 util-linux-debuginfo-2.12a-16.EL4.25.ppc.rpm s390: 85ab4e837ed645340d8d31687c9c2543 util-linux-2.12a-16.EL4.25.s390.rpm 1f839d8cac1ce9eea1f33364f46ae04b util-linux-debuginfo-2.12a-16.EL4.25.s390.rpm s390x: 051a5321c719ee77c56f218a4f360b7d util-linux-2.12a-16.EL4.25.s390x.rpm 735b7dda37760e12c3ec62eb2ff6f42e util-linux-debuginfo-2.12a-16.EL4.25.s390x.rpm x86_64: 4566fc204cdc0b6420f71f87959b82e2 util-linux-2.12a-16.EL4.25.x86_64.rpm 4728ab213aa22b059794f61e8800c465 util-linux-debuginfo-2.12a-16.EL4.25.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/util-linux-2.12a-16.EL4.25.src.rpm b55ecbe0eac80ed7482e5e31265eb372 util-linux-2.12a-16.EL4.25.src.rpm i386: ff7c2ff0b317f3d23d8c86f07d101c55 util-linux-2.12a-16.EL4.25.i386.rpm 5d8435d17fd695098f82bab92b67894f util-linux-debuginfo-2.12a-16.EL4.25.i386.rpm x86_64: 4566fc204cdc0b6420f71f87959b82e2 util-linux-2.12a-16.EL4.25.x86_64.rpm 4728ab213aa22b059794f61e8800c465 util-linux-debuginfo-2.12a-16.EL4.25.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/util-linux-2.12a-16.EL4.25.src.rpm b55ecbe0eac80ed7482e5e31265eb372 util-linux-2.12a-16.EL4.25.src.rpm i386: ff7c2ff0b317f3d23d8c86f07d101c55 util-linux-2.12a-16.EL4.25.i386.rpm 5d8435d17fd695098f82bab92b67894f util-linux-debuginfo-2.12a-16.EL4.25.i386.rpm ia64: 111cedb53d72339a1eb57880a463f669 util-linux-2.12a-16.EL4.25.ia64.rpm 952ccc2d0f0255f9d534b45e3e4d5f56 util-linux-debuginfo-2.12a-16.EL4.25.ia64.rpm x86_64: 4566fc204cdc0b6420f71f87959b82e2 util-linux-2.12a-16.EL4.25.x86_64.rpm 4728ab213aa22b059794f61e8800c465 util-linux-debuginfo-2.12a-16.EL4.25.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/util-linux-2.12a-16.EL4.25.src.rpm b55ecbe0eac80ed7482e5e31265eb372 util-linux-2.12a-16.EL4.25.src.rpm i386: ff7c2ff0b317f3d23d8c86f07d101c55 util-linux-2.12a-16.EL4.25.i386.rpm 5d8435d17fd695098f82bab92b67894f util-linux-debuginfo-2.12a-16.EL4.25.i386.rpm ia64: 111cedb53d72339a1eb57880a463f669 util-linux-2.12a-16.EL4.25.ia64.rpm 952ccc2d0f0255f9d534b45e3e4d5f56 util-linux-debuginfo-2.12a-16.EL4.25.ia64.rpm x86_64: 4566fc204cdc0b6420f71f87959b82e2 util-linux-2.12a-16.EL4.25.x86_64.rpm 4728ab213aa22b059794f61e8800c465 util-linux-debuginfo-2.12a-16.EL4.25.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7108 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN34/XlSAg2UNWIIRAsRYAKCBZzphgxrf6JIz6YAktAR9h/YwyACgmRWH NGsEmdj4N88WM8pv0rjV9Tw= =Khfp -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:52:49 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:52:49 -0400 Subject: [RHSA-2007:0244-02] Low: busybox security update Message-ID: <200705011752.l41Hqnue031293@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: busybox security update Advisory ID: RHSA-2007:0244-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0244.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: passwd password salt CVE Names: CVE-2006-1058 - --------------------------------------------------------------------- 1. Summary: Updated busybox packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Busybox is a single binary which includes versions of a large number of system commands, including a shell. This package can be useful for recovering from certain types of system failures. BusyBox did not use a salt when generating passwords. This made it easier for local users to guess passwords from a stolen password file. (CVE-2006-1058) All users of busybox are advised to upgrade to these updated packages, which contain a patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 187385 - CVE-2006-1058 BusyBox passwd command fails to generate password with salt 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/busybox-1.00.rc1-7.el4.src.rpm ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm ppc: fc6013011a2d944a442901c8a0de1400 busybox-1.00.rc1-7.el4.ppc.rpm db566bb18a8f8e94867a72ca6b0fcffe busybox-anaconda-1.00.rc1-7.el4.ppc.rpm c173d1da417e684ecee543c6705839c8 busybox-debuginfo-1.00.rc1-7.el4.ppc.rpm s390: 11d4fee314ba2cd27668ac83c3578d60 busybox-1.00.rc1-7.el4.s390.rpm 512b3cebe22667f0302529ab275f385e busybox-anaconda-1.00.rc1-7.el4.s390.rpm 0202d2b541d01c7bccfa37bd631700b5 busybox-debuginfo-1.00.rc1-7.el4.s390.rpm s390x: 411da7f089bd7137bc8e87e16433873b busybox-1.00.rc1-7.el4.s390x.rpm 955f8e60ee02fbf5006990ed3ce8320c busybox-anaconda-1.00.rc1-7.el4.s390x.rpm c33265d15a9affb07f42563de1748640 busybox-debuginfo-1.00.rc1-7.el4.s390x.rpm x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/busybox-1.00.rc1-7.el4.src.rpm ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/busybox-1.00.rc1-7.el4.src.rpm ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/busybox-1.00.rc1-7.el4.src.rpm ea2688de7955de4405bfc008b05378c3 busybox-1.00.rc1-7.el4.src.rpm i386: 0c75c06c661fa74ae832fcc4a7153ab8 busybox-1.00.rc1-7.el4.i386.rpm daf7431daa3182f804f1b894dadab07f busybox-anaconda-1.00.rc1-7.el4.i386.rpm 0461ac0f9559603d5d63b3f3caddf5d9 busybox-debuginfo-1.00.rc1-7.el4.i386.rpm ia64: 18a46f64c36e642650a9ebb363b54b0e busybox-1.00.rc1-7.el4.ia64.rpm 3b590129989305b1c24a1de53c7ae08d busybox-anaconda-1.00.rc1-7.el4.ia64.rpm ba4c2058d9fc7bb310639ede4d89c581 busybox-debuginfo-1.00.rc1-7.el4.ia64.rpm x86_64: e5a89cfec326d1a3ad4b20c0c2c491b6 busybox-1.00.rc1-7.el4.x86_64.rpm b43c019639dff4050734fb850aecdd1e busybox-anaconda-1.00.rc1-7.el4.x86_64.rpm 15cfbd33e8f4778569d3dbeb775c8303 busybox-debuginfo-1.00.rc1-7.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1058 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN35iXlSAg2UNWIIRAhdDAKCdL9nOOngsJy7tNEAMx3cAS5IB1QCghGjg KaErDKXCD8/GWKlmtX6HrHk= =QEVM -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:52:56 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:52:56 -0400 Subject: [RHSA-2007:0245-02] Low: cpio security and bug fix update Message-ID: <200705011752.l41Hqu3r031300@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: cpio security and bug fix update Advisory ID: RHSA-2007:0245-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0245.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: 64bit CVE Names: CVE-2005-4268 - --------------------------------------------------------------------- 1. Summary: An updated cpio package that fixes a security issue and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: GNU cpio copies files into or out of a cpio or tar archive. A buffer overflow was found in cpio on 64-bit platforms. By tricking a user into adding a specially crafted large file to a cpio archive, a local attacker may be able to exploit this flaw to execute arbitrary code with the target user's privileges. (CVE-2005-4268) This erratum also addresses the following bugs: * cpio did not set exit codes appropriately. * cpio did not create a ram disk properly. All users of cpio are advised to upgrade to this updated package, which contains backported fixes to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 172865 - CVE-2005-4268 cpio large filesize buffer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/cpio-2.5-13.RHEL4.src.rpm 72e927324438473ed3de93d31b1092b8 cpio-2.5-13.RHEL4.src.rpm i386: 34fcfdfabd7d7272ba82ae717ed681db cpio-2.5-13.RHEL4.i386.rpm f7e679ed314b0f18dfda8dea57585722 cpio-debuginfo-2.5-13.RHEL4.i386.rpm ia64: d2c0c27a343258eba84b3b84536a28bd cpio-2.5-13.RHEL4.ia64.rpm e305d5dd56b40477660e6b47f6c5e3db cpio-debuginfo-2.5-13.RHEL4.ia64.rpm ppc: a693c658d90dbc54c4eb72603cd3680c cpio-2.5-13.RHEL4.ppc.rpm 1152f5d0e1b329a3826f07db7cdf4069 cpio-debuginfo-2.5-13.RHEL4.ppc.rpm s390: 727190b7208a1a38747d686ead2dd43d cpio-2.5-13.RHEL4.s390.rpm 6dd80d512c82c74cf11334c85a89c9c5 cpio-debuginfo-2.5-13.RHEL4.s390.rpm s390x: 46dda77012cb216ed1e324e3fcb1025b cpio-2.5-13.RHEL4.s390x.rpm f93d3fa1b42ddd3f5e94392bbbcdf088 cpio-debuginfo-2.5-13.RHEL4.s390x.rpm x86_64: 5d7496ce80a871ae437c9a0c51e34bdc cpio-2.5-13.RHEL4.x86_64.rpm 75c525eaecdbd397e5deb32c9aca651c cpio-debuginfo-2.5-13.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/cpio-2.5-13.RHEL4.src.rpm 72e927324438473ed3de93d31b1092b8 cpio-2.5-13.RHEL4.src.rpm i386: 34fcfdfabd7d7272ba82ae717ed681db cpio-2.5-13.RHEL4.i386.rpm f7e679ed314b0f18dfda8dea57585722 cpio-debuginfo-2.5-13.RHEL4.i386.rpm x86_64: 5d7496ce80a871ae437c9a0c51e34bdc cpio-2.5-13.RHEL4.x86_64.rpm 75c525eaecdbd397e5deb32c9aca651c cpio-debuginfo-2.5-13.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/cpio-2.5-13.RHEL4.src.rpm 72e927324438473ed3de93d31b1092b8 cpio-2.5-13.RHEL4.src.rpm i386: 34fcfdfabd7d7272ba82ae717ed681db cpio-2.5-13.RHEL4.i386.rpm f7e679ed314b0f18dfda8dea57585722 cpio-debuginfo-2.5-13.RHEL4.i386.rpm ia64: d2c0c27a343258eba84b3b84536a28bd cpio-2.5-13.RHEL4.ia64.rpm e305d5dd56b40477660e6b47f6c5e3db cpio-debuginfo-2.5-13.RHEL4.ia64.rpm x86_64: 5d7496ce80a871ae437c9a0c51e34bdc cpio-2.5-13.RHEL4.x86_64.rpm 75c525eaecdbd397e5deb32c9aca651c cpio-debuginfo-2.5-13.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/cpio-2.5-13.RHEL4.src.rpm 72e927324438473ed3de93d31b1092b8 cpio-2.5-13.RHEL4.src.rpm i386: 34fcfdfabd7d7272ba82ae717ed681db cpio-2.5-13.RHEL4.i386.rpm f7e679ed314b0f18dfda8dea57585722 cpio-debuginfo-2.5-13.RHEL4.i386.rpm ia64: d2c0c27a343258eba84b3b84536a28bd cpio-2.5-13.RHEL4.ia64.rpm e305d5dd56b40477660e6b47f6c5e3db cpio-debuginfo-2.5-13.RHEL4.ia64.rpm x86_64: 5d7496ce80a871ae437c9a0c51e34bdc cpio-2.5-13.RHEL4.x86_64.rpm 75c525eaecdbd397e5deb32c9aca651c cpio-debuginfo-2.5-13.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4268 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN351XlSAg2UNWIIRApzpAKCdOiSHKh8mKdOs6u8FICXIjpozqQCgqe1i VGGPK3eyaCZ5utqGeRotFBk= =ttkD -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:53:17 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:53:17 -0400 Subject: [RHSA-2007:0252-02] Low: sendmail security and bug fix update Message-ID: <200705011753.l41HrHTt031334@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: sendmail security and bug fix update Advisory ID: RHSA-2007:0252-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0252.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: localhost.localdomain CipherList CVE Names: CVE-2006-7176 - --------------------------------------------------------------------- 1. Summary: Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Sendmail is a very widely used Mail Transport Agent (MTA). MTAs deliver mail from one machine to another. Sendmail is not a client program, but rather a behind-the-scenes daemon that moves email over networks or the Internet to its final destination. The configuration of Sendmail on Red Hat Enterprise Linux was found to not reject the "localhost.localdomain" domain name for e-mail messages that came from external hosts. This could have allowed remote attackers to disguise spoofed messages (CVE-2006-7176). This updated package also fixes the following bugs: * Infinite loop within tls read. * Incorrect path to selinuxenabled in initscript. * Build artifacts from sendmail-cf package. * Missing socketmap support. * Add support for CipherList configuration directive. * Path for aliases file. * Failure of shutting down sm-client. * Allows to specify persistent queue runners. * Missing dnl for SMART_HOST define. * Fixes connections stay in CLOSE_WAIT. All users of Sendmail should upgrade to these updated packages, which contains backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 121850 - [PATCH] infinite loop within tls_read 152282 - Incorrect path to selinuxenabled in /etc/init.d/sendmail 152955 - sendmail-cf contains rpm build artifacts 156191 - Changelog says 'Socketmap Supported' but it's not compiled in. 166744 - aliases man page specifies incorrect location of aliases file 171838 - CVE-2006-7176 sendmail allows external mail with from address xxx at localhost.localdomain 172352 - Sendmail allows SSLv2 during STARTTLS, and the CipherList config option isn't supported so you can't turn it off 200920 - shutting down sm-client fails 200921 - [PATCH] method to specify persistent queue runners? 200923 - sendmail.mc missing dnl on SMART_HOST define 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/sendmail-8.13.1-3.2.el4.src.rpm e07d0205352eb73b1011021a10522b61 sendmail-8.13.1-3.2.el4.src.rpm i386: 54e4730bcfcb10b6e865af6886e58bf4 sendmail-8.13.1-3.2.el4.i386.rpm 7db401a5ac49f76abc7812c26652c1ea sendmail-cf-8.13.1-3.2.el4.i386.rpm ec1f31a862f58f97338c3caa30a99fe2 sendmail-debuginfo-8.13.1-3.2.el4.i386.rpm 658721b05ad13272736f28f9e2396460 sendmail-devel-8.13.1-3.2.el4.i386.rpm eaeba078a91bf80ea81be7ced9f14a60 sendmail-doc-8.13.1-3.2.el4.i386.rpm ia64: f5b2c9c308e22965dc1d6864d7b98813 sendmail-8.13.1-3.2.el4.ia64.rpm 931c1f98f30189e8a525e9d4be72c706 sendmail-cf-8.13.1-3.2.el4.ia64.rpm 574838066c532817ad7fb392179ea8ea sendmail-debuginfo-8.13.1-3.2.el4.ia64.rpm f31db098d7450d6e4121b370d21e583e sendmail-devel-8.13.1-3.2.el4.ia64.rpm 120f9fb49dde5a1b0c9b026470feed41 sendmail-doc-8.13.1-3.2.el4.ia64.rpm ppc: b0fb1b772ccc0cccb81819897fb29819 sendmail-8.13.1-3.2.el4.ppc.rpm e0a1d1a0ffceb5f78e7a7d90a28ad09f sendmail-cf-8.13.1-3.2.el4.ppc.rpm 24f3e3db714698844a47e4bcc85c7b81 sendmail-debuginfo-8.13.1-3.2.el4.ppc.rpm 90ada0195183a7e519c7a42de602587b sendmail-devel-8.13.1-3.2.el4.ppc.rpm ae87913c88ec26fc316019a4fe060c0b sendmail-doc-8.13.1-3.2.el4.ppc.rpm s390: 7efcf2a9513d9eb2baf9605a0790519e sendmail-8.13.1-3.2.el4.s390.rpm 38aa827a7e26e368ad029faaa63373ef sendmail-cf-8.13.1-3.2.el4.s390.rpm b3311fd8dd20229fb163dbe3f654969f sendmail-debuginfo-8.13.1-3.2.el4.s390.rpm 03b6bd2e0a2bdbea93b953b16d988819 sendmail-devel-8.13.1-3.2.el4.s390.rpm 80d93c9d2631655a4bf839d54d1b3e78 sendmail-doc-8.13.1-3.2.el4.s390.rpm s390x: 0089b24c8077394abc60f2e5fd7fccb1 sendmail-8.13.1-3.2.el4.s390x.rpm d71011432c7461b8b58d3fe62307c01b sendmail-cf-8.13.1-3.2.el4.s390x.rpm a64eb5b8d18d3a38c92d9dc71de36b65 sendmail-debuginfo-8.13.1-3.2.el4.s390x.rpm bbfe650afd7529e1bc25ea79038a309d sendmail-devel-8.13.1-3.2.el4.s390x.rpm 2991cd74266e23d7edbc3818719640dc sendmail-doc-8.13.1-3.2.el4.s390x.rpm x86_64: b32d5cc7710c22895c8709a2fdb6ee6d sendmail-8.13.1-3.2.el4.x86_64.rpm 7343b19614880e430016319462dc1399 sendmail-cf-8.13.1-3.2.el4.x86_64.rpm 120a1028613725751b99fd32776b4953 sendmail-debuginfo-8.13.1-3.2.el4.x86_64.rpm 0a1ec7e3864548765077d8c0b85f3ea6 sendmail-devel-8.13.1-3.2.el4.x86_64.rpm 5652fa8847d14232c3e3ed21a3bab160 sendmail-doc-8.13.1-3.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/sendmail-8.13.1-3.2.el4.src.rpm e07d0205352eb73b1011021a10522b61 sendmail-8.13.1-3.2.el4.src.rpm i386: 54e4730bcfcb10b6e865af6886e58bf4 sendmail-8.13.1-3.2.el4.i386.rpm 7db401a5ac49f76abc7812c26652c1ea sendmail-cf-8.13.1-3.2.el4.i386.rpm ec1f31a862f58f97338c3caa30a99fe2 sendmail-debuginfo-8.13.1-3.2.el4.i386.rpm 658721b05ad13272736f28f9e2396460 sendmail-devel-8.13.1-3.2.el4.i386.rpm eaeba078a91bf80ea81be7ced9f14a60 sendmail-doc-8.13.1-3.2.el4.i386.rpm x86_64: b32d5cc7710c22895c8709a2fdb6ee6d sendmail-8.13.1-3.2.el4.x86_64.rpm 7343b19614880e430016319462dc1399 sendmail-cf-8.13.1-3.2.el4.x86_64.rpm 120a1028613725751b99fd32776b4953 sendmail-debuginfo-8.13.1-3.2.el4.x86_64.rpm 0a1ec7e3864548765077d8c0b85f3ea6 sendmail-devel-8.13.1-3.2.el4.x86_64.rpm 5652fa8847d14232c3e3ed21a3bab160 sendmail-doc-8.13.1-3.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/sendmail-8.13.1-3.2.el4.src.rpm e07d0205352eb73b1011021a10522b61 sendmail-8.13.1-3.2.el4.src.rpm i386: 54e4730bcfcb10b6e865af6886e58bf4 sendmail-8.13.1-3.2.el4.i386.rpm 7db401a5ac49f76abc7812c26652c1ea sendmail-cf-8.13.1-3.2.el4.i386.rpm ec1f31a862f58f97338c3caa30a99fe2 sendmail-debuginfo-8.13.1-3.2.el4.i386.rpm 658721b05ad13272736f28f9e2396460 sendmail-devel-8.13.1-3.2.el4.i386.rpm eaeba078a91bf80ea81be7ced9f14a60 sendmail-doc-8.13.1-3.2.el4.i386.rpm ia64: f5b2c9c308e22965dc1d6864d7b98813 sendmail-8.13.1-3.2.el4.ia64.rpm 931c1f98f30189e8a525e9d4be72c706 sendmail-cf-8.13.1-3.2.el4.ia64.rpm 574838066c532817ad7fb392179ea8ea sendmail-debuginfo-8.13.1-3.2.el4.ia64.rpm f31db098d7450d6e4121b370d21e583e sendmail-devel-8.13.1-3.2.el4.ia64.rpm 120f9fb49dde5a1b0c9b026470feed41 sendmail-doc-8.13.1-3.2.el4.ia64.rpm x86_64: b32d5cc7710c22895c8709a2fdb6ee6d sendmail-8.13.1-3.2.el4.x86_64.rpm 7343b19614880e430016319462dc1399 sendmail-cf-8.13.1-3.2.el4.x86_64.rpm 120a1028613725751b99fd32776b4953 sendmail-debuginfo-8.13.1-3.2.el4.x86_64.rpm 0a1ec7e3864548765077d8c0b85f3ea6 sendmail-devel-8.13.1-3.2.el4.x86_64.rpm 5652fa8847d14232c3e3ed21a3bab160 sendmail-doc-8.13.1-3.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/sendmail-8.13.1-3.2.el4.src.rpm e07d0205352eb73b1011021a10522b61 sendmail-8.13.1-3.2.el4.src.rpm i386: 54e4730bcfcb10b6e865af6886e58bf4 sendmail-8.13.1-3.2.el4.i386.rpm 7db401a5ac49f76abc7812c26652c1ea sendmail-cf-8.13.1-3.2.el4.i386.rpm ec1f31a862f58f97338c3caa30a99fe2 sendmail-debuginfo-8.13.1-3.2.el4.i386.rpm 658721b05ad13272736f28f9e2396460 sendmail-devel-8.13.1-3.2.el4.i386.rpm eaeba078a91bf80ea81be7ced9f14a60 sendmail-doc-8.13.1-3.2.el4.i386.rpm ia64: f5b2c9c308e22965dc1d6864d7b98813 sendmail-8.13.1-3.2.el4.ia64.rpm 931c1f98f30189e8a525e9d4be72c706 sendmail-cf-8.13.1-3.2.el4.ia64.rpm 574838066c532817ad7fb392179ea8ea sendmail-debuginfo-8.13.1-3.2.el4.ia64.rpm f31db098d7450d6e4121b370d21e583e sendmail-devel-8.13.1-3.2.el4.ia64.rpm 120f9fb49dde5a1b0c9b026470feed41 sendmail-doc-8.13.1-3.2.el4.ia64.rpm x86_64: b32d5cc7710c22895c8709a2fdb6ee6d sendmail-8.13.1-3.2.el4.x86_64.rpm 7343b19614880e430016319462dc1399 sendmail-cf-8.13.1-3.2.el4.x86_64.rpm 120a1028613725751b99fd32776b4953 sendmail-debuginfo-8.13.1-3.2.el4.x86_64.rpm 0a1ec7e3864548765077d8c0b85f3ea6 sendmail-devel-8.13.1-3.2.el4.x86_64.rpm 5652fa8847d14232c3e3ed21a3bab160 sendmail-doc-8.13.1-3.2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7176 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN36LXlSAg2UNWIIRAjveAKC0ttgu3abJRu/ZICLYyWSzF4vw7wCcC7ny ffNmqP2G+OjdrmBW0HgeGtA= =GJbo -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:54:18 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:54:18 -0400 Subject: [RHSA-2007:0257-02] Low: openssh security and bug fix update Message-ID: <200705011754.l41HsIFi031399@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openssh security and bug fix update Advisory ID: RHSA-2007:0257-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0257.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: syslog buffer length IPv6 X11 forwarding CVE Names: CVE-2005-2666 - --------------------------------------------------------------------- 1. Summary: Updated openssh packages that fix a security issue and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server. OpenSSH stores hostnames, IP addresses, and keys in plaintext in the known_hosts file. A local attacker that has already compromised a user's SSH account could use this information to generate a list of additional targets that are likely to have the same password or key. (CVE-2005-2666) The following bugs have also been fixed in this update: * The ssh client could abort the running connection when the server application generated a large output at once. * When 'X11UseLocalhost' option was set to 'no' on systems with IPv6 networking enabled, the X11 forwarding socket listened only for IPv6 connections. * When the privilege separation was enabled in /etc/ssh/sshd_config, some log messages in the system log were duplicated and also had timestamps from an incorrect timezone. All users of openssh should upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 162681 - CVE-2005-2666 openssh vulnerable to known_hosts address harvesting 184357 - buffer_append_space: alloc not supported Error 193710 - [PATCH] audit patch for openssh missing #include "loginrec.h" in auth.c 201594 - sshd does not create ipv4 listen socket for X11 forwarding 203671 - additional (time skewed) log entries in /var/log/secure since U4 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.20.src.rpm 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm ppc: cac15ade9405e8ef47939842656b6f70 openssh-3.9p1-8.RHEL4.20.ppc.rpm 783a2f6121f3a7373e5f7d7048f95ecd openssh-askpass-3.9p1-8.RHEL4.20.ppc.rpm 2571d5eb1f66180cf8eebc281d7a41bd openssh-askpass-gnome-3.9p1-8.RHEL4.20.ppc.rpm 195d880c6af6314c807fd74249bc494c openssh-clients-3.9p1-8.RHEL4.20.ppc.rpm b8dfde972ad2d579e8ded57589cdf4f7 openssh-debuginfo-3.9p1-8.RHEL4.20.ppc.rpm 5bac6e49005be5b599254ab40e6582f1 openssh-server-3.9p1-8.RHEL4.20.ppc.rpm s390: 7f2a4d71dde9957902770b5a8cbebb98 openssh-3.9p1-8.RHEL4.20.s390.rpm 6a768d4d2fb313e8e9536854f8980cff openssh-askpass-3.9p1-8.RHEL4.20.s390.rpm e0eed1c1b158d2b9f4265931ddfec2df openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390.rpm d776bccdb065c52fee0820c2452e7909 openssh-clients-3.9p1-8.RHEL4.20.s390.rpm 1fcd5df3d202ceb6ddbf2decade7bd18 openssh-debuginfo-3.9p1-8.RHEL4.20.s390.rpm 05f4d043e3fd7993e041ac8af1954ffd openssh-server-3.9p1-8.RHEL4.20.s390.rpm s390x: ee4dd7366a973d0cc074397ab44b3d36 openssh-3.9p1-8.RHEL4.20.s390x.rpm e521ced488fc72105e1591653855cfa0 openssh-askpass-3.9p1-8.RHEL4.20.s390x.rpm b3099fded8c796a4b7a26fc9918f8694 openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390x.rpm 7b3894c6220efb08cd42e2ba41b97c24 openssh-clients-3.9p1-8.RHEL4.20.s390x.rpm 71b619d3ae4411c7ca6f557b342165e1 openssh-debuginfo-3.9p1-8.RHEL4.20.s390x.rpm 612e6fa71dd9d0b4a0abb84af6ad0e0d openssh-server-3.9p1-8.RHEL4.20.s390x.rpm x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssh-3.9p1-8.RHEL4.20.src.rpm 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssh-3.9p1-8.RHEL4.20.src.rpm 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.20.src.rpm 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN369XlSAg2UNWIIRAhbsAJ9LBYD/KePZGPmhqMABL+TiNcNM1wCeOsQ+ k93E2M32aMPbUmLEi3bQVSE= =xO6S -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:54:30 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:54:30 -0400 Subject: [RHSA-2007:0276-02] Low: shadow-utils security and bug fix update Message-ID: <200705011754.l41HsUaO031416@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: shadow-utils security and bug fix update Advisory ID: RHSA-2007:0276-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0276.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: mailbox race condition CVE Names: CVE-2006-1174 - --------------------------------------------------------------------- 1. Summary: Updated shadow-utils packages that fix a security issue and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The shadow-utils package includes the necessary programs for converting UNIX password files to the shadow password format, as well as programs for managing user and group accounts. A flaw was found in the useradd tool in shadow-utils. A new user's mailbox, when created, could have random permissions for a short period. This could allow a local attacker to read or modify the mailbox. (CVE-2006-1174) This update also fixes the following bugs: * shadow-utils debuginfo package was empty. * faillog was unusable on 64-bit systems. It checked every UID from 0 to the max UID, which was an excessively large number on 64-bit systems. * typo bug in login.defs file All users of shadow-utils are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 176951 - shadow-utils-debuginfo is empty 177017 - faillog doesn't handle large UIDs well 188263 - typo in /etc/login.defs 193053 - CVE-2006-1174 shadow-utils mailbox creation race condition 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/shadow-utils-4.0.3-61.RHEL4.src.rpm 27a806cdce6ee1e07c7178b0f97e61f8 shadow-utils-4.0.3-61.RHEL4.src.rpm i386: 97eb50ec2a451168eebbbfa7e2278bad shadow-utils-4.0.3-61.RHEL4.i386.rpm 7af873fec83429452328a0d99a7e9570 shadow-utils-debuginfo-4.0.3-61.RHEL4.i386.rpm ia64: 50e10226650a72262916f9af8a0809a1 shadow-utils-4.0.3-61.RHEL4.ia64.rpm 15525b069cb021c537d4ed39489909d9 shadow-utils-debuginfo-4.0.3-61.RHEL4.ia64.rpm ppc: 9db2a7e51c1d50c7afa7143769267127 shadow-utils-4.0.3-61.RHEL4.ppc.rpm 70005f73019bd015f9dd75fcbf3bcb0c shadow-utils-debuginfo-4.0.3-61.RHEL4.ppc.rpm s390: 581e4671e28971d933f86b22f00b3d81 shadow-utils-4.0.3-61.RHEL4.s390.rpm 1c7e1b2fd507b0be4e46d9810d48f0a4 shadow-utils-debuginfo-4.0.3-61.RHEL4.s390.rpm s390x: 20a2d814d215e9baf4157508cb4f2d23 shadow-utils-4.0.3-61.RHEL4.s390x.rpm d3ae98b5923ed05ce9ef13cd26b4891a shadow-utils-debuginfo-4.0.3-61.RHEL4.s390x.rpm x86_64: 8aaf79b408d0fd299809882843b7f3a1 shadow-utils-4.0.3-61.RHEL4.x86_64.rpm ac20c2785b17571d3a633996e0c427fa shadow-utils-debuginfo-4.0.3-61.RHEL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/shadow-utils-4.0.3-61.RHEL4.src.rpm 27a806cdce6ee1e07c7178b0f97e61f8 shadow-utils-4.0.3-61.RHEL4.src.rpm i386: 97eb50ec2a451168eebbbfa7e2278bad shadow-utils-4.0.3-61.RHEL4.i386.rpm 7af873fec83429452328a0d99a7e9570 shadow-utils-debuginfo-4.0.3-61.RHEL4.i386.rpm x86_64: 8aaf79b408d0fd299809882843b7f3a1 shadow-utils-4.0.3-61.RHEL4.x86_64.rpm ac20c2785b17571d3a633996e0c427fa shadow-utils-debuginfo-4.0.3-61.RHEL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/shadow-utils-4.0.3-61.RHEL4.src.rpm 27a806cdce6ee1e07c7178b0f97e61f8 shadow-utils-4.0.3-61.RHEL4.src.rpm i386: 97eb50ec2a451168eebbbfa7e2278bad shadow-utils-4.0.3-61.RHEL4.i386.rpm 7af873fec83429452328a0d99a7e9570 shadow-utils-debuginfo-4.0.3-61.RHEL4.i386.rpm ia64: 50e10226650a72262916f9af8a0809a1 shadow-utils-4.0.3-61.RHEL4.ia64.rpm 15525b069cb021c537d4ed39489909d9 shadow-utils-debuginfo-4.0.3-61.RHEL4.ia64.rpm x86_64: 8aaf79b408d0fd299809882843b7f3a1 shadow-utils-4.0.3-61.RHEL4.x86_64.rpm ac20c2785b17571d3a633996e0c427fa shadow-utils-debuginfo-4.0.3-61.RHEL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/shadow-utils-4.0.3-61.RHEL4.src.rpm 27a806cdce6ee1e07c7178b0f97e61f8 shadow-utils-4.0.3-61.RHEL4.src.rpm i386: 97eb50ec2a451168eebbbfa7e2278bad shadow-utils-4.0.3-61.RHEL4.i386.rpm 7af873fec83429452328a0d99a7e9570 shadow-utils-debuginfo-4.0.3-61.RHEL4.i386.rpm ia64: 50e10226650a72262916f9af8a0809a1 shadow-utils-4.0.3-61.RHEL4.ia64.rpm 15525b069cb021c537d4ed39489909d9 shadow-utils-debuginfo-4.0.3-61.RHEL4.ia64.rpm x86_64: 8aaf79b408d0fd299809882843b7f3a1 shadow-utils-4.0.3-61.RHEL4.x86_64.rpm ac20c2785b17571d3a633996e0c427fa shadow-utils-debuginfo-4.0.3-61.RHEL4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1174 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN37VXlSAg2UNWIIRAjGHAKC9Z6nVK/cc76iI5l5CDOwyqgfq5QCfa324 G95Wwbh5e38pD+0nAjtuPAE= =SWEM -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:54:48 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:54:48 -0400 Subject: [RHSA-2007:0286-02] Low: gdm security and bug fix update Message-ID: <200705011754.l41HsmCb031435@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: gdm security and bug fix update Advisory ID: RHSA-2007:0286-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0286.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux Keywords: .Xauthority race condition CVE Names: CVE-2006-1057 - --------------------------------------------------------------------- 1. Summary: An updated gdm package that fixes a security issue and a bug is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Gdm (the GNOME Display Manager) is a highly configurable reimplementation of xdm, the X Display Manager. Gdm allows you to log into your system with the X Window System running and supports running several different X sessions on your local machine at the same time. Marcus Meissner discovered a race condition issue in the way Gdm modifies the permissions on the .ICEauthority file. A local attacker could exploit this flaw to gain privileges. Due to the nature of the flaw, however, a successful exploitation was unlikely. (CVE-2006-1057) This erratum also includes a bug fix to correct the pam configuration for the audit system. All users of gdm should upgrade to this updated package, which contains backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 159338 - gdm update for new audit system 188302 - CVE-2006-1057 GDM file permissions race condition 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.15.src.rpm 7c6a9e6faabcc3ee235e39ffbc302c1d gdm-2.6.0.5-7.rhel4.15.src.rpm i386: 298d605e4ba10fb68a49aba0699d84a7 gdm-2.6.0.5-7.rhel4.15.i386.rpm e346d2491ec0a37c6644f69b9af60711 gdm-debuginfo-2.6.0.5-7.rhel4.15.i386.rpm ia64: 5bc9d3a15228d06ce0e2e746672af19a gdm-2.6.0.5-7.rhel4.15.ia64.rpm daeea7f1287b3563c01f31e5a26c4853 gdm-debuginfo-2.6.0.5-7.rhel4.15.ia64.rpm ppc: 118eba1dd505514b44ee2864d6ef53b2 gdm-2.6.0.5-7.rhel4.15.ppc.rpm 7f457dc913f59edffa1d67410dbb9664 gdm-debuginfo-2.6.0.5-7.rhel4.15.ppc.rpm s390: 1bbe16709e32eaf9a5cdadb4aa3cd0df gdm-2.6.0.5-7.rhel4.15.s390.rpm 48aa9fc93f744458e0cb7ee92b67fd91 gdm-debuginfo-2.6.0.5-7.rhel4.15.s390.rpm s390x: 7707a11959a00214932cf41e6c31e1d9 gdm-2.6.0.5-7.rhel4.15.s390x.rpm 27bcb099c402711332b6a2ad9932276e gdm-debuginfo-2.6.0.5-7.rhel4.15.s390x.rpm x86_64: 56b3f1b0741daa26cca66326086765b3 gdm-2.6.0.5-7.rhel4.15.x86_64.rpm ec14fee9396e0c36fc62a23a7a1e4db5 gdm-debuginfo-2.6.0.5-7.rhel4.15.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.15.src.rpm 7c6a9e6faabcc3ee235e39ffbc302c1d gdm-2.6.0.5-7.rhel4.15.src.rpm i386: 298d605e4ba10fb68a49aba0699d84a7 gdm-2.6.0.5-7.rhel4.15.i386.rpm e346d2491ec0a37c6644f69b9af60711 gdm-debuginfo-2.6.0.5-7.rhel4.15.i386.rpm x86_64: 56b3f1b0741daa26cca66326086765b3 gdm-2.6.0.5-7.rhel4.15.x86_64.rpm ec14fee9396e0c36fc62a23a7a1e4db5 gdm-debuginfo-2.6.0.5-7.rhel4.15.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.15.src.rpm 7c6a9e6faabcc3ee235e39ffbc302c1d gdm-2.6.0.5-7.rhel4.15.src.rpm i386: 298d605e4ba10fb68a49aba0699d84a7 gdm-2.6.0.5-7.rhel4.15.i386.rpm e346d2491ec0a37c6644f69b9af60711 gdm-debuginfo-2.6.0.5-7.rhel4.15.i386.rpm ia64: 5bc9d3a15228d06ce0e2e746672af19a gdm-2.6.0.5-7.rhel4.15.ia64.rpm daeea7f1287b3563c01f31e5a26c4853 gdm-debuginfo-2.6.0.5-7.rhel4.15.ia64.rpm x86_64: 56b3f1b0741daa26cca66326086765b3 gdm-2.6.0.5-7.rhel4.15.x86_64.rpm ec14fee9396e0c36fc62a23a7a1e4db5 gdm-debuginfo-2.6.0.5-7.rhel4.15.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gdm-2.6.0.5-7.rhel4.15.src.rpm 7c6a9e6faabcc3ee235e39ffbc302c1d gdm-2.6.0.5-7.rhel4.15.src.rpm i386: 298d605e4ba10fb68a49aba0699d84a7 gdm-2.6.0.5-7.rhel4.15.i386.rpm e346d2491ec0a37c6644f69b9af60711 gdm-debuginfo-2.6.0.5-7.rhel4.15.i386.rpm ia64: 5bc9d3a15228d06ce0e2e746672af19a gdm-2.6.0.5-7.rhel4.15.ia64.rpm daeea7f1287b3563c01f31e5a26c4853 gdm-debuginfo-2.6.0.5-7.rhel4.15.ia64.rpm x86_64: 56b3f1b0741daa26cca66326086765b3 gdm-2.6.0.5-7.rhel4.15.x86_64.rpm ec14fee9396e0c36fc62a23a7a1e4db5 gdm-debuginfo-2.6.0.5-7.rhel4.15.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1057 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN37hXlSAg2UNWIIRAjE1AKCfJbI/PJoK4BwfV+ev9bPBcJOW4QCbB4UO RrDkHK4KcrQdxwKeE+ZidjM= =kymu -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 1 17:54:59 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 1 May 2007 13:54:59 -0400 Subject: [RHSA-2007:0310-02] Low: openldap security update Message-ID: <200705011754.l41HsxnL031446@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openldap security update Advisory ID: RHSA-2007:0310-02 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0310.html Issue date: 2007-05-01 Updated on: 2007-05-01 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-4600 - --------------------------------------------------------------------- 1. Summary: A updated openldap packages that fix a security flaw is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenLDAP is an open source suite of LDAP (Lightweight Directory Access Protocol) applications and development tools. A flaw was found in the way OpenLDAP handled selfwrite access. Users with selfwrite access were able to modify the distinguished name of any user. (CVE-2006-4600) All users are advised to upgrade to these updated openldap packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 205826 - CVE-2006-4600 openldap improper selfwrite access 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openldap-2.2.13-7.4E.src.rpm 6361da4ab6394b05ddeadc0f098a2920 openldap-2.2.13-7.4E.src.rpm i386: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 90de80e2d54e308fab31def982778336 openldap-clients-2.2.13-7.4E.i386.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm e7b2ebb7053cd2de3b6580e60a776030 openldap-devel-2.2.13-7.4E.i386.rpm 3c5405ebd50dba9c33eab8827c7b86d7 openldap-servers-2.2.13-7.4E.i386.rpm 9f09549a4bac7a15985e5c68d0e64f93 openldap-servers-sql-2.2.13-7.4E.i386.rpm ia64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 67c1abbff376926a8ce8a349dcadc4c4 compat-openldap-2.1.30-7.4E.ia64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 91ae8d90eadd2f44f94eea1e7f4de242 openldap-2.2.13-7.4E.ia64.rpm 8b2b1f0763d68f0ba99ae7024a1007cc openldap-clients-2.2.13-7.4E.ia64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm b764f9481a14c3b3a04c6705baa247f4 openldap-debuginfo-2.2.13-7.4E.ia64.rpm c31c0bc8b3fb33ff5c2586e8d532a1c6 openldap-devel-2.2.13-7.4E.ia64.rpm deef986e4e80960f184abcdfcb8b916d openldap-servers-2.2.13-7.4E.ia64.rpm f7d8e7436f307fe825921f6e44914d5b openldap-servers-sql-2.2.13-7.4E.ia64.rpm ppc: d437ed52cb1c0d3861defe3dce935edb compat-openldap-2.1.30-7.4E.ppc.rpm 7b48354b2a8d879adc2ce085797a2218 compat-openldap-2.1.30-7.4E.ppc64.rpm 98821d96824cc4c4354e4aae625b0a60 openldap-2.2.13-7.4E.ppc.rpm 922e9b90bc704cc0dc579d72a2d478be openldap-2.2.13-7.4E.ppc64.rpm e7d9d75e050437294e14c9e42d8d5f55 openldap-clients-2.2.13-7.4E.ppc.rpm 0ec5d83989b01e933099dd05d08c9d80 openldap-debuginfo-2.2.13-7.4E.ppc.rpm 117a66cc0e60ac4fae355ad3e0532635 openldap-debuginfo-2.2.13-7.4E.ppc64.rpm 295354e11427e192a92e49746c2b8800 openldap-devel-2.2.13-7.4E.ppc.rpm 14c8cc18be701894afc82b6880ace4af openldap-servers-2.2.13-7.4E.ppc.rpm 53a9c2088328b47c14319aa80d24e38a openldap-servers-sql-2.2.13-7.4E.ppc.rpm s390: bf383f13cf7864a820f8a926c3e98a18 compat-openldap-2.1.30-7.4E.s390.rpm 8a4788f71401843555b552a2e4633184 openldap-2.2.13-7.4E.s390.rpm 523f83037bbafc8a5738adc56e797c11 openldap-clients-2.2.13-7.4E.s390.rpm 0009f97a89c9e9645b811f881ff3855a openldap-debuginfo-2.2.13-7.4E.s390.rpm 07e54e63f580aa63a9434eeb23f5177d openldap-devel-2.2.13-7.4E.s390.rpm 3f30a3153ae36d729d2400865e0e4535 openldap-servers-2.2.13-7.4E.s390.rpm 78c1c932920f29f1d4850c291e9174a5 openldap-servers-sql-2.2.13-7.4E.s390.rpm s390x: bf383f13cf7864a820f8a926c3e98a18 compat-openldap-2.1.30-7.4E.s390.rpm d50525d3e4a082c1b42d694850d85309 compat-openldap-2.1.30-7.4E.s390x.rpm 8a4788f71401843555b552a2e4633184 openldap-2.2.13-7.4E.s390.rpm c97e87d1230100bdef87955bdbe844b2 openldap-2.2.13-7.4E.s390x.rpm 61bc7a53da94a42c3ce1b5c71abf50e1 openldap-clients-2.2.13-7.4E.s390x.rpm 0009f97a89c9e9645b811f881ff3855a openldap-debuginfo-2.2.13-7.4E.s390.rpm 4c9e64292dea0c474bf18ed213d2a704 openldap-debuginfo-2.2.13-7.4E.s390x.rpm 21dc01c8fbc94cb6952c75fbde1c07db openldap-devel-2.2.13-7.4E.s390x.rpm 4f4175522ab7e72bfb1f2998bae5ec76 openldap-servers-2.2.13-7.4E.s390x.rpm 3a45d711f7630f9e95b881ad53727eb4 openldap-servers-sql-2.2.13-7.4E.s390x.rpm x86_64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 0857e9c56f0e0b1a79d030095c8bacfc compat-openldap-2.1.30-7.4E.x86_64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm de900974e30e11b6c377d40e4f8e39e8 openldap-2.2.13-7.4E.x86_64.rpm 959a8a1685419b90724959c823c068e1 openldap-clients-2.2.13-7.4E.x86_64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm 5fc9f3152530ee8c217ef0a0daef4b93 openldap-debuginfo-2.2.13-7.4E.x86_64.rpm 8f9f3f89468bd592c97fe1287905ecda openldap-devel-2.2.13-7.4E.x86_64.rpm 112dbb50c82fcd6545b03568b62b2159 openldap-servers-2.2.13-7.4E.x86_64.rpm 469c3b1f539bca8b76b7a97856ca6ec9 openldap-servers-sql-2.2.13-7.4E.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openldap-2.2.13-7.4E.src.rpm 6361da4ab6394b05ddeadc0f098a2920 openldap-2.2.13-7.4E.src.rpm i386: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 90de80e2d54e308fab31def982778336 openldap-clients-2.2.13-7.4E.i386.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm e7b2ebb7053cd2de3b6580e60a776030 openldap-devel-2.2.13-7.4E.i386.rpm 3c5405ebd50dba9c33eab8827c7b86d7 openldap-servers-2.2.13-7.4E.i386.rpm 9f09549a4bac7a15985e5c68d0e64f93 openldap-servers-sql-2.2.13-7.4E.i386.rpm x86_64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 0857e9c56f0e0b1a79d030095c8bacfc compat-openldap-2.1.30-7.4E.x86_64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm de900974e30e11b6c377d40e4f8e39e8 openldap-2.2.13-7.4E.x86_64.rpm 959a8a1685419b90724959c823c068e1 openldap-clients-2.2.13-7.4E.x86_64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm 5fc9f3152530ee8c217ef0a0daef4b93 openldap-debuginfo-2.2.13-7.4E.x86_64.rpm 8f9f3f89468bd592c97fe1287905ecda openldap-devel-2.2.13-7.4E.x86_64.rpm 112dbb50c82fcd6545b03568b62b2159 openldap-servers-2.2.13-7.4E.x86_64.rpm 469c3b1f539bca8b76b7a97856ca6ec9 openldap-servers-sql-2.2.13-7.4E.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openldap-2.2.13-7.4E.src.rpm 6361da4ab6394b05ddeadc0f098a2920 openldap-2.2.13-7.4E.src.rpm i386: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 90de80e2d54e308fab31def982778336 openldap-clients-2.2.13-7.4E.i386.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm e7b2ebb7053cd2de3b6580e60a776030 openldap-devel-2.2.13-7.4E.i386.rpm 3c5405ebd50dba9c33eab8827c7b86d7 openldap-servers-2.2.13-7.4E.i386.rpm 9f09549a4bac7a15985e5c68d0e64f93 openldap-servers-sql-2.2.13-7.4E.i386.rpm ia64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 67c1abbff376926a8ce8a349dcadc4c4 compat-openldap-2.1.30-7.4E.ia64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 91ae8d90eadd2f44f94eea1e7f4de242 openldap-2.2.13-7.4E.ia64.rpm 8b2b1f0763d68f0ba99ae7024a1007cc openldap-clients-2.2.13-7.4E.ia64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm b764f9481a14c3b3a04c6705baa247f4 openldap-debuginfo-2.2.13-7.4E.ia64.rpm c31c0bc8b3fb33ff5c2586e8d532a1c6 openldap-devel-2.2.13-7.4E.ia64.rpm deef986e4e80960f184abcdfcb8b916d openldap-servers-2.2.13-7.4E.ia64.rpm f7d8e7436f307fe825921f6e44914d5b openldap-servers-sql-2.2.13-7.4E.ia64.rpm x86_64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 0857e9c56f0e0b1a79d030095c8bacfc compat-openldap-2.1.30-7.4E.x86_64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm de900974e30e11b6c377d40e4f8e39e8 openldap-2.2.13-7.4E.x86_64.rpm 959a8a1685419b90724959c823c068e1 openldap-clients-2.2.13-7.4E.x86_64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm 5fc9f3152530ee8c217ef0a0daef4b93 openldap-debuginfo-2.2.13-7.4E.x86_64.rpm 8f9f3f89468bd592c97fe1287905ecda openldap-devel-2.2.13-7.4E.x86_64.rpm 112dbb50c82fcd6545b03568b62b2159 openldap-servers-2.2.13-7.4E.x86_64.rpm 469c3b1f539bca8b76b7a97856ca6ec9 openldap-servers-sql-2.2.13-7.4E.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openldap-2.2.13-7.4E.src.rpm 6361da4ab6394b05ddeadc0f098a2920 openldap-2.2.13-7.4E.src.rpm i386: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 90de80e2d54e308fab31def982778336 openldap-clients-2.2.13-7.4E.i386.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm e7b2ebb7053cd2de3b6580e60a776030 openldap-devel-2.2.13-7.4E.i386.rpm 3c5405ebd50dba9c33eab8827c7b86d7 openldap-servers-2.2.13-7.4E.i386.rpm 9f09549a4bac7a15985e5c68d0e64f93 openldap-servers-sql-2.2.13-7.4E.i386.rpm ia64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 67c1abbff376926a8ce8a349dcadc4c4 compat-openldap-2.1.30-7.4E.ia64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm 91ae8d90eadd2f44f94eea1e7f4de242 openldap-2.2.13-7.4E.ia64.rpm 8b2b1f0763d68f0ba99ae7024a1007cc openldap-clients-2.2.13-7.4E.ia64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm b764f9481a14c3b3a04c6705baa247f4 openldap-debuginfo-2.2.13-7.4E.ia64.rpm c31c0bc8b3fb33ff5c2586e8d532a1c6 openldap-devel-2.2.13-7.4E.ia64.rpm deef986e4e80960f184abcdfcb8b916d openldap-servers-2.2.13-7.4E.ia64.rpm f7d8e7436f307fe825921f6e44914d5b openldap-servers-sql-2.2.13-7.4E.ia64.rpm x86_64: 734452591616549fbf73e17b2271bd3e compat-openldap-2.1.30-7.4E.i386.rpm 0857e9c56f0e0b1a79d030095c8bacfc compat-openldap-2.1.30-7.4E.x86_64.rpm ba9170df21f098d47d0b20f2398a0d75 openldap-2.2.13-7.4E.i386.rpm de900974e30e11b6c377d40e4f8e39e8 openldap-2.2.13-7.4E.x86_64.rpm 959a8a1685419b90724959c823c068e1 openldap-clients-2.2.13-7.4E.x86_64.rpm 884c17ce1c3288dbcd46db1c41307bab openldap-debuginfo-2.2.13-7.4E.i386.rpm 5fc9f3152530ee8c217ef0a0daef4b93 openldap-debuginfo-2.2.13-7.4E.x86_64.rpm 8f9f3f89468bd592c97fe1287905ecda openldap-devel-2.2.13-7.4E.x86_64.rpm 112dbb50c82fcd6545b03568b62b2159 openldap-servers-2.2.13-7.4E.x86_64.rpm 469c3b1f539bca8b76b7a97856ca6ec9 openldap-servers-sql-2.2.13-7.4E.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4600 http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGN37xXlSAg2UNWIIRAndJAJ93Ba3gS8cjY9+KXMJyjXSakuIBgQCeNN+i EBikfoyOw6IDIWz4Gz/rCko= =deuZ -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 2 14:33:51 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 2 May 2007 10:33:51 -0400 Subject: [RHSA-2007:0322-01] Important: xscreensaver security update Message-ID: <200705021433.l42EXpa1029268@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: xscreensaver security update Advisory ID: RHSA-2007:0322-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0322.html Issue date: 2007-05-02 Updated on: 2007-05-02 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1859 - --------------------------------------------------------------------- 1. Summary: An updated xscreensaver package that fixes a security flaw is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: XScreenSaver is a collection of screensavers. Alex Yamauchi discovered a flaw in the way XScreenSaver verifies user passwords. When a system is using a remote directory service for login credentials, a local attacker may be able to cause a network outage causing XScreenSaver to crash, unlocking the screen. (CVE-2007-1859) Users of XScreenSaver should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237003 - CVE-2007-1859 xscreensaver authentication bypass 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/xscreensaver-3.33-4.rhel21.5.src.rpm 8a6adffc86a33ea016d56fec422749c4 xscreensaver-3.33-4.rhel21.5.src.rpm i386: 1305dcb9528278bb67d6815bede83175 xscreensaver-3.33-4.rhel21.5.i386.rpm ia64: c2c49fdc9a8177b611594174e8aee896 xscreensaver-3.33-4.rhel21.5.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/xscreensaver-3.33-4.rhel21.5.src.rpm 8a6adffc86a33ea016d56fec422749c4 xscreensaver-3.33-4.rhel21.5.src.rpm ia64: c2c49fdc9a8177b611594174e8aee896 xscreensaver-3.33-4.rhel21.5.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/xscreensaver-3.33-4.rhel21.5.src.rpm 8a6adffc86a33ea016d56fec422749c4 xscreensaver-3.33-4.rhel21.5.src.rpm i386: 1305dcb9528278bb67d6815bede83175 xscreensaver-3.33-4.rhel21.5.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/xscreensaver-3.33-4.rhel21.5.src.rpm 8a6adffc86a33ea016d56fec422749c4 xscreensaver-3.33-4.rhel21.5.src.rpm i386: 1305dcb9528278bb67d6815bede83175 xscreensaver-3.33-4.rhel21.5.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/xscreensaver-4.10-21.el3.src.rpm a220a11b582081c9cafd1f0e235296a8 xscreensaver-4.10-21.el3.src.rpm i386: 56b75d892fefa3c2be32f174d89f5afe xscreensaver-4.10-21.el3.i386.rpm 20b1db46a6078a94d15c30a8a5efe410 xscreensaver-debuginfo-4.10-21.el3.i386.rpm ia64: 09673d8d04b1d463b5ec84b4c3168711 xscreensaver-4.10-21.el3.ia64.rpm c346ed5b5dd17266491cf3f29e7ed57d xscreensaver-debuginfo-4.10-21.el3.ia64.rpm ppc: 2b0de920c2f5a3ab1de6a94f6fe77d81 xscreensaver-4.10-21.el3.ppc.rpm a703bbab998ec0f8f92913bb5809fa02 xscreensaver-debuginfo-4.10-21.el3.ppc.rpm s390: 8ebf220e235b40e03978b68e47849f20 xscreensaver-4.10-21.el3.s390.rpm 7de1a22ed98f6c1d36e636988cd42d0c xscreensaver-debuginfo-4.10-21.el3.s390.rpm s390x: 1c1fabdd8d673682f837531696e6b5d9 xscreensaver-4.10-21.el3.s390x.rpm 6b66fb542fb310e57277278a2d46d49a xscreensaver-debuginfo-4.10-21.el3.s390x.rpm x86_64: 2e8945b59e3fa57d91b17d8901a2d2b3 xscreensaver-4.10-21.el3.x86_64.rpm 44400cfa9b520a0d00a76d21b00bb2fb xscreensaver-debuginfo-4.10-21.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/xscreensaver-4.10-21.el3.src.rpm a220a11b582081c9cafd1f0e235296a8 xscreensaver-4.10-21.el3.src.rpm i386: 56b75d892fefa3c2be32f174d89f5afe xscreensaver-4.10-21.el3.i386.rpm 20b1db46a6078a94d15c30a8a5efe410 xscreensaver-debuginfo-4.10-21.el3.i386.rpm x86_64: 2e8945b59e3fa57d91b17d8901a2d2b3 xscreensaver-4.10-21.el3.x86_64.rpm 44400cfa9b520a0d00a76d21b00bb2fb xscreensaver-debuginfo-4.10-21.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/xscreensaver-4.10-21.el3.src.rpm a220a11b582081c9cafd1f0e235296a8 xscreensaver-4.10-21.el3.src.rpm i386: 56b75d892fefa3c2be32f174d89f5afe xscreensaver-4.10-21.el3.i386.rpm 20b1db46a6078a94d15c30a8a5efe410 xscreensaver-debuginfo-4.10-21.el3.i386.rpm ia64: 09673d8d04b1d463b5ec84b4c3168711 xscreensaver-4.10-21.el3.ia64.rpm c346ed5b5dd17266491cf3f29e7ed57d xscreensaver-debuginfo-4.10-21.el3.ia64.rpm x86_64: 2e8945b59e3fa57d91b17d8901a2d2b3 xscreensaver-4.10-21.el3.x86_64.rpm 44400cfa9b520a0d00a76d21b00bb2fb xscreensaver-debuginfo-4.10-21.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/xscreensaver-4.10-21.el3.src.rpm a220a11b582081c9cafd1f0e235296a8 xscreensaver-4.10-21.el3.src.rpm i386: 56b75d892fefa3c2be32f174d89f5afe xscreensaver-4.10-21.el3.i386.rpm 20b1db46a6078a94d15c30a8a5efe410 xscreensaver-debuginfo-4.10-21.el3.i386.rpm ia64: 09673d8d04b1d463b5ec84b4c3168711 xscreensaver-4.10-21.el3.ia64.rpm c346ed5b5dd17266491cf3f29e7ed57d xscreensaver-debuginfo-4.10-21.el3.ia64.rpm x86_64: 2e8945b59e3fa57d91b17d8901a2d2b3 xscreensaver-4.10-21.el3.x86_64.rpm 44400cfa9b520a0d00a76d21b00bb2fb xscreensaver-debuginfo-4.10-21.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/xscreensaver-4.18-5.rhel4.14.src.rpm 428684b85a28e52cc022bacc09b4b338 xscreensaver-4.18-5.rhel4.14.src.rpm i386: bced2ed92fa640bf57122b25d53b0d68 xscreensaver-4.18-5.rhel4.14.i386.rpm 9d562052fe864f4c10fae69737b22dcc xscreensaver-debuginfo-4.18-5.rhel4.14.i386.rpm ia64: dc05e1da2ec2036d9484cc6942e1a4c0 xscreensaver-4.18-5.rhel4.14.ia64.rpm 66f3365f0a732f907adf81b0449bf194 xscreensaver-debuginfo-4.18-5.rhel4.14.ia64.rpm ppc: a8a612bd4246cb5154ea5ebc3ca7c97c xscreensaver-4.18-5.rhel4.14.ppc.rpm 3319fef0e24b8b7d461a55ddcc492f51 xscreensaver-debuginfo-4.18-5.rhel4.14.ppc.rpm s390: 504bb00f11b25c989c686cfd3e7c7bea xscreensaver-4.18-5.rhel4.14.s390.rpm 3cbe9228c554a3a822f1f3adbfb652b1 xscreensaver-debuginfo-4.18-5.rhel4.14.s390.rpm s390x: e81fab0d8e34bcd3665deb525b7177d4 xscreensaver-4.18-5.rhel4.14.s390x.rpm a7ed869a39c91a1a0f55f9b10f9d740f xscreensaver-debuginfo-4.18-5.rhel4.14.s390x.rpm x86_64: 84443b21b382b568d96386c94b185df8 xscreensaver-4.18-5.rhel4.14.x86_64.rpm 7bd71f9028c883bc014bc55530be77a3 xscreensaver-debuginfo-4.18-5.rhel4.14.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/xscreensaver-4.18-5.rhel4.14.src.rpm 428684b85a28e52cc022bacc09b4b338 xscreensaver-4.18-5.rhel4.14.src.rpm i386: bced2ed92fa640bf57122b25d53b0d68 xscreensaver-4.18-5.rhel4.14.i386.rpm 9d562052fe864f4c10fae69737b22dcc xscreensaver-debuginfo-4.18-5.rhel4.14.i386.rpm x86_64: 84443b21b382b568d96386c94b185df8 xscreensaver-4.18-5.rhel4.14.x86_64.rpm 7bd71f9028c883bc014bc55530be77a3 xscreensaver-debuginfo-4.18-5.rhel4.14.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/xscreensaver-4.18-5.rhel4.14.src.rpm 428684b85a28e52cc022bacc09b4b338 xscreensaver-4.18-5.rhel4.14.src.rpm i386: bced2ed92fa640bf57122b25d53b0d68 xscreensaver-4.18-5.rhel4.14.i386.rpm 9d562052fe864f4c10fae69737b22dcc xscreensaver-debuginfo-4.18-5.rhel4.14.i386.rpm ia64: dc05e1da2ec2036d9484cc6942e1a4c0 xscreensaver-4.18-5.rhel4.14.ia64.rpm 66f3365f0a732f907adf81b0449bf194 xscreensaver-debuginfo-4.18-5.rhel4.14.ia64.rpm x86_64: 84443b21b382b568d96386c94b185df8 xscreensaver-4.18-5.rhel4.14.x86_64.rpm 7bd71f9028c883bc014bc55530be77a3 xscreensaver-debuginfo-4.18-5.rhel4.14.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/xscreensaver-4.18-5.rhel4.14.src.rpm 428684b85a28e52cc022bacc09b4b338 xscreensaver-4.18-5.rhel4.14.src.rpm i386: bced2ed92fa640bf57122b25d53b0d68 xscreensaver-4.18-5.rhel4.14.i386.rpm 9d562052fe864f4c10fae69737b22dcc xscreensaver-debuginfo-4.18-5.rhel4.14.i386.rpm ia64: dc05e1da2ec2036d9484cc6942e1a4c0 xscreensaver-4.18-5.rhel4.14.ia64.rpm 66f3365f0a732f907adf81b0449bf194 xscreensaver-debuginfo-4.18-5.rhel4.14.ia64.rpm x86_64: 84443b21b382b568d96386c94b185df8 xscreensaver-4.18-5.rhel4.14.x86_64.rpm 7bd71f9028c883bc014bc55530be77a3 xscreensaver-debuginfo-4.18-5.rhel4.14.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1859 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGOKFEXlSAg2UNWIIRAmIAAJ9B+k5WOzNkkxBMWhE7WFr6lvLtNQCfU8o2 UqmFVw7hmak4Fu6PGB2EQoY= =u1tq -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 3 12:42:51 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 May 2007 08:42:51 -0400 Subject: [RHSA-2007:0158-01] Moderate: evolution security update Message-ID: <200705031242.l43CgpGx013229@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution security update Advisory ID: RHSA-2007:0158-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0158.html Issue date: 2007-05-03 Updated on: 2007-05-03 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1002 - --------------------------------------------------------------------- 1. Summary: Updated evolution packages that fix a format string bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 3. Problem description: Evolution is the GNOME collection of personal information management (PIM) tools. A format string bug was found in the way Evolution parsed the category field in a memo. If a user tried to save and then view a carefully crafted memo, arbitrary code may be executed as the user running Evolution. (CVE-2007-1002) This flaw did not affect the versions of Evolution shipped with Red Hat Enterprise Linux 2.1, 3, or 4. All users of Evolution should upgrade to these updated packages, which contain a backported patch which resolves this issue. Red Hat would like to thank Ulf H?rnhammar of Secunia Research for reporting this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 231478 - CVE-2007-1002 evolution format string flaw 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-2.8.0-33.0.1.el5.src.rpm 0cb44e29c3da6579a62e0c24851f5d4c evolution-2.8.0-33.0.1.el5.src.rpm i386: ba5c46a0f4e89c9788ce6bf228ed27f9 evolution-2.8.0-33.0.1.el5.i386.rpm d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm x86_64: ba5c46a0f4e89c9788ce6bf228ed27f9 evolution-2.8.0-33.0.1.el5.i386.rpm 89344bbefa9f5f938cdf9dfbd997fc61 evolution-2.8.0-33.0.1.el5.x86_64.rpm d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm 8ffbbac0c98f0feae8d3917851e213eb evolution-debuginfo-2.8.0-33.0.1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-2.8.0-33.0.1.el5.src.rpm 0cb44e29c3da6579a62e0c24851f5d4c evolution-2.8.0-33.0.1.el5.src.rpm i386: d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm a2d12fab974bea9d3691fcad87ab228f evolution-devel-2.8.0-33.0.1.el5.i386.rpm x86_64: d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm 8ffbbac0c98f0feae8d3917851e213eb evolution-debuginfo-2.8.0-33.0.1.el5.x86_64.rpm a2d12fab974bea9d3691fcad87ab228f evolution-devel-2.8.0-33.0.1.el5.i386.rpm 18899bef45c3e70811d7a829379151df evolution-devel-2.8.0-33.0.1.el5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/evolution-2.8.0-33.0.1.el5.src.rpm 0cb44e29c3da6579a62e0c24851f5d4c evolution-2.8.0-33.0.1.el5.src.rpm i386: ba5c46a0f4e89c9788ce6bf228ed27f9 evolution-2.8.0-33.0.1.el5.i386.rpm d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm a2d12fab974bea9d3691fcad87ab228f evolution-devel-2.8.0-33.0.1.el5.i386.rpm x86_64: ba5c46a0f4e89c9788ce6bf228ed27f9 evolution-2.8.0-33.0.1.el5.i386.rpm 89344bbefa9f5f938cdf9dfbd997fc61 evolution-2.8.0-33.0.1.el5.x86_64.rpm d21a3c8292728dde2d479f5eb89144fc evolution-debuginfo-2.8.0-33.0.1.el5.i386.rpm 8ffbbac0c98f0feae8d3917851e213eb evolution-debuginfo-2.8.0-33.0.1.el5.x86_64.rpm a2d12fab974bea9d3691fcad87ab228f evolution-devel-2.8.0-33.0.1.el5.i386.rpm 18899bef45c3e70811d7a829379151df evolution-devel-2.8.0-33.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1002 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGOdi6XlSAg2UNWIIRAuqZAJ9wbt1KR3Rz7PZnJ+ELHUCrszM0UwCgvMyI /0ViYZg83SB7zrii1ofjdSY= =uzU/ -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 3 12:43:08 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 3 May 2007 08:43:08 -0400 Subject: [RHSA-2007:0337-01] Moderate: postgresql security update Message-ID: <200705031243.l43Ch8Xe013259@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2007:0337-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0337.html Issue date: 2007-05-03 Updated on: 2007-05-03 Product: Red Hat Application Stack CVE Names: CVE-2007-2138 - --------------------------------------------------------------------- 1. Summary: Updated postgresql packages that fix several security vulnerabilities are now available for the Red Hat Application Stack. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. (CVE-2007-2138) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.9 which corrects this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237681 - CVE-2007-2138 PostgreSQL security-definer function privilege escalation 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/postgresql-8.1.9-1.el4s1.1.src.rpm ac6673966f6ca330d519f730b6e6b902 postgresql-8.1.9-1.el4s1.1.src.rpm i386: 7bdf73fcce282e76f7f87704e6dbe799 postgresql-8.1.9-1.el4s1.1.i386.rpm d0d46be6080513c63a823c9d2df3ced7 postgresql-contrib-8.1.9-1.el4s1.1.i386.rpm 4bd680dcb7475c4bed0f08d9793072ed postgresql-debuginfo-8.1.9-1.el4s1.1.i386.rpm ac2262c828a76e3cfb5a69227cb12d35 postgresql-devel-8.1.9-1.el4s1.1.i386.rpm 48e6f67154ec571dc28ed6fff31cc20f postgresql-docs-8.1.9-1.el4s1.1.i386.rpm fe781d186949b2da0cb28405ebcf7b81 postgresql-libs-8.1.9-1.el4s1.1.i386.rpm 9786fb3979752ed4a3556e0c9aa49a02 postgresql-pl-8.1.9-1.el4s1.1.i386.rpm e4df78eccaa805dcba8f80355da3464f postgresql-python-8.1.9-1.el4s1.1.i386.rpm 38665c2a571a160664f2c620b4dfbfc5 postgresql-server-8.1.9-1.el4s1.1.i386.rpm 63bd690140a6d7b01deb2f2cb9135ada postgresql-tcl-8.1.9-1.el4s1.1.i386.rpm 02c837f84eebd06cb96bf9e7561f1c66 postgresql-test-8.1.9-1.el4s1.1.i386.rpm x86_64: 1d0fa353bff1d96850c611c3d8419698 postgresql-8.1.9-1.el4s1.1.x86_64.rpm bc965f41161ef6dda62952bcf643903c postgresql-contrib-8.1.9-1.el4s1.1.x86_64.rpm 4bd680dcb7475c4bed0f08d9793072ed postgresql-debuginfo-8.1.9-1.el4s1.1.i386.rpm 248052c78a373193ed6bd67c67917cbf postgresql-debuginfo-8.1.9-1.el4s1.1.x86_64.rpm 6ec7f44962c815d5d7b76f4ce3784989 postgresql-devel-8.1.9-1.el4s1.1.x86_64.rpm b21757083e7743d48efd68f14c5ded31 postgresql-docs-8.1.9-1.el4s1.1.x86_64.rpm fe781d186949b2da0cb28405ebcf7b81 postgresql-libs-8.1.9-1.el4s1.1.i386.rpm 0bc77df0bf637ced8b7f014bdfb6d0ce postgresql-libs-8.1.9-1.el4s1.1.x86_64.rpm 53f0519d6223178201cb9aeb3f42fd5b postgresql-pl-8.1.9-1.el4s1.1.x86_64.rpm 0d5b51fe91221c46b0ac9b2bf6d7bb9c postgresql-python-8.1.9-1.el4s1.1.x86_64.rpm e04d104455d70e6c8a10a690de2a2bee postgresql-server-8.1.9-1.el4s1.1.x86_64.rpm 2c17ba90505848a4d785f876aab8c021 postgresql-tcl-8.1.9-1.el4s1.1.x86_64.rpm 0732ab0ec89667d35e9a78e97ada4638 postgresql-test-8.1.9-1.el4s1.1.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/postgresql-8.1.9-1.el4s1.1.src.rpm ac6673966f6ca330d519f730b6e6b902 postgresql-8.1.9-1.el4s1.1.src.rpm i386: 7bdf73fcce282e76f7f87704e6dbe799 postgresql-8.1.9-1.el4s1.1.i386.rpm d0d46be6080513c63a823c9d2df3ced7 postgresql-contrib-8.1.9-1.el4s1.1.i386.rpm 4bd680dcb7475c4bed0f08d9793072ed postgresql-debuginfo-8.1.9-1.el4s1.1.i386.rpm ac2262c828a76e3cfb5a69227cb12d35 postgresql-devel-8.1.9-1.el4s1.1.i386.rpm 48e6f67154ec571dc28ed6fff31cc20f postgresql-docs-8.1.9-1.el4s1.1.i386.rpm fe781d186949b2da0cb28405ebcf7b81 postgresql-libs-8.1.9-1.el4s1.1.i386.rpm 9786fb3979752ed4a3556e0c9aa49a02 postgresql-pl-8.1.9-1.el4s1.1.i386.rpm e4df78eccaa805dcba8f80355da3464f postgresql-python-8.1.9-1.el4s1.1.i386.rpm 38665c2a571a160664f2c620b4dfbfc5 postgresql-server-8.1.9-1.el4s1.1.i386.rpm 63bd690140a6d7b01deb2f2cb9135ada postgresql-tcl-8.1.9-1.el4s1.1.i386.rpm 02c837f84eebd06cb96bf9e7561f1c66 postgresql-test-8.1.9-1.el4s1.1.i386.rpm x86_64: 1d0fa353bff1d96850c611c3d8419698 postgresql-8.1.9-1.el4s1.1.x86_64.rpm bc965f41161ef6dda62952bcf643903c postgresql-contrib-8.1.9-1.el4s1.1.x86_64.rpm 4bd680dcb7475c4bed0f08d9793072ed postgresql-debuginfo-8.1.9-1.el4s1.1.i386.rpm 248052c78a373193ed6bd67c67917cbf postgresql-debuginfo-8.1.9-1.el4s1.1.x86_64.rpm 6ec7f44962c815d5d7b76f4ce3784989 postgresql-devel-8.1.9-1.el4s1.1.x86_64.rpm b21757083e7743d48efd68f14c5ded31 postgresql-docs-8.1.9-1.el4s1.1.x86_64.rpm fe781d186949b2da0cb28405ebcf7b81 postgresql-libs-8.1.9-1.el4s1.1.i386.rpm 0bc77df0bf637ced8b7f014bdfb6d0ce postgresql-libs-8.1.9-1.el4s1.1.x86_64.rpm 53f0519d6223178201cb9aeb3f42fd5b postgresql-pl-8.1.9-1.el4s1.1.x86_64.rpm 0d5b51fe91221c46b0ac9b2bf6d7bb9c postgresql-python-8.1.9-1.el4s1.1.x86_64.rpm e04d104455d70e6c8a10a690de2a2bee postgresql-server-8.1.9-1.el4s1.1.x86_64.rpm 2c17ba90505848a4d785f876aab8c021 postgresql-tcl-8.1.9-1.el4s1.1.x86_64.rpm 0732ab0ec89667d35e9a78e97ada4638 postgresql-test-8.1.9-1.el4s1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGOdjUXlSAg2UNWIIRAq2fAJ9aTW7yUzdsYrJ7Pgio361rUSlxpACfc7kY ayrkuBkn68CC/Fs0nGAQMNs= =m7Yv -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 8 15:39:39 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 8 May 2007 11:39:39 -0400 Subject: [RHSA-2007:0336-01] Moderate: postgresql security update Message-ID: <200705081539.l48Fddar029141@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2007:0336-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0336.html Issue date: 2007-05-08 Updated on: 2007-05-08 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-2138 - --------------------------------------------------------------------- 1. Summary: Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: PostgreSQL is an advanced Object-Relational database management system (DBMS). A flaw was found in the way PostgreSQL allows authenticated users to execute security-definer functions. It was possible for an unprivileged user to execute arbitrary code with the privileges of the security-definer function. (CVE-2007-2138) Users of PostgreSQL should upgrade to these updated packages containing PostgreSQL version 8.1.9, 7.4.17, and 7.3.19 which corrects this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237680 - CVE-2007-2138 PostgreSQL security-definer function privilege escalation 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rh-postgresql-7.3.19-1.src.rpm 4ca175f085efdf0ef92150b8ffe0f86d rh-postgresql-7.3.19-1.src.rpm i386: ab0804e442d996fcb5cadc6dbb3d07ba rh-postgresql-7.3.19-1.i386.rpm 473ba5efdaf46f512c2537ea6c0e93f1 rh-postgresql-contrib-7.3.19-1.i386.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 4076e4aba467adca7c0860fb70f1f683 rh-postgresql-devel-7.3.19-1.i386.rpm 8ecd617295c836fbacf5607a0e9e1435 rh-postgresql-docs-7.3.19-1.i386.rpm e489d64159e3b9325e21b7a76751eb1c rh-postgresql-jdbc-7.3.19-1.i386.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 9d5d970a5d7be8deb69f8ee15d7f5e86 rh-postgresql-pl-7.3.19-1.i386.rpm b3194d1706585be22da284f7bb070f2c rh-postgresql-python-7.3.19-1.i386.rpm c3782ea25f25aa05bc9ce1ab4c23e557 rh-postgresql-server-7.3.19-1.i386.rpm af1b7ac77efe68fcba64173418728c72 rh-postgresql-tcl-7.3.19-1.i386.rpm 81b9945409b8bcdaa3db7dfcd728da05 rh-postgresql-test-7.3.19-1.i386.rpm ia64: a557bee6262a8bc1f093d89aa6cb31ac rh-postgresql-7.3.19-1.ia64.rpm 2374c35c6aae28bfb2cef7017d3f25ef rh-postgresql-contrib-7.3.19-1.ia64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 9bed2879587e19e9c10219237ccaff90 rh-postgresql-debuginfo-7.3.19-1.ia64.rpm f770c66a260312e717560442e58a4107 rh-postgresql-devel-7.3.19-1.ia64.rpm 19bb9fdef8e0b4a5067e3c08d380c056 rh-postgresql-docs-7.3.19-1.ia64.rpm 81917338a3f7061bdccfb72105d42a1d rh-postgresql-jdbc-7.3.19-1.ia64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8f1c577dc3ecbb7332230958a47899a7 rh-postgresql-libs-7.3.19-1.ia64.rpm 92e2346cc3019927c908d49a8b594306 rh-postgresql-pl-7.3.19-1.ia64.rpm 3db11e1b695a1d008803a97dde60c37a rh-postgresql-python-7.3.19-1.ia64.rpm 27ce3f4e44aee853f62f111e353e4800 rh-postgresql-server-7.3.19-1.ia64.rpm 69626e804fd588bf3cb6e824dae60431 rh-postgresql-tcl-7.3.19-1.ia64.rpm 5920cece096d0c343702ff9cde12364a rh-postgresql-test-7.3.19-1.ia64.rpm ppc: 178d24aaee85933f03808cfa3a3bbacc rh-postgresql-7.3.19-1.ppc.rpm 48a9d7862831afd95be91c1769fe36e2 rh-postgresql-contrib-7.3.19-1.ppc.rpm 8947f55fb491093dce049e5760c96626 rh-postgresql-debuginfo-7.3.19-1.ppc.rpm 1723436ca77bfbf3a1ba2e1ac605576a rh-postgresql-debuginfo-7.3.19-1.ppc64.rpm 40dddb792152b9eea0d1e3361a01eed7 rh-postgresql-devel-7.3.19-1.ppc.rpm 517d1f8b8bd1829a1243f5f55c37a695 rh-postgresql-docs-7.3.19-1.ppc.rpm d5e690d530428b73ebda5b65f078c273 rh-postgresql-jdbc-7.3.19-1.ppc.rpm 45b2500017ca836b9968e7be1be6daed rh-postgresql-libs-7.3.19-1.ppc.rpm a21ed18a39a97d29c5ac4c20f4fc6901 rh-postgresql-libs-7.3.19-1.ppc64.rpm 8cd765b435c152c54496abc0b522e143 rh-postgresql-pl-7.3.19-1.ppc.rpm 842e8db291bdfd471198499cd3a0bf02 rh-postgresql-python-7.3.19-1.ppc.rpm d550ce6ac5cd4053f0b73569957d65cd rh-postgresql-server-7.3.19-1.ppc.rpm a2f5a212c7697d7e6533c4b634c10246 rh-postgresql-tcl-7.3.19-1.ppc.rpm 5dbb259b49076e8427b4c3419146ef7a rh-postgresql-test-7.3.19-1.ppc.rpm s390: e0a1911ab92d9ae04f105e8a8106154c rh-postgresql-7.3.19-1.s390.rpm f6383bdb003b7f0dd747141cc23b3454 rh-postgresql-contrib-7.3.19-1.s390.rpm 801e477ec114e73d73037d05ed9c68ae rh-postgresql-debuginfo-7.3.19-1.s390.rpm 59b2c3427526e7cda19a8ab05ae935a1 rh-postgresql-devel-7.3.19-1.s390.rpm 13d5c2397edda96176ef4a1eaa3f518e rh-postgresql-docs-7.3.19-1.s390.rpm 335326de57a41b0fab94c484587d4aab rh-postgresql-jdbc-7.3.19-1.s390.rpm eb41a439b294ee3abd1e0f4cb9b16c8b rh-postgresql-libs-7.3.19-1.s390.rpm cedde20e9180633a2c3ebd64e14a564a rh-postgresql-pl-7.3.19-1.s390.rpm 5795ce430b01f315baaedcf2533a74b6 rh-postgresql-python-7.3.19-1.s390.rpm 2eb750da16095a2eee80737a3f48a24f rh-postgresql-server-7.3.19-1.s390.rpm 309fcf63b24060cad3e6ca93322906ad rh-postgresql-tcl-7.3.19-1.s390.rpm aa750d7bc5e04285493960a292d220a6 rh-postgresql-test-7.3.19-1.s390.rpm s390x: eef73f9a94a230f4ef02721f8c787475 rh-postgresql-7.3.19-1.s390x.rpm 84c67f839294aa224499219c2b054af5 rh-postgresql-contrib-7.3.19-1.s390x.rpm 801e477ec114e73d73037d05ed9c68ae rh-postgresql-debuginfo-7.3.19-1.s390.rpm 5a466ecc39ac4780b33f12d7abefa5e9 rh-postgresql-debuginfo-7.3.19-1.s390x.rpm 5164b5e940f099e21c698e65a6dc4c1e rh-postgresql-devel-7.3.19-1.s390x.rpm 04100e7a3d013c10162c48fd410e1cee rh-postgresql-docs-7.3.19-1.s390x.rpm 771e3bd84dfbc8b16b32b8f68506eba1 rh-postgresql-jdbc-7.3.19-1.s390x.rpm eb41a439b294ee3abd1e0f4cb9b16c8b rh-postgresql-libs-7.3.19-1.s390.rpm b5b5bfcceec76115109ee459187257fc rh-postgresql-libs-7.3.19-1.s390x.rpm 12f863fdcb63e88a38c09ac330ce740e rh-postgresql-pl-7.3.19-1.s390x.rpm 3358a7abbb20f30dfc9f502eed841309 rh-postgresql-python-7.3.19-1.s390x.rpm a61518cdce13956bf28499f658edd246 rh-postgresql-server-7.3.19-1.s390x.rpm e7b5a8704df154f603de4c54a0bf42f4 rh-postgresql-tcl-7.3.19-1.s390x.rpm 0e79684aea5208db40cccc1606e118b0 rh-postgresql-test-7.3.19-1.s390x.rpm x86_64: abb59f4d85e5d19395677717f185ee46 rh-postgresql-7.3.19-1.x86_64.rpm 4ea77923ab616c514a3c5a80bee3cfc5 rh-postgresql-contrib-7.3.19-1.x86_64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 3a6c9ae998698586f63771fb987f8961 rh-postgresql-debuginfo-7.3.19-1.x86_64.rpm 78428785033508049721a41da6c6d1ae rh-postgresql-devel-7.3.19-1.x86_64.rpm cf91e96d602a635dc13df480c3593acc rh-postgresql-docs-7.3.19-1.x86_64.rpm 7a9550aff34ebcc1d105444c5ef58ecb rh-postgresql-jdbc-7.3.19-1.x86_64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8a3235e3e458ce5d84efc2c3ad1d2ead rh-postgresql-libs-7.3.19-1.x86_64.rpm 86d3e073013c249bbe62459e3cff9339 rh-postgresql-pl-7.3.19-1.x86_64.rpm 992ea4f42eb05b0d2868ea50dafc4ae9 rh-postgresql-python-7.3.19-1.x86_64.rpm 543499d2af0bd1deee1bb95b8eda3f94 rh-postgresql-server-7.3.19-1.x86_64.rpm d854e80e440bbe4daf8c696debc054ae rh-postgresql-tcl-7.3.19-1.x86_64.rpm ce1a9603e98a42af50dbeff043de9972 rh-postgresql-test-7.3.19-1.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rh-postgresql-7.3.19-1.src.rpm 4ca175f085efdf0ef92150b8ffe0f86d rh-postgresql-7.3.19-1.src.rpm i386: ab0804e442d996fcb5cadc6dbb3d07ba rh-postgresql-7.3.19-1.i386.rpm 473ba5efdaf46f512c2537ea6c0e93f1 rh-postgresql-contrib-7.3.19-1.i386.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 4076e4aba467adca7c0860fb70f1f683 rh-postgresql-devel-7.3.19-1.i386.rpm 8ecd617295c836fbacf5607a0e9e1435 rh-postgresql-docs-7.3.19-1.i386.rpm e489d64159e3b9325e21b7a76751eb1c rh-postgresql-jdbc-7.3.19-1.i386.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 9d5d970a5d7be8deb69f8ee15d7f5e86 rh-postgresql-pl-7.3.19-1.i386.rpm b3194d1706585be22da284f7bb070f2c rh-postgresql-python-7.3.19-1.i386.rpm c3782ea25f25aa05bc9ce1ab4c23e557 rh-postgresql-server-7.3.19-1.i386.rpm af1b7ac77efe68fcba64173418728c72 rh-postgresql-tcl-7.3.19-1.i386.rpm 81b9945409b8bcdaa3db7dfcd728da05 rh-postgresql-test-7.3.19-1.i386.rpm x86_64: abb59f4d85e5d19395677717f185ee46 rh-postgresql-7.3.19-1.x86_64.rpm 4ea77923ab616c514a3c5a80bee3cfc5 rh-postgresql-contrib-7.3.19-1.x86_64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 3a6c9ae998698586f63771fb987f8961 rh-postgresql-debuginfo-7.3.19-1.x86_64.rpm 78428785033508049721a41da6c6d1ae rh-postgresql-devel-7.3.19-1.x86_64.rpm cf91e96d602a635dc13df480c3593acc rh-postgresql-docs-7.3.19-1.x86_64.rpm 7a9550aff34ebcc1d105444c5ef58ecb rh-postgresql-jdbc-7.3.19-1.x86_64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8a3235e3e458ce5d84efc2c3ad1d2ead rh-postgresql-libs-7.3.19-1.x86_64.rpm 86d3e073013c249bbe62459e3cff9339 rh-postgresql-pl-7.3.19-1.x86_64.rpm 992ea4f42eb05b0d2868ea50dafc4ae9 rh-postgresql-python-7.3.19-1.x86_64.rpm 543499d2af0bd1deee1bb95b8eda3f94 rh-postgresql-server-7.3.19-1.x86_64.rpm d854e80e440bbe4daf8c696debc054ae rh-postgresql-tcl-7.3.19-1.x86_64.rpm ce1a9603e98a42af50dbeff043de9972 rh-postgresql-test-7.3.19-1.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rh-postgresql-7.3.19-1.src.rpm 4ca175f085efdf0ef92150b8ffe0f86d rh-postgresql-7.3.19-1.src.rpm i386: ab0804e442d996fcb5cadc6dbb3d07ba rh-postgresql-7.3.19-1.i386.rpm 473ba5efdaf46f512c2537ea6c0e93f1 rh-postgresql-contrib-7.3.19-1.i386.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 4076e4aba467adca7c0860fb70f1f683 rh-postgresql-devel-7.3.19-1.i386.rpm 8ecd617295c836fbacf5607a0e9e1435 rh-postgresql-docs-7.3.19-1.i386.rpm e489d64159e3b9325e21b7a76751eb1c rh-postgresql-jdbc-7.3.19-1.i386.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 9d5d970a5d7be8deb69f8ee15d7f5e86 rh-postgresql-pl-7.3.19-1.i386.rpm b3194d1706585be22da284f7bb070f2c rh-postgresql-python-7.3.19-1.i386.rpm c3782ea25f25aa05bc9ce1ab4c23e557 rh-postgresql-server-7.3.19-1.i386.rpm af1b7ac77efe68fcba64173418728c72 rh-postgresql-tcl-7.3.19-1.i386.rpm 81b9945409b8bcdaa3db7dfcd728da05 rh-postgresql-test-7.3.19-1.i386.rpm ia64: a557bee6262a8bc1f093d89aa6cb31ac rh-postgresql-7.3.19-1.ia64.rpm 2374c35c6aae28bfb2cef7017d3f25ef rh-postgresql-contrib-7.3.19-1.ia64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 9bed2879587e19e9c10219237ccaff90 rh-postgresql-debuginfo-7.3.19-1.ia64.rpm f770c66a260312e717560442e58a4107 rh-postgresql-devel-7.3.19-1.ia64.rpm 19bb9fdef8e0b4a5067e3c08d380c056 rh-postgresql-docs-7.3.19-1.ia64.rpm 81917338a3f7061bdccfb72105d42a1d rh-postgresql-jdbc-7.3.19-1.ia64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8f1c577dc3ecbb7332230958a47899a7 rh-postgresql-libs-7.3.19-1.ia64.rpm 92e2346cc3019927c908d49a8b594306 rh-postgresql-pl-7.3.19-1.ia64.rpm 3db11e1b695a1d008803a97dde60c37a rh-postgresql-python-7.3.19-1.ia64.rpm 27ce3f4e44aee853f62f111e353e4800 rh-postgresql-server-7.3.19-1.ia64.rpm 69626e804fd588bf3cb6e824dae60431 rh-postgresql-tcl-7.3.19-1.ia64.rpm 5920cece096d0c343702ff9cde12364a rh-postgresql-test-7.3.19-1.ia64.rpm x86_64: abb59f4d85e5d19395677717f185ee46 rh-postgresql-7.3.19-1.x86_64.rpm 4ea77923ab616c514a3c5a80bee3cfc5 rh-postgresql-contrib-7.3.19-1.x86_64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 3a6c9ae998698586f63771fb987f8961 rh-postgresql-debuginfo-7.3.19-1.x86_64.rpm 78428785033508049721a41da6c6d1ae rh-postgresql-devel-7.3.19-1.x86_64.rpm cf91e96d602a635dc13df480c3593acc rh-postgresql-docs-7.3.19-1.x86_64.rpm 7a9550aff34ebcc1d105444c5ef58ecb rh-postgresql-jdbc-7.3.19-1.x86_64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8a3235e3e458ce5d84efc2c3ad1d2ead rh-postgresql-libs-7.3.19-1.x86_64.rpm 86d3e073013c249bbe62459e3cff9339 rh-postgresql-pl-7.3.19-1.x86_64.rpm 992ea4f42eb05b0d2868ea50dafc4ae9 rh-postgresql-python-7.3.19-1.x86_64.rpm 543499d2af0bd1deee1bb95b8eda3f94 rh-postgresql-server-7.3.19-1.x86_64.rpm d854e80e440bbe4daf8c696debc054ae rh-postgresql-tcl-7.3.19-1.x86_64.rpm ce1a9603e98a42af50dbeff043de9972 rh-postgresql-test-7.3.19-1.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rh-postgresql-7.3.19-1.src.rpm 4ca175f085efdf0ef92150b8ffe0f86d rh-postgresql-7.3.19-1.src.rpm i386: ab0804e442d996fcb5cadc6dbb3d07ba rh-postgresql-7.3.19-1.i386.rpm 473ba5efdaf46f512c2537ea6c0e93f1 rh-postgresql-contrib-7.3.19-1.i386.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 4076e4aba467adca7c0860fb70f1f683 rh-postgresql-devel-7.3.19-1.i386.rpm 8ecd617295c836fbacf5607a0e9e1435 rh-postgresql-docs-7.3.19-1.i386.rpm e489d64159e3b9325e21b7a76751eb1c rh-postgresql-jdbc-7.3.19-1.i386.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 9d5d970a5d7be8deb69f8ee15d7f5e86 rh-postgresql-pl-7.3.19-1.i386.rpm b3194d1706585be22da284f7bb070f2c rh-postgresql-python-7.3.19-1.i386.rpm c3782ea25f25aa05bc9ce1ab4c23e557 rh-postgresql-server-7.3.19-1.i386.rpm af1b7ac77efe68fcba64173418728c72 rh-postgresql-tcl-7.3.19-1.i386.rpm 81b9945409b8bcdaa3db7dfcd728da05 rh-postgresql-test-7.3.19-1.i386.rpm ia64: a557bee6262a8bc1f093d89aa6cb31ac rh-postgresql-7.3.19-1.ia64.rpm 2374c35c6aae28bfb2cef7017d3f25ef rh-postgresql-contrib-7.3.19-1.ia64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 9bed2879587e19e9c10219237ccaff90 rh-postgresql-debuginfo-7.3.19-1.ia64.rpm f770c66a260312e717560442e58a4107 rh-postgresql-devel-7.3.19-1.ia64.rpm 19bb9fdef8e0b4a5067e3c08d380c056 rh-postgresql-docs-7.3.19-1.ia64.rpm 81917338a3f7061bdccfb72105d42a1d rh-postgresql-jdbc-7.3.19-1.ia64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8f1c577dc3ecbb7332230958a47899a7 rh-postgresql-libs-7.3.19-1.ia64.rpm 92e2346cc3019927c908d49a8b594306 rh-postgresql-pl-7.3.19-1.ia64.rpm 3db11e1b695a1d008803a97dde60c37a rh-postgresql-python-7.3.19-1.ia64.rpm 27ce3f4e44aee853f62f111e353e4800 rh-postgresql-server-7.3.19-1.ia64.rpm 69626e804fd588bf3cb6e824dae60431 rh-postgresql-tcl-7.3.19-1.ia64.rpm 5920cece096d0c343702ff9cde12364a rh-postgresql-test-7.3.19-1.ia64.rpm x86_64: abb59f4d85e5d19395677717f185ee46 rh-postgresql-7.3.19-1.x86_64.rpm 4ea77923ab616c514a3c5a80bee3cfc5 rh-postgresql-contrib-7.3.19-1.x86_64.rpm 77c97b930551a984d3aa549be24219ee rh-postgresql-debuginfo-7.3.19-1.i386.rpm 3a6c9ae998698586f63771fb987f8961 rh-postgresql-debuginfo-7.3.19-1.x86_64.rpm 78428785033508049721a41da6c6d1ae rh-postgresql-devel-7.3.19-1.x86_64.rpm cf91e96d602a635dc13df480c3593acc rh-postgresql-docs-7.3.19-1.x86_64.rpm 7a9550aff34ebcc1d105444c5ef58ecb rh-postgresql-jdbc-7.3.19-1.x86_64.rpm 442200b07ba930f3516946431e421135 rh-postgresql-libs-7.3.19-1.i386.rpm 8a3235e3e458ce5d84efc2c3ad1d2ead rh-postgresql-libs-7.3.19-1.x86_64.rpm 86d3e073013c249bbe62459e3cff9339 rh-postgresql-pl-7.3.19-1.x86_64.rpm 992ea4f42eb05b0d2868ea50dafc4ae9 rh-postgresql-python-7.3.19-1.x86_64.rpm 543499d2af0bd1deee1bb95b8eda3f94 rh-postgresql-server-7.3.19-1.x86_64.rpm d854e80e440bbe4daf8c696debc054ae rh-postgresql-tcl-7.3.19-1.x86_64.rpm ce1a9603e98a42af50dbeff043de9972 rh-postgresql-test-7.3.19-1.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postgresql-7.4.17-1.RHEL4.1.src.rpm ee62a1ee2aedb1f7073f2bd5c9fb02d7 postgresql-7.4.17-1.RHEL4.1.src.rpm i386: ba7748d87dbdb639e56f00f6ef0304a8 postgresql-7.4.17-1.RHEL4.1.i386.rpm d116f8df382459fcdd570888434dde37 postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm ae00dece288a75b6060a82ef09e8b373 postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm 1f9e06c8d17913dbcd381888b73c1c97 postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm 8a4b9b7255c57c985d225ed28a745f16 postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 98ee4e738b763c9f3bd46719e46d7b97 postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm 21d7aa172a69f7adcd9f23f0567a44b5 postgresql-python-7.4.17-1.RHEL4.1.i386.rpm 58d8c1029658d45fab60e40674dc532b postgresql-server-7.4.17-1.RHEL4.1.i386.rpm 861ae336446b6d8ad51b4534beb6aa50 postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm 0a424977167429d1be922b8473512e7c postgresql-test-7.4.17-1.RHEL4.1.i386.rpm ia64: 5731700d46835b805b40b3ed5e3d2d2c postgresql-7.4.17-1.RHEL4.1.ia64.rpm 8ffb4c30a8c5258180e2d7be0ab5e05b postgresql-contrib-7.4.17-1.RHEL4.1.ia64.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm ae500e9c6624f23632aedc93ff47085f postgresql-debuginfo-7.4.17-1.RHEL4.1.ia64.rpm c90fb9ee3b9421f96e6db1c208e8f5a3 postgresql-devel-7.4.17-1.RHEL4.1.ia64.rpm 3f76a0fe5010c753d9ff6cf849d359ca postgresql-docs-7.4.17-1.RHEL4.1.ia64.rpm f6f3920fe24eaebb0afcb61b40163941 postgresql-jdbc-7.4.17-1.RHEL4.1.ia64.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm a584243398c283dc1642d1c18946b29c postgresql-libs-7.4.17-1.RHEL4.1.ia64.rpm 2b3570eadeaa1dbce0b2c268b136929c postgresql-pl-7.4.17-1.RHEL4.1.ia64.rpm 65f99ead40bd46080c19b66e4c4983c3 postgresql-python-7.4.17-1.RHEL4.1.ia64.rpm b20318b50a9d53d43e13dc4ef19d123a postgresql-server-7.4.17-1.RHEL4.1.ia64.rpm dbe17485b44f1818622e7a16ceb29661 postgresql-tcl-7.4.17-1.RHEL4.1.ia64.rpm ba2c5761607f245c81f905ed2d5a3c85 postgresql-test-7.4.17-1.RHEL4.1.ia64.rpm ppc: b27ecff7b696a257faf4aa3f41e6902d postgresql-7.4.17-1.RHEL4.1.ppc.rpm 802ecb0615154894bfc7778d65672234 postgresql-contrib-7.4.17-1.RHEL4.1.ppc.rpm d99d5aad7d015d4384f056801d79cbb4 postgresql-debuginfo-7.4.17-1.RHEL4.1.ppc.rpm 004ffbc8c132180fbf401d25877fa8ac postgresql-debuginfo-7.4.17-1.RHEL4.1.ppc64.rpm 766199e16ae7fa863d5abcb505b93b22 postgresql-devel-7.4.17-1.RHEL4.1.ppc.rpm e2918b2015598f18a88481efaa3a2d53 postgresql-docs-7.4.17-1.RHEL4.1.ppc.rpm 38eae0476be3d6cf1392e7a7cdc11327 postgresql-jdbc-7.4.17-1.RHEL4.1.ppc.rpm b6f5caefb64dcc1ba79320da35a21fcc postgresql-libs-7.4.17-1.RHEL4.1.ppc.rpm 868492ac6af73cbc1c2e37ad1855f6b1 postgresql-libs-7.4.17-1.RHEL4.1.ppc64.rpm eb6ef53f5e5a379d58e1abbad3c6b60a postgresql-pl-7.4.17-1.RHEL4.1.ppc.rpm 649c80b9c29380b7b9c3e31cd64e617e postgresql-python-7.4.17-1.RHEL4.1.ppc.rpm 230f229efedec287a7d5d584ac6984c9 postgresql-server-7.4.17-1.RHEL4.1.ppc.rpm 23c1919e317bf1d6649a95ec4f4f6416 postgresql-tcl-7.4.17-1.RHEL4.1.ppc.rpm 3f64d0ddd76a12c5f737cb399595c82a postgresql-test-7.4.17-1.RHEL4.1.ppc.rpm s390: 45afaa2e07acfa90f8af433acb04035d postgresql-7.4.17-1.RHEL4.1.s390.rpm 461388b29871605b1cbec7da24855571 postgresql-contrib-7.4.17-1.RHEL4.1.s390.rpm 3038d6391fd0ad1486f880a9ba33e665 postgresql-debuginfo-7.4.17-1.RHEL4.1.s390.rpm d73dacd6ecd950db93a6071bb1dc0b58 postgresql-devel-7.4.17-1.RHEL4.1.s390.rpm 00a1d93a5642c96b87413d1f2f6d22cd postgresql-docs-7.4.17-1.RHEL4.1.s390.rpm f595ef7bde1d59e42d4671c2804608b8 postgresql-jdbc-7.4.17-1.RHEL4.1.s390.rpm 94b9d6fd070834c408cdaca53dc4e41c postgresql-libs-7.4.17-1.RHEL4.1.s390.rpm 299b404f6425cab645c73ff4558550f7 postgresql-pl-7.4.17-1.RHEL4.1.s390.rpm 9bf52b9ee8059f71ceeabc4d1d82e9d2 postgresql-python-7.4.17-1.RHEL4.1.s390.rpm f6fca557978b98ac9ad9797b1faa62ac postgresql-server-7.4.17-1.RHEL4.1.s390.rpm 751689d363f71581d6dfb9b6adeee9f6 postgresql-tcl-7.4.17-1.RHEL4.1.s390.rpm 2f3e1cce439af59361f0831ba7524d52 postgresql-test-7.4.17-1.RHEL4.1.s390.rpm s390x: 4558b61b87f5e7ba4d95dfbebb49c043 postgresql-7.4.17-1.RHEL4.1.s390x.rpm c76cce8f67966e1049b58c5e82dd58fb postgresql-contrib-7.4.17-1.RHEL4.1.s390x.rpm 3038d6391fd0ad1486f880a9ba33e665 postgresql-debuginfo-7.4.17-1.RHEL4.1.s390.rpm 423f2103cee60f3420e0b096d08f4794 postgresql-debuginfo-7.4.17-1.RHEL4.1.s390x.rpm 76d0b9fabea10213f2be56932b752d80 postgresql-devel-7.4.17-1.RHEL4.1.s390x.rpm 8fd294ffd5c7b092cf60d1763ab5a251 postgresql-docs-7.4.17-1.RHEL4.1.s390x.rpm c5945807437df8c787af040fe5cd04e0 postgresql-jdbc-7.4.17-1.RHEL4.1.s390x.rpm 94b9d6fd070834c408cdaca53dc4e41c postgresql-libs-7.4.17-1.RHEL4.1.s390.rpm 74e839dcac85d58c4dd1c95185d182e2 postgresql-libs-7.4.17-1.RHEL4.1.s390x.rpm 56c13ff0e38846ea76d95214953d320e postgresql-pl-7.4.17-1.RHEL4.1.s390x.rpm 881e793ec35b1130278a66854e1b3a24 postgresql-python-7.4.17-1.RHEL4.1.s390x.rpm 3364966bd81b2fa5ce5eff2468e1257b postgresql-server-7.4.17-1.RHEL4.1.s390x.rpm 6c9aee16b44169087d745c12e08e0e7a postgresql-tcl-7.4.17-1.RHEL4.1.s390x.rpm c7ce874aee5ac25c1ddf6f3e2d7e7e12 postgresql-test-7.4.17-1.RHEL4.1.s390x.rpm x86_64: 94d60ed2937136ea860f45bbc03133a9 postgresql-7.4.17-1.RHEL4.1.x86_64.rpm 49f77aadadc093fe0b1adf53a24006c2 postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm c87647a25a66eb823ad6a612f80e9a02 postgresql-debuginfo-7.4.17-1.RHEL4.1.x86_64.rpm 7a829dce6b32c2b407717f46bc4ae380 postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm b1391ff945f0360f35cb1e1f30993c15 postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm b402d58ccb617797603acd04a0857114 postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 726b6c3da4881887c808cc566e00a2ad postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm 315865dfab15b2ba6909a29e7d2d2230 postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm e5bd709f5f4c5f00fbe3ea5a1368d951 postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm c7037f7281190b43dc685a416ed7a6ba postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm bcea5475f834539e51e564bc1fd0c05c postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm d7de85c87dda8873acd2d85cb6243e14 postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postgresql-7.4.17-1.RHEL4.1.src.rpm ee62a1ee2aedb1f7073f2bd5c9fb02d7 postgresql-7.4.17-1.RHEL4.1.src.rpm i386: ba7748d87dbdb639e56f00f6ef0304a8 postgresql-7.4.17-1.RHEL4.1.i386.rpm d116f8df382459fcdd570888434dde37 postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm ae00dece288a75b6060a82ef09e8b373 postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm 1f9e06c8d17913dbcd381888b73c1c97 postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm 8a4b9b7255c57c985d225ed28a745f16 postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 98ee4e738b763c9f3bd46719e46d7b97 postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm 21d7aa172a69f7adcd9f23f0567a44b5 postgresql-python-7.4.17-1.RHEL4.1.i386.rpm 58d8c1029658d45fab60e40674dc532b postgresql-server-7.4.17-1.RHEL4.1.i386.rpm 861ae336446b6d8ad51b4534beb6aa50 postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm 0a424977167429d1be922b8473512e7c postgresql-test-7.4.17-1.RHEL4.1.i386.rpm x86_64: 94d60ed2937136ea860f45bbc03133a9 postgresql-7.4.17-1.RHEL4.1.x86_64.rpm 49f77aadadc093fe0b1adf53a24006c2 postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm c87647a25a66eb823ad6a612f80e9a02 postgresql-debuginfo-7.4.17-1.RHEL4.1.x86_64.rpm 7a829dce6b32c2b407717f46bc4ae380 postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm b1391ff945f0360f35cb1e1f30993c15 postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm b402d58ccb617797603acd04a0857114 postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 726b6c3da4881887c808cc566e00a2ad postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm 315865dfab15b2ba6909a29e7d2d2230 postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm e5bd709f5f4c5f00fbe3ea5a1368d951 postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm c7037f7281190b43dc685a416ed7a6ba postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm bcea5475f834539e51e564bc1fd0c05c postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm d7de85c87dda8873acd2d85cb6243e14 postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postgresql-7.4.17-1.RHEL4.1.src.rpm ee62a1ee2aedb1f7073f2bd5c9fb02d7 postgresql-7.4.17-1.RHEL4.1.src.rpm i386: ba7748d87dbdb639e56f00f6ef0304a8 postgresql-7.4.17-1.RHEL4.1.i386.rpm d116f8df382459fcdd570888434dde37 postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm ae00dece288a75b6060a82ef09e8b373 postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm 1f9e06c8d17913dbcd381888b73c1c97 postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm 8a4b9b7255c57c985d225ed28a745f16 postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 98ee4e738b763c9f3bd46719e46d7b97 postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm 21d7aa172a69f7adcd9f23f0567a44b5 postgresql-python-7.4.17-1.RHEL4.1.i386.rpm 58d8c1029658d45fab60e40674dc532b postgresql-server-7.4.17-1.RHEL4.1.i386.rpm 861ae336446b6d8ad51b4534beb6aa50 postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm 0a424977167429d1be922b8473512e7c postgresql-test-7.4.17-1.RHEL4.1.i386.rpm ia64: 5731700d46835b805b40b3ed5e3d2d2c postgresql-7.4.17-1.RHEL4.1.ia64.rpm 8ffb4c30a8c5258180e2d7be0ab5e05b postgresql-contrib-7.4.17-1.RHEL4.1.ia64.rpm ae500e9c6624f23632aedc93ff47085f postgresql-debuginfo-7.4.17-1.RHEL4.1.ia64.rpm c90fb9ee3b9421f96e6db1c208e8f5a3 postgresql-devel-7.4.17-1.RHEL4.1.ia64.rpm 3f76a0fe5010c753d9ff6cf849d359ca postgresql-docs-7.4.17-1.RHEL4.1.ia64.rpm f6f3920fe24eaebb0afcb61b40163941 postgresql-jdbc-7.4.17-1.RHEL4.1.ia64.rpm a584243398c283dc1642d1c18946b29c postgresql-libs-7.4.17-1.RHEL4.1.ia64.rpm 2b3570eadeaa1dbce0b2c268b136929c postgresql-pl-7.4.17-1.RHEL4.1.ia64.rpm 65f99ead40bd46080c19b66e4c4983c3 postgresql-python-7.4.17-1.RHEL4.1.ia64.rpm b20318b50a9d53d43e13dc4ef19d123a postgresql-server-7.4.17-1.RHEL4.1.ia64.rpm dbe17485b44f1818622e7a16ceb29661 postgresql-tcl-7.4.17-1.RHEL4.1.ia64.rpm ba2c5761607f245c81f905ed2d5a3c85 postgresql-test-7.4.17-1.RHEL4.1.ia64.rpm x86_64: 94d60ed2937136ea860f45bbc03133a9 postgresql-7.4.17-1.RHEL4.1.x86_64.rpm 49f77aadadc093fe0b1adf53a24006c2 postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm c87647a25a66eb823ad6a612f80e9a02 postgresql-debuginfo-7.4.17-1.RHEL4.1.x86_64.rpm 7a829dce6b32c2b407717f46bc4ae380 postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm b1391ff945f0360f35cb1e1f30993c15 postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm b402d58ccb617797603acd04a0857114 postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 726b6c3da4881887c808cc566e00a2ad postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm 315865dfab15b2ba6909a29e7d2d2230 postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm e5bd709f5f4c5f00fbe3ea5a1368d951 postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm c7037f7281190b43dc685a416ed7a6ba postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm bcea5475f834539e51e564bc1fd0c05c postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm d7de85c87dda8873acd2d85cb6243e14 postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postgresql-7.4.17-1.RHEL4.1.src.rpm ee62a1ee2aedb1f7073f2bd5c9fb02d7 postgresql-7.4.17-1.RHEL4.1.src.rpm i386: ba7748d87dbdb639e56f00f6ef0304a8 postgresql-7.4.17-1.RHEL4.1.i386.rpm d116f8df382459fcdd570888434dde37 postgresql-contrib-7.4.17-1.RHEL4.1.i386.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm ae00dece288a75b6060a82ef09e8b373 postgresql-devel-7.4.17-1.RHEL4.1.i386.rpm 1f9e06c8d17913dbcd381888b73c1c97 postgresql-docs-7.4.17-1.RHEL4.1.i386.rpm 8a4b9b7255c57c985d225ed28a745f16 postgresql-jdbc-7.4.17-1.RHEL4.1.i386.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 98ee4e738b763c9f3bd46719e46d7b97 postgresql-pl-7.4.17-1.RHEL4.1.i386.rpm 21d7aa172a69f7adcd9f23f0567a44b5 postgresql-python-7.4.17-1.RHEL4.1.i386.rpm 58d8c1029658d45fab60e40674dc532b postgresql-server-7.4.17-1.RHEL4.1.i386.rpm 861ae336446b6d8ad51b4534beb6aa50 postgresql-tcl-7.4.17-1.RHEL4.1.i386.rpm 0a424977167429d1be922b8473512e7c postgresql-test-7.4.17-1.RHEL4.1.i386.rpm ia64: 5731700d46835b805b40b3ed5e3d2d2c postgresql-7.4.17-1.RHEL4.1.ia64.rpm 8ffb4c30a8c5258180e2d7be0ab5e05b postgresql-contrib-7.4.17-1.RHEL4.1.ia64.rpm ae500e9c6624f23632aedc93ff47085f postgresql-debuginfo-7.4.17-1.RHEL4.1.ia64.rpm c90fb9ee3b9421f96e6db1c208e8f5a3 postgresql-devel-7.4.17-1.RHEL4.1.ia64.rpm 3f76a0fe5010c753d9ff6cf849d359ca postgresql-docs-7.4.17-1.RHEL4.1.ia64.rpm f6f3920fe24eaebb0afcb61b40163941 postgresql-jdbc-7.4.17-1.RHEL4.1.ia64.rpm a584243398c283dc1642d1c18946b29c postgresql-libs-7.4.17-1.RHEL4.1.ia64.rpm 2b3570eadeaa1dbce0b2c268b136929c postgresql-pl-7.4.17-1.RHEL4.1.ia64.rpm 65f99ead40bd46080c19b66e4c4983c3 postgresql-python-7.4.17-1.RHEL4.1.ia64.rpm b20318b50a9d53d43e13dc4ef19d123a postgresql-server-7.4.17-1.RHEL4.1.ia64.rpm dbe17485b44f1818622e7a16ceb29661 postgresql-tcl-7.4.17-1.RHEL4.1.ia64.rpm ba2c5761607f245c81f905ed2d5a3c85 postgresql-test-7.4.17-1.RHEL4.1.ia64.rpm x86_64: 94d60ed2937136ea860f45bbc03133a9 postgresql-7.4.17-1.RHEL4.1.x86_64.rpm 49f77aadadc093fe0b1adf53a24006c2 postgresql-contrib-7.4.17-1.RHEL4.1.x86_64.rpm f9c705ec9974c577f4185259b73d0987 postgresql-debuginfo-7.4.17-1.RHEL4.1.i386.rpm c87647a25a66eb823ad6a612f80e9a02 postgresql-debuginfo-7.4.17-1.RHEL4.1.x86_64.rpm 7a829dce6b32c2b407717f46bc4ae380 postgresql-devel-7.4.17-1.RHEL4.1.x86_64.rpm b1391ff945f0360f35cb1e1f30993c15 postgresql-docs-7.4.17-1.RHEL4.1.x86_64.rpm b402d58ccb617797603acd04a0857114 postgresql-jdbc-7.4.17-1.RHEL4.1.x86_64.rpm 01bd4f0c2e8e2c91b3a3132b243ca7e6 postgresql-libs-7.4.17-1.RHEL4.1.i386.rpm 726b6c3da4881887c808cc566e00a2ad postgresql-libs-7.4.17-1.RHEL4.1.x86_64.rpm 315865dfab15b2ba6909a29e7d2d2230 postgresql-pl-7.4.17-1.RHEL4.1.x86_64.rpm e5bd709f5f4c5f00fbe3ea5a1368d951 postgresql-python-7.4.17-1.RHEL4.1.x86_64.rpm c7037f7281190b43dc685a416ed7a6ba postgresql-server-7.4.17-1.RHEL4.1.x86_64.rpm bcea5475f834539e51e564bc1fd0c05c postgresql-tcl-7.4.17-1.RHEL4.1.x86_64.rpm d7de85c87dda8873acd2d85cb6243e14 postgresql-test-7.4.17-1.RHEL4.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.9-1.el5.src.rpm 5eca78d731facc43a25ec05fbee9fdaf postgresql-8.1.9-1.el5.src.rpm i386: b42e7d573ffa6861d2df10ab89510372 postgresql-8.1.9-1.el5.i386.rpm 97025aed197bc7c4c37b954bfba7d547 postgresql-contrib-8.1.9-1.el5.i386.rpm f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm b9d682f1e5e1e503a617a26fcf9176c1 postgresql-docs-8.1.9-1.el5.i386.rpm 152cf57aea55c3186b1ef3ec2c43fb65 postgresql-libs-8.1.9-1.el5.i386.rpm fe8c5279170eb0f237ee5df5a153c3e5 postgresql-python-8.1.9-1.el5.i386.rpm e9897597714cf6c1e92e68fb3f593c62 postgresql-tcl-8.1.9-1.el5.i386.rpm x86_64: b157f2b4909d7cbf65ebbc18cbf725bc postgresql-8.1.9-1.el5.x86_64.rpm 19b3855a4110bdf18b3b8bccb180ae7f postgresql-contrib-8.1.9-1.el5.x86_64.rpm f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 0975c88dd0f6bc7d38cedb9e416d6086 postgresql-debuginfo-8.1.9-1.el5.x86_64.rpm de55a4be56864562b663a82830eb1d0d postgresql-docs-8.1.9-1.el5.x86_64.rpm 152cf57aea55c3186b1ef3ec2c43fb65 postgresql-libs-8.1.9-1.el5.i386.rpm e9bed9b453e44bd4d3db6ebb43011bc4 postgresql-libs-8.1.9-1.el5.x86_64.rpm ce22ac5b4159021e322f03bf920b3ae0 postgresql-python-8.1.9-1.el5.x86_64.rpm b3ce55e38c30ba55312cca3f74e2d61a postgresql-tcl-8.1.9-1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.9-1.el5.src.rpm 5eca78d731facc43a25ec05fbee9fdaf postgresql-8.1.9-1.el5.src.rpm i386: f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 420b932cc072ce99d7def960abdcdf5e postgresql-devel-8.1.9-1.el5.i386.rpm b34ce81482dc8c593e03a3c394c4173a postgresql-pl-8.1.9-1.el5.i386.rpm 27341beab05f7ce5dd9809ea953df0fa postgresql-server-8.1.9-1.el5.i386.rpm e3f01623af727276deb38936f926469e postgresql-test-8.1.9-1.el5.i386.rpm x86_64: f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 0975c88dd0f6bc7d38cedb9e416d6086 postgresql-debuginfo-8.1.9-1.el5.x86_64.rpm 420b932cc072ce99d7def960abdcdf5e postgresql-devel-8.1.9-1.el5.i386.rpm 60f8d11b63aa6b709ac98e53309d76d3 postgresql-devel-8.1.9-1.el5.x86_64.rpm f5e24fe5e4b47e0562216ab74ea4cc7c postgresql-pl-8.1.9-1.el5.x86_64.rpm e6625f2dd1e4179501ee42d4a9487780 postgresql-server-8.1.9-1.el5.x86_64.rpm 2a5edd894f742d7a2b76280c7b75ebeb postgresql-test-8.1.9-1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql-8.1.9-1.el5.src.rpm 5eca78d731facc43a25ec05fbee9fdaf postgresql-8.1.9-1.el5.src.rpm i386: b42e7d573ffa6861d2df10ab89510372 postgresql-8.1.9-1.el5.i386.rpm 97025aed197bc7c4c37b954bfba7d547 postgresql-contrib-8.1.9-1.el5.i386.rpm f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 420b932cc072ce99d7def960abdcdf5e postgresql-devel-8.1.9-1.el5.i386.rpm b9d682f1e5e1e503a617a26fcf9176c1 postgresql-docs-8.1.9-1.el5.i386.rpm 152cf57aea55c3186b1ef3ec2c43fb65 postgresql-libs-8.1.9-1.el5.i386.rpm b34ce81482dc8c593e03a3c394c4173a postgresql-pl-8.1.9-1.el5.i386.rpm fe8c5279170eb0f237ee5df5a153c3e5 postgresql-python-8.1.9-1.el5.i386.rpm 27341beab05f7ce5dd9809ea953df0fa postgresql-server-8.1.9-1.el5.i386.rpm e9897597714cf6c1e92e68fb3f593c62 postgresql-tcl-8.1.9-1.el5.i386.rpm e3f01623af727276deb38936f926469e postgresql-test-8.1.9-1.el5.i386.rpm ia64: 29e4932f40a3660c5686731f578c0b29 postgresql-8.1.9-1.el5.ia64.rpm 9cf073c7ce11c4eb5e787568db733e91 postgresql-contrib-8.1.9-1.el5.ia64.rpm f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 6ee068ac6de6a5d72be93947363daa2d postgresql-debuginfo-8.1.9-1.el5.ia64.rpm bd73b0565e508b96c223272bbc530516 postgresql-devel-8.1.9-1.el5.ia64.rpm 70fa421d707d60d43b110168e0684eb0 postgresql-docs-8.1.9-1.el5.ia64.rpm 152cf57aea55c3186b1ef3ec2c43fb65 postgresql-libs-8.1.9-1.el5.i386.rpm be5cc9eac33cb20c99cf855c1474c49c postgresql-libs-8.1.9-1.el5.ia64.rpm 51b36b03bfbf52ec6d9a7096d534e07d postgresql-pl-8.1.9-1.el5.ia64.rpm 06778bd76dc3dc1bf4b824356a783a7d postgresql-python-8.1.9-1.el5.ia64.rpm b03329b8111d09aeae2f1141f8b88e64 postgresql-server-8.1.9-1.el5.ia64.rpm 709c2babf36228855158ed369b44612c postgresql-tcl-8.1.9-1.el5.ia64.rpm c4932af5bb413dc18cad819a4639bdfd postgresql-test-8.1.9-1.el5.ia64.rpm ppc: d5f27f379b9f2a6bf5a4392d79ee5c09 postgresql-8.1.9-1.el5.ppc.rpm fa4403b22aac2eea0ff91b7ea740bdab postgresql-contrib-8.1.9-1.el5.ppc.rpm fcbe966df8d8365f9e8a4a3d9d57c65a postgresql-debuginfo-8.1.9-1.el5.ppc.rpm 0e6af63ce739ba04536f5e625fd9b12f postgresql-debuginfo-8.1.9-1.el5.ppc64.rpm 5bfb828e62b30f869e34fb87e2bdf363 postgresql-devel-8.1.9-1.el5.ppc.rpm 46c9539cb9181cbe41eb54cfe8c1cc87 postgresql-devel-8.1.9-1.el5.ppc64.rpm c7248039e386fb5a3e4e18a25db9174f postgresql-docs-8.1.9-1.el5.ppc.rpm c5494c64272a7f25a6d784fc421c977f postgresql-libs-8.1.9-1.el5.ppc.rpm 7a1496b5ef89ed02565bfe37076ca7f9 postgresql-libs-8.1.9-1.el5.ppc64.rpm 0f0fa7441b00867bd0a7c6cf1e54c06d postgresql-pl-8.1.9-1.el5.ppc.rpm e2ce1bc0d3af6d394e0e5b463cdbd913 postgresql-python-8.1.9-1.el5.ppc.rpm 0d98168534c276a0cf00123d876f9578 postgresql-server-8.1.9-1.el5.ppc.rpm 6bb29da96f9e72f93cb3bee2ee70b2c2 postgresql-tcl-8.1.9-1.el5.ppc.rpm fd1a86a20b7acba7991274ee5e73c97d postgresql-test-8.1.9-1.el5.ppc.rpm s390x: 2f4d7506f9c73891caeb15df4909898b postgresql-8.1.9-1.el5.s390x.rpm 69e8c3eb6556a38bc5c8c2b9090925b8 postgresql-contrib-8.1.9-1.el5.s390x.rpm 99b4bc7b43fdde0b342b822692b0f598 postgresql-debuginfo-8.1.9-1.el5.s390.rpm c0c0b2c83e4cc739693e199c1ee2da83 postgresql-debuginfo-8.1.9-1.el5.s390x.rpm 9017dd4f342032eed586001222585836 postgresql-devel-8.1.9-1.el5.s390.rpm b3270c7dcf556d18e978ea6ad6f87a33 postgresql-devel-8.1.9-1.el5.s390x.rpm 3480c0848cc98305339e7035daac9616 postgresql-docs-8.1.9-1.el5.s390x.rpm 24c7bab08356d9eedeaaa19dedafed7e postgresql-libs-8.1.9-1.el5.s390.rpm 36a3f6257cb2bc86c8d850c880ddf3ce postgresql-libs-8.1.9-1.el5.s390x.rpm f7c831bc7cf60bff0698e5c5ae4caf4f postgresql-pl-8.1.9-1.el5.s390x.rpm 44104cb00c87bc9cd54d521491a93cfe postgresql-python-8.1.9-1.el5.s390x.rpm 728d2280b493587579b9b0c5c19619bd postgresql-server-8.1.9-1.el5.s390x.rpm 78970ada3cd0ffc2bd7d9f08594770d1 postgresql-tcl-8.1.9-1.el5.s390x.rpm 2f59602252ba1863c8515ac9fafe1ec9 postgresql-test-8.1.9-1.el5.s390x.rpm x86_64: b157f2b4909d7cbf65ebbc18cbf725bc postgresql-8.1.9-1.el5.x86_64.rpm 19b3855a4110bdf18b3b8bccb180ae7f postgresql-contrib-8.1.9-1.el5.x86_64.rpm f37a9a225ff1f1720bced01b566b77b1 postgresql-debuginfo-8.1.9-1.el5.i386.rpm 0975c88dd0f6bc7d38cedb9e416d6086 postgresql-debuginfo-8.1.9-1.el5.x86_64.rpm 420b932cc072ce99d7def960abdcdf5e postgresql-devel-8.1.9-1.el5.i386.rpm 60f8d11b63aa6b709ac98e53309d76d3 postgresql-devel-8.1.9-1.el5.x86_64.rpm de55a4be56864562b663a82830eb1d0d postgresql-docs-8.1.9-1.el5.x86_64.rpm 152cf57aea55c3186b1ef3ec2c43fb65 postgresql-libs-8.1.9-1.el5.i386.rpm e9bed9b453e44bd4d3db6ebb43011bc4 postgresql-libs-8.1.9-1.el5.x86_64.rpm f5e24fe5e4b47e0562216ab74ea4cc7c postgresql-pl-8.1.9-1.el5.x86_64.rpm ce22ac5b4159021e322f03bf920b3ae0 postgresql-python-8.1.9-1.el5.x86_64.rpm e6625f2dd1e4179501ee42d4a9487780 postgresql-server-8.1.9-1.el5.x86_64.rpm b3ce55e38c30ba55312cca3f74e2d61a postgresql-tcl-8.1.9-1.el5.x86_64.rpm 2a5edd894f742d7a2b76280c7b75ebeb postgresql-test-8.1.9-1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2138 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQJmwXlSAg2UNWIIRAmAcAJ4+Ad6H9wBxOnRD3udcbaWUSUrMLwCgmhLM faUm4BBYWCy0DvmksoJ5HdM= =w5GY -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue May 8 15:46:27 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 8 May 2007 11:46:27 -0400 Subject: [RHSA-2007:0348-01] Important: php security update Message-ID: <200705081546.l48FkRrF030756@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0348-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0348.html Issue date: 2007-05-08 Updated on: 2007-05-08 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1864 CVE-2007-2509 CVE-2007-2510 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864) A flaw was found in the PHP 'ftp' extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) A buffer overflow flaw was found in the PHP 'soap' extension, regarding the handling of an HTTP redirect response when using the SOAP client provided by this extension with an untrusted SOAP server. No mechanism to trigger this flaw remotely is known. (CVE-2007-2510) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239015 - CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510) 6. RPMs required: RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/php-5.1.6-12.el5.src.rpm 1f072047b7d34d64fe5fbe532f6777c0 php-5.1.6-12.el5.src.rpm i386: db4e221120959052ff76d76baa356333 php-5.1.6-12.el5.i386.rpm 623ea7a18a737dad4ecd3b59f70e4a7b php-bcmath-5.1.6-12.el5.i386.rpm 13a42879b670133c45728223a95fd402 php-cli-5.1.6-12.el5.i386.rpm e189f866ed98fce01d040f324a80391d php-common-5.1.6-12.el5.i386.rpm a60aa421383db832b4edd0c850df8ecf php-dba-5.1.6-12.el5.i386.rpm 1c451d5a3716708b254a66143f4557db php-debuginfo-5.1.6-12.el5.i386.rpm 6f5036e7ca118e1915226e3cd8f9518b php-devel-5.1.6-12.el5.i386.rpm 2800999d688186d3dbeee5fb3e61575b php-gd-5.1.6-12.el5.i386.rpm a1904ac67baff1e51a3fbf5599440b52 php-imap-5.1.6-12.el5.i386.rpm 1bfe2a4ae5e40cc269a1dbc1352c4b80 php-ldap-5.1.6-12.el5.i386.rpm b3cff46d0c907a5ed67713145e1b4152 php-mbstring-5.1.6-12.el5.i386.rpm 15efa04cf7427b2747c2020dbe759029 php-mysql-5.1.6-12.el5.i386.rpm bbca3680c0437d9ec164b572c9f5f8ef php-ncurses-5.1.6-12.el5.i386.rpm 78a45360f99144504120ed460739aab1 php-odbc-5.1.6-12.el5.i386.rpm 83612401d798529d67d2695164559183 php-pdo-5.1.6-12.el5.i386.rpm a062000075fc8bbf21b647c2f40d77bf php-pgsql-5.1.6-12.el5.i386.rpm 46000dee2a3c58e8b30919fbb46843c6 php-snmp-5.1.6-12.el5.i386.rpm 38d8e0bb05631def31f60fa3b7198772 php-soap-5.1.6-12.el5.i386.rpm 6f0476ea1a367d88e2e5039fdbc3a198 php-xml-5.1.6-12.el5.i386.rpm fa48b781751b85839fd64d806abe41f4 php-xmlrpc-5.1.6-12.el5.i386.rpm x86_64: 68d771ed24af81d04ee7e100a5a5e635 php-5.1.6-12.el5.x86_64.rpm ea6a80e9d0d7158d94901ac4d63ed0f0 php-bcmath-5.1.6-12.el5.x86_64.rpm 3db0909942b504af6fb2ab6319dfc418 php-cli-5.1.6-12.el5.x86_64.rpm e87c1bcd044c475afd36b4fd76eb306e php-common-5.1.6-12.el5.x86_64.rpm b52703dcbbd302ca6a5881691c8a4791 php-dba-5.1.6-12.el5.x86_64.rpm a54f2b329966f6ae8d973e8c5bd9b3c9 php-debuginfo-5.1.6-12.el5.x86_64.rpm b24a0cf47bbd36af3e27f63cf8f2a44d php-devel-5.1.6-12.el5.x86_64.rpm 683ee6300a6021f31b9b378b5ebbae91 php-gd-5.1.6-12.el5.x86_64.rpm 2558b23ddb574e4d757a3ee45b4b09db php-imap-5.1.6-12.el5.x86_64.rpm 4e12feed47c6bdfa745b408c3a2f0be9 php-ldap-5.1.6-12.el5.x86_64.rpm 802ac4070f6183f3c3fa729f6ef753b0 php-mbstring-5.1.6-12.el5.x86_64.rpm f6a3268ac2d5868b56750b125b7e4000 php-mysql-5.1.6-12.el5.x86_64.rpm 7e2467e812eb1ecb34bec48d61ce75f5 php-ncurses-5.1.6-12.el5.x86_64.rpm 8d9d4c8f30a8310b4b55f40260cd705e php-odbc-5.1.6-12.el5.x86_64.rpm a2f79a2d00ee92c37fbcd575abc9031b php-pdo-5.1.6-12.el5.x86_64.rpm b0cfb786017cedfdef3c9a7e4abbf61b php-pgsql-5.1.6-12.el5.x86_64.rpm 18d164a275b9b357a84c976fd24929af php-snmp-5.1.6-12.el5.x86_64.rpm c359a4bd47f55245a28832e004ede4b3 php-soap-5.1.6-12.el5.x86_64.rpm 263c811cd28b288ba2cadd65ed5daf5e php-xml-5.1.6-12.el5.x86_64.rpm b2b3a11ccf426e54b41d74df6eb33da8 php-xmlrpc-5.1.6-12.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/php-5.1.6-12.el5.src.rpm 1f072047b7d34d64fe5fbe532f6777c0 php-5.1.6-12.el5.src.rpm i386: db4e221120959052ff76d76baa356333 php-5.1.6-12.el5.i386.rpm 623ea7a18a737dad4ecd3b59f70e4a7b php-bcmath-5.1.6-12.el5.i386.rpm 13a42879b670133c45728223a95fd402 php-cli-5.1.6-12.el5.i386.rpm e189f866ed98fce01d040f324a80391d php-common-5.1.6-12.el5.i386.rpm a60aa421383db832b4edd0c850df8ecf php-dba-5.1.6-12.el5.i386.rpm 1c451d5a3716708b254a66143f4557db php-debuginfo-5.1.6-12.el5.i386.rpm 6f5036e7ca118e1915226e3cd8f9518b php-devel-5.1.6-12.el5.i386.rpm 2800999d688186d3dbeee5fb3e61575b php-gd-5.1.6-12.el5.i386.rpm a1904ac67baff1e51a3fbf5599440b52 php-imap-5.1.6-12.el5.i386.rpm 1bfe2a4ae5e40cc269a1dbc1352c4b80 php-ldap-5.1.6-12.el5.i386.rpm b3cff46d0c907a5ed67713145e1b4152 php-mbstring-5.1.6-12.el5.i386.rpm 15efa04cf7427b2747c2020dbe759029 php-mysql-5.1.6-12.el5.i386.rpm bbca3680c0437d9ec164b572c9f5f8ef php-ncurses-5.1.6-12.el5.i386.rpm 78a45360f99144504120ed460739aab1 php-odbc-5.1.6-12.el5.i386.rpm 83612401d798529d67d2695164559183 php-pdo-5.1.6-12.el5.i386.rpm a062000075fc8bbf21b647c2f40d77bf php-pgsql-5.1.6-12.el5.i386.rpm 46000dee2a3c58e8b30919fbb46843c6 php-snmp-5.1.6-12.el5.i386.rpm 38d8e0bb05631def31f60fa3b7198772 php-soap-5.1.6-12.el5.i386.rpm 6f0476ea1a367d88e2e5039fdbc3a198 php-xml-5.1.6-12.el5.i386.rpm fa48b781751b85839fd64d806abe41f4 php-xmlrpc-5.1.6-12.el5.i386.rpm ia64: cafd614aafbb93a9c1cc2f6353830cd7 php-5.1.6-12.el5.ia64.rpm 2441c3bb036579f4f90a68ec83d26f35 php-bcmath-5.1.6-12.el5.ia64.rpm cb7bef1fdbc92fea05df95f8d6584555 php-cli-5.1.6-12.el5.ia64.rpm e10fe0ff4bc338ddec9b4e367291e566 php-common-5.1.6-12.el5.ia64.rpm fa100ac6fe4b0a91991abd936565f0fc php-dba-5.1.6-12.el5.ia64.rpm 5a59f0808d88c867760042409bb34b78 php-debuginfo-5.1.6-12.el5.ia64.rpm ae02c7d2e2d4d44718f996c250d42d71 php-devel-5.1.6-12.el5.ia64.rpm f0f191aaf58ec5589f21df085504e239 php-gd-5.1.6-12.el5.ia64.rpm cf26517d261c3aaa55fb214a859d103b php-imap-5.1.6-12.el5.ia64.rpm d1509a29380c85b385fc63ee44815083 php-ldap-5.1.6-12.el5.ia64.rpm e1f2318bd68675d7f849234e8354a2e3 php-mbstring-5.1.6-12.el5.ia64.rpm a3ce3b1d3a49127a2162a1465a73886e php-mysql-5.1.6-12.el5.ia64.rpm d42e7353d8088fef65b36ba973b195ae php-ncurses-5.1.6-12.el5.ia64.rpm e05c2cd733dc4cc8369321e90d899d68 php-odbc-5.1.6-12.el5.ia64.rpm 1f1efbb4539364a08d52c0dab7795239 php-pdo-5.1.6-12.el5.ia64.rpm 3e312ac2b401c91d861894c3b33ded17 php-pgsql-5.1.6-12.el5.ia64.rpm feaac214d523a64ebadaad9e93f1242a php-snmp-5.1.6-12.el5.ia64.rpm 30b1ea6f26dda2395b11736333f7b2ce php-soap-5.1.6-12.el5.ia64.rpm d0999b5660b02e62b39f121ec8327500 php-xml-5.1.6-12.el5.ia64.rpm d73065f5f63f38a16cb95616baa4f8e0 php-xmlrpc-5.1.6-12.el5.ia64.rpm ppc: 34ae027262d0d089256344c389bbe08c php-5.1.6-12.el5.ppc.rpm 3b3d5738933e697bb776d04ff46a7f12 php-bcmath-5.1.6-12.el5.ppc.rpm 49cabf54b4400a953b739b6ed2b30f9e php-cli-5.1.6-12.el5.ppc.rpm 2122545a7ba2b26df9e520cb1180b7c7 php-common-5.1.6-12.el5.ppc.rpm 9e30dfaa845be5c78163cb75924bd2b4 php-dba-5.1.6-12.el5.ppc.rpm 96fa588b28469fd0b08b961fbedc758b php-debuginfo-5.1.6-12.el5.ppc.rpm 423f4664277d806dcaf857bb147d8e4b php-devel-5.1.6-12.el5.ppc.rpm 0f3f6615f97f175bee885bcafe8a5859 php-gd-5.1.6-12.el5.ppc.rpm 0801cf3c02afce07b604b7dfe7fd1905 php-imap-5.1.6-12.el5.ppc.rpm 2add1b41bbb8bd8be31e2d444704406b php-ldap-5.1.6-12.el5.ppc.rpm d5b9f5d3c17bf87507594b1baa3e79f7 php-mbstring-5.1.6-12.el5.ppc.rpm 325e97ecee92904bd55945c4b1d1b639 php-mysql-5.1.6-12.el5.ppc.rpm 55143aa36a5830a28a05f97f7d981760 php-ncurses-5.1.6-12.el5.ppc.rpm 18d8ef4334b2388b09e6c83dfcc58882 php-odbc-5.1.6-12.el5.ppc.rpm 9767a87db24d9f8afcce9f1428065c60 php-pdo-5.1.6-12.el5.ppc.rpm ee48fe969439c899283d1ec3eb60f530 php-pgsql-5.1.6-12.el5.ppc.rpm 4065ec9d77ad5b9659e1b0f848cb0215 php-snmp-5.1.6-12.el5.ppc.rpm c309aa4721f4f7be3c15086700eca7ba php-soap-5.1.6-12.el5.ppc.rpm ff5887a936ee9d00ddea099144662a6a php-xml-5.1.6-12.el5.ppc.rpm 47966500a9b6eecc2e27cbef9159496a php-xmlrpc-5.1.6-12.el5.ppc.rpm s390x: e858f359b54fa3c4849f1fc1ef07824f php-5.1.6-12.el5.s390x.rpm f974f231c4b713c6ac2191bea2328c9b php-bcmath-5.1.6-12.el5.s390x.rpm f369fcc7d4f6a08cb295a5e2fb521b27 php-cli-5.1.6-12.el5.s390x.rpm 0f1749de657015b792c76c60b04284fd php-common-5.1.6-12.el5.s390x.rpm c754ed24d8d995411e98d8401b26acde php-dba-5.1.6-12.el5.s390x.rpm a3c853fc4990507a7a8dc3e51c6bb696 php-debuginfo-5.1.6-12.el5.s390x.rpm 8f5143ea58f9985a341ff583a7f76aa0 php-devel-5.1.6-12.el5.s390x.rpm 2f100e01b637407a5dc5ca8e2a23bbba php-gd-5.1.6-12.el5.s390x.rpm 104d04a1fa14f2f7707e792c86329f9c php-imap-5.1.6-12.el5.s390x.rpm e452fa10840ba5accb455ec03884cd50 php-ldap-5.1.6-12.el5.s390x.rpm 1fa864cbe5f5293a698d808fa19afae9 php-mbstring-5.1.6-12.el5.s390x.rpm d8a0fd9257da5af3a764e5b1dfe6ad77 php-mysql-5.1.6-12.el5.s390x.rpm a1a20fbb68f630030dd6299ecf416596 php-ncurses-5.1.6-12.el5.s390x.rpm 6a67e25eda0d52b30ca16613302c5ac2 php-odbc-5.1.6-12.el5.s390x.rpm f5783c22f5a47556c865e788314b6053 php-pdo-5.1.6-12.el5.s390x.rpm 34c8f6098740ddcabb6dc52782c4377d php-pgsql-5.1.6-12.el5.s390x.rpm 2903ad9be536f69ed2e659258bad601c php-snmp-5.1.6-12.el5.s390x.rpm f6be7d172c09f7b94dee797609c0e833 php-soap-5.1.6-12.el5.s390x.rpm f96b56c8c02bac91c00fdb255fc1c979 php-xml-5.1.6-12.el5.s390x.rpm c231339723fc58a722841ded28f10b65 php-xmlrpc-5.1.6-12.el5.s390x.rpm x86_64: 68d771ed24af81d04ee7e100a5a5e635 php-5.1.6-12.el5.x86_64.rpm ea6a80e9d0d7158d94901ac4d63ed0f0 php-bcmath-5.1.6-12.el5.x86_64.rpm 3db0909942b504af6fb2ab6319dfc418 php-cli-5.1.6-12.el5.x86_64.rpm e87c1bcd044c475afd36b4fd76eb306e php-common-5.1.6-12.el5.x86_64.rpm b52703dcbbd302ca6a5881691c8a4791 php-dba-5.1.6-12.el5.x86_64.rpm a54f2b329966f6ae8d973e8c5bd9b3c9 php-debuginfo-5.1.6-12.el5.x86_64.rpm b24a0cf47bbd36af3e27f63cf8f2a44d php-devel-5.1.6-12.el5.x86_64.rpm 683ee6300a6021f31b9b378b5ebbae91 php-gd-5.1.6-12.el5.x86_64.rpm 2558b23ddb574e4d757a3ee45b4b09db php-imap-5.1.6-12.el5.x86_64.rpm 4e12feed47c6bdfa745b408c3a2f0be9 php-ldap-5.1.6-12.el5.x86_64.rpm 802ac4070f6183f3c3fa729f6ef753b0 php-mbstring-5.1.6-12.el5.x86_64.rpm f6a3268ac2d5868b56750b125b7e4000 php-mysql-5.1.6-12.el5.x86_64.rpm 7e2467e812eb1ecb34bec48d61ce75f5 php-ncurses-5.1.6-12.el5.x86_64.rpm 8d9d4c8f30a8310b4b55f40260cd705e php-odbc-5.1.6-12.el5.x86_64.rpm a2f79a2d00ee92c37fbcd575abc9031b php-pdo-5.1.6-12.el5.x86_64.rpm b0cfb786017cedfdef3c9a7e4abbf61b php-pgsql-5.1.6-12.el5.x86_64.rpm 18d164a275b9b357a84c976fd24929af php-snmp-5.1.6-12.el5.x86_64.rpm c359a4bd47f55245a28832e004ede4b3 php-soap-5.1.6-12.el5.x86_64.rpm 263c811cd28b288ba2cadd65ed5daf5e php-xml-5.1.6-12.el5.x86_64.rpm b2b3a11ccf426e54b41d74df6eb33da8 php-xmlrpc-5.1.6-12.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2510 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQJtLXlSAg2UNWIIRAj0cAJ9nqM0PCWvoWE3VS05LAOvj3NyBOQCeN3Fx qs0DGzwnoVMgYVPwfxQzCnc= =syYl -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 9 13:13:43 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 May 2007 09:13:43 -0400 Subject: [RHSA-2007:0346-01] Moderate: vim security update Message-ID: <200705091313.l49DDhJ5009914@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: vim security update Advisory ID: RHSA-2007:0346-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0346.html Issue date: 2007-05-09 Updated on: 2007-05-09 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-2438 - --------------------------------------------------------------------- 1. Summary: Updated vim packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: VIM (VIsual editor iMproved) is a version of the vi editor. An arbitrary command execution flaw was found in the way VIM processes modelines. If a user with modelines enabled opened a text file containing a carefully crafted modeline, arbitrary commands could be executed as the user running VIM. (CVE-2007-2438) Users of VIM are advised to upgrade to these updated packages, which resolve this issue. Please note: this issue did not affect VIM as distributed with Red Hat Enterprise Linux 2.1, 3, or 4. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238259 - CVE-2007-2438 vim-7 modeline security issue 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/vim-7.0.109-3.el5.3.src.rpm e057a4d34a4a8560939b9bb588517420 vim-7.0.109-3.el5.3.src.rpm i386: 4a3ea5327008913ecade2dabe0337de7 vim-X11-7.0.109-3.el5.3.i386.rpm d9589f3dcbe58f3f355a15405915f939 vim-common-7.0.109-3.el5.3.i386.rpm 7a2330aaea8210cb5d428a5b3055e580 vim-debuginfo-7.0.109-3.el5.3.i386.rpm e1a19e0a474ff74a7546ac83a7905f5c vim-enhanced-7.0.109-3.el5.3.i386.rpm 6539ac943dbf36d8cdd973363bb8b5ba vim-minimal-7.0.109-3.el5.3.i386.rpm x86_64: ee97948f2545f7e0a37b33fb0bde8f11 vim-X11-7.0.109-3.el5.3.x86_64.rpm 986ee1a67308fcb05ea90afa85eb14b4 vim-common-7.0.109-3.el5.3.x86_64.rpm ad5b39233271781006f64b39198eb254 vim-debuginfo-7.0.109-3.el5.3.x86_64.rpm 49aa8c77bb180de51539cb7d0f5d635d vim-enhanced-7.0.109-3.el5.3.x86_64.rpm da6d10a02e1cf4121095ab6e9544f4db vim-minimal-7.0.109-3.el5.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/vim-7.0.109-3.el5.3.src.rpm e057a4d34a4a8560939b9bb588517420 vim-7.0.109-3.el5.3.src.rpm i386: 4a3ea5327008913ecade2dabe0337de7 vim-X11-7.0.109-3.el5.3.i386.rpm d9589f3dcbe58f3f355a15405915f939 vim-common-7.0.109-3.el5.3.i386.rpm 7a2330aaea8210cb5d428a5b3055e580 vim-debuginfo-7.0.109-3.el5.3.i386.rpm e1a19e0a474ff74a7546ac83a7905f5c vim-enhanced-7.0.109-3.el5.3.i386.rpm 6539ac943dbf36d8cdd973363bb8b5ba vim-minimal-7.0.109-3.el5.3.i386.rpm ia64: 6a019342604776e1a9266ea628292c6b vim-X11-7.0.109-3.el5.3.ia64.rpm 77b51bd7442889406418c7bfb2a97942 vim-common-7.0.109-3.el5.3.ia64.rpm 3dfb29087a10bae25becdf1cf69e423e vim-debuginfo-7.0.109-3.el5.3.ia64.rpm 0852cd42e83dc460d49d64c454315e63 vim-enhanced-7.0.109-3.el5.3.ia64.rpm e94013ed5136148fc4022e217350e198 vim-minimal-7.0.109-3.el5.3.ia64.rpm ppc: d1e6aa03f74f9a8bbd1f30c80aaba5fd vim-X11-7.0.109-3.el5.3.ppc.rpm 2621bb3dfbef1b8449f61082ecdd6cc8 vim-common-7.0.109-3.el5.3.ppc.rpm 06abf51c81d108c30dd6ea51c3bde3f6 vim-debuginfo-7.0.109-3.el5.3.ppc.rpm e58650f6b7015ee74c018b5e3933d5a2 vim-enhanced-7.0.109-3.el5.3.ppc.rpm 76491ca22289c0780d74c0cb98b0b2c6 vim-minimal-7.0.109-3.el5.3.ppc.rpm s390x: e5a6e15a237641bd9a49b56b128409d6 vim-X11-7.0.109-3.el5.3.s390x.rpm 1fc67cbb34143778972e0756c6b45cc7 vim-common-7.0.109-3.el5.3.s390x.rpm 099894105a80244703163a60cc7c53f8 vim-debuginfo-7.0.109-3.el5.3.s390x.rpm 0dd61a9d9709c3e252439a4b5bb386f7 vim-enhanced-7.0.109-3.el5.3.s390x.rpm 39d600c984782b2b7399c2a73c64c33a vim-minimal-7.0.109-3.el5.3.s390x.rpm x86_64: ee97948f2545f7e0a37b33fb0bde8f11 vim-X11-7.0.109-3.el5.3.x86_64.rpm 986ee1a67308fcb05ea90afa85eb14b4 vim-common-7.0.109-3.el5.3.x86_64.rpm ad5b39233271781006f64b39198eb254 vim-debuginfo-7.0.109-3.el5.3.x86_64.rpm 49aa8c77bb180de51539cb7d0f5d635d vim-enhanced-7.0.109-3.el5.3.x86_64.rpm da6d10a02e1cf4121095ab6e9544f4db vim-minimal-7.0.109-3.el5.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2438 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQckCXlSAg2UNWIIRAgoQAKCc8gEe/y6FfBab0o5Ii0spLDHMkwCgijBJ ODvnRFmwxnVFocWm3DzYbR8= =KYh9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 9 13:26:24 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 9 May 2007 09:26:24 -0400 Subject: [RHSA-2007:0349-01] Important: php security update Message-ID: <200705091326.l49DQOvk012154@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0349-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0349.html Issue date: 2007-05-09 Updated on: 2007-05-09 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1864 CVE-2007-2509 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix two security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864) A flaw was found in the PHP 'ftp' extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239017 - CVE-2007-1864 various PHP security issues (CVE-2007-2509) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.22.5.src.rpm af46a865f62e1d1a3fd61961b5f5a59d php-4.3.9-3.22.5.src.rpm i386: 9603115ac8f39b2d9658d8badb87bffe php-4.3.9-3.22.5.i386.rpm c3f444255c3c18eef368208aa25e993a php-debuginfo-4.3.9-3.22.5.i386.rpm 898b671f7a03a0f893c518843fa614cb php-devel-4.3.9-3.22.5.i386.rpm c240b1570806074b9df2900b71db642f php-domxml-4.3.9-3.22.5.i386.rpm 66e0fcea55160792c0d8113b8eb461e0 php-gd-4.3.9-3.22.5.i386.rpm adc0e7ea1377dc33fa5222b46ce4271d php-imap-4.3.9-3.22.5.i386.rpm 9a2bb24a63d977fa613348aa7d06a846 php-ldap-4.3.9-3.22.5.i386.rpm 385d75fcae602ea03445354e994654bd php-mbstring-4.3.9-3.22.5.i386.rpm a3e99c46516692ec76adf38e1c8ca903 php-mysql-4.3.9-3.22.5.i386.rpm 34a3c113d4547c30e284be746aac2eb5 php-ncurses-4.3.9-3.22.5.i386.rpm caec49528957237953cd056bc6fc9b2d php-odbc-4.3.9-3.22.5.i386.rpm 5fa0117e6df9e5786dbbbc74abd9ecfc php-pear-4.3.9-3.22.5.i386.rpm f2ba9137e21f85df393d9504e2f833e2 php-pgsql-4.3.9-3.22.5.i386.rpm 61a040098ab3262674fbf16bf7655d2e php-snmp-4.3.9-3.22.5.i386.rpm 12a863a907c2dde778cacc0aa64104ca php-xmlrpc-4.3.9-3.22.5.i386.rpm ia64: ed89a7f1a3f5578c8951527d4d129ecd php-4.3.9-3.22.5.ia64.rpm 9ddcd4f7ae1faf1b02447e2bf6fd4f07 php-debuginfo-4.3.9-3.22.5.ia64.rpm 2c8d90303ee7a4d55c2008901def3e9a php-devel-4.3.9-3.22.5.ia64.rpm 1ff565eb666aac9695effe542e74b204 php-domxml-4.3.9-3.22.5.ia64.rpm 5143f0bd56c22803f7822aac4b4020d3 php-gd-4.3.9-3.22.5.ia64.rpm b0482746464b4fd021982a6fa10720c9 php-imap-4.3.9-3.22.5.ia64.rpm c3317631c371f903a369f79cb765ce91 php-ldap-4.3.9-3.22.5.ia64.rpm a11bb74c2f579224b69e36a0a3077da2 php-mbstring-4.3.9-3.22.5.ia64.rpm 364160272757c0b15b6437ee78f51e57 php-mysql-4.3.9-3.22.5.ia64.rpm 2d38f09b4136a63a574b6136c9af7cee php-ncurses-4.3.9-3.22.5.ia64.rpm 130b290501fcdd0f74b4c757152b25ec php-odbc-4.3.9-3.22.5.ia64.rpm 88679609c3e17cab2fa71a0776a1f490 php-pear-4.3.9-3.22.5.ia64.rpm a7e2b464bc92bfc4c7502d8393382a49 php-pgsql-4.3.9-3.22.5.ia64.rpm 65e43f9705bedb299ca6061b1d39a9cf php-snmp-4.3.9-3.22.5.ia64.rpm f105e4068fadc8658c3867a2ddc3c537 php-xmlrpc-4.3.9-3.22.5.ia64.rpm ppc: 07473d5f8ff28a942252cc75950f11fb php-4.3.9-3.22.5.ppc.rpm 11b52b72c83ab016d8eee049a8a65f29 php-debuginfo-4.3.9-3.22.5.ppc.rpm 0fee4d6aa4377126b07adc8126b2549d php-devel-4.3.9-3.22.5.ppc.rpm a8981f76702a5828347f0d9b1c3310b3 php-domxml-4.3.9-3.22.5.ppc.rpm a9d418fece5f78fe476842fc0910b0b1 php-gd-4.3.9-3.22.5.ppc.rpm 73a73f25d3e9f2fc355fa5d1fad1fe20 php-imap-4.3.9-3.22.5.ppc.rpm b46c1fb628fe214fd5e97a6c18b5efaf php-ldap-4.3.9-3.22.5.ppc.rpm 6929a510ba1bb03cfe936cb9bd54075d php-mbstring-4.3.9-3.22.5.ppc.rpm 333f428d16481549237627474d45418a php-mysql-4.3.9-3.22.5.ppc.rpm b3e91066c40f775867fc4878823a2ba9 php-ncurses-4.3.9-3.22.5.ppc.rpm 25eafbbc236f999789a1808e773d6c86 php-odbc-4.3.9-3.22.5.ppc.rpm 7b93292efeda9564ad8ded1b9e01516b php-pear-4.3.9-3.22.5.ppc.rpm 9de5ff415b2469e7b92651e3340442b1 php-pgsql-4.3.9-3.22.5.ppc.rpm edd2432aa8d21899ca13e45fa902f0c1 php-snmp-4.3.9-3.22.5.ppc.rpm 20361515d9a4e48ff26ab85f8d8a7325 php-xmlrpc-4.3.9-3.22.5.ppc.rpm s390: d501576dd09d563829a57d592cb4dd13 php-4.3.9-3.22.5.s390.rpm 6b9ea3d398039baf691a6ca75364d5ef php-debuginfo-4.3.9-3.22.5.s390.rpm 8fc387dd0877378cbea6971057140ba1 php-devel-4.3.9-3.22.5.s390.rpm faf799fd4541a3630e1e5be155b0d76c php-domxml-4.3.9-3.22.5.s390.rpm cb731bafc78bed62f68bdac19c64f319 php-gd-4.3.9-3.22.5.s390.rpm 45639cd31458aa81b6f7abec41362b5c php-imap-4.3.9-3.22.5.s390.rpm e7ff5aa569d0aeccc449d53700d4ed3d php-ldap-4.3.9-3.22.5.s390.rpm a41a47423c3c9a0478bc2080716b7935 php-mbstring-4.3.9-3.22.5.s390.rpm 06c088a1dadb55e5f515cf22ac1ffc10 php-mysql-4.3.9-3.22.5.s390.rpm a772049ec27e8879f53a6c5ab83ff88a php-ncurses-4.3.9-3.22.5.s390.rpm d2774a9bc2c263ab02e420e9ecb4d692 php-odbc-4.3.9-3.22.5.s390.rpm b0c5384e4aaf732eb18753ddece91df4 php-pear-4.3.9-3.22.5.s390.rpm bb1ddbdfe179a54bbbb7caf9e91d7130 php-pgsql-4.3.9-3.22.5.s390.rpm 1b01e9dfaeb020f2bf42f0e41785444c php-snmp-4.3.9-3.22.5.s390.rpm c3ca9f46d6ca23d18e035023b1031da6 php-xmlrpc-4.3.9-3.22.5.s390.rpm s390x: dfbc7d3dc8e65d0a09fa496617698a17 php-4.3.9-3.22.5.s390x.rpm e4878f399de8ad1a4f110f534a9aa4e9 php-debuginfo-4.3.9-3.22.5.s390x.rpm f8688955c0a8fc02c1ccbf5368d69bbf php-devel-4.3.9-3.22.5.s390x.rpm f2db862dd491b115688d1bf7a7b29eb8 php-domxml-4.3.9-3.22.5.s390x.rpm b5be0c737e8f6c2c70629985a165b67f php-gd-4.3.9-3.22.5.s390x.rpm 636eeb2a3ec67e0049fc6213f5d4730f php-imap-4.3.9-3.22.5.s390x.rpm 276b1f108488c1d9fed783a7f961a0fa php-ldap-4.3.9-3.22.5.s390x.rpm 8823900f8d1c850e82544a73be4c31b3 php-mbstring-4.3.9-3.22.5.s390x.rpm 522456126210c598224cf9b647bf11da php-mysql-4.3.9-3.22.5.s390x.rpm 4c29b16eb4bd3e49e966e115617ed4dd php-ncurses-4.3.9-3.22.5.s390x.rpm 0e92bd33ca6ea5ed3ff1af89a605230b php-odbc-4.3.9-3.22.5.s390x.rpm 4bc3a99faf0d8d803c9e5ae8542ef5c2 php-pear-4.3.9-3.22.5.s390x.rpm f2845293a8ae9f046abf1ddb8a6ab407 php-pgsql-4.3.9-3.22.5.s390x.rpm 8fbfbd57a02ec868fe4c9250ebc8599f php-snmp-4.3.9-3.22.5.s390x.rpm c16f576492e3013f8449e6a2982ea39d php-xmlrpc-4.3.9-3.22.5.s390x.rpm x86_64: e9ad87b049e36ed6ae998284458700f7 php-4.3.9-3.22.5.x86_64.rpm f8fcceb19b7a708c8682690b02c5327f php-debuginfo-4.3.9-3.22.5.x86_64.rpm 297e39eb9ba0e909a2c7ce4dec31897e php-devel-4.3.9-3.22.5.x86_64.rpm 7ed95aa353386de1edc3b02808783bd2 php-domxml-4.3.9-3.22.5.x86_64.rpm c215381be0b8fd3bd968d8ee1734dcca php-gd-4.3.9-3.22.5.x86_64.rpm 1dac5cc39675c7b9a4a9d1f1005ed2e4 php-imap-4.3.9-3.22.5.x86_64.rpm 7d57c4ded812614bce3b78b2799b4ebf php-ldap-4.3.9-3.22.5.x86_64.rpm a1c3923d1ef87d50c6d2c840413354f6 php-mbstring-4.3.9-3.22.5.x86_64.rpm 9d3f9b86f3fd74b5741aa29e0db52ab6 php-mysql-4.3.9-3.22.5.x86_64.rpm e7cb684df67109f407b5c50f841c0e53 php-ncurses-4.3.9-3.22.5.x86_64.rpm 2fac4007deb959d4d615344ccaf77d03 php-odbc-4.3.9-3.22.5.x86_64.rpm 9c8621c3a9b5cbceee4d8e23c5927d7c php-pear-4.3.9-3.22.5.x86_64.rpm 6b930e9bfbe07ba06e2bc06f149511af php-pgsql-4.3.9-3.22.5.x86_64.rpm 7ed4b00e802a97a74c4b15621dd0cb41 php-snmp-4.3.9-3.22.5.x86_64.rpm 7261ae16a39c4ef3abf6794323b47e45 php-xmlrpc-4.3.9-3.22.5.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.22.5.src.rpm af46a865f62e1d1a3fd61961b5f5a59d php-4.3.9-3.22.5.src.rpm i386: 9603115ac8f39b2d9658d8badb87bffe php-4.3.9-3.22.5.i386.rpm c3f444255c3c18eef368208aa25e993a php-debuginfo-4.3.9-3.22.5.i386.rpm 898b671f7a03a0f893c518843fa614cb php-devel-4.3.9-3.22.5.i386.rpm c240b1570806074b9df2900b71db642f php-domxml-4.3.9-3.22.5.i386.rpm 66e0fcea55160792c0d8113b8eb461e0 php-gd-4.3.9-3.22.5.i386.rpm adc0e7ea1377dc33fa5222b46ce4271d php-imap-4.3.9-3.22.5.i386.rpm 9a2bb24a63d977fa613348aa7d06a846 php-ldap-4.3.9-3.22.5.i386.rpm 385d75fcae602ea03445354e994654bd php-mbstring-4.3.9-3.22.5.i386.rpm a3e99c46516692ec76adf38e1c8ca903 php-mysql-4.3.9-3.22.5.i386.rpm 34a3c113d4547c30e284be746aac2eb5 php-ncurses-4.3.9-3.22.5.i386.rpm caec49528957237953cd056bc6fc9b2d php-odbc-4.3.9-3.22.5.i386.rpm 5fa0117e6df9e5786dbbbc74abd9ecfc php-pear-4.3.9-3.22.5.i386.rpm f2ba9137e21f85df393d9504e2f833e2 php-pgsql-4.3.9-3.22.5.i386.rpm 61a040098ab3262674fbf16bf7655d2e php-snmp-4.3.9-3.22.5.i386.rpm 12a863a907c2dde778cacc0aa64104ca php-xmlrpc-4.3.9-3.22.5.i386.rpm x86_64: e9ad87b049e36ed6ae998284458700f7 php-4.3.9-3.22.5.x86_64.rpm f8fcceb19b7a708c8682690b02c5327f php-debuginfo-4.3.9-3.22.5.x86_64.rpm 297e39eb9ba0e909a2c7ce4dec31897e php-devel-4.3.9-3.22.5.x86_64.rpm 7ed95aa353386de1edc3b02808783bd2 php-domxml-4.3.9-3.22.5.x86_64.rpm c215381be0b8fd3bd968d8ee1734dcca php-gd-4.3.9-3.22.5.x86_64.rpm 1dac5cc39675c7b9a4a9d1f1005ed2e4 php-imap-4.3.9-3.22.5.x86_64.rpm 7d57c4ded812614bce3b78b2799b4ebf php-ldap-4.3.9-3.22.5.x86_64.rpm a1c3923d1ef87d50c6d2c840413354f6 php-mbstring-4.3.9-3.22.5.x86_64.rpm 9d3f9b86f3fd74b5741aa29e0db52ab6 php-mysql-4.3.9-3.22.5.x86_64.rpm e7cb684df67109f407b5c50f841c0e53 php-ncurses-4.3.9-3.22.5.x86_64.rpm 2fac4007deb959d4d615344ccaf77d03 php-odbc-4.3.9-3.22.5.x86_64.rpm 9c8621c3a9b5cbceee4d8e23c5927d7c php-pear-4.3.9-3.22.5.x86_64.rpm 6b930e9bfbe07ba06e2bc06f149511af php-pgsql-4.3.9-3.22.5.x86_64.rpm 7ed4b00e802a97a74c4b15621dd0cb41 php-snmp-4.3.9-3.22.5.x86_64.rpm 7261ae16a39c4ef3abf6794323b47e45 php-xmlrpc-4.3.9-3.22.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.22.5.src.rpm af46a865f62e1d1a3fd61961b5f5a59d php-4.3.9-3.22.5.src.rpm i386: 9603115ac8f39b2d9658d8badb87bffe php-4.3.9-3.22.5.i386.rpm c3f444255c3c18eef368208aa25e993a php-debuginfo-4.3.9-3.22.5.i386.rpm 898b671f7a03a0f893c518843fa614cb php-devel-4.3.9-3.22.5.i386.rpm c240b1570806074b9df2900b71db642f php-domxml-4.3.9-3.22.5.i386.rpm 66e0fcea55160792c0d8113b8eb461e0 php-gd-4.3.9-3.22.5.i386.rpm adc0e7ea1377dc33fa5222b46ce4271d php-imap-4.3.9-3.22.5.i386.rpm 9a2bb24a63d977fa613348aa7d06a846 php-ldap-4.3.9-3.22.5.i386.rpm 385d75fcae602ea03445354e994654bd php-mbstring-4.3.9-3.22.5.i386.rpm a3e99c46516692ec76adf38e1c8ca903 php-mysql-4.3.9-3.22.5.i386.rpm 34a3c113d4547c30e284be746aac2eb5 php-ncurses-4.3.9-3.22.5.i386.rpm caec49528957237953cd056bc6fc9b2d php-odbc-4.3.9-3.22.5.i386.rpm 5fa0117e6df9e5786dbbbc74abd9ecfc php-pear-4.3.9-3.22.5.i386.rpm f2ba9137e21f85df393d9504e2f833e2 php-pgsql-4.3.9-3.22.5.i386.rpm 61a040098ab3262674fbf16bf7655d2e php-snmp-4.3.9-3.22.5.i386.rpm 12a863a907c2dde778cacc0aa64104ca php-xmlrpc-4.3.9-3.22.5.i386.rpm ia64: ed89a7f1a3f5578c8951527d4d129ecd php-4.3.9-3.22.5.ia64.rpm 9ddcd4f7ae1faf1b02447e2bf6fd4f07 php-debuginfo-4.3.9-3.22.5.ia64.rpm 2c8d90303ee7a4d55c2008901def3e9a php-devel-4.3.9-3.22.5.ia64.rpm 1ff565eb666aac9695effe542e74b204 php-domxml-4.3.9-3.22.5.ia64.rpm 5143f0bd56c22803f7822aac4b4020d3 php-gd-4.3.9-3.22.5.ia64.rpm b0482746464b4fd021982a6fa10720c9 php-imap-4.3.9-3.22.5.ia64.rpm c3317631c371f903a369f79cb765ce91 php-ldap-4.3.9-3.22.5.ia64.rpm a11bb74c2f579224b69e36a0a3077da2 php-mbstring-4.3.9-3.22.5.ia64.rpm 364160272757c0b15b6437ee78f51e57 php-mysql-4.3.9-3.22.5.ia64.rpm 2d38f09b4136a63a574b6136c9af7cee php-ncurses-4.3.9-3.22.5.ia64.rpm 130b290501fcdd0f74b4c757152b25ec php-odbc-4.3.9-3.22.5.ia64.rpm 88679609c3e17cab2fa71a0776a1f490 php-pear-4.3.9-3.22.5.ia64.rpm a7e2b464bc92bfc4c7502d8393382a49 php-pgsql-4.3.9-3.22.5.ia64.rpm 65e43f9705bedb299ca6061b1d39a9cf php-snmp-4.3.9-3.22.5.ia64.rpm f105e4068fadc8658c3867a2ddc3c537 php-xmlrpc-4.3.9-3.22.5.ia64.rpm x86_64: e9ad87b049e36ed6ae998284458700f7 php-4.3.9-3.22.5.x86_64.rpm f8fcceb19b7a708c8682690b02c5327f php-debuginfo-4.3.9-3.22.5.x86_64.rpm 297e39eb9ba0e909a2c7ce4dec31897e php-devel-4.3.9-3.22.5.x86_64.rpm 7ed95aa353386de1edc3b02808783bd2 php-domxml-4.3.9-3.22.5.x86_64.rpm c215381be0b8fd3bd968d8ee1734dcca php-gd-4.3.9-3.22.5.x86_64.rpm 1dac5cc39675c7b9a4a9d1f1005ed2e4 php-imap-4.3.9-3.22.5.x86_64.rpm 7d57c4ded812614bce3b78b2799b4ebf php-ldap-4.3.9-3.22.5.x86_64.rpm a1c3923d1ef87d50c6d2c840413354f6 php-mbstring-4.3.9-3.22.5.x86_64.rpm 9d3f9b86f3fd74b5741aa29e0db52ab6 php-mysql-4.3.9-3.22.5.x86_64.rpm e7cb684df67109f407b5c50f841c0e53 php-ncurses-4.3.9-3.22.5.x86_64.rpm 2fac4007deb959d4d615344ccaf77d03 php-odbc-4.3.9-3.22.5.x86_64.rpm 9c8621c3a9b5cbceee4d8e23c5927d7c php-pear-4.3.9-3.22.5.x86_64.rpm 6b930e9bfbe07ba06e2bc06f149511af php-pgsql-4.3.9-3.22.5.x86_64.rpm 7ed4b00e802a97a74c4b15621dd0cb41 php-snmp-4.3.9-3.22.5.x86_64.rpm 7261ae16a39c4ef3abf6794323b47e45 php-xmlrpc-4.3.9-3.22.5.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.22.5.src.rpm af46a865f62e1d1a3fd61961b5f5a59d php-4.3.9-3.22.5.src.rpm i386: 9603115ac8f39b2d9658d8badb87bffe php-4.3.9-3.22.5.i386.rpm c3f444255c3c18eef368208aa25e993a php-debuginfo-4.3.9-3.22.5.i386.rpm 898b671f7a03a0f893c518843fa614cb php-devel-4.3.9-3.22.5.i386.rpm c240b1570806074b9df2900b71db642f php-domxml-4.3.9-3.22.5.i386.rpm 66e0fcea55160792c0d8113b8eb461e0 php-gd-4.3.9-3.22.5.i386.rpm adc0e7ea1377dc33fa5222b46ce4271d php-imap-4.3.9-3.22.5.i386.rpm 9a2bb24a63d977fa613348aa7d06a846 php-ldap-4.3.9-3.22.5.i386.rpm 385d75fcae602ea03445354e994654bd php-mbstring-4.3.9-3.22.5.i386.rpm a3e99c46516692ec76adf38e1c8ca903 php-mysql-4.3.9-3.22.5.i386.rpm 34a3c113d4547c30e284be746aac2eb5 php-ncurses-4.3.9-3.22.5.i386.rpm caec49528957237953cd056bc6fc9b2d php-odbc-4.3.9-3.22.5.i386.rpm 5fa0117e6df9e5786dbbbc74abd9ecfc php-pear-4.3.9-3.22.5.i386.rpm f2ba9137e21f85df393d9504e2f833e2 php-pgsql-4.3.9-3.22.5.i386.rpm 61a040098ab3262674fbf16bf7655d2e php-snmp-4.3.9-3.22.5.i386.rpm 12a863a907c2dde778cacc0aa64104ca php-xmlrpc-4.3.9-3.22.5.i386.rpm ia64: ed89a7f1a3f5578c8951527d4d129ecd php-4.3.9-3.22.5.ia64.rpm 9ddcd4f7ae1faf1b02447e2bf6fd4f07 php-debuginfo-4.3.9-3.22.5.ia64.rpm 2c8d90303ee7a4d55c2008901def3e9a php-devel-4.3.9-3.22.5.ia64.rpm 1ff565eb666aac9695effe542e74b204 php-domxml-4.3.9-3.22.5.ia64.rpm 5143f0bd56c22803f7822aac4b4020d3 php-gd-4.3.9-3.22.5.ia64.rpm b0482746464b4fd021982a6fa10720c9 php-imap-4.3.9-3.22.5.ia64.rpm c3317631c371f903a369f79cb765ce91 php-ldap-4.3.9-3.22.5.ia64.rpm a11bb74c2f579224b69e36a0a3077da2 php-mbstring-4.3.9-3.22.5.ia64.rpm 364160272757c0b15b6437ee78f51e57 php-mysql-4.3.9-3.22.5.ia64.rpm 2d38f09b4136a63a574b6136c9af7cee php-ncurses-4.3.9-3.22.5.ia64.rpm 130b290501fcdd0f74b4c757152b25ec php-odbc-4.3.9-3.22.5.ia64.rpm 88679609c3e17cab2fa71a0776a1f490 php-pear-4.3.9-3.22.5.ia64.rpm a7e2b464bc92bfc4c7502d8393382a49 php-pgsql-4.3.9-3.22.5.ia64.rpm 65e43f9705bedb299ca6061b1d39a9cf php-snmp-4.3.9-3.22.5.ia64.rpm f105e4068fadc8658c3867a2ddc3c537 php-xmlrpc-4.3.9-3.22.5.ia64.rpm x86_64: e9ad87b049e36ed6ae998284458700f7 php-4.3.9-3.22.5.x86_64.rpm f8fcceb19b7a708c8682690b02c5327f php-debuginfo-4.3.9-3.22.5.x86_64.rpm 297e39eb9ba0e909a2c7ce4dec31897e php-devel-4.3.9-3.22.5.x86_64.rpm 7ed95aa353386de1edc3b02808783bd2 php-domxml-4.3.9-3.22.5.x86_64.rpm c215381be0b8fd3bd968d8ee1734dcca php-gd-4.3.9-3.22.5.x86_64.rpm 1dac5cc39675c7b9a4a9d1f1005ed2e4 php-imap-4.3.9-3.22.5.x86_64.rpm 7d57c4ded812614bce3b78b2799b4ebf php-ldap-4.3.9-3.22.5.x86_64.rpm a1c3923d1ef87d50c6d2c840413354f6 php-mbstring-4.3.9-3.22.5.x86_64.rpm 9d3f9b86f3fd74b5741aa29e0db52ab6 php-mysql-4.3.9-3.22.5.x86_64.rpm e7cb684df67109f407b5c50f841c0e53 php-ncurses-4.3.9-3.22.5.x86_64.rpm 2fac4007deb959d4d615344ccaf77d03 php-odbc-4.3.9-3.22.5.x86_64.rpm 9c8621c3a9b5cbceee4d8e23c5927d7c php-pear-4.3.9-3.22.5.x86_64.rpm 6b930e9bfbe07ba06e2bc06f149511af php-pgsql-4.3.9-3.22.5.x86_64.rpm 7ed4b00e802a97a74c4b15621dd0cb41 php-snmp-4.3.9-3.22.5.x86_64.rpm 7261ae16a39c4ef3abf6794323b47e45 php-xmlrpc-4.3.9-3.22.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQcvVXlSAg2UNWIIRAo6ZAJ4plP05IjIOHUcSSuoQzTYLMG/LJACcDgR9 vJx0kv9ViXPPCVzPgC5myOA= =UFNE -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 10 12:09:31 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 10 May 2007 08:09:31 -0400 Subject: [RHSA-2007:0355-01] Important: php security update Message-ID: <200705101209.l4AC9VFL027815@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: php security update Advisory ID: RHSA-2007:0355-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0355.html Issue date: 2007-05-10 Updated on: 2007-05-10 Product: Red Hat Application Stack CVE Names: CVE-2007-1864 CVE-2007-2509 CVE-2007-2510 - --------------------------------------------------------------------- 1. Summary: Updated PHP packages that fix several security issues are now available for Red Hat Application Stack. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A PHP script which implements an XML-RPC server using this extension could allow a remote attacker to execute arbitrary code as the 'apache' user. Note that this flaw does not affect PHP applications using the pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864) A flaw was found in the PHP 'ftp' extension. If a PHP script used this extension to provide access to a private FTP server, and passed untrusted script input directly to any function provided by this extension, a remote attacker would be able to send arbitrary FTP commands to the server. (CVE-2007-2509) A buffer overflow flaw was found in the PHP 'soap' extension, regarding the handling of an HTTP redirect response when using the SOAP client provided by this extension with an untrusted SOAP server. No mechanism to trigger this flaw remotely is known. (CVE-2007-2510) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239020 - CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510) 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.7.src.rpm cff9b05cdb9d99d8c3290475931ea9a7 php-5.1.6-3.el4s1.7.src.rpm i386: 04367a352aa071fbed93cf3788f7fe6f php-5.1.6-3.el4s1.7.i386.rpm 0db0392959cd799affd85dbfceec269e php-bcmath-5.1.6-3.el4s1.7.i386.rpm a810a48a8a9ad5016f4f50c69a311099 php-cli-5.1.6-3.el4s1.7.i386.rpm fe8b49b9e79d710c133975e5056d069f php-common-5.1.6-3.el4s1.7.i386.rpm d71d3d49b1ea3991c3078c7a7799f6ee php-dba-5.1.6-3.el4s1.7.i386.rpm 854d7952e23fae74baa43175b316244e php-debuginfo-5.1.6-3.el4s1.7.i386.rpm 847357a3cdc3b2f71fdd6055dc8596e6 php-devel-5.1.6-3.el4s1.7.i386.rpm fca2d8725c370539ce45578b4c1b46ec php-gd-5.1.6-3.el4s1.7.i386.rpm 2b372a600032e9e5f15c85404c6f9bee php-imap-5.1.6-3.el4s1.7.i386.rpm 5273a2328242f8bffae5d688e4faa4f4 php-ldap-5.1.6-3.el4s1.7.i386.rpm 4fed146b78166396ba55249659e2e9a2 php-mbstring-5.1.6-3.el4s1.7.i386.rpm e8bda2b233e83b64ac65dd0ee1fbc38a php-mysql-5.1.6-3.el4s1.7.i386.rpm da4d850e7d8ab8a483a946fb840e63cd php-ncurses-5.1.6-3.el4s1.7.i386.rpm d027f436fe6b4a1ea992d740300ef0c1 php-odbc-5.1.6-3.el4s1.7.i386.rpm 966b8b90d0bdf8ea4a62b943255a768e php-pdo-5.1.6-3.el4s1.7.i386.rpm d05bfc8a816b6360f60b861dd935032c php-pgsql-5.1.6-3.el4s1.7.i386.rpm a68350514cfd237aec23ae80cc9e16f3 php-snmp-5.1.6-3.el4s1.7.i386.rpm bd771df1a22fcfacafda52f16f1644d0 php-soap-5.1.6-3.el4s1.7.i386.rpm 5dc95397755aa44c4ef051ec0b8dbc3c php-xml-5.1.6-3.el4s1.7.i386.rpm ea58cf29c6254f96ce30cfbcd9c549e6 php-xmlrpc-5.1.6-3.el4s1.7.i386.rpm x86_64: 742ecefe4b335801ccc2042e8856ac85 php-5.1.6-3.el4s1.7.x86_64.rpm 2660a29ec897fd657793ed4e5e8b0273 php-bcmath-5.1.6-3.el4s1.7.x86_64.rpm f6da9c8cbb02cd031f98047459edcb30 php-cli-5.1.6-3.el4s1.7.x86_64.rpm 3e4add133b2839049c7c614e6d0493ef php-common-5.1.6-3.el4s1.7.x86_64.rpm 3f2de3cb8ee513219729e81e9b48aa63 php-dba-5.1.6-3.el4s1.7.x86_64.rpm af392615f54bca2b9fc6adb2809fe260 php-debuginfo-5.1.6-3.el4s1.7.x86_64.rpm f0ed56a0318d9ec1365b788998a233ba php-devel-5.1.6-3.el4s1.7.x86_64.rpm abc77c1b1784056d72e5ae89eb59fe90 php-gd-5.1.6-3.el4s1.7.x86_64.rpm 06ee2cc7ce2b08416a659eb2a867ce14 php-imap-5.1.6-3.el4s1.7.x86_64.rpm 2c25134eb525881e7a8a39b43a487047 php-ldap-5.1.6-3.el4s1.7.x86_64.rpm 65dd7cbdd1d1b334a68f4cf3d635141d php-mbstring-5.1.6-3.el4s1.7.x86_64.rpm 3fd0d1043e78812b94cac1f58702b962 php-mysql-5.1.6-3.el4s1.7.x86_64.rpm 053aa31c9b08961941d2caabf0ff60ae php-ncurses-5.1.6-3.el4s1.7.x86_64.rpm 375b85042b2230e2f31f0f2a2e7bb876 php-odbc-5.1.6-3.el4s1.7.x86_64.rpm 2742c76965610103dd8cc7e205ca6daf php-pdo-5.1.6-3.el4s1.7.x86_64.rpm 840782025f561ca1f19e52f97d4b0421 php-pgsql-5.1.6-3.el4s1.7.x86_64.rpm 6488e3f6f576291406db6354088b66e7 php-snmp-5.1.6-3.el4s1.7.x86_64.rpm 8b890ca36a773e03a1df121315bd9a82 php-soap-5.1.6-3.el4s1.7.x86_64.rpm 4594ad24bf279518288538dafb76b4c9 php-xml-5.1.6-3.el4s1.7.x86_64.rpm db7b188cfc13891a2cf58250b4c118a8 php-xmlrpc-5.1.6-3.el4s1.7.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.7.src.rpm cff9b05cdb9d99d8c3290475931ea9a7 php-5.1.6-3.el4s1.7.src.rpm i386: 04367a352aa071fbed93cf3788f7fe6f php-5.1.6-3.el4s1.7.i386.rpm 0db0392959cd799affd85dbfceec269e php-bcmath-5.1.6-3.el4s1.7.i386.rpm a810a48a8a9ad5016f4f50c69a311099 php-cli-5.1.6-3.el4s1.7.i386.rpm fe8b49b9e79d710c133975e5056d069f php-common-5.1.6-3.el4s1.7.i386.rpm d71d3d49b1ea3991c3078c7a7799f6ee php-dba-5.1.6-3.el4s1.7.i386.rpm 854d7952e23fae74baa43175b316244e php-debuginfo-5.1.6-3.el4s1.7.i386.rpm 847357a3cdc3b2f71fdd6055dc8596e6 php-devel-5.1.6-3.el4s1.7.i386.rpm fca2d8725c370539ce45578b4c1b46ec php-gd-5.1.6-3.el4s1.7.i386.rpm 2b372a600032e9e5f15c85404c6f9bee php-imap-5.1.6-3.el4s1.7.i386.rpm 5273a2328242f8bffae5d688e4faa4f4 php-ldap-5.1.6-3.el4s1.7.i386.rpm 4fed146b78166396ba55249659e2e9a2 php-mbstring-5.1.6-3.el4s1.7.i386.rpm e8bda2b233e83b64ac65dd0ee1fbc38a php-mysql-5.1.6-3.el4s1.7.i386.rpm da4d850e7d8ab8a483a946fb840e63cd php-ncurses-5.1.6-3.el4s1.7.i386.rpm d027f436fe6b4a1ea992d740300ef0c1 php-odbc-5.1.6-3.el4s1.7.i386.rpm 966b8b90d0bdf8ea4a62b943255a768e php-pdo-5.1.6-3.el4s1.7.i386.rpm d05bfc8a816b6360f60b861dd935032c php-pgsql-5.1.6-3.el4s1.7.i386.rpm a68350514cfd237aec23ae80cc9e16f3 php-snmp-5.1.6-3.el4s1.7.i386.rpm bd771df1a22fcfacafda52f16f1644d0 php-soap-5.1.6-3.el4s1.7.i386.rpm 5dc95397755aa44c4ef051ec0b8dbc3c php-xml-5.1.6-3.el4s1.7.i386.rpm ea58cf29c6254f96ce30cfbcd9c549e6 php-xmlrpc-5.1.6-3.el4s1.7.i386.rpm x86_64: 742ecefe4b335801ccc2042e8856ac85 php-5.1.6-3.el4s1.7.x86_64.rpm 2660a29ec897fd657793ed4e5e8b0273 php-bcmath-5.1.6-3.el4s1.7.x86_64.rpm f6da9c8cbb02cd031f98047459edcb30 php-cli-5.1.6-3.el4s1.7.x86_64.rpm 3e4add133b2839049c7c614e6d0493ef php-common-5.1.6-3.el4s1.7.x86_64.rpm 3f2de3cb8ee513219729e81e9b48aa63 php-dba-5.1.6-3.el4s1.7.x86_64.rpm af392615f54bca2b9fc6adb2809fe260 php-debuginfo-5.1.6-3.el4s1.7.x86_64.rpm f0ed56a0318d9ec1365b788998a233ba php-devel-5.1.6-3.el4s1.7.x86_64.rpm abc77c1b1784056d72e5ae89eb59fe90 php-gd-5.1.6-3.el4s1.7.x86_64.rpm 06ee2cc7ce2b08416a659eb2a867ce14 php-imap-5.1.6-3.el4s1.7.x86_64.rpm 2c25134eb525881e7a8a39b43a487047 php-ldap-5.1.6-3.el4s1.7.x86_64.rpm 65dd7cbdd1d1b334a68f4cf3d635141d php-mbstring-5.1.6-3.el4s1.7.x86_64.rpm 3fd0d1043e78812b94cac1f58702b962 php-mysql-5.1.6-3.el4s1.7.x86_64.rpm 053aa31c9b08961941d2caabf0ff60ae php-ncurses-5.1.6-3.el4s1.7.x86_64.rpm 375b85042b2230e2f31f0f2a2e7bb876 php-odbc-5.1.6-3.el4s1.7.x86_64.rpm 2742c76965610103dd8cc7e205ca6daf php-pdo-5.1.6-3.el4s1.7.x86_64.rpm 840782025f561ca1f19e52f97d4b0421 php-pgsql-5.1.6-3.el4s1.7.x86_64.rpm 6488e3f6f576291406db6354088b66e7 php-snmp-5.1.6-3.el4s1.7.x86_64.rpm 8b890ca36a773e03a1df121315bd9a82 php-soap-5.1.6-3.el4s1.7.x86_64.rpm 4594ad24bf279518288538dafb76b4c9 php-xml-5.1.6-3.el4s1.7.x86_64.rpm db7b188cfc13891a2cf58250b4c118a8 php-xmlrpc-5.1.6-3.el4s1.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2510 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQwtzXlSAg2UNWIIRAiQPAJsEdJKGqwGnkQQ7FCcopHAi5X2e/wCgxQJa MvIDP4b2tMn+IrUKPYJOraw= =ZD6B -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 10 16:04:17 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 10 May 2007 12:04:17 -0400 Subject: [RHSA-2007:0338-01] Moderate: freeradius security update Message-ID: <200705101604.l4AG4HJP002581@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: freeradius security update Advisory ID: RHSA-2007:0338-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0338.html Issue date: 2007-05-10 Updated on: 2007-05-10 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-2028 - --------------------------------------------------------------------- 1. Summary: Updated freeradius packages that fix a memory leak flaw are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: FreeRADIUS is a high-performance and highly configurable free RADIUS server designed to allow centralized authentication and authorization for a network. A memory leak flaw was found in the way FreeRADIUS parses certain authentication requests. A remote attacker could send a specially crafted authentication request which could cause FreeRADIUS to leak a small amount of memory. If enough of these requests are sent, the FreeRADIUS daemon would consume a vast quantity of system memory leading to a possible denial of service. (CVE-2007-2028) Users of FreeRADIUS should update to these erratum packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 236247 - CVE-2007-2028 Freeradius EAP-TTLS denial of service 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/freeradius-1.0.1-2.RHEL3.4.src.rpm 16acced531f2fc7bcd657ebebb0a7043 freeradius-1.0.1-2.RHEL3.4.src.rpm i386: 2ade68c6730b5308713169a67af07dbe freeradius-1.0.1-2.RHEL3.4.i386.rpm 4383a7f497e1c59b4f74803feddc96eb freeradius-debuginfo-1.0.1-2.RHEL3.4.i386.rpm ia64: 2a3c95dfe1cf4465ff42a95cad14dd83 freeradius-1.0.1-2.RHEL3.4.ia64.rpm b632cef5e4a2faf5436033b02ac2386d freeradius-debuginfo-1.0.1-2.RHEL3.4.ia64.rpm ppc: 99bab7aa40fd511def9c1775afacd35f freeradius-1.0.1-2.RHEL3.4.ppc.rpm c4ecb88c4063e32ec4e0744f26b39995 freeradius-debuginfo-1.0.1-2.RHEL3.4.ppc.rpm s390: dba0099b77ed297672f16f55de9f2384 freeradius-1.0.1-2.RHEL3.4.s390.rpm aefb226740fc87b4c8f339ec156420db freeradius-debuginfo-1.0.1-2.RHEL3.4.s390.rpm s390x: eefed63a1a167c2956465a2d2d61d357 freeradius-1.0.1-2.RHEL3.4.s390x.rpm 7503ff812bd61177a8b2380d157e86d9 freeradius-debuginfo-1.0.1-2.RHEL3.4.s390x.rpm x86_64: e4a9e393990d34ff09956b3ac5f5bec2 freeradius-1.0.1-2.RHEL3.4.x86_64.rpm 13bfef00f8b94c8b749ab837e550d759 freeradius-debuginfo-1.0.1-2.RHEL3.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/freeradius-1.0.1-2.RHEL3.4.src.rpm 16acced531f2fc7bcd657ebebb0a7043 freeradius-1.0.1-2.RHEL3.4.src.rpm i386: 2ade68c6730b5308713169a67af07dbe freeradius-1.0.1-2.RHEL3.4.i386.rpm 4383a7f497e1c59b4f74803feddc96eb freeradius-debuginfo-1.0.1-2.RHEL3.4.i386.rpm ia64: 2a3c95dfe1cf4465ff42a95cad14dd83 freeradius-1.0.1-2.RHEL3.4.ia64.rpm b632cef5e4a2faf5436033b02ac2386d freeradius-debuginfo-1.0.1-2.RHEL3.4.ia64.rpm x86_64: e4a9e393990d34ff09956b3ac5f5bec2 freeradius-1.0.1-2.RHEL3.4.x86_64.rpm 13bfef00f8b94c8b749ab837e550d759 freeradius-debuginfo-1.0.1-2.RHEL3.4.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/freeradius-1.0.1-3.RHEL4.5.src.rpm 341e6a10536266d2f486e259fd53ff52 freeradius-1.0.1-3.RHEL4.5.src.rpm i386: d7fc6d5adf3079eafd2e184a55669907 freeradius-1.0.1-3.RHEL4.5.i386.rpm 2f925855363b10735d5307811d73590d freeradius-debuginfo-1.0.1-3.RHEL4.5.i386.rpm 2e578dd77c42f01523309f22ed89055a freeradius-mysql-1.0.1-3.RHEL4.5.i386.rpm 96adb0a1539991fcbedafdd3c5e717ba freeradius-postgresql-1.0.1-3.RHEL4.5.i386.rpm 6452ae9ee4a3b1d916767133183efd38 freeradius-unixODBC-1.0.1-3.RHEL4.5.i386.rpm ia64: 92535ef1b3ac52a97de75ca8b3b02cf9 freeradius-1.0.1-3.RHEL4.5.ia64.rpm 9bf86dc71ede4397c36abd9c5b2ba31f freeradius-debuginfo-1.0.1-3.RHEL4.5.ia64.rpm 27aeadbd8bc2fba3686388e8f943657d freeradius-mysql-1.0.1-3.RHEL4.5.ia64.rpm ba11993378ae4ba62c5453be45a81a08 freeradius-postgresql-1.0.1-3.RHEL4.5.ia64.rpm 7dbee683999da2946ba74fcde3e3dad6 freeradius-unixODBC-1.0.1-3.RHEL4.5.ia64.rpm ppc: f6199d7e8a2709aed1ddbfb0b998193c freeradius-1.0.1-3.RHEL4.5.ppc.rpm d9a0fef3a2e01106ec666ea22ba35e61 freeradius-debuginfo-1.0.1-3.RHEL4.5.ppc.rpm 24b516e8c8d8c7b8c4c82f36594f535a freeradius-mysql-1.0.1-3.RHEL4.5.ppc.rpm 69b795f0ba24fb5742af5b287982020c freeradius-postgresql-1.0.1-3.RHEL4.5.ppc.rpm 2dcbfdd14f673e535e88dc734292184c freeradius-unixODBC-1.0.1-3.RHEL4.5.ppc.rpm s390: 9e9d4b08f22af5f51707330015f37315 freeradius-1.0.1-3.RHEL4.5.s390.rpm dc2af5dc7c47970eed5fb497d09d28dd freeradius-debuginfo-1.0.1-3.RHEL4.5.s390.rpm 288da7a5dfc7129000efeeec4f5d8835 freeradius-mysql-1.0.1-3.RHEL4.5.s390.rpm ba86f2ac7ac7ee2624932dd1658abdf1 freeradius-postgresql-1.0.1-3.RHEL4.5.s390.rpm e345fdeb5bfe1683c200d0788c933854 freeradius-unixODBC-1.0.1-3.RHEL4.5.s390.rpm s390x: 0522321a2c7664c2dce0ff4ec1675643 freeradius-1.0.1-3.RHEL4.5.s390x.rpm b736945cbd4790f2efd4943270f2d9f5 freeradius-debuginfo-1.0.1-3.RHEL4.5.s390x.rpm 98afc32b8070ecbe9203ae5629bb2311 freeradius-mysql-1.0.1-3.RHEL4.5.s390x.rpm c3270337b10283220d90424785393514 freeradius-postgresql-1.0.1-3.RHEL4.5.s390x.rpm 3701a89bd7317bd29dcaf214b810583b freeradius-unixODBC-1.0.1-3.RHEL4.5.s390x.rpm x86_64: e23e49fbdd33e367a9a85adb5b49d296 freeradius-1.0.1-3.RHEL4.5.x86_64.rpm 43b61e0fbbb613621be589d6707dc155 freeradius-debuginfo-1.0.1-3.RHEL4.5.x86_64.rpm 4eef099fa257b8e890672a07a7f6495e freeradius-mysql-1.0.1-3.RHEL4.5.x86_64.rpm 302ec92e91a8354b863d702c8446db2d freeradius-postgresql-1.0.1-3.RHEL4.5.x86_64.rpm ed2b2e5d08e426d42e1a7c58aec1908d freeradius-unixODBC-1.0.1-3.RHEL4.5.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/freeradius-1.0.1-3.RHEL4.5.src.rpm 341e6a10536266d2f486e259fd53ff52 freeradius-1.0.1-3.RHEL4.5.src.rpm i386: d7fc6d5adf3079eafd2e184a55669907 freeradius-1.0.1-3.RHEL4.5.i386.rpm 2f925855363b10735d5307811d73590d freeradius-debuginfo-1.0.1-3.RHEL4.5.i386.rpm 2e578dd77c42f01523309f22ed89055a freeradius-mysql-1.0.1-3.RHEL4.5.i386.rpm 96adb0a1539991fcbedafdd3c5e717ba freeradius-postgresql-1.0.1-3.RHEL4.5.i386.rpm 6452ae9ee4a3b1d916767133183efd38 freeradius-unixODBC-1.0.1-3.RHEL4.5.i386.rpm ia64: 92535ef1b3ac52a97de75ca8b3b02cf9 freeradius-1.0.1-3.RHEL4.5.ia64.rpm 9bf86dc71ede4397c36abd9c5b2ba31f freeradius-debuginfo-1.0.1-3.RHEL4.5.ia64.rpm 27aeadbd8bc2fba3686388e8f943657d freeradius-mysql-1.0.1-3.RHEL4.5.ia64.rpm ba11993378ae4ba62c5453be45a81a08 freeradius-postgresql-1.0.1-3.RHEL4.5.ia64.rpm 7dbee683999da2946ba74fcde3e3dad6 freeradius-unixODBC-1.0.1-3.RHEL4.5.ia64.rpm x86_64: e23e49fbdd33e367a9a85adb5b49d296 freeradius-1.0.1-3.RHEL4.5.x86_64.rpm 43b61e0fbbb613621be589d6707dc155 freeradius-debuginfo-1.0.1-3.RHEL4.5.x86_64.rpm 4eef099fa257b8e890672a07a7f6495e freeradius-mysql-1.0.1-3.RHEL4.5.x86_64.rpm 302ec92e91a8354b863d702c8446db2d freeradius-postgresql-1.0.1-3.RHEL4.5.x86_64.rpm ed2b2e5d08e426d42e1a7c58aec1908d freeradius-unixODBC-1.0.1-3.RHEL4.5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/freeradius-1.1.3-1.2.el5.src.rpm 421aeb33b108c165188ca18b1cc71506 freeradius-1.1.3-1.2.el5.src.rpm i386: b75c3b2ad29a1481d5cea1a66a4c4ee5 freeradius-1.1.3-1.2.el5.i386.rpm e472e7a8e0de834ad59044839f351dec freeradius-debuginfo-1.1.3-1.2.el5.i386.rpm 53931b60c8925645523643d9a39b702b freeradius-mysql-1.1.3-1.2.el5.i386.rpm 2ef7d86d56706ca546c84953dd893cc1 freeradius-postgresql-1.1.3-1.2.el5.i386.rpm 5a85ae9a32584d17fef3405bef2c0945 freeradius-unixODBC-1.1.3-1.2.el5.i386.rpm x86_64: 3c04dd84b8061d0955888ef4267a8584 freeradius-1.1.3-1.2.el5.x86_64.rpm ccb9c3a59516e0718831558a93000d83 freeradius-debuginfo-1.1.3-1.2.el5.x86_64.rpm dd22b0a03b483cda08dc8f2ce0061bec freeradius-mysql-1.1.3-1.2.el5.x86_64.rpm 6ecf4c4becc6e83991635b4c3edc8fe1 freeradius-postgresql-1.1.3-1.2.el5.x86_64.rpm c47b1e5d022d77942956b92eee3774e8 freeradius-unixODBC-1.1.3-1.2.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/freeradius-1.1.3-1.2.el5.src.rpm 421aeb33b108c165188ca18b1cc71506 freeradius-1.1.3-1.2.el5.src.rpm i386: b75c3b2ad29a1481d5cea1a66a4c4ee5 freeradius-1.1.3-1.2.el5.i386.rpm e472e7a8e0de834ad59044839f351dec freeradius-debuginfo-1.1.3-1.2.el5.i386.rpm 53931b60c8925645523643d9a39b702b freeradius-mysql-1.1.3-1.2.el5.i386.rpm 2ef7d86d56706ca546c84953dd893cc1 freeradius-postgresql-1.1.3-1.2.el5.i386.rpm 5a85ae9a32584d17fef3405bef2c0945 freeradius-unixODBC-1.1.3-1.2.el5.i386.rpm ia64: 50548f886a00244fed8986f57c568ebc freeradius-1.1.3-1.2.el5.ia64.rpm 6372d3298e0539742e5241209fcf0200 freeradius-debuginfo-1.1.3-1.2.el5.ia64.rpm c8d3bbddd86aef908d638ece8bc49378 freeradius-mysql-1.1.3-1.2.el5.ia64.rpm 0b72285429d508c3669f80fd1b6d4643 freeradius-postgresql-1.1.3-1.2.el5.ia64.rpm 437eef951896015daa236a4e340bdf30 freeradius-unixODBC-1.1.3-1.2.el5.ia64.rpm ppc: bfb6e97c4d24539588e2c385b722ddb6 freeradius-1.1.3-1.2.el5.ppc.rpm 434f3f297ada25d60b74a2c15a189772 freeradius-debuginfo-1.1.3-1.2.el5.ppc.rpm 8c92229b5a043df028a4a97ca6e20467 freeradius-mysql-1.1.3-1.2.el5.ppc.rpm c2b82de68150f7c33ac7e6b3d9e0b369 freeradius-postgresql-1.1.3-1.2.el5.ppc.rpm c0eaf20c1d623d6511ec0717b586fd2c freeradius-unixODBC-1.1.3-1.2.el5.ppc.rpm s390x: 62fd5a26b3aacbaa4427de2f912350a0 freeradius-1.1.3-1.2.el5.s390x.rpm c607ad59e91c3e0f125e5eadc810d8e5 freeradius-debuginfo-1.1.3-1.2.el5.s390x.rpm 600d776c8f97916f800312b90bb66006 freeradius-mysql-1.1.3-1.2.el5.s390x.rpm 7049a56d35bb367c345a88be3b79136a freeradius-postgresql-1.1.3-1.2.el5.s390x.rpm 87060d5f35e2f37965759280dc47ee50 freeradius-unixODBC-1.1.3-1.2.el5.s390x.rpm x86_64: 3c04dd84b8061d0955888ef4267a8584 freeradius-1.1.3-1.2.el5.x86_64.rpm ccb9c3a59516e0718831558a93000d83 freeradius-debuginfo-1.1.3-1.2.el5.x86_64.rpm dd22b0a03b483cda08dc8f2ce0061bec freeradius-mysql-1.1.3-1.2.el5.x86_64.rpm 6ecf4c4becc6e83991635b4c3edc8fe1 freeradius-postgresql-1.1.3-1.2.el5.x86_64.rpm c47b1e5d022d77942956b92eee3774e8 freeradius-unixODBC-1.1.3-1.2.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2028 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGQ0J9XlSAg2UNWIIRAl+kAJ9rFXg7abGqc2Zkn3NMmraSoDUexACfUXwW fnEAi+u+1Re9auKUty0+LGM= =2H5f -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 14 15:22:10 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 14 May 2007 11:22:10 -0400 Subject: [RHSA-2007:0354-01] Critical: samba security update Message-ID: <200705141522.l4EFMAbM007444@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: samba security update Advisory ID: RHSA-2007:0354-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0354.html Issue date: 2007-05-14 Updated on: 2007-05-14 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-2446 CVE-2007-2447 - --------------------------------------------------------------------- 1. Summary: Updated samba packages that fix several security flaws are now available. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Samba provides file and printer sharing services to SMB/CIFS clients. Various bugs were found in NDR parsing, used to decode MS-RPC requests in Samba. A remote attacker could have sent carefully crafted requests causing a heap overflow, which may have led to the ability to execute arbitrary code on the server. (CVE-2007-2446) Unescaped user input parameters were being passed as arguments to /bin/sh. A remote, authenticated, user could have triggered this flaw and executed arbitrary code on the server. Additionally, on Red Hat Enterprise Linux 5 only, this flaw could be triggered by a remote unauthenticated user if Samba was configured to use the non-default "username map script" option. (CVE-2007-2447) Users of Samba should upgrade to these packages, which contain backported patches to correct these issues. After upgrading, Samba should be restarted using "service smb restart" On Red Hat Enterprise Linux 5 the impact of these issues is reduced as Samba is constrained by the default SELinux "targeted" policy. Red Hat would like to thank the Samba developers, TippingPoint, and iDefense for reporting these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239429 - CVE-2007-2446 samba heap overflows 239774 - CVE-2007-2447 samba code injection 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm i386: a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm ia64: 31b637a6d25ad619ba102eae0ccf8620 samba-2.2.12-1.21as.6.ia64.rpm a792f93ff1dc9bfc4b25381c82e0a616 samba-client-2.2.12-1.21as.6.ia64.rpm b0d16af096ad65ab617c45389beeead9 samba-common-2.2.12-1.21as.6.ia64.rpm b17ddf7b5166243eb27c5604cff68865 samba-swat-2.2.12-1.21as.6.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm ia64: 31b637a6d25ad619ba102eae0ccf8620 samba-2.2.12-1.21as.6.ia64.rpm a792f93ff1dc9bfc4b25381c82e0a616 samba-client-2.2.12-1.21as.6.ia64.rpm b0d16af096ad65ab617c45389beeead9 samba-common-2.2.12-1.21as.6.ia64.rpm b17ddf7b5166243eb27c5604cff68865 samba-swat-2.2.12-1.21as.6.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm i386: a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/samba-2.2.12-1.21as.6.src.rpm 3dfaf7633c62096cbb6b2ea451e07ae6 samba-2.2.12-1.21as.6.src.rpm i386: a415e4bdc305d9c7fcba11177ed861bf samba-2.2.12-1.21as.6.i386.rpm 06339ca7476307923876bbb03636d90e samba-client-2.2.12-1.21as.6.i386.rpm add417c22d3c32f7f0bca5b4802b271f samba-common-2.2.12-1.21as.6.i386.rpm 11d506ca65afbefc0420f3b9a5783814 samba-swat-2.2.12-1.21as.6.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm i386: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm ia64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm ppc: d0661ecfb5092640163dff73891bd0fb samba-3.0.9-1.3E.13.2.ppc.rpm dc4a9e46c05759f0790144e74f9e33cd samba-3.0.9-1.3E.13.2.ppc64.rpm 1758164debb7f5619dbd31e27b6b6cb5 samba-client-3.0.9-1.3E.13.2.ppc.rpm 09fa501fb3cbe8cb5901d60d462f3927 samba-common-3.0.9-1.3E.13.2.ppc.rpm b139b2bc06b4c92f2d9e26c73b361808 samba-common-3.0.9-1.3E.13.2.ppc64.rpm 96c0ec6ccbadb9405937045054a19634 samba-debuginfo-3.0.9-1.3E.13.2.ppc.rpm def32e089ec3f9ba9fcced003e6e395b samba-debuginfo-3.0.9-1.3E.13.2.ppc64.rpm 09cedbea1906793f1650e70b05419ba5 samba-swat-3.0.9-1.3E.13.2.ppc.rpm s390: a573e76901daef88fa517644b6eebb92 samba-3.0.9-1.3E.13.2.s390.rpm 79fbe78c8d4c284039bf7846a023ff41 samba-client-3.0.9-1.3E.13.2.s390.rpm bc29c638d1e9c259f081dbcd6a2b7f0d samba-common-3.0.9-1.3E.13.2.s390.rpm af9ae9cdb1264440f488eba3a596a369 samba-debuginfo-3.0.9-1.3E.13.2.s390.rpm 745225a518433d724587804f267af965 samba-swat-3.0.9-1.3E.13.2.s390.rpm s390x: a573e76901daef88fa517644b6eebb92 samba-3.0.9-1.3E.13.2.s390.rpm 7857d7198569f87fd0aca61fbf7c6bf4 samba-3.0.9-1.3E.13.2.s390x.rpm 7ab798f87136f8c9d2faeedd9ee82c43 samba-client-3.0.9-1.3E.13.2.s390x.rpm bc29c638d1e9c259f081dbcd6a2b7f0d samba-common-3.0.9-1.3E.13.2.s390.rpm a79979f7c402fd74c080282b1f6736e8 samba-common-3.0.9-1.3E.13.2.s390x.rpm af9ae9cdb1264440f488eba3a596a369 samba-debuginfo-3.0.9-1.3E.13.2.s390.rpm aec7f48e5a3231fd30a5cc3f02986a05 samba-debuginfo-3.0.9-1.3E.13.2.s390x.rpm df29535bfafaa3add4f6250769498d83 samba-swat-3.0.9-1.3E.13.2.s390x.rpm x86_64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm i386: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm x86_64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm i386: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm ia64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm x86_64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/samba-3.0.9-1.3E.13.2.src.rpm 982e42d0f127c1e2a51d359bf2aab510 samba-3.0.9-1.3E.13.2.src.rpm i386: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 30e1deb7d2727a12096470d9b10a7b60 samba-client-3.0.9-1.3E.13.2.i386.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 2342172df01567e08801116e47a40af2 samba-swat-3.0.9-1.3E.13.2.i386.rpm ia64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 22b67ca839e791b2e07468263735f8fd samba-3.0.9-1.3E.13.2.ia64.rpm cf874463566fd13e9d4aa6729cce2043 samba-client-3.0.9-1.3E.13.2.ia64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm 4e9b9fb15d8abba2321de71ee427fd88 samba-common-3.0.9-1.3E.13.2.ia64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm bb482cdac05f5f591421875212257fac samba-debuginfo-3.0.9-1.3E.13.2.ia64.rpm 8c87ed3ff37761ad1f7bdffd66b198e5 samba-swat-3.0.9-1.3E.13.2.ia64.rpm x86_64: e7d437d661d77847244374ce573d07b3 samba-3.0.9-1.3E.13.2.i386.rpm 4a46067c8dff497d69702c7eda0cbe05 samba-3.0.9-1.3E.13.2.x86_64.rpm 65b901c4b299ecfbad96aa0d6b0da3ad samba-client-3.0.9-1.3E.13.2.x86_64.rpm 7e20b7db536c690a54e401e5005cba5e samba-common-3.0.9-1.3E.13.2.i386.rpm b1ad6c4b6b2432f85881dd9ef60da038 samba-common-3.0.9-1.3E.13.2.x86_64.rpm 740f487a43036d1139226dc1499c8413 samba-debuginfo-3.0.9-1.3E.13.2.i386.rpm 97ff40a8239619542376bfd587117ee6 samba-debuginfo-3.0.9-1.3E.13.2.x86_64.rpm 749a56352137efe67190f48130c635b4 samba-swat-3.0.9-1.3E.13.2.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm i386: 7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm ia64: 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm ppc: 17d3e7bd2f1e31f50bd182da04e6d35d samba-3.0.10-1.4E.12.2.ppc.rpm c2ca3fa1e06b6b087bc966e2f646478d samba-client-3.0.10-1.4E.12.2.ppc.rpm e3c3659c1c0e4b753084d5d407e0432d samba-common-3.0.10-1.4E.12.2.ppc.rpm 197cbae8c03bdcb90b088429f6bfd267 samba-common-3.0.10-1.4E.12.2.ppc64.rpm 15f06d1091df37b58bcf2ab80449d902 samba-debuginfo-3.0.10-1.4E.12.2.ppc.rpm b6919c9ddf4eb7776b5c590a8740c404 samba-debuginfo-3.0.10-1.4E.12.2.ppc64.rpm a4303d4df84d5418e21cb66ddf0defbe samba-swat-3.0.10-1.4E.12.2.ppc.rpm s390: e378501ed9bc2cf94c7a407033f8c634 samba-3.0.10-1.4E.12.2.s390.rpm f8acfc278298f8f04773dd2f25736480 samba-client-3.0.10-1.4E.12.2.s390.rpm 43b55dfa0205315a8ebf227c7878279e samba-common-3.0.10-1.4E.12.2.s390.rpm e5e71784d27775d76a17a519b7172004 samba-debuginfo-3.0.10-1.4E.12.2.s390.rpm 03d7eb03d1dcf3f576135f6875544f04 samba-swat-3.0.10-1.4E.12.2.s390.rpm s390x: fd9d9175143671e65d76a155b2994948 samba-3.0.10-1.4E.12.2.s390x.rpm fcf6be6e4caa35ace28417efa475a200 samba-client-3.0.10-1.4E.12.2.s390x.rpm 43b55dfa0205315a8ebf227c7878279e samba-common-3.0.10-1.4E.12.2.s390.rpm 6676694e961d18f45bde34fb6ccadb0d samba-common-3.0.10-1.4E.12.2.s390x.rpm e5e71784d27775d76a17a519b7172004 samba-debuginfo-3.0.10-1.4E.12.2.s390.rpm cbbedbf178ffbfcd7d5290a66e54d4df samba-debuginfo-3.0.10-1.4E.12.2.s390x.rpm b8b4f91c8675f1dea90d8aadf59b977f samba-swat-3.0.10-1.4E.12.2.s390x.rpm x86_64: aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm i386: 7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm x86_64: aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm i386: 7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm ia64: 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm x86_64: aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/samba-3.0.10-1.4E.12.2.src.rpm b90a07617c1ae7cda06c8fd1c401a86b samba-3.0.10-1.4E.12.2.src.rpm i386: 7435378a0da4e6fefc25cd32ca98c420 samba-3.0.10-1.4E.12.2.i386.rpm e02a0419ba712c830966251f1aefab87 samba-client-3.0.10-1.4E.12.2.i386.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm 68f98ab48675522470b57016d8b1083d samba-swat-3.0.10-1.4E.12.2.i386.rpm ia64: 17b7cca2b119f3ebb8021e9a6ecd1c38 samba-3.0.10-1.4E.12.2.ia64.rpm 021be072613b0e6e4b16adf989c96ffe samba-client-3.0.10-1.4E.12.2.ia64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm e33573d0319519c0e132f8d215eb5586 samba-common-3.0.10-1.4E.12.2.ia64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm b804f93bfa439c81994eeb7229486d31 samba-debuginfo-3.0.10-1.4E.12.2.ia64.rpm ae50702e239296a7c569307f45bbf62c samba-swat-3.0.10-1.4E.12.2.ia64.rpm x86_64: aac9eddb33bf62ea02eca4d62a81ea83 samba-3.0.10-1.4E.12.2.x86_64.rpm 22ab3dfa5a8ef4856aa44e303d55432c samba-client-3.0.10-1.4E.12.2.x86_64.rpm 0882e627ac4726f3721413f7ac39ad16 samba-common-3.0.10-1.4E.12.2.i386.rpm 106c787142b47e414f6407ca157900e7 samba-common-3.0.10-1.4E.12.2.x86_64.rpm 6310d291a2a11bf363499d6cbe1cbd93 samba-debuginfo-3.0.10-1.4E.12.2.i386.rpm da2cfb9f246b56170834a8d10fa79092 samba-debuginfo-3.0.10-1.4E.12.2.x86_64.rpm b41891d4abe6ca0a83397f58aba9227c samba-swat-3.0.10-1.4E.12.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/samba-3.0.23c-2.el5.2.0.2.src.rpm 8e1a296d8566dae75e8d40aa0160d5f2 samba-3.0.23c-2.el5.2.0.2.src.rpm i386: cef591be0ed9983a5dde43783de017a2 samba-3.0.23c-2.el5.2.0.2.i386.rpm 9e5cc687c3fb11f45fbe1dbdb71406e6 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm 618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm 31cdf6cd059cd109cfdaa634b3f0bfa8 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm x86_64: 733a8c0a9faeb09cc4916d8fa0353d4b samba-3.0.23c-2.el5.2.0.2.x86_64.rpm 1830a5c21f9c53c5e8896d4a127ec269 samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm bfb1b87a4a5ab783801e6c683ce9c133 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm 618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm c2b9828eea8e4005ac0a3134c3893202 samba-debuginfo-3.0.23c-2.el5.2.0.2.x86_64.rpm 20d6e756463ee11f7cbe3dee32fcb6ae samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/samba-3.0.23c-2.el5.2.0.2.src.rpm 8e1a296d8566dae75e8d40aa0160d5f2 samba-3.0.23c-2.el5.2.0.2.src.rpm i386: cef591be0ed9983a5dde43783de017a2 samba-3.0.23c-2.el5.2.0.2.i386.rpm 9e5cc687c3fb11f45fbe1dbdb71406e6 samba-client-3.0.23c-2.el5.2.0.2.i386.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm 618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm 31cdf6cd059cd109cfdaa634b3f0bfa8 samba-swat-3.0.23c-2.el5.2.0.2.i386.rpm ia64: 6640df487d950057b887e4e525a5b150 samba-3.0.23c-2.el5.2.0.2.ia64.rpm 18095e583ad32c0ec96cff89ddd64a8a samba-client-3.0.23c-2.el5.2.0.2.ia64.rpm e1743d2bdb09e388afb2e93a37f08958 samba-common-3.0.23c-2.el5.2.0.2.ia64.rpm 4fa82910391477cf79c3dff58a99934d samba-debuginfo-3.0.23c-2.el5.2.0.2.ia64.rpm 6b5267744596369b64bfcb335d05b6ac samba-swat-3.0.23c-2.el5.2.0.2.ia64.rpm ppc: bcc392ea02e385e96963d64ee6c63fde samba-3.0.23c-2.el5.2.0.2.ppc.rpm b7e67ddb5b60c0fb76b5a97f7b869162 samba-client-3.0.23c-2.el5.2.0.2.ppc.rpm b61cfc322dfa21df175fdc370f103663 samba-common-3.0.23c-2.el5.2.0.2.ppc.rpm 2bb447da9c6114947e229f98ea558900 samba-common-3.0.23c-2.el5.2.0.2.ppc64.rpm 6a83fbe7b719669147dff6582d2b5afb samba-debuginfo-3.0.23c-2.el5.2.0.2.ppc.rpm f8fd74e9f3f54512084d5860a115e6d5 samba-debuginfo-3.0.23c-2.el5.2.0.2.ppc64.rpm 43f487065627e1e120d3f2dc7fdb98fb samba-swat-3.0.23c-2.el5.2.0.2.ppc.rpm s390x: 3d48ed61ab7abd6181f9e822b1d58ea4 samba-3.0.23c-2.el5.2.0.2.s390x.rpm fab37746befc18a39d84baf089b19301 samba-client-3.0.23c-2.el5.2.0.2.s390x.rpm ff2d26620f467b4a9b02d69fae96c0f6 samba-common-3.0.23c-2.el5.2.0.2.s390.rpm f275e639f20e64b507b45e6efd09ea42 samba-common-3.0.23c-2.el5.2.0.2.s390x.rpm 8d5e5746cd2b8f99380415fe749535f9 samba-debuginfo-3.0.23c-2.el5.2.0.2.s390.rpm bb09432c064db03b01cc7b397b29dc21 samba-debuginfo-3.0.23c-2.el5.2.0.2.s390x.rpm 44dc729eb4fe39d229caeb2f944f7a62 samba-swat-3.0.23c-2.el5.2.0.2.s390x.rpm x86_64: 733a8c0a9faeb09cc4916d8fa0353d4b samba-3.0.23c-2.el5.2.0.2.x86_64.rpm 1830a5c21f9c53c5e8896d4a127ec269 samba-client-3.0.23c-2.el5.2.0.2.x86_64.rpm b54f4204f604bbf9c9b6b0526b4ae7d5 samba-common-3.0.23c-2.el5.2.0.2.i386.rpm bfb1b87a4a5ab783801e6c683ce9c133 samba-common-3.0.23c-2.el5.2.0.2.x86_64.rpm 618157bd0d4240d8494f690eea37327d samba-debuginfo-3.0.23c-2.el5.2.0.2.i386.rpm c2b9828eea8e4005ac0a3134c3893202 samba-debuginfo-3.0.23c-2.el5.2.0.2.x86_64.rpm 20d6e756463ee11f7cbe3dee32fcb6ae samba-swat-3.0.23c-2.el5.2.0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2446 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2447 http://www.samba.org/samba/security/CVE-2007-2447.html http://www.samba.org/samba/security/CVE-2007-2446.html http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGSH6bXlSAg2UNWIIRAkIvAJ97nu4wJsyNZjPddoOQbfDF4q73vgCgj2YH 783TzclOtLcX+wfiY9Qwjeo= =8TZv -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 14 17:00:53 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 14 May 2007 13:00:53 -0400 Subject: [RHSA-2007:0327-01] Important: tomcat security update Message-ID: <200705141700.l4EH0rvj025005@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2007:0327-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0327.html Issue date: 2007-05-14 Updated on: 2007-05-14 Product: Red Hat Enterprise Linux CVE Names: CVE-2005-2090 CVE-2006-7195 CVE-2007-0450 - --------------------------------------------------------------------- 1. Summary: Updated tomcat packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) The implict-objects.jsp file distributed in the examples webapp displayed a number of unfiltered header values. If the JSP examples were accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195) Users should upgrade to these erratum packages which contain an update to Tomcat that resolves these issues. Updated jakarta-commons-modeler packages are also included which correct a bug when used with Tomcat 5.5.23. 4. Solution: Note: /etc/tomcat5/web.xml has been updated to disable directory listing by default. If you have previously modified /etc/tomcat5/web.xml, this change will not be made automatically and you should manually update the value for the "listings" parameter to "false". Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237089 - CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195) 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm cc46f7adab310f95bd5d84dcef6febd8 tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm i386: 928248fce7427baf393b98f4e56c2441 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.i386.rpm e69ffeb57454387a4b2df5e4a468524a tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.i386.rpm 64568752869742380e58a3443e5942b0 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.i386.rpm x86_64: 6279d1547e42c3acbd3416069ee19e32 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 860411ffc918bba85ba91d470c38f478 tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 261a7ece1e9465ceb2038ab14cabcf35 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm d7b49a8038c45e0058d38975c8b6aac7 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm cc46f7adab310f95bd5d84dcef6febd8 tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm i386: adf41fbc470587b6fc9ecaf1d1f098b9 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.i386.rpm 91aa19237a851e86db301c126940a7f4 jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.i386.rpm 136c4d8eb9185dec26117710e977be4a jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.i386.rpm a47a62de312b9aa732908b012c7d7921 tomcat5-5.5.23-0jpp.1.0.3.el5.i386.rpm 3c0f713d0e672e52e883ffbf02a62fe3 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm b4147f73e0fdd17928e04018d1d9e045 tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm 928248fce7427baf393b98f4e56c2441 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.i386.rpm 6b0fc7dcb20576476ce17ae32245c15e tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.i386.rpm fae82087121a0fa8d8b639293dc396db tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm 04dfeb55a072bd3aee9e1dafa8709688 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm c02aa3729035e7df1a9318531deb9e95 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm 210373af7c98bd668cc47aa7bbffbad1 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm a009e6f97320ffa944f807b770a35d2f tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm x86_64: 60b2813ec62e4a6395b46beb1da1a957 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.x86_64.rpm d22d934c0d8bd04d26968409c4212361 jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.x86_64.rpm 47199d1b84620a448efe1f05eb3cfc9c jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.x86_64.rpm 186e93ce1a5632200ccdc9ca887cd605 tomcat5-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 7cc08998016cd4efd4ae113e31005850 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm e7efd7c2b493148f1020dac5b4954eaa tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 6279d1547e42c3acbd3416069ee19e32 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.x86_64.rpm c6200fc43f9440411b2754a47d4ca25a tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.x86_64.rpm aca88a67a573ade1738ac6142bd7a1fb tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm d328f5626c19e13ca671eddc2e3dfb2a tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm c0e649a7e4df6c8368300c865da39024 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm f344d08b6b6d40524a65af8aa1ae38b0 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm f327de085c367b1e37841db93ac7fd80 tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm d7b49a8038c45e0058d38975c8b6aac7 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm cc46f7adab310f95bd5d84dcef6febd8 tomcat5-5.5.23-0jpp.1.0.3.el5.src.rpm i386: adf41fbc470587b6fc9ecaf1d1f098b9 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.i386.rpm 91aa19237a851e86db301c126940a7f4 jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.i386.rpm 136c4d8eb9185dec26117710e977be4a jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.i386.rpm a47a62de312b9aa732908b012c7d7921 tomcat5-5.5.23-0jpp.1.0.3.el5.i386.rpm 3c0f713d0e672e52e883ffbf02a62fe3 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm b4147f73e0fdd17928e04018d1d9e045 tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm 928248fce7427baf393b98f4e56c2441 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.i386.rpm 6b0fc7dcb20576476ce17ae32245c15e tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.i386.rpm fae82087121a0fa8d8b639293dc396db tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm e69ffeb57454387a4b2df5e4a468524a tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.i386.rpm 04dfeb55a072bd3aee9e1dafa8709688 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm c02aa3729035e7df1a9318531deb9e95 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.i386.rpm 64568752869742380e58a3443e5942b0 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.i386.rpm 210373af7c98bd668cc47aa7bbffbad1 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.i386.rpm a009e6f97320ffa944f807b770a35d2f tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.i386.rpm ia64: bfe30bb15dd3547b5aba9fadb75ab366 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.ia64.rpm 90411c5a2a7753991b17e857078363da jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.ia64.rpm 1cfd15f4c243a709bd70af2986dc6535 jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.ia64.rpm 2ef441bbc31bd6ab9a352133afc6bba7 tomcat5-5.5.23-0jpp.1.0.3.el5.ia64.rpm dbd92d58e409a2e512be8f082d652013 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.ia64.rpm 3a681a5d72d27266fa5fda0234654823 tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.ia64.rpm 3a02d75510cba8c93b1b131dbc8b8ed0 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.ia64.rpm 571d614b8dfc2a70fa69613c0276d9bc tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.ia64.rpm 927a1797b2a0937eb7664883b5c28873 tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.ia64.rpm a18e063ed2d15f0b54ffbfe58ae2023a tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.ia64.rpm 151cb23cae3b32509738afb879e5b61d tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.ia64.rpm 6d4132b0f2a039af33ae18027e0096d6 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.ia64.rpm 12f4c2890f10373e0a20b1beaab5b604 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.ia64.rpm 0b308dda3324688c32274dcdf716d2c4 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.ia64.rpm ae330c687e9efd6bd026b6515dc19156 tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.ia64.rpm ppc: d2ee3a85407e305112f37678f53e0012 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.ppc.rpm 6a251d18f655cc76d43b04626879f73e jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.ppc.rpm b534229b3539baec1ce3df41231f546a jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.ppc.rpm e16c6f556b1764e3f2609d1314918173 tomcat5-5.5.23-0jpp.1.0.3.el5.ppc.rpm 7783e2e33698e6a9c6054b2f3b64e5f0 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.ppc.rpm 25c3e09308197390c5c0df76efbe07ba tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.ppc.rpm 6f3e0e1ff01b888693abbfb6d321c207 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.ppc.rpm 1a8713f2682af3afe9afad1ac2eca07c tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.ppc.rpm 30acf9f9334e0940774053a8b44afd5a tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.ppc.rpm af6a35c0b9ed88029256837fdd2ca938 tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.ppc.rpm a4232781c03bf089336f136d4c330f35 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.ppc.rpm 29a596b379d5abdb81685a4866a1c37a tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.ppc.rpm 4a743638f8c08463ffbf77b01d3c278b tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.ppc.rpm 3b677daef9dd27a21b1a43ee89a1fcab tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.ppc.rpm decbc650352f601f99ba9e1ce00a1d93 tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.ppc.rpm s390x: 4b9f1ae545f47c5193f84a931ae5d9fd jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.s390x.rpm 8c54f929e3d5192298aaa0e36faa60d5 jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.s390x.rpm 69fa73755833087bce25e483907852c5 jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.s390x.rpm 217a7f71294ebf01735a7c09bb8fe2ec tomcat5-5.5.23-0jpp.1.0.3.el5.s390x.rpm 0f53bdb25d5101dfd109db2c49750943 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.s390x.rpm 3e4bf168aa5b13bc40e728818f5274d4 tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.s390x.rpm 5f1c6c955d7e199410d9b83fb7037416 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.s390x.rpm 976c554a4e4eeba6f94deff2211c9f30 tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.s390x.rpm 938b932d303c8bbf07732926dca058e7 tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.s390x.rpm 960d468fa04d6b98901df2465f22b47a tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.s390x.rpm 1d88a1cfbcc2caa757af582485f9ebef tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.s390x.rpm 6d98bb027e1fe19a8714dc2cd9d6e6f3 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.s390x.rpm ae7ff11b2bfe04a217b44ec11edabab8 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.s390x.rpm fa4545887eedbfd367dc966d10d5e342 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.s390x.rpm 90f4bccfccdeb243258acd31b8eb41db tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.s390x.rpm x86_64: 60b2813ec62e4a6395b46beb1da1a957 jakarta-commons-modeler-1.1-8jpp.1.0.2.el5.x86_64.rpm d22d934c0d8bd04d26968409c4212361 jakarta-commons-modeler-debuginfo-1.1-8jpp.1.0.2.el5.x86_64.rpm 47199d1b84620a448efe1f05eb3cfc9c jakarta-commons-modeler-javadoc-1.1-8jpp.1.0.2.el5.x86_64.rpm 186e93ce1a5632200ccdc9ca887cd605 tomcat5-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 7cc08998016cd4efd4ae113e31005850 tomcat5-admin-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm e7efd7c2b493148f1020dac5b4954eaa tomcat5-common-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 6279d1547e42c3acbd3416069ee19e32 tomcat5-debuginfo-5.5.23-0jpp.1.0.3.el5.x86_64.rpm c6200fc43f9440411b2754a47d4ca25a tomcat5-jasper-5.5.23-0jpp.1.0.3.el5.x86_64.rpm aca88a67a573ade1738ac6142bd7a1fb tomcat5-jasper-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 860411ffc918bba85ba91d470c38f478 tomcat5-jsp-2.0-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm d328f5626c19e13ca671eddc2e3dfb2a tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm c0e649a7e4df6c8368300c865da39024 tomcat5-server-lib-5.5.23-0jpp.1.0.3.el5.x86_64.rpm 261a7ece1e9465ceb2038ab14cabcf35 tomcat5-servlet-2.4-api-5.5.23-0jpp.1.0.3.el5.x86_64.rpm f344d08b6b6d40524a65af8aa1ae38b0 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp.1.0.3.el5.x86_64.rpm f327de085c367b1e37841db93ac7fd80 tomcat5-webapps-5.5.23-0jpp.1.0.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGSJW/XlSAg2UNWIIRAtJbAJ4mjbm7G9Tm535HmjdiNKNssLPnLgCePSfM TP09dOrmXFDSC11f7n/+7Vc= =PHif -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 14 17:42:54 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 14 May 2007 13:42:54 -0400 Subject: [RHSA-2007:0065-01] Moderate: bluez-utils security update Message-ID: <200705141742.l4EHgsoW031679@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: bluez-utils security update Advisory ID: RHSA-2007:0065-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0065.html Issue date: 2007-05-14 Updated on: 2007-05-14 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-6899 - --------------------------------------------------------------------- 1. Summary: Updated bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: The bluez-utils package contains Bluetooth daemons and utilities. A flaw was found in the Bluetooth HID daemon (hidd). A remote attacker would have been able to inject keyboard and mouse events via a Bluetooth connection without any authorization. (CVE-2006-6899) Note that Red Hat Enterprise Linux does not come with the Bluetooth HID daemon enabled by default. Users of bluez-utils are advised to upgrade to these updated packages, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 227014 - CVE-2006-6899 Bluetooth HID key events injection flaw 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/bluez-utils-2.10-2.2.src.rpm f7a4d82ed172f4984e8e1abecf723eab bluez-utils-2.10-2.2.src.rpm i386: 818e3b413b31f4fc68e6388dc3feca16 bluez-utils-2.10-2.2.i386.rpm 8ab01e39c64083f86da77b56f1b9ed9c bluez-utils-cups-2.10-2.2.i386.rpm 88944ec7e5a6fa381ec30d9251230827 bluez-utils-debuginfo-2.10-2.2.i386.rpm ia64: ba34fe7467efcb74df5896e42261cfb9 bluez-utils-2.10-2.2.ia64.rpm 864af7581f08ad15f6cbd9961fb53880 bluez-utils-cups-2.10-2.2.ia64.rpm 7bc5e16ae46f22aea7208725920de642 bluez-utils-debuginfo-2.10-2.2.ia64.rpm ppc: d7a59edfaeb01d98ec4643958c8c5cdd bluez-utils-2.10-2.2.ppc.rpm 24b8e2e784629942997068f591dca695 bluez-utils-cups-2.10-2.2.ppc.rpm 909bebe0993c4531da2d80b077d63661 bluez-utils-debuginfo-2.10-2.2.ppc.rpm x86_64: 230bdc2688fb568dd6402d7728c40cb4 bluez-utils-2.10-2.2.x86_64.rpm 2c83d5d0ff12b0d627f609e75586fac4 bluez-utils-cups-2.10-2.2.x86_64.rpm 95964f5ff634df86ff613d0fc0e8c9d1 bluez-utils-debuginfo-2.10-2.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/bluez-utils-2.10-2.2.src.rpm f7a4d82ed172f4984e8e1abecf723eab bluez-utils-2.10-2.2.src.rpm i386: 818e3b413b31f4fc68e6388dc3feca16 bluez-utils-2.10-2.2.i386.rpm 8ab01e39c64083f86da77b56f1b9ed9c bluez-utils-cups-2.10-2.2.i386.rpm 88944ec7e5a6fa381ec30d9251230827 bluez-utils-debuginfo-2.10-2.2.i386.rpm x86_64: 230bdc2688fb568dd6402d7728c40cb4 bluez-utils-2.10-2.2.x86_64.rpm 2c83d5d0ff12b0d627f609e75586fac4 bluez-utils-cups-2.10-2.2.x86_64.rpm 95964f5ff634df86ff613d0fc0e8c9d1 bluez-utils-debuginfo-2.10-2.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/bluez-utils-2.10-2.2.src.rpm f7a4d82ed172f4984e8e1abecf723eab bluez-utils-2.10-2.2.src.rpm i386: 818e3b413b31f4fc68e6388dc3feca16 bluez-utils-2.10-2.2.i386.rpm 8ab01e39c64083f86da77b56f1b9ed9c bluez-utils-cups-2.10-2.2.i386.rpm 88944ec7e5a6fa381ec30d9251230827 bluez-utils-debuginfo-2.10-2.2.i386.rpm ia64: ba34fe7467efcb74df5896e42261cfb9 bluez-utils-2.10-2.2.ia64.rpm 864af7581f08ad15f6cbd9961fb53880 bluez-utils-cups-2.10-2.2.ia64.rpm 7bc5e16ae46f22aea7208725920de642 bluez-utils-debuginfo-2.10-2.2.ia64.rpm x86_64: 230bdc2688fb568dd6402d7728c40cb4 bluez-utils-2.10-2.2.x86_64.rpm 2c83d5d0ff12b0d627f609e75586fac4 bluez-utils-cups-2.10-2.2.x86_64.rpm 95964f5ff634df86ff613d0fc0e8c9d1 bluez-utils-debuginfo-2.10-2.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/bluez-utils-2.10-2.2.src.rpm f7a4d82ed172f4984e8e1abecf723eab bluez-utils-2.10-2.2.src.rpm i386: 818e3b413b31f4fc68e6388dc3feca16 bluez-utils-2.10-2.2.i386.rpm 8ab01e39c64083f86da77b56f1b9ed9c bluez-utils-cups-2.10-2.2.i386.rpm 88944ec7e5a6fa381ec30d9251230827 bluez-utils-debuginfo-2.10-2.2.i386.rpm ia64: ba34fe7467efcb74df5896e42261cfb9 bluez-utils-2.10-2.2.ia64.rpm 864af7581f08ad15f6cbd9961fb53880 bluez-utils-cups-2.10-2.2.ia64.rpm 7bc5e16ae46f22aea7208725920de642 bluez-utils-debuginfo-2.10-2.2.ia64.rpm x86_64: 230bdc2688fb568dd6402d7728c40cb4 bluez-utils-2.10-2.2.x86_64.rpm 2c83d5d0ff12b0d627f609e75586fac4 bluez-utils-cups-2.10-2.2.x86_64.rpm 95964f5ff634df86ff613d0fc0e8c9d1 bluez-utils-debuginfo-2.10-2.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6899 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGSJ+YXlSAg2UNWIIRAs5AAJ47NBnYr+ltDKkxysp926wWRr/LvwCePh3d i/6hMUxAthtArtrJikezGMg= =VqAn -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 16 19:00:05 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 16 May 2007 15:00:05 -0400 Subject: [RHSA-2007:0347-01] Important: kernel security and bug fix update Message-ID: <200705161900.l4GJ058a019969@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2007:0347-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0347.html Issue date: 2007-05-16 Updated on: 2007-05-16 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1496 CVE-2007-1497 CVE-2007-1592 CVE-2007-1861 CVE-2007-2172 CVE-2007-2242 - --------------------------------------------------------------------- 1. Summary: Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Problem description: The Linux kernel handles the basic functions of the operating system. These new kernel packages contain fixes for the following security issues: * a flaw in the handling of IPv6 type 0 routing headers that allowed remote users to cause a denial of service that led to a network amplification between two routers (CVE-2007-2242, Important). * a flaw in the nfnetlink_log netfilter module that allowed a local user to cause a denial of service (CVE-2007-1496, Important). * a flaw in the flow list of listening IPv6 sockets that allowed a local user to cause a denial of service (CVE-2007-1592, Important). * a flaw in the handling of netlink messages that allowed a local user to cause a denial of service (infinite recursion) (CVE-2007-1861, Important). * a flaw in the IPv4 forwarding base that allowed a local user to cause an out-of-bounds access (CVE-2007-2172, Important). * a flaw in the nf_conntrack netfilter module for IPv6 that allowed remote users to bypass certain netfilter rules using IPv6 fragments (CVE-2007-1497, Moderate). In addition to the security issues described above, fixes for the following have been included: * a regression in ipv6 routing. * an error in memory initialization that caused gdb to output inaccurate backtraces on ia64. * the nmi watchdog timeout was updated from 5 to 30 seconds. * a flaw in distributed lock management that could result in errors during virtual machine migration. * an omitted include in kernel-headers that led to compile failures for some packages. Red Hat Enterprise Linux 5 users are advised to upgrade to these packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238046 - oops and panics bringing up/down interfaces on 128p Altix, 8 interfaces 238731 - dlm locking error from gfs dio/aio during virt machine migration 238749 - The patch "xen: Add PACKET_AUXDATA cmsg" cause /usr/include/linux/if_packet.h broken 238944 - CVE-2007-1592 IPv6 oops triggerable by any user 238946 - CVE-2007-1496 Various NULL pointer dereferences in netfilter code 238947 - CVE-2007-1497 IPv6 fragments bypass in nf_conntrack netfilter code 238948 - CVE-2007-2172 fib_semantics.c out of bounds access vulnerability 238949 - CVE-2007-2242 IPv6 routing headers issue 238960 - CVE-2007-1861 infinite recursion in netlink 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm i386: 7ea25aefdfc680a76826429075a95c39 kernel-2.6.18-8.1.4.el5.i686.rpm 6bff12b40b95a8d2a1289a04f899244b kernel-PAE-2.6.18-8.1.4.el5.i686.rpm 9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm 7f0ecd55e3977d93d27c86e13041d2b9 kernel-headers-2.6.18-8.1.4.el5.i386.rpm 97f88531ad7be7462b93a9d434728f43 kernel-xen-2.6.18-8.1.4.el5.i686.rpm 60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm noarch: 399b9229deddfcd91db39da9aff06656 kernel-doc-2.6.18-8.1.4.el5.noarch.rpm x86_64: b21949aab1ba017d070aa114a64000ba kernel-2.6.18-8.1.4.el5.x86_64.rpm d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm 6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm 86785d6927d0b2603bfcd413eb778f0b kernel-headers-2.6.18-8.1.4.el5.x86_64.rpm 76971a3a74604f1dee054a1dbd7ebf67 kernel-xen-2.6.18-8.1.4.el5.x86_64.rpm e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm i386: 9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm 15bde90df04f50cc70323a81fc624b8a kernel-PAE-devel-2.6.18-8.1.4.el5.i686.rpm cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm 93983fdd3e77c260adb37de012a829af kernel-devel-2.6.18-8.1.4.el5.i686.rpm 60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm 26b09c370a9ab26cfdb2a188271f7f05 kernel-xen-devel-2.6.18-8.1.4.el5.i686.rpm x86_64: d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm 6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm 48f80c1bd887008cf220daf606ff56b8 kernel-devel-2.6.18-8.1.4.el5.x86_64.rpm e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm 51c578847a2bfb63266dfba2243dbc16 kernel-xen-devel-2.6.18-8.1.4.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-8.1.4.el5.src.rpm a30918df56c99f6ef7eb612653031f4c kernel-2.6.18-8.1.4.el5.src.rpm i386: 7ea25aefdfc680a76826429075a95c39 kernel-2.6.18-8.1.4.el5.i686.rpm 6bff12b40b95a8d2a1289a04f899244b kernel-PAE-2.6.18-8.1.4.el5.i686.rpm 9ba0f4700e29a161bc304f8b400995fc kernel-PAE-debuginfo-2.6.18-8.1.4.el5.i686.rpm 15bde90df04f50cc70323a81fc624b8a kernel-PAE-devel-2.6.18-8.1.4.el5.i686.rpm cd5f44b9ceaa76126ed858ff88db0d50 kernel-debuginfo-2.6.18-8.1.4.el5.i686.rpm b33969946be1dedb4d7df0721dd09e07 kernel-debuginfo-common-2.6.18-8.1.4.el5.i686.rpm 93983fdd3e77c260adb37de012a829af kernel-devel-2.6.18-8.1.4.el5.i686.rpm 7f0ecd55e3977d93d27c86e13041d2b9 kernel-headers-2.6.18-8.1.4.el5.i386.rpm 97f88531ad7be7462b93a9d434728f43 kernel-xen-2.6.18-8.1.4.el5.i686.rpm 60a8e5a32674b9a4be9a21abc5825367 kernel-xen-debuginfo-2.6.18-8.1.4.el5.i686.rpm 26b09c370a9ab26cfdb2a188271f7f05 kernel-xen-devel-2.6.18-8.1.4.el5.i686.rpm ia64: 411ed588a694990ad9801fdef57cbe6d kernel-2.6.18-8.1.4.el5.ia64.rpm c957fa2b7eeadad2349e88a9244ac5cb kernel-debuginfo-2.6.18-8.1.4.el5.ia64.rpm 898ae9f23dbb060165286a6537570bc6 kernel-debuginfo-common-2.6.18-8.1.4.el5.ia64.rpm 5062a60ed526c494ac662cec4fdfe47c kernel-devel-2.6.18-8.1.4.el5.ia64.rpm c97016a8bda12298c3b66524d5dabe84 kernel-headers-2.6.18-8.1.4.el5.ia64.rpm bb23d95b706b342ca935d43bbf902c61 kernel-xen-2.6.18-8.1.4.el5.ia64.rpm e8e8684027570c4ecc75de6f2d9689eb kernel-xen-debuginfo-2.6.18-8.1.4.el5.ia64.rpm 9e59e9e9a94b68eba80b893b8592d964 kernel-xen-devel-2.6.18-8.1.4.el5.ia64.rpm noarch: 399b9229deddfcd91db39da9aff06656 kernel-doc-2.6.18-8.1.4.el5.noarch.rpm ppc: da9abf45515578bd37cfe13f60bdc4bf kernel-2.6.18-8.1.4.el5.ppc64.rpm 569fcc7a9e80593c99970730cec4a40c kernel-debuginfo-2.6.18-8.1.4.el5.ppc64.rpm 767cb8edeffae46d02e9556d9d6533fe kernel-debuginfo-common-2.6.18-8.1.4.el5.ppc64.rpm 73ccbea80ec007e649d9245de507578e kernel-devel-2.6.18-8.1.4.el5.ppc64.rpm d619c03f0217a68be76c87b8b24e2ecf kernel-headers-2.6.18-8.1.4.el5.ppc.rpm 4ef1d41f1565246da9cc3de87bd7862b kernel-headers-2.6.18-8.1.4.el5.ppc64.rpm ef68af661c08062a3ff329048d3f9329 kernel-kdump-2.6.18-8.1.4.el5.ppc64.rpm fc220f0fc0a5343ea87bdcad0aeda4b2 kernel-kdump-debuginfo-2.6.18-8.1.4.el5.ppc64.rpm 28521b7eae6621a13661118a025e773e kernel-kdump-devel-2.6.18-8.1.4.el5.ppc64.rpm s390x: 8539348562746e09c24c8555470d77a5 kernel-2.6.18-8.1.4.el5.s390x.rpm bf19f97c5c041c02638ffd2dc1ba1387 kernel-debuginfo-2.6.18-8.1.4.el5.s390x.rpm 8b55df775f84c423cbd8d7ac5e89c74e kernel-debuginfo-common-2.6.18-8.1.4.el5.s390x.rpm d61702ef23bc7fec3ce5351d6d13ecb8 kernel-devel-2.6.18-8.1.4.el5.s390x.rpm b8e186d02e1d0766911b6dd8bae63dc2 kernel-headers-2.6.18-8.1.4.el5.s390x.rpm x86_64: b21949aab1ba017d070aa114a64000ba kernel-2.6.18-8.1.4.el5.x86_64.rpm d06155ad1d88be9274f5ac3b84c1406d kernel-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm 6558004b05c79b8d068273933e72caa2 kernel-debuginfo-common-2.6.18-8.1.4.el5.x86_64.rpm 48f80c1bd887008cf220daf606ff56b8 kernel-devel-2.6.18-8.1.4.el5.x86_64.rpm 86785d6927d0b2603bfcd413eb778f0b kernel-headers-2.6.18-8.1.4.el5.x86_64.rpm 76971a3a74604f1dee054a1dbd7ebf67 kernel-xen-2.6.18-8.1.4.el5.x86_64.rpm e8801b31e4ad0943711f4e52bf6a856b kernel-xen-debuginfo-2.6.18-8.1.4.el5.x86_64.rpm 51c578847a2bfb63266dfba2243dbc16 kernel-xen-devel-2.6.18-8.1.4.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1496 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1497 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1592 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1861 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2242 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGS1SlXlSAg2UNWIIRAq60AJ910ZktRlerc36TY59GIvL4Cr3e0ACgmlBz 5rYviNgzE/NJgN8CxOjxVGs= =lBy6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 17 14:17:54 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 May 2007 10:17:54 -0400 Subject: [RHSA-2007:0342-01] Moderate: ipsec-tools security update Message-ID: <200705171417.l4HEHsAi023789@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: ipsec-tools security update Advisory ID: RHSA-2007:0342-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0342.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1841 - --------------------------------------------------------------------- 1. Summary: Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841) Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 235388 - CVE-2007-1841 ipsec-tools racoon DoS 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/ipsec-tools-0.6.5-8.el5.src.rpm 57d7bdfbd6b1c69df32360cd6283f2df ipsec-tools-0.6.5-8.el5.src.rpm i386: d6daa68fd3455f01a83a233d532e77f5 ipsec-tools-0.6.5-8.el5.i386.rpm 3a88d33e5a54da7e4161bfe4b9330ad4 ipsec-tools-debuginfo-0.6.5-8.el5.i386.rpm x86_64: 6e6e394782f74ebba32f0667702a3744 ipsec-tools-0.6.5-8.el5.x86_64.rpm 3bbfae02613f4b804614294ef2cea4fc ipsec-tools-debuginfo-0.6.5-8.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/ipsec-tools-0.6.5-8.el5.src.rpm 57d7bdfbd6b1c69df32360cd6283f2df ipsec-tools-0.6.5-8.el5.src.rpm i386: d6daa68fd3455f01a83a233d532e77f5 ipsec-tools-0.6.5-8.el5.i386.rpm 3a88d33e5a54da7e4161bfe4b9330ad4 ipsec-tools-debuginfo-0.6.5-8.el5.i386.rpm ia64: fd56d6b537bc98f32abf93b5b16c2367 ipsec-tools-0.6.5-8.el5.ia64.rpm 446736dd516c45b50fd39c49853c0eae ipsec-tools-debuginfo-0.6.5-8.el5.ia64.rpm ppc: 00f092368e9727f83827c4e772da59cf ipsec-tools-0.6.5-8.el5.ppc.rpm 7d79dc45962236565f93eb77f09235e4 ipsec-tools-debuginfo-0.6.5-8.el5.ppc.rpm s390x: 4830e931f3b0553e8d4847e9b644ddce ipsec-tools-0.6.5-8.el5.s390x.rpm d45f9987cfdc46d880a0e3f7732a4e0f ipsec-tools-debuginfo-0.6.5-8.el5.s390x.rpm x86_64: 6e6e394782f74ebba32f0667702a3744 ipsec-tools-0.6.5-8.el5.x86_64.rpm 3bbfae02613f4b804614294ef2cea4fc ipsec-tools-debuginfo-0.6.5-8.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1841 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTGQOXlSAg2UNWIIRAjY7AJ42a7hBD3NOGGv8Q1eyEcOdUwtvLgCfZMCs XNt64gyAGHSDwKIj93UNKYE= =NTeE -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 17 14:27:00 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 May 2007 10:27:00 -0400 Subject: [RHSA-2007:0345-01] Moderate: vixie-cron security update Message-ID: <200705171427.l4HER0qP025347@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: vixie-cron security update Advisory ID: RHSA-2007:0345-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0345.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1856 - --------------------------------------------------------------------- 1. Summary: Updated vixie-cron packages that fix a denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The vixie-cron package contains the Vixie version of cron. Cron is a standard UNIX daemon that runs specified programs at scheduled times. Raphael Marichez discovered a denial of service bug in the way vixie-cron verifies crontab file integrity. A local user with the ability to create a hardlink to /etc/crontab can prevent vixie-cron from executing certain system cron jobs. (CVE-2007-1856) All users of vixie-cron should upgrade to these updated packages, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 223662 - crond failed "Days of week" after a few hours on 1st/Jan 235880 - CVE-2007-1856 crontab denial of service 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm ppc: 097b5ff35bfae9dc80600b1c5c625b28 vixie-cron-4.1-19.EL3.ppc.rpm 6642327a5b747246059681feb75c48c2 vixie-cron-debuginfo-4.1-19.EL3.ppc.rpm s390: 825a473c9476f6c4c0998c9b37c87584 vixie-cron-4.1-19.EL3.s390.rpm d6c108ff0f700e2637b8256e04027998 vixie-cron-debuginfo-4.1-19.EL3.s390.rpm s390x: a69ee247f2c81ef9baa7636c8f695ab5 vixie-cron-4.1-19.EL3.s390x.rpm eae9c4a5d305cb0077125a51200f6bf8 vixie-cron-debuginfo-4.1-19.EL3.s390x.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/vixie-cron-4.1-19.EL3.src.rpm 7c765917fa13d34ca705284d0a51d16e vixie-cron-4.1-19.EL3.src.rpm i386: ea525e4a8c8dc818b9e113c02a7e4c48 vixie-cron-4.1-19.EL3.i386.rpm 98df28b802964b3a687c6925708f08fd vixie-cron-debuginfo-4.1-19.EL3.i386.rpm ia64: dbd7433ff15f0aaf005cd1bbed789112 vixie-cron-4.1-19.EL3.ia64.rpm 1e75f2bf0383e74c5d491a023e4f4cff vixie-cron-debuginfo-4.1-19.EL3.ia64.rpm x86_64: c2440f24a81ded632ef8ce71c5f379a6 vixie-cron-4.1-19.EL3.x86_64.rpm ff066a6188e453697086fc6bbd310294 vixie-cron-debuginfo-4.1-19.EL3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm ppc: 68741ea68b37363dc302345cc3bf2209 vixie-cron-4.1-47.EL4.ppc.rpm 4fd9d72458e7571e12336d829b72e97f vixie-cron-debuginfo-4.1-47.EL4.ppc.rpm s390: 4bcc729825cd7622cc9cf2ce317f641f vixie-cron-4.1-47.EL4.s390.rpm 610471c0b6115c8162bc338173bbbe69 vixie-cron-debuginfo-4.1-47.EL4.s390.rpm s390x: 903f1dbd19ee18070d02b659d8d8ba83 vixie-cron-4.1-47.EL4.s390x.rpm b3fb169573665923ed33b42ab92c569a vixie-cron-debuginfo-4.1-47.EL4.s390x.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/vixie-cron-4.1-47.EL4.src.rpm c963050603bd83341aa5512719bcd6e1 vixie-cron-4.1-47.EL4.src.rpm i386: e50b7208f6e67ef36a941a9d53dd4ecd vixie-cron-4.1-47.EL4.i386.rpm f4f41c03fe2c620a4c88865ee7ccf9ba vixie-cron-debuginfo-4.1-47.EL4.i386.rpm ia64: 2a8acdc3387f80b88b05d3caf37494b4 vixie-cron-4.1-47.EL4.ia64.rpm d02b38ef9530988cf05c1bf4d14b084b vixie-cron-debuginfo-4.1-47.EL4.ia64.rpm x86_64: 9cdec79f5fd5c4daaec883aa70bb6432 vixie-cron-4.1-47.EL4.x86_64.rpm a389869eadbd3752839300ec2ee543a7 vixie-cron-debuginfo-4.1-47.EL4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/vixie-cron-4.1-70.el5.src.rpm 91b16cc530bd52916de05ebf3a291ec3 vixie-cron-4.1-70.el5.src.rpm i386: bf66188eda08c4e4410854a118448fce vixie-cron-4.1-70.el5.i386.rpm ebbfcef54ccd476f05ce6e107b8c6ae6 vixie-cron-debuginfo-4.1-70.el5.i386.rpm x86_64: 2d9c6bdffb703c8ecdfb5bbac74a193e vixie-cron-4.1-70.el5.x86_64.rpm 7090e5d8fbc61e8c148c3b5a8e849ee1 vixie-cron-debuginfo-4.1-70.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/vixie-cron-4.1-70.el5.src.rpm 91b16cc530bd52916de05ebf3a291ec3 vixie-cron-4.1-70.el5.src.rpm i386: bf66188eda08c4e4410854a118448fce vixie-cron-4.1-70.el5.i386.rpm ebbfcef54ccd476f05ce6e107b8c6ae6 vixie-cron-debuginfo-4.1-70.el5.i386.rpm ia64: 4bd5c5c644d7cae8a7a35ee8a8db1fe3 vixie-cron-4.1-70.el5.ia64.rpm 52f06612b2ced2ffef0f10dcc2ef1211 vixie-cron-debuginfo-4.1-70.el5.ia64.rpm ppc: ccd2a860b388dcf0b8174ac301813692 vixie-cron-4.1-70.el5.ppc.rpm b972e59606b597f9e6d8040927158294 vixie-cron-debuginfo-4.1-70.el5.ppc.rpm s390x: 308a141f06dcf269d3fcbf80d464cd9d vixie-cron-4.1-70.el5.s390x.rpm c704c4150bea7712738eb444ad65a036 vixie-cron-debuginfo-4.1-70.el5.s390x.rpm x86_64: 2d9c6bdffb703c8ecdfb5bbac74a193e vixie-cron-4.1-70.el5.x86_64.rpm 7090e5d8fbc61e8c148c3b5a8e849ee1 vixie-cron-debuginfo-4.1-70.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1856 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTGYNXlSAg2UNWIIRAuu0AJ0WFAFqBQi0X2qlsfVf31uMV5CxVwCglzws bfK3V0WBKBeBbG4nQYlUzfc= =pvha -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 17 14:46:37 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 May 2007 10:46:37 -0400 Subject: [RHSA-2007:0353-01] Moderate: evolution security update Message-ID: <200705171446.l4HEkboS028567@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution security update Advisory ID: RHSA-2007:0353-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0353.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1558 - --------------------------------------------------------------------- 1. Summary: Updated evolution packages that fix a security bug are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: Evolution is the GNOME collection of personal information management (PIM) tools. A flaw was found in the way Evolution processed certain APOP authentication requests. A remote attacker could potentially acquire certain portions of a user's authentication credentials by sending certain responses when evolution-data-server attempted to authenticate against an APOP server. (CVE-2007-1558) All users of Evolution should upgrade to these updated packages, which contain a backported patch which resolves this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238565 - CVE-2007-1558 Evolution APOP information disclosure 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm ppc: 3ee9a25add5a42bf89e93a63ac3d91ef evolution-1.4.5-20.el3.ppc.rpm 7587d60586a60cb60afe27a07c436ad9 evolution-debuginfo-1.4.5-20.el3.ppc.rpm a17552a71ca70e285a129fc6c9e42d91 evolution-devel-1.4.5-20.el3.ppc.rpm s390: a95aab39409afe560a9d01d867d2a658 evolution-1.4.5-20.el3.s390.rpm bf061e59d63b1a725dafd0e3626a006a evolution-debuginfo-1.4.5-20.el3.s390.rpm 8cc741d3a5dfd223c085cd95dc16c8b6 evolution-devel-1.4.5-20.el3.s390.rpm s390x: 85cc84a449a757874ce6f2c8a4b638cb evolution-1.4.5-20.el3.s390x.rpm 91a0deb5ca3fbbd7c8738a9f4d1fc3cf evolution-debuginfo-1.4.5-20.el3.s390x.rpm a5d24149a144f570540506ed060f3d02 evolution-devel-1.4.5-20.el3.s390x.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/evolution-1.4.5-20.el3.src.rpm c405dc2c24a9e0bf5431126309328bf3 evolution-1.4.5-20.el3.src.rpm i386: 65f97ba5cbbb4805a18ef60524625f99 evolution-1.4.5-20.el3.i386.rpm b035cf74b18e9f1a75caa15913a3d195 evolution-debuginfo-1.4.5-20.el3.i386.rpm 934b6df84d7786ddcf294a0b625f8a3c evolution-devel-1.4.5-20.el3.i386.rpm ia64: ed2bc1dfbec3cdce3c9776df9e5facdd evolution-1.4.5-20.el3.ia64.rpm e37fca949fbbbdf3d518c050cb36ce15 evolution-debuginfo-1.4.5-20.el3.ia64.rpm 781a27c5afa057b27e8d0d241559750d evolution-devel-1.4.5-20.el3.ia64.rpm x86_64: da6fac84abbbf5c53a05a282be38fd13 evolution-1.4.5-20.el3.x86_64.rpm 58597e62de16b99ba95504bf12c31005 evolution-debuginfo-1.4.5-20.el3.x86_64.rpm c94bf9dd40ee27d9908c101a8f40e2b7 evolution-devel-1.4.5-20.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm ppc: 41279cc52d1f8bf006137019bdeec115 evolution-2.0.2-35.0.2.el4.ppc.rpm bf3972bed4b6ebb695012d1e80942df3 evolution-debuginfo-2.0.2-35.0.2.el4.ppc.rpm 0fa38e81f331db0f6d22f62167714413 evolution-devel-2.0.2-35.0.2.el4.ppc.rpm s390: 93fad9c3c62573cf366bcda9805b9c8d evolution-2.0.2-35.0.2.el4.s390.rpm 1533b1f9e19170581d4aa41646c02178 evolution-debuginfo-2.0.2-35.0.2.el4.s390.rpm 7905d268cfbbca40893cb1480c130b81 evolution-devel-2.0.2-35.0.2.el4.s390.rpm s390x: 4df2d5c1eeeadbd21a2ffdd69f66f91c evolution-2.0.2-35.0.2.el4.s390x.rpm 90e17288a99cb57b52261f5b3c80f950 evolution-debuginfo-2.0.2-35.0.2.el4.s390x.rpm abb56c486d2112fce800d612263586e0 evolution-devel-2.0.2-35.0.2.el4.s390x.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/evolution-2.0.2-35.0.2.el4.src.rpm 886e06ef0416e5e8fb62685bd5806a42 evolution-2.0.2-35.0.2.el4.src.rpm i386: 21d0744d5f41d3db79cede4e81902f7b evolution-2.0.2-35.0.2.el4.i386.rpm 8750a5a86fa6996a90775786cf3a5809 evolution-debuginfo-2.0.2-35.0.2.el4.i386.rpm 839cdc24730b44a3b20b1a3c0c8f8acb evolution-devel-2.0.2-35.0.2.el4.i386.rpm ia64: 7c312e82153ef608c32a644ad65b3e70 evolution-2.0.2-35.0.2.el4.ia64.rpm 5c3cdd4d3f40e5e65b28bd3f403b356f evolution-debuginfo-2.0.2-35.0.2.el4.ia64.rpm f949e742c14f93535810aa8bb6b695c0 evolution-devel-2.0.2-35.0.2.el4.ia64.rpm x86_64: 7c99cb70e572c955ccadc425fe9aaeaa evolution-2.0.2-35.0.2.el4.x86_64.rpm 489e052420bf3fc3538404fb9f1a9b1f evolution-debuginfo-2.0.2-35.0.2.el4.x86_64.rpm 4ee7bf955381cef106d0ff4ecc6ae482 evolution-devel-2.0.2-35.0.2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTGrKXlSAg2UNWIIRAqUxAKCOs8EDnpP84DSmjcoBuCHRLStx4QCggP04 ac+P0AERa1bBLmmr54glUvs= =bqxI -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 17 15:12:20 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 May 2007 11:12:20 -0400 Subject: [RHSA-2007:0358-01] Moderate: squirrelmail security update Message-ID: <200705171512.l4HFCK3I000495@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: squirrelmail security update Advisory ID: RHSA-2007:0358-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0358.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux Keywords: XSS CSRF HTML IMG tag CVE Names: CVE-2007-1262 CVE-2007-2589 - --------------------------------------------------------------------- 1. Summary: A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - noarch Red Hat Desktop version 3 - noarch Red Hat Enterprise Linux ES version 3 - noarch Red Hat Enterprise Linux WS version 3 - noarch Red Hat Enterprise Linux AS version 4 - noarch Red Hat Enterprise Linux Desktop version 4 - noarch Red Hat Enterprise Linux ES version 4 - noarch Red Hat Enterprise Linux WS version 4 - noarch RHEL Desktop Workstation (v. 5 client) - noarch Red Hat Enterprise Linux (v. 5 server) - noarch 3. Problem description: SquirrelMail is a standards-based webmail package written in PHP4. Several HTML filtering bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript leading to cross-site scripting attacks by sending an e-mail viewed by a user within SquirrelMail. (CVE-2007-1262) Squirrelmail did not sufficiently check arguments to IMG tags in HTML e-mail messages. This could be exploited by an attacker by sending arbitrary e-mail messages on behalf of a squirrelmail user tricked into opening a maliciously crafted HTML e-mail message. (CVE-2007-2589) Users of SquirrelMail should upgrade to this erratum package, which contains a backported patch to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 239647 - CVE-2007-1262 XSS through HTML message in squirrelmail 239828 - CVE-2007-2589 CSRF through HTML message in squirrelmail 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/squirrelmail-1.4.8-6.el3.src.rpm d5b155f024bf7f466ea748c30fa706f6 squirrelmail-1.4.8-6.el3.src.rpm noarch: 7d794dff83c15be9d20f922c8096b3d6 squirrelmail-1.4.8-6.el3.noarch.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/squirrelmail-1.4.8-6.el3.src.rpm d5b155f024bf7f466ea748c30fa706f6 squirrelmail-1.4.8-6.el3.src.rpm noarch: 7d794dff83c15be9d20f922c8096b3d6 squirrelmail-1.4.8-6.el3.noarch.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/squirrelmail-1.4.8-6.el3.src.rpm d5b155f024bf7f466ea748c30fa706f6 squirrelmail-1.4.8-6.el3.src.rpm noarch: 7d794dff83c15be9d20f922c8096b3d6 squirrelmail-1.4.8-6.el3.noarch.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/squirrelmail-1.4.8-6.el3.src.rpm d5b155f024bf7f466ea748c30fa706f6 squirrelmail-1.4.8-6.el3.src.rpm noarch: 7d794dff83c15be9d20f922c8096b3d6 squirrelmail-1.4.8-6.el3.noarch.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el4.src.rpm 0f598fa43fae1a0dd8b549b69715d940 squirrelmail-1.4.8-4.0.1.el4.src.rpm noarch: e184d9fc06ad637734de9d26cb7df041 squirrelmail-1.4.8-4.0.1.el4.noarch.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el4.src.rpm 0f598fa43fae1a0dd8b549b69715d940 squirrelmail-1.4.8-4.0.1.el4.src.rpm noarch: e184d9fc06ad637734de9d26cb7df041 squirrelmail-1.4.8-4.0.1.el4.noarch.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el4.src.rpm 0f598fa43fae1a0dd8b549b69715d940 squirrelmail-1.4.8-4.0.1.el4.src.rpm noarch: e184d9fc06ad637734de9d26cb7df041 squirrelmail-1.4.8-4.0.1.el4.noarch.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el4.src.rpm 0f598fa43fae1a0dd8b549b69715d940 squirrelmail-1.4.8-4.0.1.el4.src.rpm noarch: e184d9fc06ad637734de9d26cb7df041 squirrelmail-1.4.8-4.0.1.el4.noarch.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el5.src.rpm a8ceba3c425072d2948dd34a79c4d508 squirrelmail-1.4.8-4.0.1.el5.src.rpm noarch: e4deaf4a4703195e8bb95cd65c6c10d9 squirrelmail-1.4.8-4.0.1.el5.noarch.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/squirrelmail-1.4.8-4.0.1.el5.src.rpm a8ceba3c425072d2948dd34a79c4d508 squirrelmail-1.4.8-4.0.1.el5.src.rpm noarch: e4deaf4a4703195e8bb95cd65c6c10d9 squirrelmail-1.4.8-4.0.1.el5.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1262 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2589 http://www.squirrelmail.org/security/issue/2007-05-09 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTHDSXlSAg2UNWIIRAofEAKC+mGD7rvPyGkGvre+47kPzs0yJjACgt+4z JN8yV+5ujp+eDWjste5cnMQ= =gn2V -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 17 21:46:36 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 May 2007 17:46:36 -0400 Subject: [RHSA-2007:0356-01] Moderate: libpng security update Message-ID: <200705172146.l4HLkaIn002412@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: libpng security update Advisory ID: RHSA-2007:0356-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0356.html Issue date: 2007-05-17 Updated on: 2007-05-17 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-5793 CVE-2007-2445 - --------------------------------------------------------------------- 1. Summary: Updated libpng packages that fix security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The libpng package contains a library of functions for creating and manipulating PNG (Portable Network Graphics) image format files. A flaw was found in the handling of malformed images in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was manipulated. (CVE-2007-2445) A flaw was found in the sPLT chunk handling code in libpng. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash when the file was opened. (CVE-2006-5793) Users of libpng should update to these updated packages which contain backported patches to correct these issues. Red Hat would like to thank Glenn Randers-Pehrson, Mats Palmgren, and Tavis Ormandy for supplying details and patches for these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 215405 - CVE-2006-5793 libpng DoS 239425 - CVE-2007-2445 libpng png_handle_tRNS flaw 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/libpng-1.0.14-10.src.rpm 8f37bb1836ce21e2f622d48e913a8757 libpng-1.0.14-10.src.rpm i386: 03fa135e7a95d58705f47bebb16d7c4b libpng-1.0.14-10.i386.rpm 4cd0bcae95cb1af8573bb84ce6e824e5 libpng-devel-1.0.14-10.i386.rpm ia64: 1efe6683e43c5fc31431c86d1ca084ed libpng-1.0.14-10.ia64.rpm d2da87760c8f52b285fd13d55ac00768 libpng-devel-1.0.14-10.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/libpng-1.0.14-10.src.rpm 8f37bb1836ce21e2f622d48e913a8757 libpng-1.0.14-10.src.rpm ia64: 1efe6683e43c5fc31431c86d1ca084ed libpng-1.0.14-10.ia64.rpm d2da87760c8f52b285fd13d55ac00768 libpng-devel-1.0.14-10.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/libpng-1.0.14-10.src.rpm 8f37bb1836ce21e2f622d48e913a8757 libpng-1.0.14-10.src.rpm i386: 03fa135e7a95d58705f47bebb16d7c4b libpng-1.0.14-10.i386.rpm 4cd0bcae95cb1af8573bb84ce6e824e5 libpng-devel-1.0.14-10.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/libpng-1.0.14-10.src.rpm 8f37bb1836ce21e2f622d48e913a8757 libpng-1.0.14-10.src.rpm i386: 03fa135e7a95d58705f47bebb16d7c4b libpng-1.0.14-10.i386.rpm 4cd0bcae95cb1af8573bb84ce6e824e5 libpng-devel-1.0.14-10.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libpng-1.2.2-27.src.rpm cc5f647187175be6fab898800f64d891 libpng-1.2.2-27.src.rpm ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libpng10-1.0.13-17.src.rpm 72d453e42aafdf7042370e476ae89a66 libpng10-1.0.13-17.src.rpm i386: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 311f6265a6d4b44a35a5c9220718d211 libpng-devel-1.2.2-27.i386.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm 15dbc12ea625c53c6af98d0f121f5ebe libpng10-devel-1.0.13-17.i386.rpm ia64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm 69f61705e012d2b48870502b0d7cadaf libpng-1.2.2-27.ia64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 98fddf0d13e1add75094795a6a035918 libpng-debuginfo-1.2.2-27.ia64.rpm aac473950f6156879ea2f3a4a65ed442 libpng-devel-1.2.2-27.ia64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 06ca30a321bea7147a3eea189a738671 libpng10-1.0.13-17.ia64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm ee2288628372d5a4c3818c4cae9d31c4 libpng10-debuginfo-1.0.13-17.ia64.rpm 84d8b739dadb1c6910cc655108e47d05 libpng10-devel-1.0.13-17.ia64.rpm ppc: 4d19507fb3a98e9b4011131a8daad512 libpng-1.2.2-27.ppc.rpm ed37487758ffa50b76d3293e90b751d9 libpng-1.2.2-27.ppc64.rpm 46649afcd292e3474e431b8b0c68e938 libpng-debuginfo-1.2.2-27.ppc.rpm 19c85738a9c4a171d911857056c019ae libpng-debuginfo-1.2.2-27.ppc64.rpm 9f4058d2ec0eb06bbe19cd7e2d4cc787 libpng-devel-1.2.2-27.ppc.rpm f07383b79095833521a092d866a58433 libpng10-1.0.13-17.ppc.rpm 6cc437306485e060f0e2f50c039ac23d libpng10-1.0.13-17.ppc64.rpm 07d8467d581e3ad0cea1d2b4f272fa86 libpng10-debuginfo-1.0.13-17.ppc.rpm a46766c68859d947bc837848c5bc1182 libpng10-debuginfo-1.0.13-17.ppc64.rpm 048fecebde598609adfd09bebafce5ad libpng10-devel-1.0.13-17.ppc.rpm s390: 07f76cdd991c89be61bce5f09ca6e41c libpng-1.2.2-27.s390.rpm 96cd0746ab869cb3ec4de16148eb7668 libpng-debuginfo-1.2.2-27.s390.rpm e92277fee6063908e166bdf8f35cb6e5 libpng-devel-1.2.2-27.s390.rpm 47098bf97e6c5fd06be6f614595e1efb libpng10-1.0.13-17.s390.rpm c67b28a0e9fba0340dc54a86a9143626 libpng10-debuginfo-1.0.13-17.s390.rpm 63fdfd782a0d0878ff88bb32314cc9c2 libpng10-devel-1.0.13-17.s390.rpm s390x: 07f76cdd991c89be61bce5f09ca6e41c libpng-1.2.2-27.s390.rpm 185dcae13db232006ee9ef4b71705c8b libpng-1.2.2-27.s390x.rpm 96cd0746ab869cb3ec4de16148eb7668 libpng-debuginfo-1.2.2-27.s390.rpm c2385580fb00fa27640482b1df4976fc libpng-debuginfo-1.2.2-27.s390x.rpm 619c6798b573b6c841e827091be7885a libpng-devel-1.2.2-27.s390x.rpm 47098bf97e6c5fd06be6f614595e1efb libpng10-1.0.13-17.s390.rpm 78c1e22dafbd333518032f423d0edbd4 libpng10-1.0.13-17.s390x.rpm c67b28a0e9fba0340dc54a86a9143626 libpng10-debuginfo-1.0.13-17.s390.rpm 74498b6a289d5f98fecef578fc9eb95e libpng10-debuginfo-1.0.13-17.s390x.rpm c0bed5a493d373ee9494973cdb604a32 libpng10-devel-1.0.13-17.s390x.rpm x86_64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm b072d86d2f42aacb7e5680510a63872d libpng-1.2.2-27.x86_64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm b7390c52396d77561ca357efe11fb9c4 libpng-debuginfo-1.2.2-27.x86_64.rpm 20714b4a7abd99cc1b538d88f2d7a9dc libpng-devel-1.2.2-27.x86_64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 1ecdbe6144cc83053471fe822270d027 libpng10-1.0.13-17.x86_64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm e395b4a0b8204fc87dd67c2ad31be759 libpng10-debuginfo-1.0.13-17.x86_64.rpm a92c14579420936b43b3990d3cb1f42e libpng10-devel-1.0.13-17.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libpng-1.2.2-27.src.rpm cc5f647187175be6fab898800f64d891 libpng-1.2.2-27.src.rpm ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libpng10-1.0.13-17.src.rpm 72d453e42aafdf7042370e476ae89a66 libpng10-1.0.13-17.src.rpm i386: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 311f6265a6d4b44a35a5c9220718d211 libpng-devel-1.2.2-27.i386.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm 15dbc12ea625c53c6af98d0f121f5ebe libpng10-devel-1.0.13-17.i386.rpm x86_64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm b072d86d2f42aacb7e5680510a63872d libpng-1.2.2-27.x86_64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm b7390c52396d77561ca357efe11fb9c4 libpng-debuginfo-1.2.2-27.x86_64.rpm 20714b4a7abd99cc1b538d88f2d7a9dc libpng-devel-1.2.2-27.x86_64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 1ecdbe6144cc83053471fe822270d027 libpng10-1.0.13-17.x86_64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm e395b4a0b8204fc87dd67c2ad31be759 libpng10-debuginfo-1.0.13-17.x86_64.rpm a92c14579420936b43b3990d3cb1f42e libpng10-devel-1.0.13-17.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libpng-1.2.2-27.src.rpm cc5f647187175be6fab898800f64d891 libpng-1.2.2-27.src.rpm ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libpng10-1.0.13-17.src.rpm 72d453e42aafdf7042370e476ae89a66 libpng10-1.0.13-17.src.rpm i386: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 311f6265a6d4b44a35a5c9220718d211 libpng-devel-1.2.2-27.i386.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm 15dbc12ea625c53c6af98d0f121f5ebe libpng10-devel-1.0.13-17.i386.rpm ia64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm 69f61705e012d2b48870502b0d7cadaf libpng-1.2.2-27.ia64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 98fddf0d13e1add75094795a6a035918 libpng-debuginfo-1.2.2-27.ia64.rpm aac473950f6156879ea2f3a4a65ed442 libpng-devel-1.2.2-27.ia64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 06ca30a321bea7147a3eea189a738671 libpng10-1.0.13-17.ia64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm ee2288628372d5a4c3818c4cae9d31c4 libpng10-debuginfo-1.0.13-17.ia64.rpm 84d8b739dadb1c6910cc655108e47d05 libpng10-devel-1.0.13-17.ia64.rpm x86_64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm b072d86d2f42aacb7e5680510a63872d libpng-1.2.2-27.x86_64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm b7390c52396d77561ca357efe11fb9c4 libpng-debuginfo-1.2.2-27.x86_64.rpm 20714b4a7abd99cc1b538d88f2d7a9dc libpng-devel-1.2.2-27.x86_64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 1ecdbe6144cc83053471fe822270d027 libpng10-1.0.13-17.x86_64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm e395b4a0b8204fc87dd67c2ad31be759 libpng10-debuginfo-1.0.13-17.x86_64.rpm a92c14579420936b43b3990d3cb1f42e libpng10-devel-1.0.13-17.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libpng-1.2.2-27.src.rpm cc5f647187175be6fab898800f64d891 libpng-1.2.2-27.src.rpm ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libpng10-1.0.13-17.src.rpm 72d453e42aafdf7042370e476ae89a66 libpng10-1.0.13-17.src.rpm i386: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 311f6265a6d4b44a35a5c9220718d211 libpng-devel-1.2.2-27.i386.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm 15dbc12ea625c53c6af98d0f121f5ebe libpng10-devel-1.0.13-17.i386.rpm ia64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm 69f61705e012d2b48870502b0d7cadaf libpng-1.2.2-27.ia64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm 98fddf0d13e1add75094795a6a035918 libpng-debuginfo-1.2.2-27.ia64.rpm aac473950f6156879ea2f3a4a65ed442 libpng-devel-1.2.2-27.ia64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 06ca30a321bea7147a3eea189a738671 libpng10-1.0.13-17.ia64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm ee2288628372d5a4c3818c4cae9d31c4 libpng10-debuginfo-1.0.13-17.ia64.rpm 84d8b739dadb1c6910cc655108e47d05 libpng10-devel-1.0.13-17.ia64.rpm x86_64: 4ed9a2c6b5f09e11aa4d36f12704fc09 libpng-1.2.2-27.i386.rpm b072d86d2f42aacb7e5680510a63872d libpng-1.2.2-27.x86_64.rpm ffd7c318094543ced991c780f70ca66f libpng-debuginfo-1.2.2-27.i386.rpm b7390c52396d77561ca357efe11fb9c4 libpng-debuginfo-1.2.2-27.x86_64.rpm 20714b4a7abd99cc1b538d88f2d7a9dc libpng-devel-1.2.2-27.x86_64.rpm 7a8c105ffd0149410ed817a63b66771d libpng10-1.0.13-17.i386.rpm 1ecdbe6144cc83053471fe822270d027 libpng10-1.0.13-17.x86_64.rpm fc38af2a76f0dd5cb98097a3abe338b6 libpng10-debuginfo-1.0.13-17.i386.rpm e395b4a0b8204fc87dd67c2ad31be759 libpng10-debuginfo-1.0.13-17.x86_64.rpm a92c14579420936b43b3990d3cb1f42e libpng10-devel-1.0.13-17.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libpng-1.2.7-3.el4.src.rpm 8ef67fad14ca5c1f9dce4449b1e191d3 libpng-1.2.7-3.el4.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libpng10-1.0.16-3.src.rpm f16552850fb887ee8a1a9e3a332d3c63 libpng10-1.0.16-3.src.rpm i386: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 4a4945468b83135d1e5652b70a838304 libpng-devel-1.2.7-3.el4.i386.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 2115b79e6f2f01fb21ff2dc856374c1a libpng10-devel-1.0.16-3.i386.rpm ia64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 2051c01b83415587fc810994420f0227 libpng-1.2.7-3.el4.ia64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 589e35af9ee426167d4659cc3e752d65 libpng-debuginfo-1.2.7-3.el4.ia64.rpm 5bbffd4ca84004e74398f8894c588c81 libpng-devel-1.2.7-3.el4.ia64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm c652c1ce02a6a9146be030d915f824c2 libpng10-1.0.16-3.ia64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 99564ffbb83059b484e127e1db4fe78c libpng10-debuginfo-1.0.16-3.ia64.rpm 698127bee4d93807fbe1791276b08a14 libpng10-devel-1.0.16-3.ia64.rpm ppc: ec2dfb54524b6b5a7b752d3b04b7b663 libpng-1.2.7-3.el4.ppc.rpm 93c75f39472e84aed6a032856ebe5a7d libpng-1.2.7-3.el4.ppc64.rpm 5cf0744feb8984d67667f2235916c89b libpng-debuginfo-1.2.7-3.el4.ppc.rpm 0506ff25e3587ad68ad117c3cec84eaa libpng-debuginfo-1.2.7-3.el4.ppc64.rpm 946aa208ed75b6b90e3a0b30c1f6b31a libpng-devel-1.2.7-3.el4.ppc.rpm e70a8b8b57df5f7cace6b16e06e53e34 libpng10-1.0.16-3.ppc.rpm 368634778cb2ae8e02aa15ee786080d2 libpng10-1.0.16-3.ppc64.rpm bb5c86da53b6f3d82143562998c78aee libpng10-debuginfo-1.0.16-3.ppc.rpm 807cb07fe430ca34cc09236597009aa3 libpng10-debuginfo-1.0.16-3.ppc64.rpm 2f83cd833a90818b45cb5c8a1265a549 libpng10-devel-1.0.16-3.ppc.rpm s390: c26d0d2623dc83d613d0d3da958dc6c0 libpng-1.2.7-3.el4.s390.rpm 426f1ff75ad79d5e2cbf10fa3cd4d477 libpng-debuginfo-1.2.7-3.el4.s390.rpm 5dec5a031938d2cb0c37c9a5fa703930 libpng-devel-1.2.7-3.el4.s390.rpm 12648b96eafa496717bdf47a24d755a5 libpng10-1.0.16-3.s390.rpm fdd0c0308a22185c52408fa0afca2cee libpng10-debuginfo-1.0.16-3.s390.rpm d160c62f800f36d80a2b4bea1f8ee4c1 libpng10-devel-1.0.16-3.s390.rpm s390x: c26d0d2623dc83d613d0d3da958dc6c0 libpng-1.2.7-3.el4.s390.rpm f26f1358e2acf40f8c7cfc504861f527 libpng-1.2.7-3.el4.s390x.rpm 426f1ff75ad79d5e2cbf10fa3cd4d477 libpng-debuginfo-1.2.7-3.el4.s390.rpm 00ab694fdd449e2ef01a4d0f1f3bc4a3 libpng-debuginfo-1.2.7-3.el4.s390x.rpm e74c222d0f8008caf5a7f9e8a29a81b8 libpng-devel-1.2.7-3.el4.s390x.rpm 12648b96eafa496717bdf47a24d755a5 libpng10-1.0.16-3.s390.rpm cd50743d02a2cdc62e8e3de1e4fe9df4 libpng10-1.0.16-3.s390x.rpm fdd0c0308a22185c52408fa0afca2cee libpng10-debuginfo-1.0.16-3.s390.rpm f0044d23559d5cb442375398e97ccfa1 libpng10-debuginfo-1.0.16-3.s390x.rpm 764f6bc245fef91dd16c3aaef2fd9f95 libpng10-devel-1.0.16-3.s390x.rpm x86_64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 64795eb8ff4d7fe52f1c0a0d286c4b32 libpng-1.2.7-3.el4.x86_64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 542d4a533fdae7b032b350abd566ab57 libpng-debuginfo-1.2.7-3.el4.x86_64.rpm 1046764762d2e06d727c8a45a375ad86 libpng-devel-1.2.7-3.el4.x86_64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 47f6bf747e4bffed5cc59102ad179f2e libpng10-1.0.16-3.x86_64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 0b229bd11e089a33010fc45231f92ccc libpng10-debuginfo-1.0.16-3.x86_64.rpm 79f777f2e31a98a4806788698db38443 libpng10-devel-1.0.16-3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libpng-1.2.7-3.el4.src.rpm 8ef67fad14ca5c1f9dce4449b1e191d3 libpng-1.2.7-3.el4.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libpng10-1.0.16-3.src.rpm f16552850fb887ee8a1a9e3a332d3c63 libpng10-1.0.16-3.src.rpm i386: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 4a4945468b83135d1e5652b70a838304 libpng-devel-1.2.7-3.el4.i386.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 2115b79e6f2f01fb21ff2dc856374c1a libpng10-devel-1.0.16-3.i386.rpm x86_64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 64795eb8ff4d7fe52f1c0a0d286c4b32 libpng-1.2.7-3.el4.x86_64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 542d4a533fdae7b032b350abd566ab57 libpng-debuginfo-1.2.7-3.el4.x86_64.rpm 1046764762d2e06d727c8a45a375ad86 libpng-devel-1.2.7-3.el4.x86_64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 47f6bf747e4bffed5cc59102ad179f2e libpng10-1.0.16-3.x86_64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 0b229bd11e089a33010fc45231f92ccc libpng10-debuginfo-1.0.16-3.x86_64.rpm 79f777f2e31a98a4806788698db38443 libpng10-devel-1.0.16-3.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libpng-1.2.7-3.el4.src.rpm 8ef67fad14ca5c1f9dce4449b1e191d3 libpng-1.2.7-3.el4.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libpng10-1.0.16-3.src.rpm f16552850fb887ee8a1a9e3a332d3c63 libpng10-1.0.16-3.src.rpm i386: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 4a4945468b83135d1e5652b70a838304 libpng-devel-1.2.7-3.el4.i386.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 2115b79e6f2f01fb21ff2dc856374c1a libpng10-devel-1.0.16-3.i386.rpm ia64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 2051c01b83415587fc810994420f0227 libpng-1.2.7-3.el4.ia64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 589e35af9ee426167d4659cc3e752d65 libpng-debuginfo-1.2.7-3.el4.ia64.rpm 5bbffd4ca84004e74398f8894c588c81 libpng-devel-1.2.7-3.el4.ia64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm c652c1ce02a6a9146be030d915f824c2 libpng10-1.0.16-3.ia64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 99564ffbb83059b484e127e1db4fe78c libpng10-debuginfo-1.0.16-3.ia64.rpm 698127bee4d93807fbe1791276b08a14 libpng10-devel-1.0.16-3.ia64.rpm x86_64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 64795eb8ff4d7fe52f1c0a0d286c4b32 libpng-1.2.7-3.el4.x86_64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 542d4a533fdae7b032b350abd566ab57 libpng-debuginfo-1.2.7-3.el4.x86_64.rpm 1046764762d2e06d727c8a45a375ad86 libpng-devel-1.2.7-3.el4.x86_64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 47f6bf747e4bffed5cc59102ad179f2e libpng10-1.0.16-3.x86_64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 0b229bd11e089a33010fc45231f92ccc libpng10-debuginfo-1.0.16-3.x86_64.rpm 79f777f2e31a98a4806788698db38443 libpng10-devel-1.0.16-3.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libpng-1.2.7-3.el4.src.rpm 8ef67fad14ca5c1f9dce4449b1e191d3 libpng-1.2.7-3.el4.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libpng10-1.0.16-3.src.rpm f16552850fb887ee8a1a9e3a332d3c63 libpng10-1.0.16-3.src.rpm i386: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 4a4945468b83135d1e5652b70a838304 libpng-devel-1.2.7-3.el4.i386.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 2115b79e6f2f01fb21ff2dc856374c1a libpng10-devel-1.0.16-3.i386.rpm ia64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 2051c01b83415587fc810994420f0227 libpng-1.2.7-3.el4.ia64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 589e35af9ee426167d4659cc3e752d65 libpng-debuginfo-1.2.7-3.el4.ia64.rpm 5bbffd4ca84004e74398f8894c588c81 libpng-devel-1.2.7-3.el4.ia64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm c652c1ce02a6a9146be030d915f824c2 libpng10-1.0.16-3.ia64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 99564ffbb83059b484e127e1db4fe78c libpng10-debuginfo-1.0.16-3.ia64.rpm 698127bee4d93807fbe1791276b08a14 libpng10-devel-1.0.16-3.ia64.rpm x86_64: 2091755092c118169b1c73477f7aca98 libpng-1.2.7-3.el4.i386.rpm 64795eb8ff4d7fe52f1c0a0d286c4b32 libpng-1.2.7-3.el4.x86_64.rpm 8f04ec6b9b5409a952a92ef581be7599 libpng-debuginfo-1.2.7-3.el4.i386.rpm 542d4a533fdae7b032b350abd566ab57 libpng-debuginfo-1.2.7-3.el4.x86_64.rpm 1046764762d2e06d727c8a45a375ad86 libpng-devel-1.2.7-3.el4.x86_64.rpm c5fe38e12bb83cf3e2a6b14d21933f94 libpng10-1.0.16-3.i386.rpm 47f6bf747e4bffed5cc59102ad179f2e libpng10-1.0.16-3.x86_64.rpm 65aa2f4a9af05a9d77fa62010b59eb3b libpng10-debuginfo-1.0.16-3.i386.rpm 0b229bd11e089a33010fc45231f92ccc libpng10-debuginfo-1.0.16-3.x86_64.rpm 79f777f2e31a98a4806788698db38443 libpng10-devel-1.0.16-3.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libpng-1.2.10-7.0.2.src.rpm 6847a840a8b5af3c3be05bd2d7fa794d libpng-1.2.10-7.0.2.src.rpm i386: 35de4b9feba917c3884ba05fac436e3c libpng-1.2.10-7.0.2.i386.rpm f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm x86_64: 35de4b9feba917c3884ba05fac436e3c libpng-1.2.10-7.0.2.i386.rpm 6f9c2dcf576f4244a3f8460b8e687c5b libpng-1.2.10-7.0.2.x86_64.rpm f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 8e9d7abc64a05f1153c908bdf9a6e631 libpng-debuginfo-1.2.10-7.0.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libpng-1.2.10-7.0.2.src.rpm 6847a840a8b5af3c3be05bd2d7fa794d libpng-1.2.10-7.0.2.src.rpm i386: f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 60f7db7d67d26ce36d6c609b8fa8436a libpng-devel-1.2.10-7.0.2.i386.rpm x86_64: f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 8e9d7abc64a05f1153c908bdf9a6e631 libpng-debuginfo-1.2.10-7.0.2.x86_64.rpm 60f7db7d67d26ce36d6c609b8fa8436a libpng-devel-1.2.10-7.0.2.i386.rpm bd96dc32b7b7e9ef516a80ad136483d5 libpng-devel-1.2.10-7.0.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libpng-1.2.10-7.0.2.src.rpm 6847a840a8b5af3c3be05bd2d7fa794d libpng-1.2.10-7.0.2.src.rpm i386: 35de4b9feba917c3884ba05fac436e3c libpng-1.2.10-7.0.2.i386.rpm f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 60f7db7d67d26ce36d6c609b8fa8436a libpng-devel-1.2.10-7.0.2.i386.rpm ia64: 35de4b9feba917c3884ba05fac436e3c libpng-1.2.10-7.0.2.i386.rpm 8171b221cea21ca901e9c8e694f5dae8 libpng-1.2.10-7.0.2.ia64.rpm f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 445333327acfa4bee03afcdaeea2658a libpng-debuginfo-1.2.10-7.0.2.ia64.rpm cea22cdacb80be44f1bfc985b1b9ba7a libpng-devel-1.2.10-7.0.2.ia64.rpm ppc: d2146b45ce3434b0af869691514df5e9 libpng-1.2.10-7.0.2.ppc.rpm 8378061d0c82171486795769ecf9f2df libpng-1.2.10-7.0.2.ppc64.rpm 66764b533533267a1cc1d24249f46077 libpng-debuginfo-1.2.10-7.0.2.ppc.rpm d804aa63983d5afc2d2d360fec73c4e2 libpng-debuginfo-1.2.10-7.0.2.ppc64.rpm f1be6e8c8ff46c9d7a46b3e0342af679 libpng-devel-1.2.10-7.0.2.ppc.rpm 7c4885b59ce78db55ee21aaa7c91412b libpng-devel-1.2.10-7.0.2.ppc64.rpm s390x: acb8893c577fcb4ea3e7a813c4728493 libpng-1.2.10-7.0.2.s390.rpm ae2a395e9b5c1c1fcd0ee51c6a11cd5c libpng-1.2.10-7.0.2.s390x.rpm faf0f86f31a5dd2801e407af61bd7fb9 libpng-debuginfo-1.2.10-7.0.2.s390.rpm 9e54a3931966b106acc166fcd1fbd7ff libpng-debuginfo-1.2.10-7.0.2.s390x.rpm fe2bf8a2c3b7dde353f8c6892afa62ac libpng-devel-1.2.10-7.0.2.s390.rpm 21856a7728dee356068f53b5a032ac5b libpng-devel-1.2.10-7.0.2.s390x.rpm x86_64: 35de4b9feba917c3884ba05fac436e3c libpng-1.2.10-7.0.2.i386.rpm 6f9c2dcf576f4244a3f8460b8e687c5b libpng-1.2.10-7.0.2.x86_64.rpm f66d7b267045477a7fd165855f1e247d libpng-debuginfo-1.2.10-7.0.2.i386.rpm 8e9d7abc64a05f1153c908bdf9a6e631 libpng-debuginfo-1.2.10-7.0.2.x86_64.rpm 60f7db7d67d26ce36d6c609b8fa8436a libpng-devel-1.2.10-7.0.2.i386.rpm bd96dc32b7b7e9ef516a80ad136483d5 libpng-devel-1.2.10-7.0.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2445 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGTM06XlSAg2UNWIIRAlV9AJwI/+RE5A++fIed2oiguslnRzoumwCbB5Y3 OOQ2ZjO+31F/Vqu/23QhN1U= =DFKK -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 21 13:02:53 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 May 2007 09:02:53 -0400 Subject: [RHSA-2007:0343-01] Moderate: gimp security update Message-ID: <200705211302.l4LD2rrl018416@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: gimp security update Advisory ID: RHSA-2007:0343-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0343.html Issue date: 2007-05-21 Updated on: 2007-05-21 Product: Red Hat Enterprise Linux Keywords: Sun, RAS, stack, buffer, overflow CVE Names: CVE-2007-2356 - --------------------------------------------------------------------- 1. Summary: Updated gimp packages that fix a security issue are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The GIMP (GNU Image Manipulation Program) is an image composition and editing program. Marsu discovered a stack overflow bug in The GIMP RAS file loader. An attacker could create a carefully crafted file that could cause The GIMP to crash or possibly execute arbitrary code if the file was opened by a victim. (CVE-2007-2356) For users of Red Hat Enterprise Linux 5, the previous GIMP packages had a bug that concerned the execution order in which the symbolic links to externally packaged GIMP plugins are installed and removed, causing the symbolic links to vanish when the package is updated. Users of The GIMP should update to these erratum packages which contain a backported fix to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Although the execution order problem in GIMP packages for Red Hat Enterprise Linux 5 is fixed in these erratum packages, due to the nature of the problem it will show up once more when updating from an affected version to a fixed version. To add these symbolic links back in, run the following command after installation of the new packages: /usr/sbin/gimp-plugin-mgr --install \* 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238420 - CVE-2007-2356 Stack overflow in gimp's sunras plugin 238993 - gimp removes symlinks to plugins of other packages when updated 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/gimp-1.2.1-7.1.el2_1.src.rpm 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm ia64: fc15f6e273fb791a40ab4e64557d7c1c gimp-1.2.1-7.1.el2_1.ia64.rpm 76dfffc225267384c67756294e8b2207 gimp-devel-1.2.1-7.1.el2_1.ia64.rpm c061d995de3763ebf204d545da5f62e6 gimp-perl-1.2.1-7.1.el2_1.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/gimp-1.2.1-7.1.el2_1.src.rpm 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm ia64: fc15f6e273fb791a40ab4e64557d7c1c gimp-1.2.1-7.1.el2_1.ia64.rpm 76dfffc225267384c67756294e8b2207 gimp-devel-1.2.1-7.1.el2_1.ia64.rpm c061d995de3763ebf204d545da5f62e6 gimp-perl-1.2.1-7.1.el2_1.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/gimp-1.2.1-7.1.el2_1.src.rpm 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/gimp-1.2.1-7.1.el2_1.src.rpm 966ae56338f272be563b650ace728cd1 gimp-1.2.1-7.1.el2_1.src.rpm i386: 0b65888aa3c498a434942b4f8f8b66f7 gimp-1.2.1-7.1.el2_1.i386.rpm e408d4dd9aae74e59ba89a6081062cde gimp-devel-1.2.1-7.1.el2_1.i386.rpm 04e2f5318d9e3ef99cdcf87d32e5743b gimp-perl-1.2.1-7.1.el2_1.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/gimp-1.2.3-20.3.el3.src.rpm 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm ppc: 179c7307b0bc9cc42b10de3c9211309b gimp-1.2.3-20.3.el3.ppc.rpm 993aaad3f148727db4dd22f35da7d1e5 gimp-devel-1.2.3-20.3.el3.ppc.rpm 0d98a0ab9eb2f68142596772fd2f8327 gimp-perl-1.2.3-20.3.el3.ppc.rpm s390: 82a0933ce95a8e482f07a759c0de8a3e gimp-1.2.3-20.3.el3.s390.rpm e1adf4e8d04181f9c6d1faa12788fac1 gimp-devel-1.2.3-20.3.el3.s390.rpm dd3c3fc0b295595507d8c8db00ffdd40 gimp-perl-1.2.3-20.3.el3.s390.rpm s390x: 01ac5181771dd81fd88378722a6761b1 gimp-1.2.3-20.3.el3.s390x.rpm cf212f9c88c83f584097d605a2a15695 gimp-devel-1.2.3-20.3.el3.s390x.rpm 795508a2557affb14131c4330e4aeb3d gimp-perl-1.2.3-20.3.el3.s390x.rpm x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/gimp-1.2.3-20.3.el3.src.rpm 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/gimp-1.2.3-20.3.el3.src.rpm 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/gimp-1.2.3-20.3.el3.src.rpm 628a5da1aa08808f9cf02a718375b44b gimp-1.2.3-20.3.el3.src.rpm i386: 13140abb55f29c2903ba030a7515ceca gimp-1.2.3-20.3.el3.i386.rpm 00d44401b093381e7fe9f7a7e4fe538b gimp-devel-1.2.3-20.3.el3.i386.rpm 5aaf87d39b48fc1bcc88c284d345fe95 gimp-perl-1.2.3-20.3.el3.i386.rpm ia64: 339b4d9408a6652d1f10d3fd62913f43 gimp-1.2.3-20.3.el3.ia64.rpm 160508261f440049c5b81ed65607c720 gimp-devel-1.2.3-20.3.el3.ia64.rpm fd4cd72ce75c406be79600628e46d23e gimp-perl-1.2.3-20.3.el3.ia64.rpm x86_64: 9eebd91187a8401d2756a788823d0579 gimp-1.2.3-20.3.el3.x86_64.rpm 41677a3d8111c2e3d307d27682536ebe gimp-devel-1.2.3-20.3.el3.x86_64.rpm d64a7bdc6176162af70fbd8828bf4a59 gimp-perl-1.2.3-20.3.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/gimp-2.0.5-6.2.el4.src.rpm c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm ppc: 87c99ee64f7263215efc94f3a83b05ab gimp-2.0.5-6.2.el4.ppc.rpm b65b4f61ad6f9b35da7da7ab967acc7a gimp-debuginfo-2.0.5-6.2.el4.ppc.rpm 6c0ee6f355b56f0b29579b1c63ce7bd0 gimp-devel-2.0.5-6.2.el4.ppc.rpm s390: 8e921086dcc89637a7354275d0840f76 gimp-2.0.5-6.2.el4.s390.rpm 7a3dc1731478a28bdd55097199a7b8c3 gimp-debuginfo-2.0.5-6.2.el4.s390.rpm eec02110fa45ca82545e6c7f85d3b035 gimp-devel-2.0.5-6.2.el4.s390.rpm s390x: 1a5c29254802f52fdf8ae5013ebb108f gimp-2.0.5-6.2.el4.s390x.rpm 2c0adb5e806fb2bed676df740002b946 gimp-debuginfo-2.0.5-6.2.el4.s390x.rpm 605af1137f9615cd88e29a6269318946 gimp-devel-2.0.5-6.2.el4.s390x.rpm x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/gimp-2.0.5-6.2.el4.src.rpm c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/gimp-2.0.5-6.2.el4.src.rpm c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/gimp-2.0.5-6.2.el4.src.rpm c2d079b69ba7d801722f1dba2e8aa702 gimp-2.0.5-6.2.el4.src.rpm i386: 17bf32b584894c88e0533a3174a337cc gimp-2.0.5-6.2.el4.i386.rpm 09b8904b0105f00f97631d3796a1f11e gimp-debuginfo-2.0.5-6.2.el4.i386.rpm 79e75155d8ff7178220f4b7864ab7c2f gimp-devel-2.0.5-6.2.el4.i386.rpm ia64: 9fea9f68af78aa7cf583afde155f1c7f gimp-2.0.5-6.2.el4.ia64.rpm c718157fc4aafd6d31e3bbd51d965620 gimp-debuginfo-2.0.5-6.2.el4.ia64.rpm 27d0ed385ec4a2e3e909fd3ddf5eb569 gimp-devel-2.0.5-6.2.el4.ia64.rpm x86_64: a6cf7ee69ae6d356e74afc272dc63a5c gimp-2.0.5-6.2.el4.x86_64.rpm 8b5a416e565136a7790b79e45d39fe48 gimp-debuginfo-2.0.5-6.2.el4.x86_64.rpm 40652baa1aff3c0efb7f926e681f0e05 gimp-devel-2.0.5-6.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gimp-2.2.13-2.el5.src.rpm 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm i386: 4c1b0b02ec6428aada52013cf05d29ef gimp-2.2.13-2.el5.i386.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm x86_64: 3156ef0de40c15fd2c25c2b0953d0229 gimp-2.2.13-2.el5.x86_64.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm 1b919169721eacfa8e2c0cfed85d2156 gimp-libs-2.2.13-2.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/gimp-2.2.13-2.el5.src.rpm 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm i386: 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm x86_64: 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 8c7c94f6807b3285199b1b8cd0f36b9a gimp-devel-2.2.13-2.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/gimp-2.2.13-2.el5.src.rpm 3aff337157820bf5faa7c31760c04ed5 gimp-2.2.13-2.el5.src.rpm i386: 4c1b0b02ec6428aada52013cf05d29ef gimp-2.2.13-2.el5.i386.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm ia64: 2d675c2e14fd63cd4f6e905b9bf43bea gimp-2.2.13-2.el5.ia64.rpm faaaf9c9ef8170fa53622b306dfc6ee1 gimp-debuginfo-2.2.13-2.el5.ia64.rpm 67e29ec03af2e11ff14abc2b431c4b1f gimp-devel-2.2.13-2.el5.ia64.rpm 25decd1e09041303865465183340e152 gimp-libs-2.2.13-2.el5.ia64.rpm ppc: e9ab4fee6740062ec93ddd700f60cdd8 gimp-2.2.13-2.el5.ppc.rpm ecf5681bbff643f793a19f0e7d484a6d gimp-debuginfo-2.2.13-2.el5.ppc.rpm e5443537d52eff22c417fcb70ba8be83 gimp-debuginfo-2.2.13-2.el5.ppc64.rpm b0a8fcaa207c0ae08dea9cb32fe0e741 gimp-devel-2.2.13-2.el5.ppc.rpm 4a2478d4fc5883a437aa61dee3814235 gimp-devel-2.2.13-2.el5.ppc64.rpm ce0ec287ccfcf0c649b26cbfb56a44d2 gimp-libs-2.2.13-2.el5.ppc.rpm 6431b4ad67303429111d738f474656b3 gimp-libs-2.2.13-2.el5.ppc64.rpm s390x: fb75c32f23593f270257e800d1da4466 gimp-2.2.13-2.el5.s390x.rpm 3f8295a5c93c4a7b5d9f5b22c43c8c70 gimp-debuginfo-2.2.13-2.el5.s390.rpm de605de5302415b3e162038a09e0482a gimp-debuginfo-2.2.13-2.el5.s390x.rpm e438b01aece2f6431f2f896becec188c gimp-devel-2.2.13-2.el5.s390.rpm 1e2ffeb7d4218aa0ccd20cd40a3a61f2 gimp-devel-2.2.13-2.el5.s390x.rpm f408afe8501bd1c1a4cf58a5e9d8116b gimp-libs-2.2.13-2.el5.s390.rpm a0c438772547eb9a6671af35da6a23f4 gimp-libs-2.2.13-2.el5.s390x.rpm x86_64: 3156ef0de40c15fd2c25c2b0953d0229 gimp-2.2.13-2.el5.x86_64.rpm 0a83e5c7ba24e7c23ac36f1afd70bf4a gimp-debuginfo-2.2.13-2.el5.i386.rpm 2efecf64bb603936ccf7ea15e4445682 gimp-debuginfo-2.2.13-2.el5.x86_64.rpm 6dc9224fa3ffb16f222000a06949c2a1 gimp-devel-2.2.13-2.el5.i386.rpm 8c7c94f6807b3285199b1b8cd0f36b9a gimp-devel-2.2.13-2.el5.x86_64.rpm 5567e2d201941af307f0f17c227dea51 gimp-libs-2.2.13-2.el5.i386.rpm 1b919169721eacfa8e2c0cfed85d2156 gimp-libs-2.2.13-2.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGUZh6XlSAg2UNWIIRAuFhAJ97tGCXalnzSPufa3mcXjS3JLEvJQCgp/Ck c298G3tNd85ZVKhfk/FFKS0= =dC2F -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon May 21 13:06:52 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 May 2007 09:06:52 -0400 Subject: [RHSA-2007:0326-01] Important: tomcat security update Message-ID: <200705211306.l4LD6q1i019050@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2007:0326-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0326.html Issue date: 2007-05-21 Updated on: 2007-05-21 Product: Red Hat Application Server CVE Names: CVE-2005-2090 CVE-2006-3835 CVE-2006-7195 CVE-2006-7196 CVE-2007-0450 CVE-2007-1858 - --------------------------------------------------------------------- 1. Summary: Updated tomcat packages that fix multiple security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - noarch Red Hat Application Server v2 4ES - noarch Red Hat Application Server v2 4WS - noarch 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) Several applications distributed in the JSP examples displayed unfiltered values. If the JSP examples are accessible, these flaws could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195, CVE-2006-7196) The default Tomcat configuration permitted the use of insecure SSL cipher suites including the anonymous cipher suite. (CVE-2007-1858) Directory listings were enabled by default in Tomcat. Information stored unprotected under the document root was visible to anyone if the administrator did not disable directory listings. (CVE-2006-3835) Users should upgrade to these erratum packages which contain Tomcat version 5.5.23 that resolves these issues. Updated jakarta-commons-modeler packages are also included which correct a bug when used with Tomcat 5.5.23. 4. Solution: Note: /etc/tomcat5/web.xml has been updated to disable directory listing by default. If you have previously modified /etc/tomcat5/web.xml, this change will not be made automatically and you should manually update the value for the "listings" parameter to "false". Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237086 - CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195 CVE-2006-7196 CVE-2007-1858 CVE-2006-3835) 6. RPMs required: Red Hat Application Server v2 4AS: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm b3162bbdc2d76355fea5ba90a3f987f7 jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.3.src.rpm b5e689ee390bc378661aede8bd4def71 tomcat5-5.5.23-0jpp_4rh.3.src.rpm noarch: dbca75f8d8c4e5a2142c230507341a6d jakarta-commons-modeler-2.0-3jpp_2rh.noarch.rpm 6464c3c937b11f2aabe8b5cd67df6d0d jakarta-commons-modeler-javadoc-2.0-3jpp_2rh.noarch.rpm a4f0c8dcb53eab2a1f7a2abd4b0f8388 tomcat5-5.5.23-0jpp_4rh.3.noarch.rpm 1038694e26ecbd63e22f639e5c47b293 tomcat5-admin-webapps-5.5.23-0jpp_4rh.3.noarch.rpm 801d37609d0870fadf068807ea69b5f4 tomcat5-common-lib-5.5.23-0jpp_4rh.3.noarch.rpm a07efbad621c4dff32d8c7a6bf070b35 tomcat5-jasper-5.5.23-0jpp_4rh.3.noarch.rpm f6d141890108fad7ceea6d3c565c92f1 tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 50f85dad6dfff70b1cdece862c0ea971 tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.3.noarch.rpm 560bd117cee92b53a5aadbe1fb80d8a3 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 326d74348a7f5320380f50d232781d01 tomcat5-server-lib-5.5.23-0jpp_4rh.3.noarch.rpm 945a8fb45fe416166412a1b9907131e7 tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.3.noarch.rpm 361e84d28cd9a2c9f4e68814d6c36863 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 9b2a4efb1fa46f11923b51acb58afd04 tomcat5-webapps-5.5.23-0jpp_4rh.3.noarch.rpm Red Hat Application Server v2 4ES: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHAPS/SRPMS/jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm b3162bbdc2d76355fea5ba90a3f987f7 jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.3.src.rpm b5e689ee390bc378661aede8bd4def71 tomcat5-5.5.23-0jpp_4rh.3.src.rpm noarch: dbca75f8d8c4e5a2142c230507341a6d jakarta-commons-modeler-2.0-3jpp_2rh.noarch.rpm 6464c3c937b11f2aabe8b5cd67df6d0d jakarta-commons-modeler-javadoc-2.0-3jpp_2rh.noarch.rpm a4f0c8dcb53eab2a1f7a2abd4b0f8388 tomcat5-5.5.23-0jpp_4rh.3.noarch.rpm 1038694e26ecbd63e22f639e5c47b293 tomcat5-admin-webapps-5.5.23-0jpp_4rh.3.noarch.rpm 801d37609d0870fadf068807ea69b5f4 tomcat5-common-lib-5.5.23-0jpp_4rh.3.noarch.rpm a07efbad621c4dff32d8c7a6bf070b35 tomcat5-jasper-5.5.23-0jpp_4rh.3.noarch.rpm f6d141890108fad7ceea6d3c565c92f1 tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 50f85dad6dfff70b1cdece862c0ea971 tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.3.noarch.rpm 560bd117cee92b53a5aadbe1fb80d8a3 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 326d74348a7f5320380f50d232781d01 tomcat5-server-lib-5.5.23-0jpp_4rh.3.noarch.rpm 945a8fb45fe416166412a1b9907131e7 tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.3.noarch.rpm 361e84d28cd9a2c9f4e68814d6c36863 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 9b2a4efb1fa46f11923b51acb58afd04 tomcat5-webapps-5.5.23-0jpp_4rh.3.noarch.rpm Red Hat Application Server v2 4WS: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/RHAPS/SRPMS/jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm b3162bbdc2d76355fea5ba90a3f987f7 jakarta-commons-modeler-2.0-3jpp_2rh.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.3.src.rpm b5e689ee390bc378661aede8bd4def71 tomcat5-5.5.23-0jpp_4rh.3.src.rpm noarch: dbca75f8d8c4e5a2142c230507341a6d jakarta-commons-modeler-2.0-3jpp_2rh.noarch.rpm 6464c3c937b11f2aabe8b5cd67df6d0d jakarta-commons-modeler-javadoc-2.0-3jpp_2rh.noarch.rpm a4f0c8dcb53eab2a1f7a2abd4b0f8388 tomcat5-5.5.23-0jpp_4rh.3.noarch.rpm 1038694e26ecbd63e22f639e5c47b293 tomcat5-admin-webapps-5.5.23-0jpp_4rh.3.noarch.rpm 801d37609d0870fadf068807ea69b5f4 tomcat5-common-lib-5.5.23-0jpp_4rh.3.noarch.rpm a07efbad621c4dff32d8c7a6bf070b35 tomcat5-jasper-5.5.23-0jpp_4rh.3.noarch.rpm f6d141890108fad7ceea6d3c565c92f1 tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 50f85dad6dfff70b1cdece862c0ea971 tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.3.noarch.rpm 560bd117cee92b53a5aadbe1fb80d8a3 tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 326d74348a7f5320380f50d232781d01 tomcat5-server-lib-5.5.23-0jpp_4rh.3.noarch.rpm 945a8fb45fe416166412a1b9907131e7 tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.3.noarch.rpm 361e84d28cd9a2c9f4e68814d6c36863 tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.3.noarch.rpm 9b2a4efb1fa46f11923b51acb58afd04 tomcat5-webapps-5.5.23-0jpp_4rh.3.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7196 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1858 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGUZloXlSAg2UNWIIRArn9AJ9tBK4eJIU5fqD56MHKjvai7us4FwCeJWi0 qjzpox+qO8izWvnhHU4jquA= =IkyX -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 24 09:48:14 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 May 2007 05:48:14 -0400 Subject: [RHSA-2007:0328-01] Important: tomcat security update Message-ID: <200705240948.l4O9mEMu003355@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2007:0328-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0328.html Issue date: 2007-05-24 Updated on: 2007-05-24 Product: Red Hat Developer Suite v.3 CVE Names: CVE-2005-2090 CVE-2006-7195 CVE-2007-0450 - --------------------------------------------------------------------- 1. Summary: Updated tomcat packages that fix multiple security issues and a bug are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Developer Suite v.3 (AS v.4) - noarch Red Hat Developer Suite v.3 (ES v.4) - noarch Red Hat Developer Suite v.3 (WS v.4) - noarch 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) The implict-objects.jsp file distributed in the examples webapp displayed a number of unfiltered header values. If the JSP examples are accessible, this flaw could allow a remote attacker to perform cross-site scripting attacks. (CVE-2006-7195) Updated jakarta-commons-modeler packages which correct a bug when used with Tomcat 5.5.23 are also included. Users should upgrade to these erratum packages which contain an update to Tomcat that resolves these issues. 4. Solution: Note: /etc/tomcat5/web.xml has been updated to disable directory listing by default. If you have previously modified /etc/tomcat5/web.xml, this change will not be made automatically and you should manually update the value for the "listings" parameter to "false". Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237109 - CVE-2005-2090 multiple tomcat issues (CVE-2007-0450 CVE-2006-7195) 6. RPMs required: Red Hat Developer Suite v.3 (AS v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS-DS3/en/os/SRPMS/jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm 4222be2605c1611c0fa35dbb6bd6e4f0 jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm ftp://updates.redhat.com/enterprise/4AS-DS3/en/os/SRPMS/tomcat5-5.5.23-0jpp_6rh.src.rpm a5dd8945b03a8c0c95db79d58fbd3ca7 tomcat5-5.5.23-0jpp_6rh.src.rpm noarch: 9390a4076d922b0de9560187e83a6f82 jakarta-commons-modeler-2.0-3jpp_3rh.noarch.rpm a65422af787444bc997f561246e94348 tomcat5-5.5.23-0jpp_6rh.noarch.rpm bfac8a20f267cf60b508bd3097827d3f tomcat5-common-lib-5.5.23-0jpp_6rh.noarch.rpm 612d61b93903cfff32be17dc7faa733b tomcat5-jasper-5.5.23-0jpp_6rh.noarch.rpm 6ad168cda6379b7c6c0348eb1fc6a52e tomcat5-jsp-2.0-api-5.5.23-0jpp_6rh.noarch.rpm 41b2143aafc7986f8d7ae7b84eca9411 tomcat5-server-lib-5.5.23-0jpp_6rh.noarch.rpm cf311e6fc560319b3581e6a1b80c81a6 tomcat5-servlet-2.4-api-5.5.23-0jpp_6rh.noarch.rpm Red Hat Developer Suite v.3 (ES v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES-DS3/en/os/SRPMS/jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm 4222be2605c1611c0fa35dbb6bd6e4f0 jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm ftp://updates.redhat.com/enterprise/4ES-DS3/en/os/SRPMS/tomcat5-5.5.23-0jpp_6rh.src.rpm a5dd8945b03a8c0c95db79d58fbd3ca7 tomcat5-5.5.23-0jpp_6rh.src.rpm noarch: 9390a4076d922b0de9560187e83a6f82 jakarta-commons-modeler-2.0-3jpp_3rh.noarch.rpm a65422af787444bc997f561246e94348 tomcat5-5.5.23-0jpp_6rh.noarch.rpm bfac8a20f267cf60b508bd3097827d3f tomcat5-common-lib-5.5.23-0jpp_6rh.noarch.rpm 612d61b93903cfff32be17dc7faa733b tomcat5-jasper-5.5.23-0jpp_6rh.noarch.rpm 6ad168cda6379b7c6c0348eb1fc6a52e tomcat5-jsp-2.0-api-5.5.23-0jpp_6rh.noarch.rpm 41b2143aafc7986f8d7ae7b84eca9411 tomcat5-server-lib-5.5.23-0jpp_6rh.noarch.rpm cf311e6fc560319b3581e6a1b80c81a6 tomcat5-servlet-2.4-api-5.5.23-0jpp_6rh.noarch.rpm Red Hat Developer Suite v.3 (WS v.4): SRPMS: ftp://updates.redhat.com/enterprise/4WS-DS3/en/os/SRPMS/jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm 4222be2605c1611c0fa35dbb6bd6e4f0 jakarta-commons-modeler-2.0-3jpp_3rh.src.rpm ftp://updates.redhat.com/enterprise/4WS-DS3/en/os/SRPMS/tomcat5-5.5.23-0jpp_6rh.src.rpm a5dd8945b03a8c0c95db79d58fbd3ca7 tomcat5-5.5.23-0jpp_6rh.src.rpm noarch: 9390a4076d922b0de9560187e83a6f82 jakarta-commons-modeler-2.0-3jpp_3rh.noarch.rpm a65422af787444bc997f561246e94348 tomcat5-5.5.23-0jpp_6rh.noarch.rpm bfac8a20f267cf60b508bd3097827d3f tomcat5-common-lib-5.5.23-0jpp_6rh.noarch.rpm 612d61b93903cfff32be17dc7faa733b tomcat5-jasper-5.5.23-0jpp_6rh.noarch.rpm 6ad168cda6379b7c6c0348eb1fc6a52e tomcat5-jsp-2.0-api-5.5.23-0jpp_6rh.noarch.rpm 41b2143aafc7986f8d7ae7b84eca9411 tomcat5-server-lib-5.5.23-0jpp_6rh.noarch.rpm cf311e6fc560319b3581e6a1b80c81a6 tomcat5-servlet-2.4-api-5.5.23-0jpp_6rh.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGVV9IXlSAg2UNWIIRAr+OAKC9WY46qcVevHa4osRazeJheSiNYwCfQcNT fbmCWDnpo3tfk5ddZ+FAxZM= =xxzf -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 24 18:48:50 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 24 May 2007 14:48:50 -0400 Subject: [RHSA-2007:0360-01] Important: jbossas security update Message-ID: <200705241848.l4OImoMl027453@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: jbossas security update Advisory ID: RHSA-2007:0360-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0360.html Issue date: 2007-05-24 Updated on: 2007-05-24 Product: Red Hat Application Stack CVE Names: CVE-2005-2090 CVE-2007-0450 - --------------------------------------------------------------------- 1. Summary: Updated jbossas packages that fix multiple security issues in tomcat are now available for Red Hat Application Stack. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - noarch Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - noarch 3. Problem description: Tomcat is a servlet container for Java Servlet and JavaServer Pages technologies. This update addresses the following issues: Tomcat was found to accept multiple content-length headers in a request. This could allow attackers to poison a web-cache, bypass web application firewall protection, or conduct cross-site scripting attacks. (CVE-2005-2090) Tomcat permitted various characters as path delimiters. If Tomcat was used behind certain proxies and configured to only proxy some contexts, an attacker could construct an HTTP request to work around the context restriction and potentially access non-proxied content. (CVE-2007-0450) Users should upgrade to these erratum packages, which contain an update to jbossas to include a version of Tomcat that resolves these issues. Updated jakarta-commons-modeler packages are also included which correct a bug when used with Tomcat 5.5.23. 4. Solution: Note: /etc/tomcat5/web.xml has been updated to disable directory listing by default. If you have previously modified /etc/tomcat5/web.xml, this change will not be made automatically and you should manually update the value for the "listings" parameter to "false". Note: In response to CVE-2007-0450, JBoss AS considers encoded slashes and backslashes in URLs invalid and its usage will result in HTTP 400 error. It is possible to allow encoded slashes and backslashes by following the steps outlined below, however doing so will expose you to CVE-2007-0450 related attacks: a) If you use the /var/lib/jbossas/bin/run.sh setup, please edit /etc/jbossas/run.conf and append - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true to the string assigned to JAVA_OPTS b) If you use the init script setup to run multiple JBoss AS services and you wish to allow encoding by default on all services, please edit /etc/jbossas/jbossas.conf and add the line JAVA_OPTS="${JAVA_OPTS} - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" c) If you use the init script setup to run multiple JBoss AS services and want to allow encoding of slashes and backslashes for a particular service, please edit /etc/sysconfig/${NAME} (where NAME is the name of your service) and add the line JAVA_OPTS="${JAVA_OPTS} - -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true - -Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 238574 - CVE-2005-2090 multiple tomcat issues (CVE-2007-0450) 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/jbossas-4.0.5-2.CP04.el4s1.2.src.rpm 1b4126e20b4e29398016f8b68cb6cef9 jbossas-4.0.5-2.CP04.el4s1.2.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm 07a3c0fc01b59cce76d0f329358e5ee2 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm noarch: 4b20eab75fad0a8e88eaa87fa720e216 jbossas-4.0.5-2.CP04.el4s1.2.noarch.rpm ad000c590574219c32649e2f7d6475ff jbossas-core-4.0.5-2.CP04.el4s1.2.noarch.rpm 2690014231347df9c2d827f05404f080 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.noarch.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/jbossas-4.0.5-2.CP04.el4s1.2.src.rpm 1b4126e20b4e29398016f8b68cb6cef9 jbossas-4.0.5-2.CP04.el4s1.2.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm 07a3c0fc01b59cce76d0f329358e5ee2 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.src.rpm noarch: 4b20eab75fad0a8e88eaa87fa720e216 jbossas-4.0.5-2.CP04.el4s1.2.noarch.rpm ad000c590574219c32649e2f7d6475ff jbossas-core-4.0.5-2.CP04.el4s1.2.noarch.rpm 2690014231347df9c2d827f05404f080 jbossas-ejb3-1.0.0-0.2.rc9.CP04.el4s1.2.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGVd4PXlSAg2UNWIIRAndLAKCKw2tUsQ9G8I++SC/C5/3XNnZzMACeMdoc ctUM83XVXVuQxbq9CSPD1lk= =VM8S -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 30 09:44:44 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 05:44:44 -0400 Subject: [RHSA-2007:0344-01] Moderate: evolution-data-server security update Message-ID: <200705300944.l4U9iiKX027061@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: evolution-data-server security update Advisory ID: RHSA-2007:0344-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0344.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1558 - --------------------------------------------------------------------- 1. Summary: Updated evolution-data-server package that fixes a security bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The evolution-data-server package provides a unified backend for programs that work with contacts, tasks, and calendar information. A flaw was found in the way evolution-data-server processed certain APOP authentication requests. By sending certain responses when evolution-data-server attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) All users of evolution-data-server should upgrade to these updated packages, which contain a backported patch which resolves this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 235289 - CVE-2007-1558 Evolution APOP information disclosure 6. RPMs required: Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm x86_64: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm x86_64: f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm 89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/evolution-data-server-1.8.0-15.0.3.el5.src.rpm 2dc38ea8fd12a3654ddf4bd36dd3f0c8 evolution-data-server-1.8.0-15.0.3.el5.src.rpm i386: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm ia64: 6ba76e70eb9826231d246797ab6b21c7 evolution-data-server-1.8.0-15.0.3.el5.ia64.rpm da4300ef017ecd2c01853894b47b2e6b evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ia64.rpm 2662f80f6af03a05e2d064b2ace99c24 evolution-data-server-devel-1.8.0-15.0.3.el5.ia64.rpm ppc: 4539079a11bca9401812c12d59ceb6e1 evolution-data-server-1.8.0-15.0.3.el5.ppc.rpm 77b4f4f8897286bc0d10d51e32838572 evolution-data-server-1.8.0-15.0.3.el5.ppc64.rpm 4b37d2c9d8512fda671864484d550833 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc.rpm 28cb1a7aad5d3be6adfe3e09009ddbb5 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.ppc64.rpm 179b33eab82f94e18069641ae5c252aa evolution-data-server-devel-1.8.0-15.0.3.el5.ppc.rpm 54367c5a72247c9acc6663e164fe8839 evolution-data-server-devel-1.8.0-15.0.3.el5.ppc64.rpm s390x: e845ec48cdc8df471d5d114a93e21344 evolution-data-server-1.8.0-15.0.3.el5.s390.rpm c0c440eb4ed5dd2d930434a3a92a8461 evolution-data-server-1.8.0-15.0.3.el5.s390x.rpm 1c4626a99ac75f4b68598e1c2c324b6a evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390.rpm e47ff2ee3fc82654354792db8cd458b1 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.s390x.rpm 8d834b7fe2e3c55da02516402f5b5970 evolution-data-server-devel-1.8.0-15.0.3.el5.s390.rpm 88b102e274ed7c5eac65147b3922b567 evolution-data-server-devel-1.8.0-15.0.3.el5.s390x.rpm x86_64: 12a37eee5ad4c2a982eebefd8b2d5686 evolution-data-server-1.8.0-15.0.3.el5.i386.rpm e9049a57a4a46768187c942d09ed18e1 evolution-data-server-1.8.0-15.0.3.el5.x86_64.rpm f763fab632e616cd201ca80e9f54010c evolution-data-server-debuginfo-1.8.0-15.0.3.el5.i386.rpm 7f6536db1f877c1b4f7c741fa0d39205 evolution-data-server-debuginfo-1.8.0-15.0.3.el5.x86_64.rpm 85d93f27c86928de6a3e861f3c9dc68c evolution-data-server-devel-1.8.0-15.0.3.el5.i386.rpm 89bff966c9bec550c442038a2028135c evolution-data-server-devel-1.8.0-15.0.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXUdIXlSAg2UNWIIRAnrDAJ9mWzvojb4apawWjXjflZqJmBn8mgCguT4t VnsUfW5asZrgUagXxmgkENc= =ZOfG -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 30 09:44:57 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 05:44:57 -0400 Subject: [RHSA-2007:0380-01] Important: mod_jk security update Message-ID: <200705300944.l4U9iv8u027066@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mod_jk security update Advisory ID: RHSA-2007:0380-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0380.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Application Server CVE Names: CVE-2007-1860 - --------------------------------------------------------------------- 1. Summary: Updated mod_jk packages that fix a security issue are now available for Red Hat Application Server. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - i386, ia64, ppc, x86_64 Red Hat Application Server v2 4ES - i386, ia64, x86_64 Red Hat Application Server v2 4WS - i386, ia64, x86_64 3. Problem description: mod_jk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP Server 2. Versions of mod_jk before 1.2.23 decoded request URLs by default inside Apache httpd and forwarded the encoded URL to Tomcat, which itself did a second decoding. If Tomcat was used behind mod_jk and configured to only proxy some contexts, an attacker could construct a carefully crafted HTTP request to work around the context restriction and potentially access non-proxied content (CVE-2007-1860). Users of mod_jk should upgrade to these updated packages, which address this issue by changing the default so mod_jk forwards the original unchanged request URL to Tomcat. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237656 - CVE-2007-1860 mod_jk sends decoded URL to tomcat 6. RPMs required: Red Hat Application Server v2 4AS: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/mod_jk-1.2.20-1jpp_2rh.src.rpm 883f1b29d7dee41de447c7aecba31083 mod_jk-1.2.20-1jpp_2rh.src.rpm i386: 6979d0862a4193ecbaedd04e2bb1a5c1 mod_jk-ap20-1.2.20-1jpp_2rh.i386.rpm 81371f24957e332cdaecef9b04b15985 mod_jk-debuginfo-1.2.20-1jpp_2rh.i386.rpm bb67ee0848431760561be4c80492d2f4 mod_jk-manual-1.2.20-1jpp_2rh.i386.rpm ia64: faf0dd1aa5ccfaee3bb67fab4b103fc4 mod_jk-ap20-1.2.20-1jpp_2rh.ia64.rpm 5b8e9c14f7e709c3dbe54826f2ffa65a mod_jk-debuginfo-1.2.20-1jpp_2rh.ia64.rpm 19203b631cc11b55bd85fedae2f1052a mod_jk-manual-1.2.20-1jpp_2rh.ia64.rpm ppc: 2d8b55fd697953d5235c1fbd311d1ad8 mod_jk-ap20-1.2.20-1jpp_2rh.ppc.rpm 97e810560dc2af69ca1bd71a609db7d4 mod_jk-debuginfo-1.2.20-1jpp_2rh.ppc.rpm 2998617c466085bcaea6538727eed4b9 mod_jk-manual-1.2.20-1jpp_2rh.ppc.rpm x86_64: a20898cc285d4b2853833ca7a94a96c6 mod_jk-ap20-1.2.20-1jpp_2rh.x86_64.rpm 6a4bc110c4603e3f89d8e761fb62b15d mod_jk-debuginfo-1.2.20-1jpp_2rh.x86_64.rpm 81d988f6bec1742891a9957f8ee76cd1 mod_jk-manual-1.2.20-1jpp_2rh.x86_64.rpm Red Hat Application Server v2 4ES: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHAPS/SRPMS/mod_jk-1.2.20-1jpp_2rh.src.rpm 883f1b29d7dee41de447c7aecba31083 mod_jk-1.2.20-1jpp_2rh.src.rpm i386: 6979d0862a4193ecbaedd04e2bb1a5c1 mod_jk-ap20-1.2.20-1jpp_2rh.i386.rpm 81371f24957e332cdaecef9b04b15985 mod_jk-debuginfo-1.2.20-1jpp_2rh.i386.rpm bb67ee0848431760561be4c80492d2f4 mod_jk-manual-1.2.20-1jpp_2rh.i386.rpm ia64: faf0dd1aa5ccfaee3bb67fab4b103fc4 mod_jk-ap20-1.2.20-1jpp_2rh.ia64.rpm 5b8e9c14f7e709c3dbe54826f2ffa65a mod_jk-debuginfo-1.2.20-1jpp_2rh.ia64.rpm 19203b631cc11b55bd85fedae2f1052a mod_jk-manual-1.2.20-1jpp_2rh.ia64.rpm x86_64: a20898cc285d4b2853833ca7a94a96c6 mod_jk-ap20-1.2.20-1jpp_2rh.x86_64.rpm 6a4bc110c4603e3f89d8e761fb62b15d mod_jk-debuginfo-1.2.20-1jpp_2rh.x86_64.rpm 81d988f6bec1742891a9957f8ee76cd1 mod_jk-manual-1.2.20-1jpp_2rh.x86_64.rpm Red Hat Application Server v2 4WS: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/RHAPS/SRPMS/mod_jk-1.2.20-1jpp_2rh.src.rpm 883f1b29d7dee41de447c7aecba31083 mod_jk-1.2.20-1jpp_2rh.src.rpm i386: 6979d0862a4193ecbaedd04e2bb1a5c1 mod_jk-ap20-1.2.20-1jpp_2rh.i386.rpm 81371f24957e332cdaecef9b04b15985 mod_jk-debuginfo-1.2.20-1jpp_2rh.i386.rpm bb67ee0848431760561be4c80492d2f4 mod_jk-manual-1.2.20-1jpp_2rh.i386.rpm ia64: faf0dd1aa5ccfaee3bb67fab4b103fc4 mod_jk-ap20-1.2.20-1jpp_2rh.ia64.rpm 5b8e9c14f7e709c3dbe54826f2ffa65a mod_jk-debuginfo-1.2.20-1jpp_2rh.ia64.rpm 19203b631cc11b55bd85fedae2f1052a mod_jk-manual-1.2.20-1jpp_2rh.ia64.rpm x86_64: a20898cc285d4b2853833ca7a94a96c6 mod_jk-ap20-1.2.20-1jpp_2rh.x86_64.rpm 6a4bc110c4603e3f89d8e761fb62b15d mod_jk-debuginfo-1.2.20-1jpp_2rh.x86_64.rpm 81d988f6bec1742891a9957f8ee76cd1 mod_jk-manual-1.2.20-1jpp_2rh.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXUeUXlSAg2UNWIIRAhUxAJ9StONpn70HoNCR5fGfyHyAX9WciACgituB rtw5NX38vF5C8gn9/Mp+Nvk= =5ha6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 30 09:45:12 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 05:45:12 -0400 Subject: [RHSA-2007:0389-01] Moderate: quagga security update Message-ID: <200705300945.l4U9jCca027518@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: quagga security update Advisory ID: RHSA-2007:0389-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0389.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1995 - --------------------------------------------------------------------- 1. Summary: An updated quagga package that fixes a security bug is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Quagga is a TCP/IP based routing software suite. An out of bounds memory read flaw was discovered in Quagga's bgpd. A configured peer of bgpd could cause Quagga to crash, leading to a denial of service (CVE-2007-1995). All users of Quagga should upgrade to this updated package, which contains a backported patch to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 240478 - CVE-2007-1995 Quagga bgpd DoS 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/quagga-0.96.2-12.3E.src.rpm 9b2a9057527aa3fac2e42e575023e435 quagga-0.96.2-12.3E.src.rpm i386: 230805b62ca30d07e14e67d635335148 quagga-0.96.2-12.3E.i386.rpm e43ec7d9246983e33fcad237fb5eb738 quagga-debuginfo-0.96.2-12.3E.i386.rpm ia64: 1e209b51d480b4312d1c585b5ec8f806 quagga-0.96.2-12.3E.ia64.rpm 452536040bbf783cf45e531f22a88bbf quagga-debuginfo-0.96.2-12.3E.ia64.rpm ppc: cc0d299da2e87780b0d4f5b7b9b053a5 quagga-0.96.2-12.3E.ppc.rpm 914487e998ff27d0213eb57492cf1435 quagga-debuginfo-0.96.2-12.3E.ppc.rpm s390: 0103fdf597ee9156c92858450e1f820d quagga-0.96.2-12.3E.s390.rpm c067ad4c5d82e4fde6dda34698220f3f quagga-debuginfo-0.96.2-12.3E.s390.rpm s390x: 19819ab069fea8e5e8019d0ff3c74296 quagga-0.96.2-12.3E.s390x.rpm 599706390e212af1b4f23ef765327afc quagga-debuginfo-0.96.2-12.3E.s390x.rpm x86_64: dcb34f4e0fbb6cbab45f2ea206881bde quagga-0.96.2-12.3E.x86_64.rpm a26ddbde178a71d57b6690a8bafcf2af quagga-debuginfo-0.96.2-12.3E.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/quagga-0.96.2-12.3E.src.rpm 9b2a9057527aa3fac2e42e575023e435 quagga-0.96.2-12.3E.src.rpm i386: 230805b62ca30d07e14e67d635335148 quagga-0.96.2-12.3E.i386.rpm e43ec7d9246983e33fcad237fb5eb738 quagga-debuginfo-0.96.2-12.3E.i386.rpm ia64: 1e209b51d480b4312d1c585b5ec8f806 quagga-0.96.2-12.3E.ia64.rpm 452536040bbf783cf45e531f22a88bbf quagga-debuginfo-0.96.2-12.3E.ia64.rpm x86_64: dcb34f4e0fbb6cbab45f2ea206881bde quagga-0.96.2-12.3E.x86_64.rpm a26ddbde178a71d57b6690a8bafcf2af quagga-debuginfo-0.96.2-12.3E.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/quagga-0.98.3-2.4.0.1.el4.src.rpm ba9b0798eb3bf412215607748ee78a93 quagga-0.98.3-2.4.0.1.el4.src.rpm i386: 7b4963d0556e751fab31a88aa97c0d91 quagga-0.98.3-2.4.0.1.el4.i386.rpm 8087fd89788ca76f61346afac21a5c57 quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm 4eeffa21812e5e1d623feed4b90c3ac6 quagga-debuginfo-0.98.3-2.4.0.1.el4.i386.rpm 98d12683e69ed1746a069cab3ed2ab8c quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm ia64: 14d81325a5114e26f3646896cde2130e quagga-0.98.3-2.4.0.1.el4.ia64.rpm c37ccff3374018a0dde3dcf6bc61dde2 quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm 747bd329a71f8c123ff45879ffe02135 quagga-debuginfo-0.98.3-2.4.0.1.el4.ia64.rpm 2b0fff551fa4e804af9c25030b90754c quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm ppc: 3af09cc9f302463afc09f96119a1f7b2 quagga-0.98.3-2.4.0.1.el4.ppc.rpm 66c6c8307e1dbfc3cf398c87d02f7e00 quagga-contrib-0.98.3-2.4.0.1.el4.ppc.rpm 7c91d56dce50c0cd18266b10a5000e9c quagga-debuginfo-0.98.3-2.4.0.1.el4.ppc.rpm 46ddd45a20bf8e15c2dba2a6a6731c67 quagga-devel-0.98.3-2.4.0.1.el4.ppc.rpm s390: 6b96e228ff8653fb48ce1b8be30840de quagga-0.98.3-2.4.0.1.el4.s390.rpm 4467a1635138391d6a53d504c6ece04f quagga-contrib-0.98.3-2.4.0.1.el4.s390.rpm d1ca6f9507e15f5d55bd90c6dcdebb10 quagga-debuginfo-0.98.3-2.4.0.1.el4.s390.rpm a28f266e2dd63271abdc1c4668f9792d quagga-devel-0.98.3-2.4.0.1.el4.s390.rpm s390x: b035e5d101ba52f6e4443ad54f4b1623 quagga-0.98.3-2.4.0.1.el4.s390x.rpm a2a88f9ab14a878c6afcda99eebb497e quagga-contrib-0.98.3-2.4.0.1.el4.s390x.rpm a8551ab4a3d1e8192f31665f3b26f689 quagga-debuginfo-0.98.3-2.4.0.1.el4.s390x.rpm 1d7a63a44e1e448accbbeae44df09e88 quagga-devel-0.98.3-2.4.0.1.el4.s390x.rpm x86_64: 77a22492b6a89183c6a9f11404efbebe quagga-0.98.3-2.4.0.1.el4.x86_64.rpm 8cbfe6680c938fdd4523cd4ff9aa73d6 quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm c09d4027adce2d5c34b1d35a919255ea quagga-debuginfo-0.98.3-2.4.0.1.el4.x86_64.rpm 2560f6a1a5d3fae597fd6d89ba6c978d quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/quagga-0.98.3-2.4.0.1.el4.src.rpm ba9b0798eb3bf412215607748ee78a93 quagga-0.98.3-2.4.0.1.el4.src.rpm i386: 7b4963d0556e751fab31a88aa97c0d91 quagga-0.98.3-2.4.0.1.el4.i386.rpm 8087fd89788ca76f61346afac21a5c57 quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm 4eeffa21812e5e1d623feed4b90c3ac6 quagga-debuginfo-0.98.3-2.4.0.1.el4.i386.rpm 98d12683e69ed1746a069cab3ed2ab8c quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm x86_64: 77a22492b6a89183c6a9f11404efbebe quagga-0.98.3-2.4.0.1.el4.x86_64.rpm 8cbfe6680c938fdd4523cd4ff9aa73d6 quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm c09d4027adce2d5c34b1d35a919255ea quagga-debuginfo-0.98.3-2.4.0.1.el4.x86_64.rpm 2560f6a1a5d3fae597fd6d89ba6c978d quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/quagga-0.98.3-2.4.0.1.el4.src.rpm ba9b0798eb3bf412215607748ee78a93 quagga-0.98.3-2.4.0.1.el4.src.rpm i386: 7b4963d0556e751fab31a88aa97c0d91 quagga-0.98.3-2.4.0.1.el4.i386.rpm 8087fd89788ca76f61346afac21a5c57 quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm 4eeffa21812e5e1d623feed4b90c3ac6 quagga-debuginfo-0.98.3-2.4.0.1.el4.i386.rpm 98d12683e69ed1746a069cab3ed2ab8c quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm ia64: 14d81325a5114e26f3646896cde2130e quagga-0.98.3-2.4.0.1.el4.ia64.rpm c37ccff3374018a0dde3dcf6bc61dde2 quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm 747bd329a71f8c123ff45879ffe02135 quagga-debuginfo-0.98.3-2.4.0.1.el4.ia64.rpm 2b0fff551fa4e804af9c25030b90754c quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm x86_64: 77a22492b6a89183c6a9f11404efbebe quagga-0.98.3-2.4.0.1.el4.x86_64.rpm 8cbfe6680c938fdd4523cd4ff9aa73d6 quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm c09d4027adce2d5c34b1d35a919255ea quagga-debuginfo-0.98.3-2.4.0.1.el4.x86_64.rpm 2560f6a1a5d3fae597fd6d89ba6c978d quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/quagga-0.98.3-2.4.0.1.el4.src.rpm ba9b0798eb3bf412215607748ee78a93 quagga-0.98.3-2.4.0.1.el4.src.rpm i386: 7b4963d0556e751fab31a88aa97c0d91 quagga-0.98.3-2.4.0.1.el4.i386.rpm 8087fd89788ca76f61346afac21a5c57 quagga-contrib-0.98.3-2.4.0.1.el4.i386.rpm 4eeffa21812e5e1d623feed4b90c3ac6 quagga-debuginfo-0.98.3-2.4.0.1.el4.i386.rpm 98d12683e69ed1746a069cab3ed2ab8c quagga-devel-0.98.3-2.4.0.1.el4.i386.rpm ia64: 14d81325a5114e26f3646896cde2130e quagga-0.98.3-2.4.0.1.el4.ia64.rpm c37ccff3374018a0dde3dcf6bc61dde2 quagga-contrib-0.98.3-2.4.0.1.el4.ia64.rpm 747bd329a71f8c123ff45879ffe02135 quagga-debuginfo-0.98.3-2.4.0.1.el4.ia64.rpm 2b0fff551fa4e804af9c25030b90754c quagga-devel-0.98.3-2.4.0.1.el4.ia64.rpm x86_64: 77a22492b6a89183c6a9f11404efbebe quagga-0.98.3-2.4.0.1.el4.x86_64.rpm 8cbfe6680c938fdd4523cd4ff9aa73d6 quagga-contrib-0.98.3-2.4.0.1.el4.x86_64.rpm c09d4027adce2d5c34b1d35a919255ea quagga-debuginfo-0.98.3-2.4.0.1.el4.x86_64.rpm 2560f6a1a5d3fae597fd6d89ba6c978d quagga-devel-0.98.3-2.4.0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/quagga-0.98.6-2.1.0.1.el5.src.rpm 1d64841e5ed794a24d0f48733e707da9 quagga-0.98.6-2.1.0.1.el5.src.rpm i386: 35c3581f87e78cfbf18013bbba6232f9 quagga-contrib-0.98.6-2.1.0.1.el5.i386.rpm 7762eba4f48c783b5f0cbcb865215006 quagga-debuginfo-0.98.6-2.1.0.1.el5.i386.rpm x86_64: a5fba67b2fd29ed439d6797b2943e827 quagga-contrib-0.98.6-2.1.0.1.el5.x86_64.rpm ff17d00b2d10913c9883b0b1bf924219 quagga-debuginfo-0.98.6-2.1.0.1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/quagga-0.98.6-2.1.0.1.el5.src.rpm 1d64841e5ed794a24d0f48733e707da9 quagga-0.98.6-2.1.0.1.el5.src.rpm i386: 2fdbeb14e9d3bb600ef45763a81fee22 quagga-0.98.6-2.1.0.1.el5.i386.rpm 7762eba4f48c783b5f0cbcb865215006 quagga-debuginfo-0.98.6-2.1.0.1.el5.i386.rpm 8702f9b15db3e6306e30e0868dd75bc0 quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm x86_64: 0987ef5121437610bac02e48bd7891f5 quagga-0.98.6-2.1.0.1.el5.x86_64.rpm 7762eba4f48c783b5f0cbcb865215006 quagga-debuginfo-0.98.6-2.1.0.1.el5.i386.rpm ff17d00b2d10913c9883b0b1bf924219 quagga-debuginfo-0.98.6-2.1.0.1.el5.x86_64.rpm 8702f9b15db3e6306e30e0868dd75bc0 quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm 181cbfd3e861b349bdd53a0a61d83207 quagga-devel-0.98.6-2.1.0.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/quagga-0.98.6-2.1.0.1.el5.src.rpm 1d64841e5ed794a24d0f48733e707da9 quagga-0.98.6-2.1.0.1.el5.src.rpm i386: 2fdbeb14e9d3bb600ef45763a81fee22 quagga-0.98.6-2.1.0.1.el5.i386.rpm 35c3581f87e78cfbf18013bbba6232f9 quagga-contrib-0.98.6-2.1.0.1.el5.i386.rpm 7762eba4f48c783b5f0cbcb865215006 quagga-debuginfo-0.98.6-2.1.0.1.el5.i386.rpm 8702f9b15db3e6306e30e0868dd75bc0 quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm ia64: 02a41e3a5d0a6ed1e3ca1e5b46011556 quagga-0.98.6-2.1.0.1.el5.ia64.rpm 1cd4315a4469a3724e63b280807ed52a quagga-contrib-0.98.6-2.1.0.1.el5.ia64.rpm fa74de59920c6b1bc73c6713217728a4 quagga-debuginfo-0.98.6-2.1.0.1.el5.ia64.rpm 032dd760b3b5b551699c71cd4ad87ef8 quagga-devel-0.98.6-2.1.0.1.el5.ia64.rpm ppc: 24577692f775a7850bb46f641f086902 quagga-0.98.6-2.1.0.1.el5.ppc.rpm 9231735a9c7b6de4e7d3aa9fd812347b quagga-contrib-0.98.6-2.1.0.1.el5.ppc.rpm a2f7e59afabd395e3370a38751fa7b2b quagga-debuginfo-0.98.6-2.1.0.1.el5.ppc.rpm 344dd16a538d486805d3fad2dc483526 quagga-debuginfo-0.98.6-2.1.0.1.el5.ppc64.rpm 2307145b1626798732d713c09916c8e9 quagga-devel-0.98.6-2.1.0.1.el5.ppc.rpm 7809a9dac1124ea4c089e4779cc2d7ee quagga-devel-0.98.6-2.1.0.1.el5.ppc64.rpm s390x: 0fa9307e4687de388a339c7f51bf1766 quagga-0.98.6-2.1.0.1.el5.s390x.rpm 64b7271d19d4681d0e934a01152b0923 quagga-contrib-0.98.6-2.1.0.1.el5.s390x.rpm 6e6cf7698ab530dc51d363159e442fdb quagga-debuginfo-0.98.6-2.1.0.1.el5.s390.rpm 7661c629044477a15655a0ae3c255917 quagga-debuginfo-0.98.6-2.1.0.1.el5.s390x.rpm 5b4353f0b0eaf10a94572e9e2b3d7744 quagga-devel-0.98.6-2.1.0.1.el5.s390.rpm 92efc3c0bd9f4846232685993f5a77e2 quagga-devel-0.98.6-2.1.0.1.el5.s390x.rpm x86_64: 0987ef5121437610bac02e48bd7891f5 quagga-0.98.6-2.1.0.1.el5.x86_64.rpm a5fba67b2fd29ed439d6797b2943e827 quagga-contrib-0.98.6-2.1.0.1.el5.x86_64.rpm 7762eba4f48c783b5f0cbcb865215006 quagga-debuginfo-0.98.6-2.1.0.1.el5.i386.rpm ff17d00b2d10913c9883b0b1bf924219 quagga-debuginfo-0.98.6-2.1.0.1.el5.x86_64.rpm 8702f9b15db3e6306e30e0868dd75bc0 quagga-devel-0.98.6-2.1.0.1.el5.i386.rpm 181cbfd3e861b349bdd53a0a61d83207 quagga-devel-0.98.6-2.1.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1995 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXUegXlSAg2UNWIIRAoUfAJ912c37VAw1rWn/rD9Ib8G7Uhex9gCfb3tc 8MOGpnyvVjxnJHgoz+YYCws= =J+dE -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 30 09:45:22 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 05:45:22 -0400 Subject: [RHSA-2007:0391-01] Moderate: file security update Message-ID: <200705300945.l4U9jMdw027534@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: file security update Advisory ID: RHSA-2007:0391-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0391.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-2799 - --------------------------------------------------------------------- 1. Summary: An updated file package that fixes a security flaw is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: The file command is used to identify a particular file according to the type of data contained by the file. The fix for CVE-2007-1536 introduced a new integer underflow flaw in the file utility. An attacker could create a carefully crafted file which, if examined by a victim using the file utility, could lead to arbitrary code execution. (CVE-2007-2799) This issue did not affect the version of the file utility distributed with Red Hat Enterprise Linux 2.1 or 3. Users should upgrade to this erratum package, which contain a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 241022 - CVE-2007-2799 file integer overflow 241026 - CVE-2007-2799 file integer overflow 241027 - CVE-2007-2799 file integer overflow 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/file-4.10-3.0.2.el4.src.rpm b965edbfc8969978c85c0523d8d66e86 file-4.10-3.0.2.el4.src.rpm i386: 75f00f87378cd18b54aedb769f794301 file-4.10-3.0.2.el4.i386.rpm efdab1d800634966e2e1139ce469d4c2 file-debuginfo-4.10-3.0.2.el4.i386.rpm ia64: 8783b9863d2ed05c508d92b23503f920 file-4.10-3.0.2.el4.ia64.rpm c19ef25c3e5a879853ecaab505ff2597 file-debuginfo-4.10-3.0.2.el4.ia64.rpm ppc: dd47db6fa389f2ff5928250893a7be8b file-4.10-3.0.2.el4.ppc.rpm e0bb1116776232c5ebc2681548dcb7f7 file-debuginfo-4.10-3.0.2.el4.ppc.rpm s390: b546e7c44fb7eda2e7be1d1d72433799 file-4.10-3.0.2.el4.s390.rpm 084965a1f9db4bef813eaebf0287f51b file-debuginfo-4.10-3.0.2.el4.s390.rpm s390x: e7f435b24698bc2317dd9b5899cb1b90 file-4.10-3.0.2.el4.s390x.rpm 1fcc1b07f8047f39b7329e444172399a file-debuginfo-4.10-3.0.2.el4.s390x.rpm x86_64: d015b5bc4eb50598633b251145cfc5ad file-4.10-3.0.2.el4.x86_64.rpm 4e5bff0f6f01ad0920063e59d982ac3b file-debuginfo-4.10-3.0.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/file-4.10-3.0.2.el4.src.rpm b965edbfc8969978c85c0523d8d66e86 file-4.10-3.0.2.el4.src.rpm i386: 75f00f87378cd18b54aedb769f794301 file-4.10-3.0.2.el4.i386.rpm efdab1d800634966e2e1139ce469d4c2 file-debuginfo-4.10-3.0.2.el4.i386.rpm x86_64: d015b5bc4eb50598633b251145cfc5ad file-4.10-3.0.2.el4.x86_64.rpm 4e5bff0f6f01ad0920063e59d982ac3b file-debuginfo-4.10-3.0.2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/file-4.10-3.0.2.el4.src.rpm b965edbfc8969978c85c0523d8d66e86 file-4.10-3.0.2.el4.src.rpm i386: 75f00f87378cd18b54aedb769f794301 file-4.10-3.0.2.el4.i386.rpm efdab1d800634966e2e1139ce469d4c2 file-debuginfo-4.10-3.0.2.el4.i386.rpm ia64: 8783b9863d2ed05c508d92b23503f920 file-4.10-3.0.2.el4.ia64.rpm c19ef25c3e5a879853ecaab505ff2597 file-debuginfo-4.10-3.0.2.el4.ia64.rpm x86_64: d015b5bc4eb50598633b251145cfc5ad file-4.10-3.0.2.el4.x86_64.rpm 4e5bff0f6f01ad0920063e59d982ac3b file-debuginfo-4.10-3.0.2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/file-4.10-3.0.2.el4.src.rpm b965edbfc8969978c85c0523d8d66e86 file-4.10-3.0.2.el4.src.rpm i386: 75f00f87378cd18b54aedb769f794301 file-4.10-3.0.2.el4.i386.rpm efdab1d800634966e2e1139ce469d4c2 file-debuginfo-4.10-3.0.2.el4.i386.rpm ia64: 8783b9863d2ed05c508d92b23503f920 file-4.10-3.0.2.el4.ia64.rpm c19ef25c3e5a879853ecaab505ff2597 file-debuginfo-4.10-3.0.2.el4.ia64.rpm x86_64: d015b5bc4eb50598633b251145cfc5ad file-4.10-3.0.2.el4.x86_64.rpm 4e5bff0f6f01ad0920063e59d982ac3b file-debuginfo-4.10-3.0.2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/file-4.17-9.0.1.el5.src.rpm e5f3056e10d0abf9ab2d4734d2c40df6 file-4.17-9.0.1.el5.src.rpm i386: 1bca600f3b0de26a2725d6f4e7a72383 file-4.17-9.0.1.el5.i386.rpm a384f2635a5e6964a3f315d771ff75a4 file-debuginfo-4.17-9.0.1.el5.i386.rpm x86_64: 1750ba7e71efd10cd3883b2de825f896 file-4.17-9.0.1.el5.x86_64.rpm 3117f2b7873d607da5b0e11e56b3da74 file-debuginfo-4.17-9.0.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/file-4.17-9.0.1.el5.src.rpm e5f3056e10d0abf9ab2d4734d2c40df6 file-4.17-9.0.1.el5.src.rpm i386: 1bca600f3b0de26a2725d6f4e7a72383 file-4.17-9.0.1.el5.i386.rpm a384f2635a5e6964a3f315d771ff75a4 file-debuginfo-4.17-9.0.1.el5.i386.rpm ia64: 2d7e954147b37218beafcebf771865b3 file-4.17-9.0.1.el5.ia64.rpm 18c9cb33b74bb8c962ca0d8fe08c84da file-debuginfo-4.17-9.0.1.el5.ia64.rpm ppc: 8051227058fb32153ce838aea9f36268 file-4.17-9.0.1.el5.ppc.rpm 5d498107c435b67be6f6bf36c214caa4 file-debuginfo-4.17-9.0.1.el5.ppc.rpm s390x: d9ccaf596792a8487e1ef137cb6db3f3 file-4.17-9.0.1.el5.s390x.rpm ded763b43e263cb6b9b8b99ff9a99ff9 file-debuginfo-4.17-9.0.1.el5.s390x.rpm x86_64: 1750ba7e71efd10cd3883b2de825f896 file-4.17-9.0.1.el5.x86_64.rpm 3117f2b7873d607da5b0e11e56b3da74 file-debuginfo-4.17-9.0.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXUesXlSAg2UNWIIRArf0AKDFC2kWwA0Yj/ofxm/lh/3PyCDe2QCgq19p +a0FUG7Yj2MCtqNS69z3GBE= =62Og -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed May 30 16:28:18 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 12:28:18 -0400 Subject: [RHSA-2007:0379-01] Important: mod_jk security update Message-ID: <200705301628.l4UGSI1M029240@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: mod_jk security update Advisory ID: RHSA-2007:0379-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0379.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Application Stack CVE Names: CVE-2007-1860 - --------------------------------------------------------------------- 1. Summary: Updated mod_jk packages that fix a security issue are now available for Red Hat Application Stack v1.1. This update has been rated as having Important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Problem description: mod_jk is a Tomcat connector that can be used to communicate between Tomcat and the Apache HTTP Server 2. mod_jk was first distributed with Red Hat Application Stack version 1.1 released on 19 February 2007. Versions of mod_jk before 1.2.23 decoded request URLs by default inside Apache httpd and forwarded the encoded URL to Tomcat, which itself did a second decoding. If Tomcat was used behind mod_jk and configured to only proxy some contexts, an attacker could construct a carefully crafted HTTP request to work around the context restriction and potentially access non-proxied content (CVE-2007-1860). Users of mod_jk should upgrade to these updated packages, which address this issue by changing the default so mod_jk forwards the original unchanged request URL to Tomcat. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed (http://bugzilla.redhat.com/): 237656 - CVE-2007-1860 mod_jk sends decoded URL to tomcat 6. RPMs required: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/mod_jk-1.2.20-1.el4s1.5.src.rpm 34c4ab0886c7bd7aa5c49cac9ef2678e mod_jk-1.2.20-1.el4s1.5.src.rpm i386: 60dcb9c77cbe7f25dd360b8d86ae45f5 mod_jk-ap20-1.2.20-1.el4s1.5.i386.rpm aadf46eb13dd00b56948112ef19573c0 mod_jk-debuginfo-1.2.20-1.el4s1.5.i386.rpm df0d197381276b1d5ab594007756a87c mod_jk-manual-1.2.20-1.el4s1.5.i386.rpm x86_64: d427749bd1259d955fc9a35a642dbbd9 mod_jk-ap20-1.2.20-1.el4s1.5.x86_64.rpm 0468a2b93f6ab643783a51145ccf14e3 mod_jk-debuginfo-1.2.20-1.el4s1.5.x86_64.rpm 3b86ed62258ba28e3b79cfb1ad2348e6 mod_jk-manual-1.2.20-1.el4s1.5.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/mod_jk-1.2.20-1.el4s1.5.src.rpm 34c4ab0886c7bd7aa5c49cac9ef2678e mod_jk-1.2.20-1.el4s1.5.src.rpm i386: 60dcb9c77cbe7f25dd360b8d86ae45f5 mod_jk-ap20-1.2.20-1.el4s1.5.i386.rpm aadf46eb13dd00b56948112ef19573c0 mod_jk-debuginfo-1.2.20-1.el4s1.5.i386.rpm df0d197381276b1d5ab594007756a87c mod_jk-manual-1.2.20-1.el4s1.5.i386.rpm x86_64: d427749bd1259d955fc9a35a642dbbd9 mod_jk-ap20-1.2.20-1.el4s1.5.x86_64.rpm 0468a2b93f6ab643783a51145ccf14e3 mod_jk-debuginfo-1.2.20-1.el4s1.5.x86_64.rpm 3b86ed62258ba28e3b79cfb1ad2348e6 mod_jk-manual-1.2.20-1.el4s1.5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1860 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXaYdXlSAg2UNWIIRAp7xAJ47uwviPhwMdVEY8FowxZ/UieX7wwCguPlP IiLH8wC94hFLVLTIbkPkVxQ= =MJgd -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 31 03:01:26 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 23:01:26 -0400 Subject: [RHSA-2007:0400-01] Critical: firefox security update Message-ID: <200705310301.l4V31QJQ031294@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2007:0400-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0400.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1362 CVE-2007-1562 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869 CVE-2007-2870 CVE-2007-2871 - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 241670 - CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm ppc: 30e7be931ea1331c2971df5e108e50eb firefox-1.5.0.12-0.1.el4.ppc.rpm c65a76732d020d804326e02dc67eda35 firefox-debuginfo-1.5.0.12-0.1.el4.ppc.rpm s390: efb2e30a6beedd50881f3ec66db89d48 firefox-1.5.0.12-0.1.el4.s390.rpm 6e804c9d97559d8c0d7a99d01d0f1d46 firefox-debuginfo-1.5.0.12-0.1.el4.s390.rpm s390x: 7abeac347fe36f9b99c2da0e7297407b firefox-1.5.0.12-0.1.el4.s390x.rpm bed63c7079f11b11196881526b84bbd7 firefox-debuginfo-1.5.0.12-0.1.el4.s390x.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/yelp-2.16.0-15.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm i386: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm x86_64: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/yelp-2.16.0-15.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm ia64: bb162cf991018497ba2107bd312acb48 devhelp-0.12-11.el5.ia64.rpm 570bd03ebe8669998c0b76df1a00bbcb devhelp-debuginfo-0.12-11.el5.ia64.rpm b565891923dc59b5d4d8d1e9261dba0b devhelp-devel-0.12-11.el5.ia64.rpm 76e85b583ef60111b84983938e96004d firefox-1.5.0.12-1.el5.ia64.rpm 382d26b8141480f8937a24216936d2ce firefox-debuginfo-1.5.0.12-1.el5.ia64.rpm 035d9cf222fe66a807e63c1d346376ac firefox-devel-1.5.0.12-1.el5.ia64.rpm e1fc1489d821f1175b30f7af2bf80bb2 yelp-2.16.0-15.el5.ia64.rpm b3318cd359029f8fb0ffb49d363cda96 yelp-debuginfo-2.16.0-15.el5.ia64.rpm ppc: 71d19c30096ca87d8fbc8740652e9a00 devhelp-0.12-11.el5.ppc.rpm 12ca05b2dcbcc34dd8c51b8e6eaf3d0b devhelp-debuginfo-0.12-11.el5.ppc.rpm 6aefe858236f2e1e1406cd5fea314d02 devhelp-devel-0.12-11.el5.ppc.rpm 88a37e6d10a175a50737a8b6c767c561 firefox-1.5.0.12-1.el5.ppc.rpm 26398c53bc44663d49e7dabf14c37100 firefox-debuginfo-1.5.0.12-1.el5.ppc.rpm cf551a704d6cc2f33ce8086dcb6f4884 firefox-devel-1.5.0.12-1.el5.ppc.rpm 2fda60703e56ff7998740ce624c4157c yelp-2.16.0-15.el5.ppc.rpm 829c9d72ece2a5fcd7d4be637d799d65 yelp-debuginfo-2.16.0-15.el5.ppc.rpm s390x: 96802b267541ad3c0d5d8253eac7a0f6 devhelp-0.12-11.el5.s390.rpm 25fdb9f47687b447a85fdabdf9df80e5 devhelp-0.12-11.el5.s390x.rpm 9691ea4d3ca3db1eeeda64de5202bdc5 devhelp-debuginfo-0.12-11.el5.s390.rpm 4f18514595059a8e7dde34a42e0089e2 devhelp-debuginfo-0.12-11.el5.s390x.rpm fa7ccd2ecc5ef946a26963e99fbb5ce1 devhelp-devel-0.12-11.el5.s390.rpm b4f3cbab3249f5e63c659a4787f76af1 devhelp-devel-0.12-11.el5.s390x.rpm 7ea83a23a6e3de26b34d0585b7c12d10 firefox-1.5.0.12-1.el5.s390.rpm bd45b8871ccbcbc35ff43b25a36210fa firefox-1.5.0.12-1.el5.s390x.rpm 09e81d147f861ec7ed9bf0a7c4aa7a5b firefox-debuginfo-1.5.0.12-1.el5.s390.rpm b5172e50a9ceac771a47337f79e61751 firefox-debuginfo-1.5.0.12-1.el5.s390x.rpm 71196dd2cad1dc1b89b1354937abfa22 firefox-devel-1.5.0.12-1.el5.s390.rpm fdb884e4d38b109868c6d7445b8c454b firefox-devel-1.5.0.12-1.el5.s390x.rpm 1b84f778dcc83da7ca2a3fd4a92206a1 yelp-2.16.0-15.el5.s390x.rpm e7b25ab33671e71edb7b57502738f55c yelp-debuginfo-2.16.0-15.el5.s390x.rpm x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXjqBXlSAg2UNWIIRAglPAKCAeRQCF4+YvA/v9NrVIYXOW8tN7QCffKV9 JZKnT/ApRY/7XancitITvFs= =ovHo -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 31 03:01:35 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 23:01:35 -0400 Subject: [RHSA-2007:0401-01] Critical: thunderbird security update Message-ID: <200705310301.l4V31ZWa031304@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: thunderbird security update Advisory ID: RHSA-2007:0401-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0401.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1362 CVE-2007-1558 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869 CVE-2007-2871 - --------------------------------------------------------------------- 1. Summary: Updated thunderbird packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Optional Productivity Applications (v. 5 server) - i386, x86_64 3. Problem description: Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the way Thunderbird processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Thunderbird to crash or potentially execute arbitrary code as the user running Thunderbird. (CVE-2007-2867, CVE-2007-2868) Several denial of service flaws were found in the way Thunderbird handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Thunderbird from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Thunderbird processed certain APOP authentication requests. By sending certain responses when Thunderbird attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way Thunderbird displayed certain web content. A malicious web page could generate content which could overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Thunderbird are advised to apply this update, which contains Thunderbird version 1.5.0.12 that corrects these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 241671 - CVE-2007-1362 Miltiple Thunderbird flaws (CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2871) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/thunderbird-1.5.0.12-0.1.el4.src.rpm 134123edab40c49aa447d0a69aeff277 thunderbird-1.5.0.12-0.1.el4.src.rpm i386: 5beac02b962dc89ca44e7aff900ec954 thunderbird-1.5.0.12-0.1.el4.i386.rpm 48f2f9f6890b2f89d47d833158ef89ae thunderbird-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 7626ddc15d91b51ba6af1416e462fc4b thunderbird-1.5.0.12-0.1.el4.ia64.rpm 72506c1633556600e3be88f88df702f0 thunderbird-debuginfo-1.5.0.12-0.1.el4.ia64.rpm ppc: 187a99e50a36d685db0670a28c7483c2 thunderbird-1.5.0.12-0.1.el4.ppc.rpm f556266cc48724f8cc22789b72002130 thunderbird-debuginfo-1.5.0.12-0.1.el4.ppc.rpm s390: 208159e6c7493e8717ba3b164f0cc8da thunderbird-1.5.0.12-0.1.el4.s390.rpm 2e357cd7ed0537a3289659fa6276541c thunderbird-debuginfo-1.5.0.12-0.1.el4.s390.rpm s390x: b32a87963308301ed9c2b79e0f4072bb thunderbird-1.5.0.12-0.1.el4.s390x.rpm 307349d6ff303c515720af0d1ec3b5d1 thunderbird-debuginfo-1.5.0.12-0.1.el4.s390x.rpm x86_64: d8cef7bf47874f6c1f0ca35919d8b382 thunderbird-1.5.0.12-0.1.el4.x86_64.rpm 79f3c413f5fff681383e72a93aa331c7 thunderbird-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/thunderbird-1.5.0.12-0.1.el4.src.rpm 134123edab40c49aa447d0a69aeff277 thunderbird-1.5.0.12-0.1.el4.src.rpm i386: 5beac02b962dc89ca44e7aff900ec954 thunderbird-1.5.0.12-0.1.el4.i386.rpm 48f2f9f6890b2f89d47d833158ef89ae thunderbird-debuginfo-1.5.0.12-0.1.el4.i386.rpm x86_64: d8cef7bf47874f6c1f0ca35919d8b382 thunderbird-1.5.0.12-0.1.el4.x86_64.rpm 79f3c413f5fff681383e72a93aa331c7 thunderbird-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/thunderbird-1.5.0.12-0.1.el4.src.rpm 134123edab40c49aa447d0a69aeff277 thunderbird-1.5.0.12-0.1.el4.src.rpm i386: 5beac02b962dc89ca44e7aff900ec954 thunderbird-1.5.0.12-0.1.el4.i386.rpm 48f2f9f6890b2f89d47d833158ef89ae thunderbird-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 7626ddc15d91b51ba6af1416e462fc4b thunderbird-1.5.0.12-0.1.el4.ia64.rpm 72506c1633556600e3be88f88df702f0 thunderbird-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: d8cef7bf47874f6c1f0ca35919d8b382 thunderbird-1.5.0.12-0.1.el4.x86_64.rpm 79f3c413f5fff681383e72a93aa331c7 thunderbird-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/thunderbird-1.5.0.12-0.1.el4.src.rpm 134123edab40c49aa447d0a69aeff277 thunderbird-1.5.0.12-0.1.el4.src.rpm i386: 5beac02b962dc89ca44e7aff900ec954 thunderbird-1.5.0.12-0.1.el4.i386.rpm 48f2f9f6890b2f89d47d833158ef89ae thunderbird-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 7626ddc15d91b51ba6af1416e462fc4b thunderbird-1.5.0.12-0.1.el4.ia64.rpm 72506c1633556600e3be88f88df702f0 thunderbird-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: d8cef7bf47874f6c1f0ca35919d8b382 thunderbird-1.5.0.12-0.1.el4.x86_64.rpm 79f3c413f5fff681383e72a93aa331c7 thunderbird-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/thunderbird-1.5.0.12-1.el5.src.rpm f7fe1c1c79c97702a10362a5102de401 thunderbird-1.5.0.12-1.el5.src.rpm i386: 4e5f17214f1d336e1a282fb5f82b793c thunderbird-1.5.0.12-1.el5.i386.rpm ec6c018ec12c4a84a8d945a76893078b thunderbird-debuginfo-1.5.0.12-1.el5.i386.rpm x86_64: 7238bcac06fa2fd194358000c453effe thunderbird-1.5.0.12-1.el5.x86_64.rpm 58cab0141318f066a35dd119cd595bf9 thunderbird-debuginfo-1.5.0.12-1.el5.x86_64.rpm RHEL Optional Productivity Applications (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/thunderbird-1.5.0.12-1.el5.src.rpm f7fe1c1c79c97702a10362a5102de401 thunderbird-1.5.0.12-1.el5.src.rpm i386: 4e5f17214f1d336e1a282fb5f82b793c thunderbird-1.5.0.12-1.el5.i386.rpm ec6c018ec12c4a84a8d945a76893078b thunderbird-debuginfo-1.5.0.12-1.el5.i386.rpm x86_64: 7238bcac06fa2fd194358000c453effe thunderbird-1.5.0.12-1.el5.x86_64.rpm 58cab0141318f066a35dd119cd595bf9 thunderbird-debuginfo-1.5.0.12-1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXjqNXlSAg2UNWIIRAm2RAJ0VOu9q7yy1ZKpOV+aZjynkCYTBFACfYZV+ WRSlrpggdf1UsYkKY+4FDJA= =Z7/6 -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu May 31 03:01:44 2007 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 30 May 2007 23:01:44 -0400 Subject: [RHSA-2007:0402-01] Critical: seamonkey security update Message-ID: <200705310301.l4V31itP031312@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: seamonkey security update Advisory ID: RHSA-2007:0402-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0402.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1362 CVE-2007-1562 CVE-2007-1558 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869 CVE-2007-2870 CVE-2007-2871 - --------------------------------------------------------------------- 1. Summary: Updated seamonkey packages that fix several security bugs are now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: SeaMonkey is an open source Web browser, advanced email and newsgroup client, IRC chat client, and HTML editor. Several flaws were found in the way SeaMonkey processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause SeaMonkey to crash or potentially execute arbitrary code as the user running SeaMonkey. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way SeaMonkey handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way SeaMonkey handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent SeaMonkey from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way SeaMonkey processed certain APOP authentication requests. By sending certain responses when SeaMonkey attempted to authenticate against an APOP server, a remote attacker could potentially acquire certain portions of a user's authentication credentials. (CVE-2007-1558) A flaw was found in the way SeaMonkey handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way SeaMonkey displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of SeaMonkey are advised to upgrade to these erratum packages, which contain SeaMonkey version 1.0.9 that corrects these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 241672 - CVE-2007-1362 Miltiple Seamonkey flaws (CVE-2007-1562, CVE-2007-1558, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871) 6. RPMs required: Red Hat Enterprise Linux AS (Advanced Server) version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/seamonkey-1.0.9-0.1.el2.src.rpm ead2a9de39c0c6a7feafe38a5ba9541e seamonkey-1.0.9-0.1.el2.src.rpm i386: 6f45c6b0f42c2c4b676f58096acbcf62 seamonkey-1.0.9-0.1.el2.i386.rpm 22d1f6a6a22ee7f78fec7e67c7537225 seamonkey-chat-1.0.9-0.1.el2.i386.rpm a05772c008d566d683294e41d6907771 seamonkey-devel-1.0.9-0.1.el2.i386.rpm 7c90c78eada37c5da43f65e8a94b2242 seamonkey-dom-inspector-1.0.9-0.1.el2.i386.rpm 9f78062c5b9d10922a90ba64d071b76a seamonkey-js-debugger-1.0.9-0.1.el2.i386.rpm 3be7e1b0aec804eb8ba3495fbbb2bd6b seamonkey-mail-1.0.9-0.1.el2.i386.rpm 5391fdcfd7fbf39a2b269b8d62f17157 seamonkey-nspr-1.0.9-0.1.el2.i386.rpm 1dac1c0c5c84676cbe7d0c358bc06a03 seamonkey-nspr-devel-1.0.9-0.1.el2.i386.rpm a1fdd80450ce09889ace8aa142fe2efe seamonkey-nss-1.0.9-0.1.el2.i386.rpm 5e58371212aa9340394eed0ca42b8866 seamonkey-nss-devel-1.0.9-0.1.el2.i386.rpm ia64: b058abffb423fbf37ecc2cf0ceffe743 seamonkey-1.0.9-0.1.el2.ia64.rpm fedeb209722d7969b8e938ee1777213c seamonkey-chat-1.0.9-0.1.el2.ia64.rpm 85ffeeefa49d2fb5002fdcbc183db553 seamonkey-devel-1.0.9-0.1.el2.ia64.rpm d6ee0792950ad3ec1ec97d2830a112fa seamonkey-dom-inspector-1.0.9-0.1.el2.ia64.rpm 8fb2e68019ef97ad4d4e84945db794a3 seamonkey-js-debugger-1.0.9-0.1.el2.ia64.rpm fc20837e226fb3c8c302c093ac73d689 seamonkey-mail-1.0.9-0.1.el2.ia64.rpm b1f57b5043e0ac3595845f304ad3a645 seamonkey-nspr-1.0.9-0.1.el2.ia64.rpm 7cd3ef932a336907d08bd78991f896c9 seamonkey-nspr-devel-1.0.9-0.1.el2.ia64.rpm 2d711d5c5bcc460c3594a19276e88ccb seamonkey-nss-1.0.9-0.1.el2.ia64.rpm 10a0883e93561081c6ae505243bad4c8 seamonkey-nss-devel-1.0.9-0.1.el2.ia64.rpm Red Hat Linux Advanced Workstation 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/seamonkey-1.0.9-0.1.el2.src.rpm ead2a9de39c0c6a7feafe38a5ba9541e seamonkey-1.0.9-0.1.el2.src.rpm ia64: b058abffb423fbf37ecc2cf0ceffe743 seamonkey-1.0.9-0.1.el2.ia64.rpm fedeb209722d7969b8e938ee1777213c seamonkey-chat-1.0.9-0.1.el2.ia64.rpm 85ffeeefa49d2fb5002fdcbc183db553 seamonkey-devel-1.0.9-0.1.el2.ia64.rpm d6ee0792950ad3ec1ec97d2830a112fa seamonkey-dom-inspector-1.0.9-0.1.el2.ia64.rpm 8fb2e68019ef97ad4d4e84945db794a3 seamonkey-js-debugger-1.0.9-0.1.el2.ia64.rpm fc20837e226fb3c8c302c093ac73d689 seamonkey-mail-1.0.9-0.1.el2.ia64.rpm b1f57b5043e0ac3595845f304ad3a645 seamonkey-nspr-1.0.9-0.1.el2.ia64.rpm 7cd3ef932a336907d08bd78991f896c9 seamonkey-nspr-devel-1.0.9-0.1.el2.ia64.rpm 2d711d5c5bcc460c3594a19276e88ccb seamonkey-nss-1.0.9-0.1.el2.ia64.rpm 10a0883e93561081c6ae505243bad4c8 seamonkey-nss-devel-1.0.9-0.1.el2.ia64.rpm Red Hat Enterprise Linux ES version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/seamonkey-1.0.9-0.1.el2.src.rpm ead2a9de39c0c6a7feafe38a5ba9541e seamonkey-1.0.9-0.1.el2.src.rpm i386: 6f45c6b0f42c2c4b676f58096acbcf62 seamonkey-1.0.9-0.1.el2.i386.rpm 22d1f6a6a22ee7f78fec7e67c7537225 seamonkey-chat-1.0.9-0.1.el2.i386.rpm a05772c008d566d683294e41d6907771 seamonkey-devel-1.0.9-0.1.el2.i386.rpm 7c90c78eada37c5da43f65e8a94b2242 seamonkey-dom-inspector-1.0.9-0.1.el2.i386.rpm 9f78062c5b9d10922a90ba64d071b76a seamonkey-js-debugger-1.0.9-0.1.el2.i386.rpm 3be7e1b0aec804eb8ba3495fbbb2bd6b seamonkey-mail-1.0.9-0.1.el2.i386.rpm 5391fdcfd7fbf39a2b269b8d62f17157 seamonkey-nspr-1.0.9-0.1.el2.i386.rpm 1dac1c0c5c84676cbe7d0c358bc06a03 seamonkey-nspr-devel-1.0.9-0.1.el2.i386.rpm a1fdd80450ce09889ace8aa142fe2efe seamonkey-nss-1.0.9-0.1.el2.i386.rpm 5e58371212aa9340394eed0ca42b8866 seamonkey-nss-devel-1.0.9-0.1.el2.i386.rpm Red Hat Enterprise Linux WS version 2.1: SRPMS: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/seamonkey-1.0.9-0.1.el2.src.rpm ead2a9de39c0c6a7feafe38a5ba9541e seamonkey-1.0.9-0.1.el2.src.rpm i386: 6f45c6b0f42c2c4b676f58096acbcf62 seamonkey-1.0.9-0.1.el2.i386.rpm 22d1f6a6a22ee7f78fec7e67c7537225 seamonkey-chat-1.0.9-0.1.el2.i386.rpm a05772c008d566d683294e41d6907771 seamonkey-devel-1.0.9-0.1.el2.i386.rpm 7c90c78eada37c5da43f65e8a94b2242 seamonkey-dom-inspector-1.0.9-0.1.el2.i386.rpm 9f78062c5b9d10922a90ba64d071b76a seamonkey-js-debugger-1.0.9-0.1.el2.i386.rpm 3be7e1b0aec804eb8ba3495fbbb2bd6b seamonkey-mail-1.0.9-0.1.el2.i386.rpm 5391fdcfd7fbf39a2b269b8d62f17157 seamonkey-nspr-1.0.9-0.1.el2.i386.rpm 1dac1c0c5c84676cbe7d0c358bc06a03 seamonkey-nspr-devel-1.0.9-0.1.el2.i386.rpm a1fdd80450ce09889ace8aa142fe2efe seamonkey-nss-1.0.9-0.1.el2.i386.rpm 5e58371212aa9340394eed0ca42b8866 seamonkey-nss-devel-1.0.9-0.1.el2.i386.rpm Red Hat Enterprise Linux AS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/seamonkey-1.0.9-0.1.el3.src.rpm 7cc03b16f3522ee1edf69960a84a3c93 seamonkey-1.0.9-0.1.el3.src.rpm i386: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 5ed599514b1e189b1fd99c45171d3c1c seamonkey-chat-1.0.9-0.1.el3.i386.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm fbb07411d1e6bb7ec0565d4ae5f4e7be seamonkey-devel-1.0.9-0.1.el3.i386.rpm bc6255d8458420a5be2f8f18a115bf7e seamonkey-dom-inspector-1.0.9-0.1.el3.i386.rpm b9b68bbfa76e042ae3f54660f932b1d1 seamonkey-js-debugger-1.0.9-0.1.el3.i386.rpm 49afc7543ef1ea5c417ce85145e767c8 seamonkey-mail-1.0.9-0.1.el3.i386.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm d3e22f9a4058f9d413a202928c9ce0ed seamonkey-nspr-devel-1.0.9-0.1.el3.i386.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 56732950988efb49f0c449fb06abb379 seamonkey-nss-devel-1.0.9-0.1.el3.i386.rpm ia64: cecedb1a387ed0497e4c47ee8757a0a2 seamonkey-1.0.9-0.1.el3.ia64.rpm 5246d1dc7afdde6ece5bceab95d9e6cf seamonkey-chat-1.0.9-0.1.el3.ia64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm c310e700041eff783a57f0b69a0acd03 seamonkey-debuginfo-1.0.9-0.1.el3.ia64.rpm 11d81b92e8ca1a61e017c839e8babf78 seamonkey-devel-1.0.9-0.1.el3.ia64.rpm da0c5ecc4eb04ab06b854a79f0393b69 seamonkey-dom-inspector-1.0.9-0.1.el3.ia64.rpm 76729cbf125f5e9d043fa91c99fe76ee seamonkey-js-debugger-1.0.9-0.1.el3.ia64.rpm 6b9d749deca3d811ba02629069d90a24 seamonkey-mail-1.0.9-0.1.el3.ia64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 74b8459f921380ede67dd4c077c590ec seamonkey-nspr-1.0.9-0.1.el3.ia64.rpm 7d69bfe1ac7a1373da08e9ea5b8e98dc seamonkey-nspr-devel-1.0.9-0.1.el3.ia64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm fe5685d8cde1a893707392585d44174e seamonkey-nss-1.0.9-0.1.el3.ia64.rpm 977aebaa5f8993cf1cc2a2305ded404c seamonkey-nss-devel-1.0.9-0.1.el3.ia64.rpm ppc: addddb74ab0377f5f8d4a1694a568cb9 seamonkey-1.0.9-0.1.el3.ppc.rpm 94e2030740e0b43763fa2b40f0973fc1 seamonkey-chat-1.0.9-0.1.el3.ppc.rpm f794ba3dd81cbaa5ed233f44bb29f168 seamonkey-debuginfo-1.0.9-0.1.el3.ppc.rpm 7265787dd39373d5d84d176d2dca345e seamonkey-devel-1.0.9-0.1.el3.ppc.rpm 830e54be7de88cdf1ab3c4eddc8b4e1b seamonkey-dom-inspector-1.0.9-0.1.el3.ppc.rpm 17102ff19ef28481633a9a6b70d93882 seamonkey-js-debugger-1.0.9-0.1.el3.ppc.rpm 67c2ef4fb1eb9936522ec6d603f45331 seamonkey-mail-1.0.9-0.1.el3.ppc.rpm 9428f95845576d099b7715c653dab60d seamonkey-nspr-1.0.9-0.1.el3.ppc.rpm ef8b04e2b3dfc572712db0de609439d2 seamonkey-nspr-devel-1.0.9-0.1.el3.ppc.rpm 2b780c8232fb36641dccb45834b3c050 seamonkey-nss-1.0.9-0.1.el3.ppc.rpm 87d0ab5b4afb6758912565a8ea5f7fbe seamonkey-nss-devel-1.0.9-0.1.el3.ppc.rpm s390: b333c04e58b569c5882533c9e353d969 seamonkey-1.0.9-0.1.el3.s390.rpm eb1ad5204d18577874d4396875701253 seamonkey-chat-1.0.9-0.1.el3.s390.rpm c8ba513347bb10091196a1e7f972d448 seamonkey-debuginfo-1.0.9-0.1.el3.s390.rpm 4b7de3a39ad6bc9841b6fe262ea4a8ef seamonkey-devel-1.0.9-0.1.el3.s390.rpm 07f8e20acb9701a1047eaf36856937e9 seamonkey-dom-inspector-1.0.9-0.1.el3.s390.rpm 704ae801cf07dee74eaedcf8cc82c3fd seamonkey-js-debugger-1.0.9-0.1.el3.s390.rpm 5e8012af146fec2a5f0d797beab803eb seamonkey-mail-1.0.9-0.1.el3.s390.rpm a5b724e801783add33ff27cad0d932f0 seamonkey-nspr-1.0.9-0.1.el3.s390.rpm 861f544987c3d2ce015a4e6fbfb12619 seamonkey-nspr-devel-1.0.9-0.1.el3.s390.rpm 6e254aa0da4dda7e8f7d64fb0b3842a8 seamonkey-nss-1.0.9-0.1.el3.s390.rpm f7282a19a9ada9e5502982b57a322d28 seamonkey-nss-devel-1.0.9-0.1.el3.s390.rpm s390x: 13ad22dc8f7f339e67c58a02346cad7f seamonkey-1.0.9-0.1.el3.s390x.rpm 06ba127f2636bf1cbe66c1025f702505 seamonkey-chat-1.0.9-0.1.el3.s390x.rpm c8ba513347bb10091196a1e7f972d448 seamonkey-debuginfo-1.0.9-0.1.el3.s390.rpm c18b86df6d9bc09ee77e695d33000a8c seamonkey-debuginfo-1.0.9-0.1.el3.s390x.rpm 912a3d2be3745f81e8260de6154ce818 seamonkey-devel-1.0.9-0.1.el3.s390x.rpm 13e92d6b9488b80daa2de4559b6da70d seamonkey-dom-inspector-1.0.9-0.1.el3.s390x.rpm 9498c647543cb647c1a611388bd80877 seamonkey-js-debugger-1.0.9-0.1.el3.s390x.rpm c872478a6323cb7741018e98d04f4ce0 seamonkey-mail-1.0.9-0.1.el3.s390x.rpm a5b724e801783add33ff27cad0d932f0 seamonkey-nspr-1.0.9-0.1.el3.s390.rpm cddf8900a119c42a7e3c8ba700a30eca seamonkey-nspr-1.0.9-0.1.el3.s390x.rpm c2d201ffb7ff01f18b3659c2261d9605 seamonkey-nspr-devel-1.0.9-0.1.el3.s390x.rpm 6e254aa0da4dda7e8f7d64fb0b3842a8 seamonkey-nss-1.0.9-0.1.el3.s390.rpm 50e237b1b1dbefa7c37f0954e69ee430 seamonkey-nss-1.0.9-0.1.el3.s390x.rpm e2ffcc1f674a5ca6a21c5b5e444d58a7 seamonkey-nss-devel-1.0.9-0.1.el3.s390x.rpm x86_64: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 47467717e1846061c2e3574ac0d6dae2 seamonkey-1.0.9-0.1.el3.x86_64.rpm 8e1dfbae612fe92bc1307cbd32868d07 seamonkey-chat-1.0.9-0.1.el3.x86_64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm 3f3eaef152ead60b41bd9269b5ef6427 seamonkey-debuginfo-1.0.9-0.1.el3.x86_64.rpm 53317006c90b482490cf061114a131d4 seamonkey-devel-1.0.9-0.1.el3.x86_64.rpm 09ed5d3f2d2d913382e06e60f365549b seamonkey-dom-inspector-1.0.9-0.1.el3.x86_64.rpm 9b7ee75e2f1f06bd3ec38421bde59f85 seamonkey-js-debugger-1.0.9-0.1.el3.x86_64.rpm e7d973f145c5538dd2937166dcbdedf0 seamonkey-mail-1.0.9-0.1.el3.x86_64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 99e333d52be135659d6d89bf877af8a7 seamonkey-nspr-1.0.9-0.1.el3.x86_64.rpm 9ec50cc2578e5d5e99bca82b64ba825c seamonkey-nspr-devel-1.0.9-0.1.el3.x86_64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 712d883020aec4dddf047a030a6401aa seamonkey-nss-1.0.9-0.1.el3.x86_64.rpm 6d09cbcc500ea9c20ebdf6c7b46c465e seamonkey-nss-devel-1.0.9-0.1.el3.x86_64.rpm Red Hat Desktop version 3: SRPMS: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/seamonkey-1.0.9-0.1.el3.src.rpm 7cc03b16f3522ee1edf69960a84a3c93 seamonkey-1.0.9-0.1.el3.src.rpm i386: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 5ed599514b1e189b1fd99c45171d3c1c seamonkey-chat-1.0.9-0.1.el3.i386.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm fbb07411d1e6bb7ec0565d4ae5f4e7be seamonkey-devel-1.0.9-0.1.el3.i386.rpm bc6255d8458420a5be2f8f18a115bf7e seamonkey-dom-inspector-1.0.9-0.1.el3.i386.rpm b9b68bbfa76e042ae3f54660f932b1d1 seamonkey-js-debugger-1.0.9-0.1.el3.i386.rpm 49afc7543ef1ea5c417ce85145e767c8 seamonkey-mail-1.0.9-0.1.el3.i386.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm d3e22f9a4058f9d413a202928c9ce0ed seamonkey-nspr-devel-1.0.9-0.1.el3.i386.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 56732950988efb49f0c449fb06abb379 seamonkey-nss-devel-1.0.9-0.1.el3.i386.rpm x86_64: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 47467717e1846061c2e3574ac0d6dae2 seamonkey-1.0.9-0.1.el3.x86_64.rpm 8e1dfbae612fe92bc1307cbd32868d07 seamonkey-chat-1.0.9-0.1.el3.x86_64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm 3f3eaef152ead60b41bd9269b5ef6427 seamonkey-debuginfo-1.0.9-0.1.el3.x86_64.rpm 53317006c90b482490cf061114a131d4 seamonkey-devel-1.0.9-0.1.el3.x86_64.rpm 09ed5d3f2d2d913382e06e60f365549b seamonkey-dom-inspector-1.0.9-0.1.el3.x86_64.rpm 9b7ee75e2f1f06bd3ec38421bde59f85 seamonkey-js-debugger-1.0.9-0.1.el3.x86_64.rpm e7d973f145c5538dd2937166dcbdedf0 seamonkey-mail-1.0.9-0.1.el3.x86_64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 99e333d52be135659d6d89bf877af8a7 seamonkey-nspr-1.0.9-0.1.el3.x86_64.rpm 9ec50cc2578e5d5e99bca82b64ba825c seamonkey-nspr-devel-1.0.9-0.1.el3.x86_64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 712d883020aec4dddf047a030a6401aa seamonkey-nss-1.0.9-0.1.el3.x86_64.rpm 6d09cbcc500ea9c20ebdf6c7b46c465e seamonkey-nss-devel-1.0.9-0.1.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/seamonkey-1.0.9-0.1.el3.src.rpm 7cc03b16f3522ee1edf69960a84a3c93 seamonkey-1.0.9-0.1.el3.src.rpm i386: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 5ed599514b1e189b1fd99c45171d3c1c seamonkey-chat-1.0.9-0.1.el3.i386.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm fbb07411d1e6bb7ec0565d4ae5f4e7be seamonkey-devel-1.0.9-0.1.el3.i386.rpm bc6255d8458420a5be2f8f18a115bf7e seamonkey-dom-inspector-1.0.9-0.1.el3.i386.rpm b9b68bbfa76e042ae3f54660f932b1d1 seamonkey-js-debugger-1.0.9-0.1.el3.i386.rpm 49afc7543ef1ea5c417ce85145e767c8 seamonkey-mail-1.0.9-0.1.el3.i386.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm d3e22f9a4058f9d413a202928c9ce0ed seamonkey-nspr-devel-1.0.9-0.1.el3.i386.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 56732950988efb49f0c449fb06abb379 seamonkey-nss-devel-1.0.9-0.1.el3.i386.rpm ia64: cecedb1a387ed0497e4c47ee8757a0a2 seamonkey-1.0.9-0.1.el3.ia64.rpm 5246d1dc7afdde6ece5bceab95d9e6cf seamonkey-chat-1.0.9-0.1.el3.ia64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm c310e700041eff783a57f0b69a0acd03 seamonkey-debuginfo-1.0.9-0.1.el3.ia64.rpm 11d81b92e8ca1a61e017c839e8babf78 seamonkey-devel-1.0.9-0.1.el3.ia64.rpm da0c5ecc4eb04ab06b854a79f0393b69 seamonkey-dom-inspector-1.0.9-0.1.el3.ia64.rpm 76729cbf125f5e9d043fa91c99fe76ee seamonkey-js-debugger-1.0.9-0.1.el3.ia64.rpm 6b9d749deca3d811ba02629069d90a24 seamonkey-mail-1.0.9-0.1.el3.ia64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 74b8459f921380ede67dd4c077c590ec seamonkey-nspr-1.0.9-0.1.el3.ia64.rpm 7d69bfe1ac7a1373da08e9ea5b8e98dc seamonkey-nspr-devel-1.0.9-0.1.el3.ia64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm fe5685d8cde1a893707392585d44174e seamonkey-nss-1.0.9-0.1.el3.ia64.rpm 977aebaa5f8993cf1cc2a2305ded404c seamonkey-nss-devel-1.0.9-0.1.el3.ia64.rpm x86_64: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 47467717e1846061c2e3574ac0d6dae2 seamonkey-1.0.9-0.1.el3.x86_64.rpm 8e1dfbae612fe92bc1307cbd32868d07 seamonkey-chat-1.0.9-0.1.el3.x86_64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm 3f3eaef152ead60b41bd9269b5ef6427 seamonkey-debuginfo-1.0.9-0.1.el3.x86_64.rpm 53317006c90b482490cf061114a131d4 seamonkey-devel-1.0.9-0.1.el3.x86_64.rpm 09ed5d3f2d2d913382e06e60f365549b seamonkey-dom-inspector-1.0.9-0.1.el3.x86_64.rpm 9b7ee75e2f1f06bd3ec38421bde59f85 seamonkey-js-debugger-1.0.9-0.1.el3.x86_64.rpm e7d973f145c5538dd2937166dcbdedf0 seamonkey-mail-1.0.9-0.1.el3.x86_64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 99e333d52be135659d6d89bf877af8a7 seamonkey-nspr-1.0.9-0.1.el3.x86_64.rpm 9ec50cc2578e5d5e99bca82b64ba825c seamonkey-nspr-devel-1.0.9-0.1.el3.x86_64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 712d883020aec4dddf047a030a6401aa seamonkey-nss-1.0.9-0.1.el3.x86_64.rpm 6d09cbcc500ea9c20ebdf6c7b46c465e seamonkey-nss-devel-1.0.9-0.1.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/seamonkey-1.0.9-0.1.el3.src.rpm 7cc03b16f3522ee1edf69960a84a3c93 seamonkey-1.0.9-0.1.el3.src.rpm i386: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 5ed599514b1e189b1fd99c45171d3c1c seamonkey-chat-1.0.9-0.1.el3.i386.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm fbb07411d1e6bb7ec0565d4ae5f4e7be seamonkey-devel-1.0.9-0.1.el3.i386.rpm bc6255d8458420a5be2f8f18a115bf7e seamonkey-dom-inspector-1.0.9-0.1.el3.i386.rpm b9b68bbfa76e042ae3f54660f932b1d1 seamonkey-js-debugger-1.0.9-0.1.el3.i386.rpm 49afc7543ef1ea5c417ce85145e767c8 seamonkey-mail-1.0.9-0.1.el3.i386.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm d3e22f9a4058f9d413a202928c9ce0ed seamonkey-nspr-devel-1.0.9-0.1.el3.i386.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 56732950988efb49f0c449fb06abb379 seamonkey-nss-devel-1.0.9-0.1.el3.i386.rpm ia64: cecedb1a387ed0497e4c47ee8757a0a2 seamonkey-1.0.9-0.1.el3.ia64.rpm 5246d1dc7afdde6ece5bceab95d9e6cf seamonkey-chat-1.0.9-0.1.el3.ia64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm c310e700041eff783a57f0b69a0acd03 seamonkey-debuginfo-1.0.9-0.1.el3.ia64.rpm 11d81b92e8ca1a61e017c839e8babf78 seamonkey-devel-1.0.9-0.1.el3.ia64.rpm da0c5ecc4eb04ab06b854a79f0393b69 seamonkey-dom-inspector-1.0.9-0.1.el3.ia64.rpm 76729cbf125f5e9d043fa91c99fe76ee seamonkey-js-debugger-1.0.9-0.1.el3.ia64.rpm 6b9d749deca3d811ba02629069d90a24 seamonkey-mail-1.0.9-0.1.el3.ia64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 74b8459f921380ede67dd4c077c590ec seamonkey-nspr-1.0.9-0.1.el3.ia64.rpm 7d69bfe1ac7a1373da08e9ea5b8e98dc seamonkey-nspr-devel-1.0.9-0.1.el3.ia64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm fe5685d8cde1a893707392585d44174e seamonkey-nss-1.0.9-0.1.el3.ia64.rpm 977aebaa5f8993cf1cc2a2305ded404c seamonkey-nss-devel-1.0.9-0.1.el3.ia64.rpm x86_64: 0ec1524ea4a0ec6ec9527744432e4e46 seamonkey-1.0.9-0.1.el3.i386.rpm 47467717e1846061c2e3574ac0d6dae2 seamonkey-1.0.9-0.1.el3.x86_64.rpm 8e1dfbae612fe92bc1307cbd32868d07 seamonkey-chat-1.0.9-0.1.el3.x86_64.rpm 95aa05fcf75052448e081d3db3c06e04 seamonkey-debuginfo-1.0.9-0.1.el3.i386.rpm 3f3eaef152ead60b41bd9269b5ef6427 seamonkey-debuginfo-1.0.9-0.1.el3.x86_64.rpm 53317006c90b482490cf061114a131d4 seamonkey-devel-1.0.9-0.1.el3.x86_64.rpm 09ed5d3f2d2d913382e06e60f365549b seamonkey-dom-inspector-1.0.9-0.1.el3.x86_64.rpm 9b7ee75e2f1f06bd3ec38421bde59f85 seamonkey-js-debugger-1.0.9-0.1.el3.x86_64.rpm e7d973f145c5538dd2937166dcbdedf0 seamonkey-mail-1.0.9-0.1.el3.x86_64.rpm 2c67e944a144d9254441ce20d195b9a2 seamonkey-nspr-1.0.9-0.1.el3.i386.rpm 99e333d52be135659d6d89bf877af8a7 seamonkey-nspr-1.0.9-0.1.el3.x86_64.rpm 9ec50cc2578e5d5e99bca82b64ba825c seamonkey-nspr-devel-1.0.9-0.1.el3.x86_64.rpm 3ab707d18efc50f8d387be56a4d64935 seamonkey-nss-1.0.9-0.1.el3.i386.rpm 712d883020aec4dddf047a030a6401aa seamonkey-nss-1.0.9-0.1.el3.x86_64.rpm 6d09cbcc500ea9c20ebdf6c7b46c465e seamonkey-nss-devel-1.0.9-0.1.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/devhelp-0.10-0.8.el4.src.rpm b2dbc769d559c9b1ad68669b45b56895 devhelp-0.10-0.8.el4.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/seamonkey-1.0.9-2.el4.src.rpm 70ea286e80cbd2b74e43aa45cf615ead seamonkey-1.0.9-2.el4.src.rpm i386: f47581878ad5099ea8134291c4ed6097 devhelp-0.10-0.8.el4.i386.rpm ad7224c4ec0c2336963ba58649fe660f devhelp-debuginfo-0.10-0.8.el4.i386.rpm b6c637cb4ebcd11d95662811282fd3e6 devhelp-devel-0.10-0.8.el4.i386.rpm 00a48dfd7c5ee711c26d20573128f935 seamonkey-1.0.9-2.el4.i386.rpm 340d08eddf2d4c571834f9dc11eb7ed7 seamonkey-chat-1.0.9-2.el4.i386.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm d19101441981adae6310487df6310102 seamonkey-devel-1.0.9-2.el4.i386.rpm 9a870e6c7b86b9557406263efb4d084e seamonkey-dom-inspector-1.0.9-2.el4.i386.rpm 25eb2ac5f3857384c98de15901de6a38 seamonkey-js-debugger-1.0.9-2.el4.i386.rpm 876321ee5937b1a319d4ad8b51748865 seamonkey-mail-1.0.9-2.el4.i386.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 9d9fb68c8ba8492cd789b6cf4fa78037 seamonkey-nspr-devel-1.0.9-2.el4.i386.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm aed4664697f1272b8e2ac2f08a43ff9b seamonkey-nss-devel-1.0.9-2.el4.i386.rpm ia64: 18024680098c08db36f2b91592dfad71 seamonkey-1.0.9-2.el4.ia64.rpm 930e28454235359763fb68637e873f07 seamonkey-chat-1.0.9-2.el4.ia64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm 5bfed2bdbaf456a559bfbe5da0758653 seamonkey-debuginfo-1.0.9-2.el4.ia64.rpm 0b5fef201dcd47c9b1ef5a252fefcb58 seamonkey-devel-1.0.9-2.el4.ia64.rpm 6f92a6ad1aef909542a32886c164769e seamonkey-dom-inspector-1.0.9-2.el4.ia64.rpm a0be2327004115438d4b837440f9f161 seamonkey-js-debugger-1.0.9-2.el4.ia64.rpm 7f62a3dd1b64176da317fa46ed152bae seamonkey-mail-1.0.9-2.el4.ia64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm d8cb3ceaf4a218f926a7e81d9a097d6f seamonkey-nspr-1.0.9-2.el4.ia64.rpm 4e62ad9d8e4be44535ddc4fd12ca9ccf seamonkey-nspr-devel-1.0.9-2.el4.ia64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 6aff2c050c0dfd6b23d85919680d3c2c seamonkey-nss-1.0.9-2.el4.ia64.rpm 61bf50821d81e2eae5cb26f8e5ee0c5f seamonkey-nss-devel-1.0.9-2.el4.ia64.rpm ppc: 15c07ced8fff5935a2ba939e4b053198 devhelp-0.10-0.8.el4.ppc.rpm be6f91d07e90811fe7d0db34727414f7 devhelp-debuginfo-0.10-0.8.el4.ppc.rpm 39f072184a193f63042e6be1a7594899 devhelp-devel-0.10-0.8.el4.ppc.rpm 88f90cefe483ebabf93db3cf8b805ca9 seamonkey-1.0.9-2.el4.ppc.rpm c590704f7388348fbb74717698c132d9 seamonkey-chat-1.0.9-2.el4.ppc.rpm 5a6b2c301744af111c0996b04856cb87 seamonkey-debuginfo-1.0.9-2.el4.ppc.rpm 262161e4bb25a4e15b0e146695dc6f23 seamonkey-devel-1.0.9-2.el4.ppc.rpm 9e780a0a15ee99cd2cf4047efdb86b0d seamonkey-dom-inspector-1.0.9-2.el4.ppc.rpm ffa628965c0c49f7e9522c8d082784cf seamonkey-js-debugger-1.0.9-2.el4.ppc.rpm 670464f306cdee742e4f16a668238ad5 seamonkey-mail-1.0.9-2.el4.ppc.rpm db520ce9545127dbb9cf553951ff8b5f seamonkey-nspr-1.0.9-2.el4.ppc.rpm 57decd6a3ca204d5d91c91c28c4e43d8 seamonkey-nspr-devel-1.0.9-2.el4.ppc.rpm 771c9062065b6b04f708acac854ff3be seamonkey-nss-1.0.9-2.el4.ppc.rpm d2bcb14b013390439b979a6f3226833f seamonkey-nss-devel-1.0.9-2.el4.ppc.rpm s390: 6fc7a09af434ca5bb9075311f64a8c9c seamonkey-1.0.9-2.el4.s390.rpm 234535feb751f850d9f538722b002812 seamonkey-chat-1.0.9-2.el4.s390.rpm 7549941a925c7eef7b1fd166f68a7f64 seamonkey-debuginfo-1.0.9-2.el4.s390.rpm b938105c1edf555a1838d654c4d077b7 seamonkey-devel-1.0.9-2.el4.s390.rpm 042fc333d3a3f82a6cb126f88873f3c6 seamonkey-dom-inspector-1.0.9-2.el4.s390.rpm 109f901e965b7c8f6108391d0118f0e4 seamonkey-js-debugger-1.0.9-2.el4.s390.rpm 26161878d38186418a15890b5ef9ab63 seamonkey-mail-1.0.9-2.el4.s390.rpm 50ede4a84ebcaa8b4eb194122ebd994c seamonkey-nspr-1.0.9-2.el4.s390.rpm a479ff192c299fa840fdefe234b886e4 seamonkey-nspr-devel-1.0.9-2.el4.s390.rpm 84d7b992567a33046e07f65c4797cfa1 seamonkey-nss-1.0.9-2.el4.s390.rpm 1f174f901bfc7d1c4fd1876ae1071b64 seamonkey-nss-devel-1.0.9-2.el4.s390.rpm s390x: e45524403aa4b44d760d32423bbe3d8d seamonkey-1.0.9-2.el4.s390x.rpm 67992dd7398eafee4aa7af9145a0b874 seamonkey-chat-1.0.9-2.el4.s390x.rpm 7549941a925c7eef7b1fd166f68a7f64 seamonkey-debuginfo-1.0.9-2.el4.s390.rpm 9f2587e9fcd5d3a5ce1afde02968df4e seamonkey-debuginfo-1.0.9-2.el4.s390x.rpm b3af2d0aea71aadea0cab1efed2f579a seamonkey-devel-1.0.9-2.el4.s390x.rpm 87f465939b6154df0813467536f9943e seamonkey-dom-inspector-1.0.9-2.el4.s390x.rpm 97b56d0bf1d77a72d35d34ac7b5a1f36 seamonkey-js-debugger-1.0.9-2.el4.s390x.rpm 2f4a83013efc2af6e35329399a79cadc seamonkey-mail-1.0.9-2.el4.s390x.rpm 50ede4a84ebcaa8b4eb194122ebd994c seamonkey-nspr-1.0.9-2.el4.s390.rpm d025eea47dcc11dfbcdc63f790d45124 seamonkey-nspr-1.0.9-2.el4.s390x.rpm de2721e9cff7741d39db3ba14446fe0e seamonkey-nspr-devel-1.0.9-2.el4.s390x.rpm 84d7b992567a33046e07f65c4797cfa1 seamonkey-nss-1.0.9-2.el4.s390.rpm 6b5b62022ae3a95fdc4ccc97092491dc seamonkey-nss-1.0.9-2.el4.s390x.rpm 77994f600c5b636cc38818f3bcee3826 seamonkey-nss-devel-1.0.9-2.el4.s390x.rpm x86_64: a1b86128bf46add0163ef7fa1d4db720 devhelp-0.10-0.8.el4.x86_64.rpm 1414897a4f5e4f22135817979d5acb14 devhelp-debuginfo-0.10-0.8.el4.x86_64.rpm 147a10b7d4085c34a074355fc170f95a devhelp-devel-0.10-0.8.el4.x86_64.rpm a6d0021e977f9287f11a399bfa339d57 seamonkey-1.0.9-2.el4.x86_64.rpm b6e83219c078268970fb2d3666697174 seamonkey-chat-1.0.9-2.el4.x86_64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm ce7602372f6c58d379aa0f4cf4c1fba7 seamonkey-debuginfo-1.0.9-2.el4.x86_64.rpm 08471bf14e7a51bcc6d53486a378578a seamonkey-devel-1.0.9-2.el4.x86_64.rpm d20855828848db42147c0df6c9839e3d seamonkey-dom-inspector-1.0.9-2.el4.x86_64.rpm fc38019d31ea39ef47958adec24d51e9 seamonkey-js-debugger-1.0.9-2.el4.x86_64.rpm 707717d4f1b4d4ee932a6a48be3ce526 seamonkey-mail-1.0.9-2.el4.x86_64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 2761b283e9eb3d1c95af9d5bd44a8176 seamonkey-nspr-1.0.9-2.el4.x86_64.rpm d6d6fc7c31028a0780d70d45ee7252c6 seamonkey-nspr-devel-1.0.9-2.el4.x86_64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 8693087e3f6430c8045731d0b5516c7a seamonkey-nss-1.0.9-2.el4.x86_64.rpm e8309c3a6065ece1a09c93e468d829da seamonkey-nss-devel-1.0.9-2.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/devhelp-0.10-0.8.el4.src.rpm b2dbc769d559c9b1ad68669b45b56895 devhelp-0.10-0.8.el4.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/seamonkey-1.0.9-2.el4.src.rpm 70ea286e80cbd2b74e43aa45cf615ead seamonkey-1.0.9-2.el4.src.rpm i386: f47581878ad5099ea8134291c4ed6097 devhelp-0.10-0.8.el4.i386.rpm ad7224c4ec0c2336963ba58649fe660f devhelp-debuginfo-0.10-0.8.el4.i386.rpm b6c637cb4ebcd11d95662811282fd3e6 devhelp-devel-0.10-0.8.el4.i386.rpm 00a48dfd7c5ee711c26d20573128f935 seamonkey-1.0.9-2.el4.i386.rpm 340d08eddf2d4c571834f9dc11eb7ed7 seamonkey-chat-1.0.9-2.el4.i386.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm d19101441981adae6310487df6310102 seamonkey-devel-1.0.9-2.el4.i386.rpm 9a870e6c7b86b9557406263efb4d084e seamonkey-dom-inspector-1.0.9-2.el4.i386.rpm 25eb2ac5f3857384c98de15901de6a38 seamonkey-js-debugger-1.0.9-2.el4.i386.rpm 876321ee5937b1a319d4ad8b51748865 seamonkey-mail-1.0.9-2.el4.i386.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 9d9fb68c8ba8492cd789b6cf4fa78037 seamonkey-nspr-devel-1.0.9-2.el4.i386.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm aed4664697f1272b8e2ac2f08a43ff9b seamonkey-nss-devel-1.0.9-2.el4.i386.rpm x86_64: a1b86128bf46add0163ef7fa1d4db720 devhelp-0.10-0.8.el4.x86_64.rpm 1414897a4f5e4f22135817979d5acb14 devhelp-debuginfo-0.10-0.8.el4.x86_64.rpm 147a10b7d4085c34a074355fc170f95a devhelp-devel-0.10-0.8.el4.x86_64.rpm a6d0021e977f9287f11a399bfa339d57 seamonkey-1.0.9-2.el4.x86_64.rpm b6e83219c078268970fb2d3666697174 seamonkey-chat-1.0.9-2.el4.x86_64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm ce7602372f6c58d379aa0f4cf4c1fba7 seamonkey-debuginfo-1.0.9-2.el4.x86_64.rpm 08471bf14e7a51bcc6d53486a378578a seamonkey-devel-1.0.9-2.el4.x86_64.rpm d20855828848db42147c0df6c9839e3d seamonkey-dom-inspector-1.0.9-2.el4.x86_64.rpm fc38019d31ea39ef47958adec24d51e9 seamonkey-js-debugger-1.0.9-2.el4.x86_64.rpm 707717d4f1b4d4ee932a6a48be3ce526 seamonkey-mail-1.0.9-2.el4.x86_64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 2761b283e9eb3d1c95af9d5bd44a8176 seamonkey-nspr-1.0.9-2.el4.x86_64.rpm d6d6fc7c31028a0780d70d45ee7252c6 seamonkey-nspr-devel-1.0.9-2.el4.x86_64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 8693087e3f6430c8045731d0b5516c7a seamonkey-nss-1.0.9-2.el4.x86_64.rpm e8309c3a6065ece1a09c93e468d829da seamonkey-nss-devel-1.0.9-2.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/devhelp-0.10-0.8.el4.src.rpm b2dbc769d559c9b1ad68669b45b56895 devhelp-0.10-0.8.el4.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/seamonkey-1.0.9-2.el4.src.rpm 70ea286e80cbd2b74e43aa45cf615ead seamonkey-1.0.9-2.el4.src.rpm i386: f47581878ad5099ea8134291c4ed6097 devhelp-0.10-0.8.el4.i386.rpm ad7224c4ec0c2336963ba58649fe660f devhelp-debuginfo-0.10-0.8.el4.i386.rpm b6c637cb4ebcd11d95662811282fd3e6 devhelp-devel-0.10-0.8.el4.i386.rpm 00a48dfd7c5ee711c26d20573128f935 seamonkey-1.0.9-2.el4.i386.rpm 340d08eddf2d4c571834f9dc11eb7ed7 seamonkey-chat-1.0.9-2.el4.i386.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm d19101441981adae6310487df6310102 seamonkey-devel-1.0.9-2.el4.i386.rpm 9a870e6c7b86b9557406263efb4d084e seamonkey-dom-inspector-1.0.9-2.el4.i386.rpm 25eb2ac5f3857384c98de15901de6a38 seamonkey-js-debugger-1.0.9-2.el4.i386.rpm 876321ee5937b1a319d4ad8b51748865 seamonkey-mail-1.0.9-2.el4.i386.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 9d9fb68c8ba8492cd789b6cf4fa78037 seamonkey-nspr-devel-1.0.9-2.el4.i386.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm aed4664697f1272b8e2ac2f08a43ff9b seamonkey-nss-devel-1.0.9-2.el4.i386.rpm ia64: 18024680098c08db36f2b91592dfad71 seamonkey-1.0.9-2.el4.ia64.rpm 930e28454235359763fb68637e873f07 seamonkey-chat-1.0.9-2.el4.ia64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm 5bfed2bdbaf456a559bfbe5da0758653 seamonkey-debuginfo-1.0.9-2.el4.ia64.rpm 0b5fef201dcd47c9b1ef5a252fefcb58 seamonkey-devel-1.0.9-2.el4.ia64.rpm 6f92a6ad1aef909542a32886c164769e seamonkey-dom-inspector-1.0.9-2.el4.ia64.rpm a0be2327004115438d4b837440f9f161 seamonkey-js-debugger-1.0.9-2.el4.ia64.rpm 7f62a3dd1b64176da317fa46ed152bae seamonkey-mail-1.0.9-2.el4.ia64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm d8cb3ceaf4a218f926a7e81d9a097d6f seamonkey-nspr-1.0.9-2.el4.ia64.rpm 4e62ad9d8e4be44535ddc4fd12ca9ccf seamonkey-nspr-devel-1.0.9-2.el4.ia64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 6aff2c050c0dfd6b23d85919680d3c2c seamonkey-nss-1.0.9-2.el4.ia64.rpm 61bf50821d81e2eae5cb26f8e5ee0c5f seamonkey-nss-devel-1.0.9-2.el4.ia64.rpm x86_64: a1b86128bf46add0163ef7fa1d4db720 devhelp-0.10-0.8.el4.x86_64.rpm 1414897a4f5e4f22135817979d5acb14 devhelp-debuginfo-0.10-0.8.el4.x86_64.rpm 147a10b7d4085c34a074355fc170f95a devhelp-devel-0.10-0.8.el4.x86_64.rpm a6d0021e977f9287f11a399bfa339d57 seamonkey-1.0.9-2.el4.x86_64.rpm b6e83219c078268970fb2d3666697174 seamonkey-chat-1.0.9-2.el4.x86_64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm ce7602372f6c58d379aa0f4cf4c1fba7 seamonkey-debuginfo-1.0.9-2.el4.x86_64.rpm 08471bf14e7a51bcc6d53486a378578a seamonkey-devel-1.0.9-2.el4.x86_64.rpm d20855828848db42147c0df6c9839e3d seamonkey-dom-inspector-1.0.9-2.el4.x86_64.rpm fc38019d31ea39ef47958adec24d51e9 seamonkey-js-debugger-1.0.9-2.el4.x86_64.rpm 707717d4f1b4d4ee932a6a48be3ce526 seamonkey-mail-1.0.9-2.el4.x86_64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 2761b283e9eb3d1c95af9d5bd44a8176 seamonkey-nspr-1.0.9-2.el4.x86_64.rpm d6d6fc7c31028a0780d70d45ee7252c6 seamonkey-nspr-devel-1.0.9-2.el4.x86_64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 8693087e3f6430c8045731d0b5516c7a seamonkey-nss-1.0.9-2.el4.x86_64.rpm e8309c3a6065ece1a09c93e468d829da seamonkey-nss-devel-1.0.9-2.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/devhelp-0.10-0.8.el4.src.rpm b2dbc769d559c9b1ad68669b45b56895 devhelp-0.10-0.8.el4.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/seamonkey-1.0.9-2.el4.src.rpm 70ea286e80cbd2b74e43aa45cf615ead seamonkey-1.0.9-2.el4.src.rpm i386: f47581878ad5099ea8134291c4ed6097 devhelp-0.10-0.8.el4.i386.rpm ad7224c4ec0c2336963ba58649fe660f devhelp-debuginfo-0.10-0.8.el4.i386.rpm b6c637cb4ebcd11d95662811282fd3e6 devhelp-devel-0.10-0.8.el4.i386.rpm 00a48dfd7c5ee711c26d20573128f935 seamonkey-1.0.9-2.el4.i386.rpm 340d08eddf2d4c571834f9dc11eb7ed7 seamonkey-chat-1.0.9-2.el4.i386.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm d19101441981adae6310487df6310102 seamonkey-devel-1.0.9-2.el4.i386.rpm 9a870e6c7b86b9557406263efb4d084e seamonkey-dom-inspector-1.0.9-2.el4.i386.rpm 25eb2ac5f3857384c98de15901de6a38 seamonkey-js-debugger-1.0.9-2.el4.i386.rpm 876321ee5937b1a319d4ad8b51748865 seamonkey-mail-1.0.9-2.el4.i386.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 9d9fb68c8ba8492cd789b6cf4fa78037 seamonkey-nspr-devel-1.0.9-2.el4.i386.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm aed4664697f1272b8e2ac2f08a43ff9b seamonkey-nss-devel-1.0.9-2.el4.i386.rpm ia64: 18024680098c08db36f2b91592dfad71 seamonkey-1.0.9-2.el4.ia64.rpm 930e28454235359763fb68637e873f07 seamonkey-chat-1.0.9-2.el4.ia64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm 5bfed2bdbaf456a559bfbe5da0758653 seamonkey-debuginfo-1.0.9-2.el4.ia64.rpm 0b5fef201dcd47c9b1ef5a252fefcb58 seamonkey-devel-1.0.9-2.el4.ia64.rpm 6f92a6ad1aef909542a32886c164769e seamonkey-dom-inspector-1.0.9-2.el4.ia64.rpm a0be2327004115438d4b837440f9f161 seamonkey-js-debugger-1.0.9-2.el4.ia64.rpm 7f62a3dd1b64176da317fa46ed152bae seamonkey-mail-1.0.9-2.el4.ia64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm d8cb3ceaf4a218f926a7e81d9a097d6f seamonkey-nspr-1.0.9-2.el4.ia64.rpm 4e62ad9d8e4be44535ddc4fd12ca9ccf seamonkey-nspr-devel-1.0.9-2.el4.ia64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 6aff2c050c0dfd6b23d85919680d3c2c seamonkey-nss-1.0.9-2.el4.ia64.rpm 61bf50821d81e2eae5cb26f8e5ee0c5f seamonkey-nss-devel-1.0.9-2.el4.ia64.rpm x86_64: a1b86128bf46add0163ef7fa1d4db720 devhelp-0.10-0.8.el4.x86_64.rpm 1414897a4f5e4f22135817979d5acb14 devhelp-debuginfo-0.10-0.8.el4.x86_64.rpm 147a10b7d4085c34a074355fc170f95a devhelp-devel-0.10-0.8.el4.x86_64.rpm a6d0021e977f9287f11a399bfa339d57 seamonkey-1.0.9-2.el4.x86_64.rpm b6e83219c078268970fb2d3666697174 seamonkey-chat-1.0.9-2.el4.x86_64.rpm 3bd88220759dc1ede09cb8c0dfaa4ca1 seamonkey-debuginfo-1.0.9-2.el4.i386.rpm ce7602372f6c58d379aa0f4cf4c1fba7 seamonkey-debuginfo-1.0.9-2.el4.x86_64.rpm 08471bf14e7a51bcc6d53486a378578a seamonkey-devel-1.0.9-2.el4.x86_64.rpm d20855828848db42147c0df6c9839e3d seamonkey-dom-inspector-1.0.9-2.el4.x86_64.rpm fc38019d31ea39ef47958adec24d51e9 seamonkey-js-debugger-1.0.9-2.el4.x86_64.rpm 707717d4f1b4d4ee932a6a48be3ce526 seamonkey-mail-1.0.9-2.el4.x86_64.rpm 4caf333929c8ebc1be837ca93aa24d06 seamonkey-nspr-1.0.9-2.el4.i386.rpm 2761b283e9eb3d1c95af9d5bd44a8176 seamonkey-nspr-1.0.9-2.el4.x86_64.rpm d6d6fc7c31028a0780d70d45ee7252c6 seamonkey-nspr-devel-1.0.9-2.el4.x86_64.rpm d0b542e53f7013487db741126292c064 seamonkey-nss-1.0.9-2.el4.i386.rpm 8693087e3f6430c8045731d0b5516c7a seamonkey-nss-1.0.9-2.el4.x86_64.rpm e8309c3a6065ece1a09c93e468d829da seamonkey-nss-devel-1.0.9-2.el4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1558 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXjqUXlSAg2UNWIIRAp61AKC5qpUKlLMUjj2wkD8wH05NBrMiCACggRcR ekPKdI/hXos8mdL60umjAVQ= =fN77 -----END PGP SIGNATURE-----