From bugzilla at redhat.com Mon Jan 7 19:11:12 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 7 Jan 2008 14:11:12 -0500 Subject: [RHSA-2008:0002-01] Critical: tog-pegasus security update Message-ID: <200801071911.m07JBC3S021704@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: tog-pegasus security update Advisory ID: RHSA-2008:0002-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0002.html Issue date: 2008-01-07 CVE Names: CVE-2008-0003 ===================================================================== 1. Summary: Updated tog-pegasus packages that fix a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4.5.z - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4.5.z - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The tog-pegasus packages provide OpenPegasus Web-Based Enterprise Management (WBEM) services. WBEM is a platform and resource independent DMTF standard that defines a common information model, and communication protocol for monitoring and controlling resources. During a security audit, a stack buffer overflow flaw was found in the PAM authentication code in the OpenPegasus CIM management server. An unauthenticated remote user could trigger this flaw and potentially execute arbitrary code with root privileges. (CVE-2008-0003) Note that the tog-pegasus packages are not installed by default on Red Hat Enterprise Linux. The Red Hat Security Response Team believes that it would be hard to remotely exploit this issue to execute arbitrary code, due to the default SELinux targeted policy on Red Hat Enterprise Linux 4 and 5, and the SELinux memory protection tests enabled by default on Red Hat Enterprise Linux 5. Users of tog-pegasus should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages the tog-pegasus service should be restarted. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 426578 - CVE-2008-0003 tog-pegasus pam authentication buffer overflow 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/tog-pegasus-2.5.1-5.el4_6.1.src.rpm i386: tog-pegasus-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-test-2.5.1-5.el4_6.1.i386.rpm ia64: tog-pegasus-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.ia64.rpm ppc: tog-pegasus-2.5.1-5.el4_6.1.ppc.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.ppc.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.ppc.rpm tog-pegasus-test-2.5.1-5.el4_6.1.ppc.rpm s390: tog-pegasus-2.5.1-5.el4_6.1.s390.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.s390.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.s390.rpm tog-pegasus-test-2.5.1-5.el4_6.1.s390.rpm s390x: tog-pegasus-2.5.1-5.el4_6.1.s390x.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.s390x.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.s390x.rpm tog-pegasus-test-2.5.1-5.el4_6.1.s390x.rpm x86_64: tog-pegasus-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.x86_64.rpm Red Hat Enterprise Linux AS version 4.5.z: Source: ftp://updates.redhat.com/enterprise/4AS-4.5.z/en/os/SRPMS/tog-pegasus-2.5.1-2.el4_5.1.src.rpm i386: tog-pegasus-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-test-2.5.1-2.el4_5.1.i386.rpm ia64: tog-pegasus-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-test-2.5.1-2.el4_5.1.ia64.rpm ppc: tog-pegasus-2.5.1-2.el4_5.1.ppc.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.ppc.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.ppc.rpm tog-pegasus-test-2.5.1-2.el4_5.1.ppc.rpm s390: tog-pegasus-2.5.1-2.el4_5.1.s390.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.s390.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.s390.rpm tog-pegasus-test-2.5.1-2.el4_5.1.s390.rpm s390x: tog-pegasus-2.5.1-2.el4_5.1.s390x.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.s390x.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.s390x.rpm tog-pegasus-test-2.5.1-2.el4_5.1.s390x.rpm x86_64: tog-pegasus-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-test-2.5.1-2.el4_5.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/tog-pegasus-2.5.1-5.el4_6.1.src.rpm i386: tog-pegasus-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-test-2.5.1-5.el4_6.1.i386.rpm x86_64: tog-pegasus-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/tog-pegasus-2.5.1-5.el4_6.1.src.rpm i386: tog-pegasus-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-test-2.5.1-5.el4_6.1.i386.rpm ia64: tog-pegasus-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.ia64.rpm x86_64: tog-pegasus-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4.5.z: Source: ftp://updates.redhat.com/enterprise/4ES-4.5.z/en/os/SRPMS/tog-pegasus-2.5.1-2.el4_5.1.src.rpm i386: tog-pegasus-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.i386.rpm tog-pegasus-test-2.5.1-2.el4_5.1.i386.rpm ia64: tog-pegasus-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.ia64.rpm tog-pegasus-test-2.5.1-2.el4_5.1.ia64.rpm x86_64: tog-pegasus-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-devel-2.5.1-2.el4_5.1.x86_64.rpm tog-pegasus-test-2.5.1-2.el4_5.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/tog-pegasus-2.5.1-5.el4_6.1.src.rpm i386: tog-pegasus-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.i386.rpm tog-pegasus-test-2.5.1-5.el4_6.1.i386.rpm ia64: tog-pegasus-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.ia64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.ia64.rpm x86_64: tog-pegasus-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-debuginfo-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-devel-2.5.1-5.el4_6.1.x86_64.rpm tog-pegasus-test-2.5.1-5.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tog-pegasus-2.6.1-2.el5_1.1.src.rpm i386: tog-pegasus-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm x86_64: tog-pegasus-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-2.6.1-2.el5_1.1.x86_64.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/tog-pegasus-2.6.1-2.el5_1.1.src.rpm i386: tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.i386.rpm x86_64: tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.x86_64.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/tog-pegasus-2.6.1-2.el5_1.1.src.rpm i386: tog-pegasus-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.i386.rpm ia64: tog-pegasus-2.6.1-2.el5_1.1.ia64.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.ia64.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.ia64.rpm ppc: tog-pegasus-2.6.1-2.el5_1.1.ppc.rpm tog-pegasus-2.6.1-2.el5_1.1.ppc64.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.ppc.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.ppc64.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.ppc.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.ppc64.rpm s390x: tog-pegasus-2.6.1-2.el5_1.1.s390.rpm tog-pegasus-2.6.1-2.el5_1.1.s390x.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.s390.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.s390x.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.s390.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.s390x.rpm x86_64: tog-pegasus-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-2.6.1-2.el5_1.1.x86_64.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-debuginfo-2.6.1-2.el5_1.1.x86_64.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.i386.rpm tog-pegasus-devel-2.6.1-2.el5_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0003 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHgnlOXlSAg2UNWIIRAqjoAJ95kB6MWeQjlAV16zc5GuKpwH1t7gCbBin6 EjazGGXHcsBPUFba7WSFMqg= =AQ8E -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jan 7 19:11:28 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 7 Jan 2008 14:11:28 -0500 Subject: [RHSA-2008:0003-01] Moderate: e2fsprogs security update Message-ID: <200801071911.m07JBStb021729@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: e2fsprogs security update Advisory ID: RHSA-2008:0003-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0003.html Issue date: 2008-01-07 CVE Names: CVE-2007-5497 ===================================================================== 1. Summary: Updated e2fsprogs packages that fix several security issues are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The e2fsprogs packages contain a number of utilities for creating, checking, modifying, and correcting any inconsistencies in second and third extended (ext2/ext3) file systems. Multiple integer overflow flaws were found in the way e2fsprogs processes file system content. If a victim opens a carefully crafted file system with a program using e2fsprogs, it may be possible to execute arbitrary code with the permissions of the victim. It may be possible to leverage this flaw in a virtualized environment to gain access to other virtualized hosts. (CVE-2007-5497) Red Hat would like to thank Rafal Wojtczuk of McAfee Avert Research for responsibly disclosing these issues. Users of e2fsprogs are advised to upgrade to these updated packages, which contain a backported patch to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 403441 - CVE-2007-5497 e2fsprogs multiple integer overflows 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/e2fsprogs-1.26-1.73.src.rpm i386: e2fsprogs-1.26-1.73.i386.rpm e2fsprogs-devel-1.26-1.73.i386.rpm ia64: e2fsprogs-1.26-1.73.ia64.rpm e2fsprogs-devel-1.26-1.73.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/e2fsprogs-1.26-1.73.src.rpm ia64: e2fsprogs-1.26-1.73.ia64.rpm e2fsprogs-devel-1.26-1.73.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/e2fsprogs-1.26-1.73.src.rpm i386: e2fsprogs-1.26-1.73.i386.rpm e2fsprogs-devel-1.26-1.73.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/e2fsprogs-1.26-1.73.src.rpm i386: e2fsprogs-1.26-1.73.i386.rpm e2fsprogs-devel-1.26-1.73.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/e2fsprogs-1.32-15.4.src.rpm i386: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-devel-1.32-15.4.i386.rpm ia64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.ia64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.ia64.rpm e2fsprogs-devel-1.32-15.4.ia64.rpm ppc: e2fsprogs-1.32-15.4.ppc.rpm e2fsprogs-1.32-15.4.ppc64.rpm e2fsprogs-debuginfo-1.32-15.4.ppc.rpm e2fsprogs-debuginfo-1.32-15.4.ppc64.rpm e2fsprogs-devel-1.32-15.4.ppc.rpm s390: e2fsprogs-1.32-15.4.s390.rpm e2fsprogs-debuginfo-1.32-15.4.s390.rpm e2fsprogs-devel-1.32-15.4.s390.rpm s390x: e2fsprogs-1.32-15.4.s390.rpm e2fsprogs-1.32-15.4.s390x.rpm e2fsprogs-debuginfo-1.32-15.4.s390.rpm e2fsprogs-debuginfo-1.32-15.4.s390x.rpm e2fsprogs-devel-1.32-15.4.s390x.rpm x86_64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.x86_64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.x86_64.rpm e2fsprogs-devel-1.32-15.4.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/e2fsprogs-1.32-15.4.src.rpm i386: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-devel-1.32-15.4.i386.rpm x86_64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.x86_64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.x86_64.rpm e2fsprogs-devel-1.32-15.4.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/e2fsprogs-1.32-15.4.src.rpm i386: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-devel-1.32-15.4.i386.rpm ia64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.ia64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.ia64.rpm e2fsprogs-devel-1.32-15.4.ia64.rpm x86_64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.x86_64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.x86_64.rpm e2fsprogs-devel-1.32-15.4.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/e2fsprogs-1.32-15.4.src.rpm i386: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-devel-1.32-15.4.i386.rpm ia64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.ia64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.ia64.rpm e2fsprogs-devel-1.32-15.4.ia64.rpm x86_64: e2fsprogs-1.32-15.4.i386.rpm e2fsprogs-1.32-15.4.x86_64.rpm e2fsprogs-debuginfo-1.32-15.4.i386.rpm e2fsprogs-debuginfo-1.32-15.4.x86_64.rpm e2fsprogs-devel-1.32-15.4.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/e2fsprogs-1.35-12.11.el4_6.1.src.rpm i386: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.i386.rpm ia64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.ia64.rpm ppc: e2fsprogs-1.35-12.11.el4_6.1.ppc.rpm e2fsprogs-1.35-12.11.el4_6.1.ppc64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.ppc.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.ppc64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.ppc.rpm s390: e2fsprogs-1.35-12.11.el4_6.1.s390.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.s390.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.s390.rpm s390x: e2fsprogs-1.35-12.11.el4_6.1.s390.rpm e2fsprogs-1.35-12.11.el4_6.1.s390x.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.s390.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.s390x.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.s390x.rpm x86_64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/e2fsprogs-1.35-12.11.el4_6.1.src.rpm i386: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.i386.rpm x86_64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/e2fsprogs-1.35-12.11.el4_6.1.src.rpm i386: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.i386.rpm ia64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.ia64.rpm x86_64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/e2fsprogs-1.35-12.11.el4_6.1.src.rpm i386: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.i386.rpm ia64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.ia64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.ia64.rpm x86_64: e2fsprogs-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.i386.rpm e2fsprogs-debuginfo-1.35-12.11.el4_6.1.x86_64.rpm e2fsprogs-devel-1.35-12.11.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/e2fsprogs-1.39-10.el5_1.1.src.rpm i386: e2fsprogs-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-libs-1.39-10.el5_1.1.i386.rpm x86_64: e2fsprogs-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-libs-1.39-10.el5_1.1.i386.rpm e2fsprogs-libs-1.39-10.el5_1.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/e2fsprogs-1.39-10.el5_1.1.src.rpm i386: e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-devel-1.39-10.el5_1.1.i386.rpm x86_64: e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-devel-1.39-10.el5_1.1.i386.rpm e2fsprogs-devel-1.39-10.el5_1.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/e2fsprogs-1.39-10.el5_1.1.src.rpm i386: e2fsprogs-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-devel-1.39-10.el5_1.1.i386.rpm e2fsprogs-libs-1.39-10.el5_1.1.i386.rpm ia64: e2fsprogs-1.39-10.el5_1.1.ia64.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.ia64.rpm e2fsprogs-devel-1.39-10.el5_1.1.ia64.rpm e2fsprogs-libs-1.39-10.el5_1.1.i386.rpm e2fsprogs-libs-1.39-10.el5_1.1.ia64.rpm ppc: e2fsprogs-1.39-10.el5_1.1.ppc.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.ppc.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.ppc64.rpm e2fsprogs-devel-1.39-10.el5_1.1.ppc.rpm e2fsprogs-devel-1.39-10.el5_1.1.ppc64.rpm e2fsprogs-libs-1.39-10.el5_1.1.ppc.rpm e2fsprogs-libs-1.39-10.el5_1.1.ppc64.rpm s390x: e2fsprogs-1.39-10.el5_1.1.s390x.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.s390.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.s390x.rpm e2fsprogs-devel-1.39-10.el5_1.1.s390.rpm e2fsprogs-devel-1.39-10.el5_1.1.s390x.rpm e2fsprogs-libs-1.39-10.el5_1.1.s390.rpm e2fsprogs-libs-1.39-10.el5_1.1.s390x.rpm x86_64: e2fsprogs-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.i386.rpm e2fsprogs-debuginfo-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-devel-1.39-10.el5_1.1.i386.rpm e2fsprogs-devel-1.39-10.el5_1.1.x86_64.rpm e2fsprogs-libs-1.39-10.el5_1.1.i386.rpm e2fsprogs-libs-1.39-10.el5_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5497 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHgnlWXlSAg2UNWIIRAiCkAJ0X8A2YiQfIHQqNk2EAGnn72MGc8QCdHqq5 +UYblI2yPnQ7qicnU/zcx1Q= =x87R -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jan 11 12:32:23 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 11 Jan 2008 07:32:23 -0500 Subject: [RHSA-2008:0032-01] Important: libxml2 security update Message-ID: <200801111232.m0BCWNx6010713@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libxml2 security update Advisory ID: RHSA-2008:0032-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0032.html Issue date: 2008-01-11 CVE Names: CVE-2007-6284 ===================================================================== 1. Summary: Updated libxml2 packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The libxml2 packages provide a library that allows you to manipulate XML files. It includes support to read, modify, and write XML and HTML files. A denial of service flaw was found in the way libxml2 processes certain content. If an application linked against libxml2 processes malformed XML content, it could cause the application to stop responding. (CVE-2007-6284) Red Hat would like to thank the Google Security Team for responsibly disclosing this issue. All users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 425927 - CVE-2007-6284 libxml2: infinite loop in UTF-8 decoding 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/libxml2-2.4.19-7.ent.src.rpm i386: libxml2-2.4.19-7.ent.i386.rpm libxml2-devel-2.4.19-7.ent.i386.rpm libxml2-python-2.4.19-7.ent.i386.rpm ia64: libxml2-2.4.19-7.ent.ia64.rpm libxml2-devel-2.4.19-7.ent.ia64.rpm libxml2-python-2.4.19-7.ent.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/libxml2-2.4.19-7.ent.src.rpm ia64: libxml2-2.4.19-7.ent.ia64.rpm libxml2-devel-2.4.19-7.ent.ia64.rpm libxml2-python-2.4.19-7.ent.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/libxml2-2.4.19-7.ent.src.rpm i386: libxml2-2.4.19-7.ent.i386.rpm libxml2-devel-2.4.19-7.ent.i386.rpm libxml2-python-2.4.19-7.ent.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/libxml2-2.4.19-7.ent.src.rpm i386: libxml2-2.4.19-7.ent.i386.rpm libxml2-devel-2.4.19-7.ent.i386.rpm libxml2-python-2.4.19-7.ent.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libxml2-2.5.10-8.src.rpm i386: libxml2-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-devel-2.5.10-8.i386.rpm libxml2-python-2.5.10-8.i386.rpm ia64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.ia64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.ia64.rpm libxml2-devel-2.5.10-8.ia64.rpm libxml2-python-2.5.10-8.ia64.rpm ppc: libxml2-2.5.10-8.ppc.rpm libxml2-2.5.10-8.ppc64.rpm libxml2-debuginfo-2.5.10-8.ppc.rpm libxml2-debuginfo-2.5.10-8.ppc64.rpm libxml2-devel-2.5.10-8.ppc.rpm libxml2-python-2.5.10-8.ppc.rpm s390: libxml2-2.5.10-8.s390.rpm libxml2-debuginfo-2.5.10-8.s390.rpm libxml2-devel-2.5.10-8.s390.rpm libxml2-python-2.5.10-8.s390.rpm s390x: libxml2-2.5.10-8.s390.rpm libxml2-2.5.10-8.s390x.rpm libxml2-debuginfo-2.5.10-8.s390.rpm libxml2-debuginfo-2.5.10-8.s390x.rpm libxml2-devel-2.5.10-8.s390x.rpm libxml2-python-2.5.10-8.s390x.rpm x86_64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.x86_64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.x86_64.rpm libxml2-devel-2.5.10-8.x86_64.rpm libxml2-python-2.5.10-8.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libxml2-2.5.10-8.src.rpm i386: libxml2-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-devel-2.5.10-8.i386.rpm libxml2-python-2.5.10-8.i386.rpm x86_64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.x86_64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.x86_64.rpm libxml2-devel-2.5.10-8.x86_64.rpm libxml2-python-2.5.10-8.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libxml2-2.5.10-8.src.rpm i386: libxml2-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-devel-2.5.10-8.i386.rpm libxml2-python-2.5.10-8.i386.rpm ia64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.ia64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.ia64.rpm libxml2-devel-2.5.10-8.ia64.rpm libxml2-python-2.5.10-8.ia64.rpm x86_64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.x86_64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.x86_64.rpm libxml2-devel-2.5.10-8.x86_64.rpm libxml2-python-2.5.10-8.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libxml2-2.5.10-8.src.rpm i386: libxml2-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-devel-2.5.10-8.i386.rpm libxml2-python-2.5.10-8.i386.rpm ia64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.ia64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.ia64.rpm libxml2-devel-2.5.10-8.ia64.rpm libxml2-python-2.5.10-8.ia64.rpm x86_64: libxml2-2.5.10-8.i386.rpm libxml2-2.5.10-8.x86_64.rpm libxml2-debuginfo-2.5.10-8.i386.rpm libxml2-debuginfo-2.5.10-8.x86_64.rpm libxml2-devel-2.5.10-8.x86_64.rpm libxml2-python-2.5.10-8.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libxml2-2.6.16-10.1.src.rpm i386: libxml2-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-devel-2.6.16-10.1.i386.rpm libxml2-python-2.6.16-10.1.i386.rpm ia64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.ia64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.ia64.rpm libxml2-devel-2.6.16-10.1.ia64.rpm libxml2-python-2.6.16-10.1.ia64.rpm ppc: libxml2-2.6.16-10.1.ppc.rpm libxml2-2.6.16-10.1.ppc64.rpm libxml2-debuginfo-2.6.16-10.1.ppc.rpm libxml2-debuginfo-2.6.16-10.1.ppc64.rpm libxml2-devel-2.6.16-10.1.ppc.rpm libxml2-python-2.6.16-10.1.ppc.rpm s390: libxml2-2.6.16-10.1.s390.rpm libxml2-debuginfo-2.6.16-10.1.s390.rpm libxml2-devel-2.6.16-10.1.s390.rpm libxml2-python-2.6.16-10.1.s390.rpm s390x: libxml2-2.6.16-10.1.s390.rpm libxml2-2.6.16-10.1.s390x.rpm libxml2-debuginfo-2.6.16-10.1.s390.rpm libxml2-debuginfo-2.6.16-10.1.s390x.rpm libxml2-devel-2.6.16-10.1.s390x.rpm libxml2-python-2.6.16-10.1.s390x.rpm x86_64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.x86_64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.x86_64.rpm libxml2-devel-2.6.16-10.1.x86_64.rpm libxml2-python-2.6.16-10.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libxml2-2.6.16-10.1.src.rpm i386: libxml2-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-devel-2.6.16-10.1.i386.rpm libxml2-python-2.6.16-10.1.i386.rpm x86_64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.x86_64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.x86_64.rpm libxml2-devel-2.6.16-10.1.x86_64.rpm libxml2-python-2.6.16-10.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libxml2-2.6.16-10.1.src.rpm i386: libxml2-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-devel-2.6.16-10.1.i386.rpm libxml2-python-2.6.16-10.1.i386.rpm ia64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.ia64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.ia64.rpm libxml2-devel-2.6.16-10.1.ia64.rpm libxml2-python-2.6.16-10.1.ia64.rpm x86_64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.x86_64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.x86_64.rpm libxml2-devel-2.6.16-10.1.x86_64.rpm libxml2-python-2.6.16-10.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libxml2-2.6.16-10.1.src.rpm i386: libxml2-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-devel-2.6.16-10.1.i386.rpm libxml2-python-2.6.16-10.1.i386.rpm ia64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.ia64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.ia64.rpm libxml2-devel-2.6.16-10.1.ia64.rpm libxml2-python-2.6.16-10.1.ia64.rpm x86_64: libxml2-2.6.16-10.1.i386.rpm libxml2-2.6.16-10.1.x86_64.rpm libxml2-debuginfo-2.6.16-10.1.i386.rpm libxml2-debuginfo-2.6.16-10.1.x86_64.rpm libxml2-devel-2.6.16-10.1.x86_64.rpm libxml2-python-2.6.16-10.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.2.1.src.rpm i386: libxml2-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-python-2.6.26-2.1.2.1.i386.rpm x86_64: libxml2-2.6.26-2.1.2.1.i386.rpm libxml2-2.6.26-2.1.2.1.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.x86_64.rpm libxml2-python-2.6.26-2.1.2.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libxml2-2.6.26-2.1.2.1.src.rpm i386: libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-devel-2.6.26-2.1.2.1.i386.rpm x86_64: libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.x86_64.rpm libxml2-devel-2.6.26-2.1.2.1.i386.rpm libxml2-devel-2.6.26-2.1.2.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libxml2-2.6.26-2.1.2.1.src.rpm i386: libxml2-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-devel-2.6.26-2.1.2.1.i386.rpm libxml2-python-2.6.26-2.1.2.1.i386.rpm ia64: libxml2-2.6.26-2.1.2.1.i386.rpm libxml2-2.6.26-2.1.2.1.ia64.rpm libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.ia64.rpm libxml2-devel-2.6.26-2.1.2.1.ia64.rpm libxml2-python-2.6.26-2.1.2.1.ia64.rpm ppc: libxml2-2.6.26-2.1.2.1.ppc.rpm libxml2-2.6.26-2.1.2.1.ppc64.rpm libxml2-debuginfo-2.6.26-2.1.2.1.ppc.rpm libxml2-debuginfo-2.6.26-2.1.2.1.ppc64.rpm libxml2-devel-2.6.26-2.1.2.1.ppc.rpm libxml2-devel-2.6.26-2.1.2.1.ppc64.rpm libxml2-python-2.6.26-2.1.2.1.ppc.rpm s390x: libxml2-2.6.26-2.1.2.1.s390.rpm libxml2-2.6.26-2.1.2.1.s390x.rpm libxml2-debuginfo-2.6.26-2.1.2.1.s390.rpm libxml2-debuginfo-2.6.26-2.1.2.1.s390x.rpm libxml2-devel-2.6.26-2.1.2.1.s390.rpm libxml2-devel-2.6.26-2.1.2.1.s390x.rpm libxml2-python-2.6.26-2.1.2.1.s390x.rpm x86_64: libxml2-2.6.26-2.1.2.1.i386.rpm libxml2-2.6.26-2.1.2.1.x86_64.rpm libxml2-debuginfo-2.6.26-2.1.2.1.i386.rpm libxml2-debuginfo-2.6.26-2.1.2.1.x86_64.rpm libxml2-devel-2.6.26-2.1.2.1.i386.rpm libxml2-devel-2.6.26-2.1.2.1.x86_64.rpm libxml2-python-2.6.26-2.1.2.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6284 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHh2G7XlSAg2UNWIIRAgu/AKCEZLIFQQlHfcqw1WTSZlTZGNHZQgCgiG4o xxKMh3IHJPKxKr5HPuJRidE= =A3CV -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jan 11 12:39:37 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 11 Jan 2008 07:39:37 -0500 Subject: [RHSA-2008:0038-01] Moderate: postgresql security update Message-ID: <200801111239.m0BCdbAW011568@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2008:0038-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0038.html Issue date: 2008-01-11 CVE Names: CVE-2007-3278 CVE-2007-4769 CVE-2007-4772 CVE-2007-6067 CVE-2007-6600 CVE-2007-6601 ===================================================================== 1. Summary: Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. Will Drewry discovered multiple flaws in PostgreSQL's regular expression engine. An authenticated attacker could use these flaws to cause a denial of service by causing the PostgreSQL server to crash, enter an infinite loop, or use extensive CPU and memory resources while processing queries containing specially crafted regular expressions. Applications that accept regular expressions from untrusted sources may expose this problem to unauthorized attackers. (CVE-2007-4769, CVE-2007-4772, CVE-2007-6067) A privilege escalation flaw was discovered in PostgreSQL. An authenticated attacker could create an index function that would be executed with administrator privileges during database maintenance tasks, such as database vacuuming. (CVE-2007-6600) A privilege escalation flaw was discovered in PostgreSQL's Database Link library (dblink). An authenticated attacker could use dblink to possibly escalate privileges on systems with "trust" or "ident" authentication configured. Please note that dblink functionality is not enabled by default, and can only by enabled by a database administrator on systems with the postgresql-contrib package installed. (CVE-2007-3278, CVE-2007-6601) All postgresql users should upgrade to these updated packages, which include PostgreSQL 7.4.19 and 8.1.11, and resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 309141 - CVE-2007-3278 dblink allows proxying of database connections via 127.0.0.1 315231 - CVE-2007-4769 postgresql integer overflow in regex code 316511 - CVE-2007-4772 postgresql DoS via infinite loop in regex NFA optimization code 400931 - CVE-2007-6067 postgresql: tempory DoS caused by slow regex NFA cleanup 427127 - CVE-2007-6600 PostgreSQL privilege escalation 427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/postgresql-7.4.19-1.el4_6.1.src.rpm i386: postgresql-7.4.19-1.el4_6.1.i386.rpm postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-devel-7.4.19-1.el4_6.1.i386.rpm postgresql-docs-7.4.19-1.el4_6.1.i386.rpm postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-pl-7.4.19-1.el4_6.1.i386.rpm postgresql-python-7.4.19-1.el4_6.1.i386.rpm postgresql-server-7.4.19-1.el4_6.1.i386.rpm postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm postgresql-test-7.4.19-1.el4_6.1.i386.rpm ia64: postgresql-7.4.19-1.el4_6.1.ia64.rpm postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.ia64.rpm postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm postgresql-python-7.4.19-1.el4_6.1.ia64.rpm postgresql-server-7.4.19-1.el4_6.1.ia64.rpm postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm postgresql-test-7.4.19-1.el4_6.1.ia64.rpm ppc: postgresql-7.4.19-1.el4_6.1.ppc.rpm postgresql-contrib-7.4.19-1.el4_6.1.ppc.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.ppc.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.ppc64.rpm postgresql-devel-7.4.19-1.el4_6.1.ppc.rpm postgresql-docs-7.4.19-1.el4_6.1.ppc.rpm postgresql-jdbc-7.4.19-1.el4_6.1.ppc.rpm postgresql-libs-7.4.19-1.el4_6.1.ppc.rpm postgresql-libs-7.4.19-1.el4_6.1.ppc64.rpm postgresql-pl-7.4.19-1.el4_6.1.ppc.rpm postgresql-python-7.4.19-1.el4_6.1.ppc.rpm postgresql-server-7.4.19-1.el4_6.1.ppc.rpm postgresql-tcl-7.4.19-1.el4_6.1.ppc.rpm postgresql-test-7.4.19-1.el4_6.1.ppc.rpm s390: postgresql-7.4.19-1.el4_6.1.s390.rpm postgresql-contrib-7.4.19-1.el4_6.1.s390.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.s390.rpm postgresql-devel-7.4.19-1.el4_6.1.s390.rpm postgresql-docs-7.4.19-1.el4_6.1.s390.rpm postgresql-jdbc-7.4.19-1.el4_6.1.s390.rpm postgresql-libs-7.4.19-1.el4_6.1.s390.rpm postgresql-pl-7.4.19-1.el4_6.1.s390.rpm postgresql-python-7.4.19-1.el4_6.1.s390.rpm postgresql-server-7.4.19-1.el4_6.1.s390.rpm postgresql-tcl-7.4.19-1.el4_6.1.s390.rpm postgresql-test-7.4.19-1.el4_6.1.s390.rpm s390x: postgresql-7.4.19-1.el4_6.1.s390x.rpm postgresql-contrib-7.4.19-1.el4_6.1.s390x.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.s390.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.s390x.rpm postgresql-devel-7.4.19-1.el4_6.1.s390x.rpm postgresql-docs-7.4.19-1.el4_6.1.s390x.rpm postgresql-jdbc-7.4.19-1.el4_6.1.s390x.rpm postgresql-libs-7.4.19-1.el4_6.1.s390.rpm postgresql-libs-7.4.19-1.el4_6.1.s390x.rpm postgresql-pl-7.4.19-1.el4_6.1.s390x.rpm postgresql-python-7.4.19-1.el4_6.1.s390x.rpm postgresql-server-7.4.19-1.el4_6.1.s390x.rpm postgresql-tcl-7.4.19-1.el4_6.1.s390x.rpm postgresql-test-7.4.19-1.el4_6.1.s390x.rpm x86_64: postgresql-7.4.19-1.el4_6.1.x86_64.rpm postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.x86_64.rpm postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/postgresql-7.4.19-1.el4_6.1.src.rpm i386: postgresql-7.4.19-1.el4_6.1.i386.rpm postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-devel-7.4.19-1.el4_6.1.i386.rpm postgresql-docs-7.4.19-1.el4_6.1.i386.rpm postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-pl-7.4.19-1.el4_6.1.i386.rpm postgresql-python-7.4.19-1.el4_6.1.i386.rpm postgresql-server-7.4.19-1.el4_6.1.i386.rpm postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm postgresql-test-7.4.19-1.el4_6.1.i386.rpm x86_64: postgresql-7.4.19-1.el4_6.1.x86_64.rpm postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.x86_64.rpm postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/postgresql-7.4.19-1.el4_6.1.src.rpm i386: postgresql-7.4.19-1.el4_6.1.i386.rpm postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-devel-7.4.19-1.el4_6.1.i386.rpm postgresql-docs-7.4.19-1.el4_6.1.i386.rpm postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-pl-7.4.19-1.el4_6.1.i386.rpm postgresql-python-7.4.19-1.el4_6.1.i386.rpm postgresql-server-7.4.19-1.el4_6.1.i386.rpm postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm postgresql-test-7.4.19-1.el4_6.1.i386.rpm ia64: postgresql-7.4.19-1.el4_6.1.ia64.rpm postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.ia64.rpm postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm postgresql-python-7.4.19-1.el4_6.1.ia64.rpm postgresql-server-7.4.19-1.el4_6.1.ia64.rpm postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm postgresql-test-7.4.19-1.el4_6.1.ia64.rpm x86_64: postgresql-7.4.19-1.el4_6.1.x86_64.rpm postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.x86_64.rpm postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/postgresql-7.4.19-1.el4_6.1.src.rpm i386: postgresql-7.4.19-1.el4_6.1.i386.rpm postgresql-contrib-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-devel-7.4.19-1.el4_6.1.i386.rpm postgresql-docs-7.4.19-1.el4_6.1.i386.rpm postgresql-jdbc-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-pl-7.4.19-1.el4_6.1.i386.rpm postgresql-python-7.4.19-1.el4_6.1.i386.rpm postgresql-server-7.4.19-1.el4_6.1.i386.rpm postgresql-tcl-7.4.19-1.el4_6.1.i386.rpm postgresql-test-7.4.19-1.el4_6.1.i386.rpm ia64: postgresql-7.4.19-1.el4_6.1.ia64.rpm postgresql-contrib-7.4.19-1.el4_6.1.ia64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.ia64.rpm postgresql-devel-7.4.19-1.el4_6.1.ia64.rpm postgresql-docs-7.4.19-1.el4_6.1.ia64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.ia64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.ia64.rpm postgresql-pl-7.4.19-1.el4_6.1.ia64.rpm postgresql-python-7.4.19-1.el4_6.1.ia64.rpm postgresql-server-7.4.19-1.el4_6.1.ia64.rpm postgresql-tcl-7.4.19-1.el4_6.1.ia64.rpm postgresql-test-7.4.19-1.el4_6.1.ia64.rpm x86_64: postgresql-7.4.19-1.el4_6.1.x86_64.rpm postgresql-contrib-7.4.19-1.el4_6.1.x86_64.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.i386.rpm postgresql-debuginfo-7.4.19-1.el4_6.1.x86_64.rpm postgresql-devel-7.4.19-1.el4_6.1.x86_64.rpm postgresql-docs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-jdbc-7.4.19-1.el4_6.1.x86_64.rpm postgresql-libs-7.4.19-1.el4_6.1.i386.rpm postgresql-libs-7.4.19-1.el4_6.1.x86_64.rpm postgresql-pl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-python-7.4.19-1.el4_6.1.x86_64.rpm postgresql-server-7.4.19-1.el4_6.1.x86_64.rpm postgresql-tcl-7.4.19-1.el4_6.1.x86_64.rpm postgresql-test-7.4.19-1.el4_6.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.11-1.el5_1.1.src.rpm i386: postgresql-8.1.11-1.el5_1.1.i386.rpm postgresql-contrib-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-docs-8.1.11-1.el5_1.1.i386.rpm postgresql-libs-8.1.11-1.el5_1.1.i386.rpm postgresql-python-8.1.11-1.el5_1.1.i386.rpm postgresql-tcl-8.1.11-1.el5_1.1.i386.rpm x86_64: postgresql-8.1.11-1.el5_1.1.x86_64.rpm postgresql-contrib-8.1.11-1.el5_1.1.x86_64.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.x86_64.rpm postgresql-docs-8.1.11-1.el5_1.1.x86_64.rpm postgresql-libs-8.1.11-1.el5_1.1.i386.rpm postgresql-libs-8.1.11-1.el5_1.1.x86_64.rpm postgresql-python-8.1.11-1.el5_1.1.x86_64.rpm postgresql-tcl-8.1.11-1.el5_1.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/postgresql-8.1.11-1.el5_1.1.src.rpm i386: postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-devel-8.1.11-1.el5_1.1.i386.rpm postgresql-pl-8.1.11-1.el5_1.1.i386.rpm postgresql-server-8.1.11-1.el5_1.1.i386.rpm postgresql-test-8.1.11-1.el5_1.1.i386.rpm x86_64: postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.x86_64.rpm postgresql-devel-8.1.11-1.el5_1.1.i386.rpm postgresql-devel-8.1.11-1.el5_1.1.x86_64.rpm postgresql-pl-8.1.11-1.el5_1.1.x86_64.rpm postgresql-server-8.1.11-1.el5_1.1.x86_64.rpm postgresql-test-8.1.11-1.el5_1.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/postgresql-8.1.11-1.el5_1.1.src.rpm i386: postgresql-8.1.11-1.el5_1.1.i386.rpm postgresql-contrib-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-devel-8.1.11-1.el5_1.1.i386.rpm postgresql-docs-8.1.11-1.el5_1.1.i386.rpm postgresql-libs-8.1.11-1.el5_1.1.i386.rpm postgresql-pl-8.1.11-1.el5_1.1.i386.rpm postgresql-python-8.1.11-1.el5_1.1.i386.rpm postgresql-server-8.1.11-1.el5_1.1.i386.rpm postgresql-tcl-8.1.11-1.el5_1.1.i386.rpm postgresql-test-8.1.11-1.el5_1.1.i386.rpm ia64: postgresql-8.1.11-1.el5_1.1.ia64.rpm postgresql-contrib-8.1.11-1.el5_1.1.ia64.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.ia64.rpm postgresql-devel-8.1.11-1.el5_1.1.ia64.rpm postgresql-docs-8.1.11-1.el5_1.1.ia64.rpm postgresql-libs-8.1.11-1.el5_1.1.i386.rpm postgresql-libs-8.1.11-1.el5_1.1.ia64.rpm postgresql-pl-8.1.11-1.el5_1.1.ia64.rpm postgresql-python-8.1.11-1.el5_1.1.ia64.rpm postgresql-server-8.1.11-1.el5_1.1.ia64.rpm postgresql-tcl-8.1.11-1.el5_1.1.ia64.rpm postgresql-test-8.1.11-1.el5_1.1.ia64.rpm ppc: postgresql-8.1.11-1.el5_1.1.ppc.rpm postgresql-contrib-8.1.11-1.el5_1.1.ppc.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.ppc.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.ppc64.rpm postgresql-devel-8.1.11-1.el5_1.1.ppc.rpm postgresql-devel-8.1.11-1.el5_1.1.ppc64.rpm postgresql-docs-8.1.11-1.el5_1.1.ppc.rpm postgresql-libs-8.1.11-1.el5_1.1.ppc.rpm postgresql-libs-8.1.11-1.el5_1.1.ppc64.rpm postgresql-pl-8.1.11-1.el5_1.1.ppc.rpm postgresql-python-8.1.11-1.el5_1.1.ppc.rpm postgresql-server-8.1.11-1.el5_1.1.ppc.rpm postgresql-tcl-8.1.11-1.el5_1.1.ppc.rpm postgresql-test-8.1.11-1.el5_1.1.ppc.rpm s390x: postgresql-8.1.11-1.el5_1.1.s390x.rpm postgresql-contrib-8.1.11-1.el5_1.1.s390x.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.s390.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.s390x.rpm postgresql-devel-8.1.11-1.el5_1.1.s390.rpm postgresql-devel-8.1.11-1.el5_1.1.s390x.rpm postgresql-docs-8.1.11-1.el5_1.1.s390x.rpm postgresql-libs-8.1.11-1.el5_1.1.s390.rpm postgresql-libs-8.1.11-1.el5_1.1.s390x.rpm postgresql-pl-8.1.11-1.el5_1.1.s390x.rpm postgresql-python-8.1.11-1.el5_1.1.s390x.rpm postgresql-server-8.1.11-1.el5_1.1.s390x.rpm postgresql-tcl-8.1.11-1.el5_1.1.s390x.rpm postgresql-test-8.1.11-1.el5_1.1.s390x.rpm x86_64: postgresql-8.1.11-1.el5_1.1.x86_64.rpm postgresql-contrib-8.1.11-1.el5_1.1.x86_64.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.i386.rpm postgresql-debuginfo-8.1.11-1.el5_1.1.x86_64.rpm postgresql-devel-8.1.11-1.el5_1.1.i386.rpm postgresql-devel-8.1.11-1.el5_1.1.x86_64.rpm postgresql-docs-8.1.11-1.el5_1.1.x86_64.rpm postgresql-libs-8.1.11-1.el5_1.1.i386.rpm postgresql-libs-8.1.11-1.el5_1.1.x86_64.rpm postgresql-pl-8.1.11-1.el5_1.1.x86_64.rpm postgresql-python-8.1.11-1.el5_1.1.x86_64.rpm postgresql-server-8.1.11-1.el5_1.1.x86_64.rpm postgresql-tcl-8.1.11-1.el5_1.1.x86_64.rpm postgresql-test-8.1.11-1.el5_1.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4769 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4772 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6067 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHh2N3XlSAg2UNWIIRAr/KAKCozeiMd7cAd8eCNJRPRtuS96MrpwCgpTro tau8aqhrW5973eWxp+PLL4Q= =Ar3r -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jan 11 12:45:40 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 11 Jan 2008 07:45:40 -0500 Subject: [RHSA-2008:0039-01] Moderate: postgresql security update Message-ID: <200801111245.m0BCjeKA012897@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: postgresql security update Advisory ID: RHSA-2008:0039-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0039.html Issue date: 2008-01-11 CVE Names: CVE-2007-3278 CVE-2007-6600 CVE-2007-6601 ===================================================================== 1. Summary: Updated postgresql packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: PostgreSQL is an advanced Object-Relational database management system (DBMS). The postgresql packages include the client programs and libraries needed to access a PostgreSQL DBMS server. A privilege escalation flaw was discovered in PostgreSQL. An authenticated attacker could create an index function that would be executed with administrator privileges during database maintenance tasks, such as database vacuuming. (CVE-2007-6600) A privilege escalation flaw was discovered in PostgreSQL's Database Link library (dblink). An authenticated attacker could use dblink to possibly escalate privileges on systems with "trust" or "ident" authentication configured. Please note that dblink functionality is not enabled by default, and can only by enabled by a database administrator on systems with the postgresql-contrib package installed. (CVE-2007-3278, CVE-2007-6601) All postgresql users should upgrade to these updated packages, which include PostgreSQL 7.3.21 and resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 309141 - CVE-2007-3278 dblink allows proxying of database connections via 127.0.0.1 427127 - CVE-2007-6600 PostgreSQL privilege escalation 427128 - CVE-2007-6601 PostgreSQL privilege escalation via dblink 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/rh-postgresql-7.3.21-1.src.rpm i386: rh-postgresql-7.3.21-1.i386.rpm rh-postgresql-contrib-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-devel-7.3.21-1.i386.rpm rh-postgresql-docs-7.3.21-1.i386.rpm rh-postgresql-jdbc-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-pl-7.3.21-1.i386.rpm rh-postgresql-python-7.3.21-1.i386.rpm rh-postgresql-server-7.3.21-1.i386.rpm rh-postgresql-tcl-7.3.21-1.i386.rpm rh-postgresql-test-7.3.21-1.i386.rpm ia64: rh-postgresql-7.3.21-1.ia64.rpm rh-postgresql-contrib-7.3.21-1.ia64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.ia64.rpm rh-postgresql-devel-7.3.21-1.ia64.rpm rh-postgresql-docs-7.3.21-1.ia64.rpm rh-postgresql-jdbc-7.3.21-1.ia64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.ia64.rpm rh-postgresql-pl-7.3.21-1.ia64.rpm rh-postgresql-python-7.3.21-1.ia64.rpm rh-postgresql-server-7.3.21-1.ia64.rpm rh-postgresql-tcl-7.3.21-1.ia64.rpm rh-postgresql-test-7.3.21-1.ia64.rpm ppc: rh-postgresql-7.3.21-1.ppc.rpm rh-postgresql-contrib-7.3.21-1.ppc.rpm rh-postgresql-debuginfo-7.3.21-1.ppc.rpm rh-postgresql-debuginfo-7.3.21-1.ppc64.rpm rh-postgresql-devel-7.3.21-1.ppc.rpm rh-postgresql-docs-7.3.21-1.ppc.rpm rh-postgresql-jdbc-7.3.21-1.ppc.rpm rh-postgresql-libs-7.3.21-1.ppc.rpm rh-postgresql-libs-7.3.21-1.ppc64.rpm rh-postgresql-pl-7.3.21-1.ppc.rpm rh-postgresql-python-7.3.21-1.ppc.rpm rh-postgresql-server-7.3.21-1.ppc.rpm rh-postgresql-tcl-7.3.21-1.ppc.rpm rh-postgresql-test-7.3.21-1.ppc.rpm s390: rh-postgresql-7.3.21-1.s390.rpm rh-postgresql-contrib-7.3.21-1.s390.rpm rh-postgresql-debuginfo-7.3.21-1.s390.rpm rh-postgresql-devel-7.3.21-1.s390.rpm rh-postgresql-docs-7.3.21-1.s390.rpm rh-postgresql-jdbc-7.3.21-1.s390.rpm rh-postgresql-libs-7.3.21-1.s390.rpm rh-postgresql-pl-7.3.21-1.s390.rpm rh-postgresql-python-7.3.21-1.s390.rpm rh-postgresql-server-7.3.21-1.s390.rpm rh-postgresql-tcl-7.3.21-1.s390.rpm rh-postgresql-test-7.3.21-1.s390.rpm s390x: rh-postgresql-7.3.21-1.s390x.rpm rh-postgresql-contrib-7.3.21-1.s390x.rpm rh-postgresql-debuginfo-7.3.21-1.s390.rpm rh-postgresql-debuginfo-7.3.21-1.s390x.rpm rh-postgresql-devel-7.3.21-1.s390x.rpm rh-postgresql-docs-7.3.21-1.s390x.rpm rh-postgresql-jdbc-7.3.21-1.s390x.rpm rh-postgresql-libs-7.3.21-1.s390.rpm rh-postgresql-libs-7.3.21-1.s390x.rpm rh-postgresql-pl-7.3.21-1.s390x.rpm rh-postgresql-python-7.3.21-1.s390x.rpm rh-postgresql-server-7.3.21-1.s390x.rpm rh-postgresql-tcl-7.3.21-1.s390x.rpm rh-postgresql-test-7.3.21-1.s390x.rpm x86_64: rh-postgresql-7.3.21-1.x86_64.rpm rh-postgresql-contrib-7.3.21-1.x86_64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.x86_64.rpm rh-postgresql-devel-7.3.21-1.x86_64.rpm rh-postgresql-docs-7.3.21-1.x86_64.rpm rh-postgresql-jdbc-7.3.21-1.x86_64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.x86_64.rpm rh-postgresql-pl-7.3.21-1.x86_64.rpm rh-postgresql-python-7.3.21-1.x86_64.rpm rh-postgresql-server-7.3.21-1.x86_64.rpm rh-postgresql-tcl-7.3.21-1.x86_64.rpm rh-postgresql-test-7.3.21-1.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/rh-postgresql-7.3.21-1.src.rpm i386: rh-postgresql-7.3.21-1.i386.rpm rh-postgresql-contrib-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-devel-7.3.21-1.i386.rpm rh-postgresql-docs-7.3.21-1.i386.rpm rh-postgresql-jdbc-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-pl-7.3.21-1.i386.rpm rh-postgresql-python-7.3.21-1.i386.rpm rh-postgresql-server-7.3.21-1.i386.rpm rh-postgresql-tcl-7.3.21-1.i386.rpm rh-postgresql-test-7.3.21-1.i386.rpm x86_64: rh-postgresql-7.3.21-1.x86_64.rpm rh-postgresql-contrib-7.3.21-1.x86_64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.x86_64.rpm rh-postgresql-devel-7.3.21-1.x86_64.rpm rh-postgresql-docs-7.3.21-1.x86_64.rpm rh-postgresql-jdbc-7.3.21-1.x86_64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.x86_64.rpm rh-postgresql-pl-7.3.21-1.x86_64.rpm rh-postgresql-python-7.3.21-1.x86_64.rpm rh-postgresql-server-7.3.21-1.x86_64.rpm rh-postgresql-tcl-7.3.21-1.x86_64.rpm rh-postgresql-test-7.3.21-1.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/rh-postgresql-7.3.21-1.src.rpm i386: rh-postgresql-7.3.21-1.i386.rpm rh-postgresql-contrib-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-devel-7.3.21-1.i386.rpm rh-postgresql-docs-7.3.21-1.i386.rpm rh-postgresql-jdbc-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-pl-7.3.21-1.i386.rpm rh-postgresql-python-7.3.21-1.i386.rpm rh-postgresql-server-7.3.21-1.i386.rpm rh-postgresql-tcl-7.3.21-1.i386.rpm rh-postgresql-test-7.3.21-1.i386.rpm ia64: rh-postgresql-7.3.21-1.ia64.rpm rh-postgresql-contrib-7.3.21-1.ia64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.ia64.rpm rh-postgresql-devel-7.3.21-1.ia64.rpm rh-postgresql-docs-7.3.21-1.ia64.rpm rh-postgresql-jdbc-7.3.21-1.ia64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.ia64.rpm rh-postgresql-pl-7.3.21-1.ia64.rpm rh-postgresql-python-7.3.21-1.ia64.rpm rh-postgresql-server-7.3.21-1.ia64.rpm rh-postgresql-tcl-7.3.21-1.ia64.rpm rh-postgresql-test-7.3.21-1.ia64.rpm x86_64: rh-postgresql-7.3.21-1.x86_64.rpm rh-postgresql-contrib-7.3.21-1.x86_64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.x86_64.rpm rh-postgresql-devel-7.3.21-1.x86_64.rpm rh-postgresql-docs-7.3.21-1.x86_64.rpm rh-postgresql-jdbc-7.3.21-1.x86_64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.x86_64.rpm rh-postgresql-pl-7.3.21-1.x86_64.rpm rh-postgresql-python-7.3.21-1.x86_64.rpm rh-postgresql-server-7.3.21-1.x86_64.rpm rh-postgresql-tcl-7.3.21-1.x86_64.rpm rh-postgresql-test-7.3.21-1.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/rh-postgresql-7.3.21-1.src.rpm i386: rh-postgresql-7.3.21-1.i386.rpm rh-postgresql-contrib-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-devel-7.3.21-1.i386.rpm rh-postgresql-docs-7.3.21-1.i386.rpm rh-postgresql-jdbc-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-pl-7.3.21-1.i386.rpm rh-postgresql-python-7.3.21-1.i386.rpm rh-postgresql-server-7.3.21-1.i386.rpm rh-postgresql-tcl-7.3.21-1.i386.rpm rh-postgresql-test-7.3.21-1.i386.rpm ia64: rh-postgresql-7.3.21-1.ia64.rpm rh-postgresql-contrib-7.3.21-1.ia64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.ia64.rpm rh-postgresql-devel-7.3.21-1.ia64.rpm rh-postgresql-docs-7.3.21-1.ia64.rpm rh-postgresql-jdbc-7.3.21-1.ia64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.ia64.rpm rh-postgresql-pl-7.3.21-1.ia64.rpm rh-postgresql-python-7.3.21-1.ia64.rpm rh-postgresql-server-7.3.21-1.ia64.rpm rh-postgresql-tcl-7.3.21-1.ia64.rpm rh-postgresql-test-7.3.21-1.ia64.rpm x86_64: rh-postgresql-7.3.21-1.x86_64.rpm rh-postgresql-contrib-7.3.21-1.x86_64.rpm rh-postgresql-debuginfo-7.3.21-1.i386.rpm rh-postgresql-debuginfo-7.3.21-1.x86_64.rpm rh-postgresql-devel-7.3.21-1.x86_64.rpm rh-postgresql-docs-7.3.21-1.x86_64.rpm rh-postgresql-jdbc-7.3.21-1.x86_64.rpm rh-postgresql-libs-7.3.21-1.i386.rpm rh-postgresql-libs-7.3.21-1.x86_64.rpm rh-postgresql-pl-7.3.21-1.x86_64.rpm rh-postgresql-python-7.3.21-1.x86_64.rpm rh-postgresql-server-7.3.21-1.x86_64.rpm rh-postgresql-tcl-7.3.21-1.x86_64.rpm rh-postgresql-test-7.3.21-1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3278 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6600 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6601 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHh2TuXlSAg2UNWIIRArcVAKCGH25vKnTSgMrotPxMBQ+uhQgU6QCgiwO7 KF7Z1fViOOMGLIbQQNOd6ts= =brKx -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jan 15 09:12:03 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Jan 2008 04:12:03 -0500 Subject: [RHSA-2008:0004-01] Moderate: apache security update Message-ID: <200801150912.m0F9C3I6015437@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: apache security update Advisory ID: RHSA-2008:0004-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0004.html Issue date: 2008-01-15 CVE Names: CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 ===================================================================== 1. Summary: Updated apache packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imap module. On sites where mod_imap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack was possible against Web browsers which did not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly available, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against Web browsers which did not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of Apache should upgrade to these updated packages, which contain backported patches to resolve these issues. Users should restart Apache after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 289511 - CVE-2007-4465 mod_autoindex XSS 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/apache-1.3.27-14.ent.src.rpm i386: apache-1.3.27-14.ent.i386.rpm apache-devel-1.3.27-14.ent.i386.rpm apache-manual-1.3.27-14.ent.i386.rpm ia64: apache-1.3.27-14.ent.ia64.rpm apache-devel-1.3.27-14.ent.ia64.rpm apache-manual-1.3.27-14.ent.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/apache-1.3.27-14.ent.src.rpm ia64: apache-1.3.27-14.ent.ia64.rpm apache-devel-1.3.27-14.ent.ia64.rpm apache-manual-1.3.27-14.ent.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/apache-1.3.27-14.ent.src.rpm i386: apache-1.3.27-14.ent.i386.rpm apache-devel-1.3.27-14.ent.i386.rpm apache-manual-1.3.27-14.ent.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/apache-1.3.27-14.ent.src.rpm i386: apache-1.3.27-14.ent.i386.rpm apache-devel-1.3.27-14.ent.i386.rpm apache-manual-1.3.27-14.ent.i386.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHjHi8XlSAg2UNWIIRAr+1AKCk1KwM9lEz31uT3AOP7GRdlH2LUACgoepU qxv0O6/y0IE+59+DyzqrOlQ= =t5n5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jan 15 09:18:42 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Jan 2008 04:18:42 -0500 Subject: [RHSA-2008:0005-01] Moderate: httpd security update Message-ID: <200801150918.m0F9Igh1016208@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2008:0005-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0005.html Issue date: 2008-01-15 CVE Names: CVE-2007-3847 CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 ===================================================================== 1. Summary: Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imap module. On sites where mod_imap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack was possible against Web browsers which did not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465) A flaw was found in the mod_proxy module. On sites where a reverse proxy is configured, a remote attacker could send a carefully crafted request that would cause the Apache child process handling that request to crash. On sites where a forward proxy is configured, an attacker could cause a similar crash if a user could be persuaded to visit a malicious site using the proxy. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-3847) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly available, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against Web browsers which did not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of Apache httpd should upgrade to these updated packages, which contain backported patches to resolve these issues. Users should restart httpd after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 250731 - CVE-2007-3847 httpd out of bounds read 289511 - CVE-2007-4465 mod_autoindex XSS 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-70.ent.src.rpm i386: httpd-2.0.46-70.ent.i386.rpm httpd-debuginfo-2.0.46-70.ent.i386.rpm httpd-devel-2.0.46-70.ent.i386.rpm mod_ssl-2.0.46-70.ent.i386.rpm ia64: httpd-2.0.46-70.ent.ia64.rpm httpd-debuginfo-2.0.46-70.ent.ia64.rpm httpd-devel-2.0.46-70.ent.ia64.rpm mod_ssl-2.0.46-70.ent.ia64.rpm ppc: httpd-2.0.46-70.ent.ppc.rpm httpd-debuginfo-2.0.46-70.ent.ppc.rpm httpd-devel-2.0.46-70.ent.ppc.rpm mod_ssl-2.0.46-70.ent.ppc.rpm s390: httpd-2.0.46-70.ent.s390.rpm httpd-debuginfo-2.0.46-70.ent.s390.rpm httpd-devel-2.0.46-70.ent.s390.rpm mod_ssl-2.0.46-70.ent.s390.rpm s390x: httpd-2.0.46-70.ent.s390x.rpm httpd-debuginfo-2.0.46-70.ent.s390x.rpm httpd-devel-2.0.46-70.ent.s390x.rpm mod_ssl-2.0.46-70.ent.s390x.rpm x86_64: httpd-2.0.46-70.ent.x86_64.rpm httpd-debuginfo-2.0.46-70.ent.x86_64.rpm httpd-devel-2.0.46-70.ent.x86_64.rpm mod_ssl-2.0.46-70.ent.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-70.ent.src.rpm i386: httpd-2.0.46-70.ent.i386.rpm httpd-debuginfo-2.0.46-70.ent.i386.rpm httpd-devel-2.0.46-70.ent.i386.rpm mod_ssl-2.0.46-70.ent.i386.rpm x86_64: httpd-2.0.46-70.ent.x86_64.rpm httpd-debuginfo-2.0.46-70.ent.x86_64.rpm httpd-devel-2.0.46-70.ent.x86_64.rpm mod_ssl-2.0.46-70.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-70.ent.src.rpm i386: httpd-2.0.46-70.ent.i386.rpm httpd-debuginfo-2.0.46-70.ent.i386.rpm httpd-devel-2.0.46-70.ent.i386.rpm mod_ssl-2.0.46-70.ent.i386.rpm ia64: httpd-2.0.46-70.ent.ia64.rpm httpd-debuginfo-2.0.46-70.ent.ia64.rpm httpd-devel-2.0.46-70.ent.ia64.rpm mod_ssl-2.0.46-70.ent.ia64.rpm x86_64: httpd-2.0.46-70.ent.x86_64.rpm httpd-debuginfo-2.0.46-70.ent.x86_64.rpm httpd-devel-2.0.46-70.ent.x86_64.rpm mod_ssl-2.0.46-70.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-70.ent.src.rpm i386: httpd-2.0.46-70.ent.i386.rpm httpd-debuginfo-2.0.46-70.ent.i386.rpm httpd-devel-2.0.46-70.ent.i386.rpm mod_ssl-2.0.46-70.ent.i386.rpm ia64: httpd-2.0.46-70.ent.ia64.rpm httpd-debuginfo-2.0.46-70.ent.ia64.rpm httpd-devel-2.0.46-70.ent.ia64.rpm mod_ssl-2.0.46-70.ent.ia64.rpm x86_64: httpd-2.0.46-70.ent.x86_64.rpm httpd-debuginfo-2.0.46-70.ent.x86_64.rpm httpd-devel-2.0.46-70.ent.x86_64.rpm mod_ssl-2.0.46-70.ent.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHjHorXlSAg2UNWIIRAthqAJ9ccWDS7KBOtnNNDXOwUrLWAq8mmwCgki6X YtwmKKsjeNme4CwQsbO2z8g= =Bzlo -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jan 15 09:33:29 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Jan 2008 04:33:29 -0500 Subject: [RHSA-2008:0006-01] Moderate: httpd security update Message-ID: <200801150933.m0F9XTQu018194@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2008:0006-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0006.html Issue date: 2008-01-15 CVE Names: CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 ===================================================================== 1. Summary: Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imap module. On sites where mod_imap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack was possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly available, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of Apache httpd should upgrade to these updated packages, which contain backported patches to resolve these issues. Users should restart httpd after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 289511 - CVE-2007-4465 mod_autoindex XSS 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-38.ent.2.src.rpm i386: httpd-2.0.52-38.ent.2.i386.rpm httpd-debuginfo-2.0.52-38.ent.2.i386.rpm httpd-devel-2.0.52-38.ent.2.i386.rpm httpd-manual-2.0.52-38.ent.2.i386.rpm httpd-suexec-2.0.52-38.ent.2.i386.rpm mod_ssl-2.0.52-38.ent.2.i386.rpm ia64: httpd-2.0.52-38.ent.2.ia64.rpm httpd-debuginfo-2.0.52-38.ent.2.ia64.rpm httpd-devel-2.0.52-38.ent.2.ia64.rpm httpd-manual-2.0.52-38.ent.2.ia64.rpm httpd-suexec-2.0.52-38.ent.2.ia64.rpm mod_ssl-2.0.52-38.ent.2.ia64.rpm ppc: httpd-2.0.52-38.ent.2.ppc.rpm httpd-debuginfo-2.0.52-38.ent.2.ppc.rpm httpd-devel-2.0.52-38.ent.2.ppc.rpm httpd-manual-2.0.52-38.ent.2.ppc.rpm httpd-suexec-2.0.52-38.ent.2.ppc.rpm mod_ssl-2.0.52-38.ent.2.ppc.rpm s390: httpd-2.0.52-38.ent.2.s390.rpm httpd-debuginfo-2.0.52-38.ent.2.s390.rpm httpd-devel-2.0.52-38.ent.2.s390.rpm httpd-manual-2.0.52-38.ent.2.s390.rpm httpd-suexec-2.0.52-38.ent.2.s390.rpm mod_ssl-2.0.52-38.ent.2.s390.rpm s390x: httpd-2.0.52-38.ent.2.s390x.rpm httpd-debuginfo-2.0.52-38.ent.2.s390x.rpm httpd-devel-2.0.52-38.ent.2.s390x.rpm httpd-manual-2.0.52-38.ent.2.s390x.rpm httpd-suexec-2.0.52-38.ent.2.s390x.rpm mod_ssl-2.0.52-38.ent.2.s390x.rpm x86_64: httpd-2.0.52-38.ent.2.x86_64.rpm httpd-debuginfo-2.0.52-38.ent.2.x86_64.rpm httpd-devel-2.0.52-38.ent.2.x86_64.rpm httpd-manual-2.0.52-38.ent.2.x86_64.rpm httpd-suexec-2.0.52-38.ent.2.x86_64.rpm mod_ssl-2.0.52-38.ent.2.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-38.ent.2.src.rpm i386: httpd-2.0.52-38.ent.2.i386.rpm httpd-debuginfo-2.0.52-38.ent.2.i386.rpm httpd-devel-2.0.52-38.ent.2.i386.rpm httpd-manual-2.0.52-38.ent.2.i386.rpm httpd-suexec-2.0.52-38.ent.2.i386.rpm mod_ssl-2.0.52-38.ent.2.i386.rpm x86_64: httpd-2.0.52-38.ent.2.x86_64.rpm httpd-debuginfo-2.0.52-38.ent.2.x86_64.rpm httpd-devel-2.0.52-38.ent.2.x86_64.rpm httpd-manual-2.0.52-38.ent.2.x86_64.rpm httpd-suexec-2.0.52-38.ent.2.x86_64.rpm mod_ssl-2.0.52-38.ent.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-38.ent.2.src.rpm i386: httpd-2.0.52-38.ent.2.i386.rpm httpd-debuginfo-2.0.52-38.ent.2.i386.rpm httpd-devel-2.0.52-38.ent.2.i386.rpm httpd-manual-2.0.52-38.ent.2.i386.rpm httpd-suexec-2.0.52-38.ent.2.i386.rpm mod_ssl-2.0.52-38.ent.2.i386.rpm ia64: httpd-2.0.52-38.ent.2.ia64.rpm httpd-debuginfo-2.0.52-38.ent.2.ia64.rpm httpd-devel-2.0.52-38.ent.2.ia64.rpm httpd-manual-2.0.52-38.ent.2.ia64.rpm httpd-suexec-2.0.52-38.ent.2.ia64.rpm mod_ssl-2.0.52-38.ent.2.ia64.rpm x86_64: httpd-2.0.52-38.ent.2.x86_64.rpm httpd-debuginfo-2.0.52-38.ent.2.x86_64.rpm httpd-devel-2.0.52-38.ent.2.x86_64.rpm httpd-manual-2.0.52-38.ent.2.x86_64.rpm httpd-suexec-2.0.52-38.ent.2.x86_64.rpm mod_ssl-2.0.52-38.ent.2.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-38.ent.2.src.rpm i386: httpd-2.0.52-38.ent.2.i386.rpm httpd-debuginfo-2.0.52-38.ent.2.i386.rpm httpd-devel-2.0.52-38.ent.2.i386.rpm httpd-manual-2.0.52-38.ent.2.i386.rpm httpd-suexec-2.0.52-38.ent.2.i386.rpm mod_ssl-2.0.52-38.ent.2.i386.rpm ia64: httpd-2.0.52-38.ent.2.ia64.rpm httpd-debuginfo-2.0.52-38.ent.2.ia64.rpm httpd-devel-2.0.52-38.ent.2.ia64.rpm httpd-manual-2.0.52-38.ent.2.ia64.rpm httpd-suexec-2.0.52-38.ent.2.ia64.rpm mod_ssl-2.0.52-38.ent.2.ia64.rpm x86_64: httpd-2.0.52-38.ent.2.x86_64.rpm httpd-debuginfo-2.0.52-38.ent.2.x86_64.rpm httpd-devel-2.0.52-38.ent.2.x86_64.rpm httpd-manual-2.0.52-38.ent.2.x86_64.rpm httpd-suexec-2.0.52-38.ent.2.x86_64.rpm mod_ssl-2.0.52-38.ent.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHjHzzXlSAg2UNWIIRAqJwAJ9KPmvF2i3h+6OiwTSAO1L2YS7VkQCghE5P MnPVTs7wDnBRHtBOuXQltqg= =r6g/ -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jan 15 09:37:01 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Jan 2008 04:37:01 -0500 Subject: [RHSA-2008:0007-01] Moderate: httpd security update Message-ID: <200801150937.m0F9b1SU018879@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2008:0007-01 Product: Red Hat Application Stack Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0007.html Issue date: 2008-01-15 CVE Names: CVE-2007-5000 CVE-2007-6388 CVE-2008-0005 ===================================================================== 1. Summary: Updated Apache httpd packages that correct security issues are now available for Red Hat Application Stack v1 This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64 Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly accessible, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues. Users should restart httpd after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Application Stack v1 for Enterprise Linux AS (v.4): Source: ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.10.src.rpm i386: httpd-2.0.59-1.el4s1.10.i386.rpm httpd-debuginfo-2.0.59-1.el4s1.10.i386.rpm httpd-devel-2.0.59-1.el4s1.10.i386.rpm httpd-manual-2.0.59-1.el4s1.10.i386.rpm mod_ssl-2.0.59-1.el4s1.10.i386.rpm x86_64: httpd-2.0.59-1.el4s1.10.x86_64.rpm httpd-debuginfo-2.0.59-1.el4s1.10.x86_64.rpm httpd-devel-2.0.59-1.el4s1.10.x86_64.rpm httpd-manual-2.0.59-1.el4s1.10.x86_64.rpm mod_ssl-2.0.59-1.el4s1.10.x86_64.rpm Red Hat Application Stack v1 for Enterprise Linux ES (v.4): Source: ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.10.src.rpm i386: httpd-2.0.59-1.el4s1.10.i386.rpm httpd-debuginfo-2.0.59-1.el4s1.10.i386.rpm httpd-devel-2.0.59-1.el4s1.10.i386.rpm httpd-manual-2.0.59-1.el4s1.10.i386.rpm mod_ssl-2.0.59-1.el4s1.10.i386.rpm x86_64: httpd-2.0.59-1.el4s1.10.x86_64.rpm httpd-debuginfo-2.0.59-1.el4s1.10.x86_64.rpm httpd-devel-2.0.59-1.el4s1.10.x86_64.rpm httpd-manual-2.0.59-1.el4s1.10.x86_64.rpm mod_ssl-2.0.59-1.el4s1.10.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHjH6QXlSAg2UNWIIRAgJhAJ96i8tWHYzR+WW7M7BEmEY3ixhFTwCgrdoP 7tLxvhnU9bORvH6WPvgOo0g= =0DXv -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Jan 15 09:39:37 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 15 Jan 2008 04:39:37 -0500 Subject: [RHSA-2008:0008-01] Moderate: httpd security update Message-ID: <200801150939.m0F9dbfU019013@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2008:0008-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0008.html Issue date: 2008-01-15 CVE Names: CVE-2007-4465 CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 ===================================================================== 1. Summary: Updated Apache httpd packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_autoindex module. On sites where directory listings are used, and the "AddDefaultCharset" directive has been removed from the configuration, a cross-site scripting attack might have been possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2007-4465) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly available, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, a cross-site scripting attack against an authorized user was possible. (CVE-2007-6421) A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-6422) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against Web browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of Apache httpd should upgrade to these updated packages, which contain backported patches to resolve these issues. Users should restart httpd after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 289511 - CVE-2007-4465 mod_autoindex XSS 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427229 - CVE-2007-6421 httpd mod_proxy_balancer cross-site scripting 427230 - CVE-2007-6422 httpd mod_proxy_balancer crash 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-11.el5_1.3.src.rpm i386: httpd-2.2.3-11.el5_1.3.i386.rpm httpd-debuginfo-2.2.3-11.el5_1.3.i386.rpm mod_ssl-2.2.3-11.el5_1.3.i386.rpm x86_64: httpd-2.2.3-11.el5_1.3.x86_64.rpm httpd-debuginfo-2.2.3-11.el5_1.3.x86_64.rpm mod_ssl-2.2.3-11.el5_1.3.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-11.el5_1.3.src.rpm i386: httpd-debuginfo-2.2.3-11.el5_1.3.i386.rpm httpd-devel-2.2.3-11.el5_1.3.i386.rpm httpd-manual-2.2.3-11.el5_1.3.i386.rpm x86_64: httpd-debuginfo-2.2.3-11.el5_1.3.i386.rpm httpd-debuginfo-2.2.3-11.el5_1.3.x86_64.rpm httpd-devel-2.2.3-11.el5_1.3.i386.rpm httpd-devel-2.2.3-11.el5_1.3.x86_64.rpm httpd-manual-2.2.3-11.el5_1.3.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-11.el5_1.3.src.rpm i386: httpd-2.2.3-11.el5_1.3.i386.rpm httpd-debuginfo-2.2.3-11.el5_1.3.i386.rpm httpd-devel-2.2.3-11.el5_1.3.i386.rpm httpd-manual-2.2.3-11.el5_1.3.i386.rpm mod_ssl-2.2.3-11.el5_1.3.i386.rpm ia64: httpd-2.2.3-11.el5_1.3.ia64.rpm httpd-debuginfo-2.2.3-11.el5_1.3.ia64.rpm httpd-devel-2.2.3-11.el5_1.3.ia64.rpm httpd-manual-2.2.3-11.el5_1.3.ia64.rpm mod_ssl-2.2.3-11.el5_1.3.ia64.rpm ppc: httpd-2.2.3-11.el5_1.3.ppc.rpm httpd-debuginfo-2.2.3-11.el5_1.3.ppc.rpm httpd-debuginfo-2.2.3-11.el5_1.3.ppc64.rpm httpd-devel-2.2.3-11.el5_1.3.ppc.rpm httpd-devel-2.2.3-11.el5_1.3.ppc64.rpm httpd-manual-2.2.3-11.el5_1.3.ppc.rpm mod_ssl-2.2.3-11.el5_1.3.ppc.rpm s390x: httpd-2.2.3-11.el5_1.3.s390x.rpm httpd-debuginfo-2.2.3-11.el5_1.3.s390.rpm httpd-debuginfo-2.2.3-11.el5_1.3.s390x.rpm httpd-devel-2.2.3-11.el5_1.3.s390.rpm httpd-devel-2.2.3-11.el5_1.3.s390x.rpm httpd-manual-2.2.3-11.el5_1.3.s390x.rpm mod_ssl-2.2.3-11.el5_1.3.s390x.rpm x86_64: httpd-2.2.3-11.el5_1.3.x86_64.rpm httpd-debuginfo-2.2.3-11.el5_1.3.i386.rpm httpd-debuginfo-2.2.3-11.el5_1.3.x86_64.rpm httpd-devel-2.2.3-11.el5_1.3.i386.rpm httpd-devel-2.2.3-11.el5_1.3.x86_64.rpm httpd-manual-2.2.3-11.el5_1.3.x86_64.rpm mod_ssl-2.2.3-11.el5_1.3.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHjH9QXlSAg2UNWIIRAup2AKCQZbTcXjbAwNNkdLETMMHU0Xie+gCffxCx 5gj8X5pq55bntO796SHHFTg= =nZWz -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 17 20:47:50 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Jan 2008 15:47:50 -0500 Subject: [RHSA-2008:0030-01] Important: xorg-x11 security update Message-ID: <200801172047.m0HKloJJ023022@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: xorg-x11 security update Advisory ID: RHSA-2008:0030-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0030.html Issue date: 2008-01-17 CVE Names: CVE-2007-4568 CVE-2007-4990 CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006 ===================================================================== 1. Summary: Updated xorg-x11 packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The xorg-x11 packages contain X.Org, an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server's EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6429) A heap based buffer overflow flaw was found in the way the X.Org server handled malformed font files. A malicious local user could exploit these issues to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2008-0006) A memory corruption flaw was found in the X.Org server's XInput extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6427) An input validation flaw was found in the X.Org server's XFree86-Misc extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-5760) An information disclosure flaw was found in the X.Org server's TOG-CUP extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially view arbitrary memory content within the X server's address space. (CVE-2007-6428) An integer and heap overflow flaw were found in the X.Org font server, xfs. A user with the ability to connect to the font server could have been able to cause a denial of service (crash), or potentially execute arbitrary code with the permissions of the font server. (CVE-2007-4568, CVE-2007-4990) A flaw was found in the X.Org server's XC-SECURITY extension, that could have allowed a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user. (CVE-2007-5958) Users of xorg-x11 should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 281921 - CVE-2007-4568 xfs integer overflow in the build_range function 322961 - CVE-2007-4990 xfs heap overflow in the swap_char2b function 391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability 413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension 413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension 413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension 413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension 414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension 428044 - CVE-2008-0006 Xorg / XFree86 PCF font parser buffer overflow 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/xorg-x11-6.8.2-1.EL.33.0.1.src.rpm i386: xorg-x11-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.i386.rpm ia64: xorg-x11-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.ia64.rpm ppc: xorg-x11-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.ppc64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.ppc.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.ppc.rpm s390: xorg-x11-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.s390.rpm s390x: xorg-x11-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.s390.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.s390x.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.s390x.rpm x86_64: xorg-x11-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/xorg-x11-6.8.2-1.EL.33.0.1.src.rpm i386: xorg-x11-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.i386.rpm x86_64: xorg-x11-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/xorg-x11-6.8.2-1.EL.33.0.1.src.rpm i386: xorg-x11-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.i386.rpm ia64: xorg-x11-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.ia64.rpm x86_64: xorg-x11-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/xorg-x11-6.8.2-1.EL.33.0.1.src.rpm i386: xorg-x11-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.i386.rpm ia64: xorg-x11-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.ia64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.ia64.rpm x86_64: xorg-x11-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGL-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-Mesa-libGLU-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xdmx-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xnest-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-Xvfb-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-deprecated-libs-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-devel-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-doc-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-font-utils-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.i386.rpm xorg-x11-libs-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-sdk-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-tools-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-twm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xauth-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xdm-6.8.2-1.EL.33.0.1.x86_64.rpm xorg-x11-xfs-6.8.2-1.EL.33.0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4990 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHj77jXlSAg2UNWIIRAjwnAKChYS13PEqD36Ep2wJBkOQlci8LnQCgvDvZ KKMY55GyqzUtOaqBObw+FxE= =8WLj -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 17 20:48:08 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Jan 2008 15:48:08 -0500 Subject: [RHSA-2008:0031-01] Important: xorg-x11-server security update Message-ID: <200801172048.m0HKm8Mp023073@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: xorg-x11-server security update Advisory ID: RHSA-2008:0031-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0031.html Issue date: 2008-01-17 CVE Names: CVE-2007-5760 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 ===================================================================== 1. Summary: Updated xorg-x11-server packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: X.Org is an open source implementation of the X Window System. It provides basic low-level functionality that full-fledged graphical user interfaces are designed upon. Two integer overflow flaws were found in the X.Org server's EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6429) A memory corruption flaw was found in the X.Org server's XInput extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-6427) An input validation flaw was found in the X.Org server's XFree86-Misc extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the X.Org server. (CVE-2007-5760) An information disclosure flaw was found in the X.Org server's TOG-CUP extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially view arbitrary memory content within the X server's address space. (CVE-2007-6428) A flaw was found in the X.Org server's XC-SECURITY extension, that could have allowed a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user. (CVE-2007-5958) Users of xorg-x11-server should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability 413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension 413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension 413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension 413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension 414031 - CVE-2007-5760 xorg: invalid array indexing in XFree86-Misc extension 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xorg-x11-server-1.1.1-48.26.el5_1.4.src.rpm i386: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.i386.rpm x86_64: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xorg-x11-server-1.1.1-48.26.el5_1.4.src.rpm i386: xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.i386.rpm x86_64: xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xorg-x11-server-1.1.1-48.26.el5_1.4.src.rpm i386: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.i386.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.i386.rpm ia64: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.ia64.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.ia64.rpm ppc: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.ppc.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.ppc.rpm s390x: xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.s390x.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.s390x.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.s390x.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.s390x.rpm x86_64: xorg-x11-server-Xdmx-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xephyr-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xnest-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xorg-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-Xvfb-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-debuginfo-1.1.1-48.26.el5_1.4.x86_64.rpm xorg-x11-server-sdk-1.1.1-48.26.el5_1.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5760 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHj778XlSAg2UNWIIRAsusAJ9MVjaYy+HK5kMv3JEity9nUL22UQCff7bn i1LhoKdGO6Oiimc/X4Iv9Ug= =k7qA -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 17 20:48:53 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 17 Jan 2008 15:48:53 -0500 Subject: [RHSA-2008:0064-01] Important: libXfont security update Message-ID: <200801172048.m0HKmrdA023136@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libXfont security update Advisory ID: RHSA-2008:0064-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0064.html Issue date: 2008-01-17 CVE Names: CVE-2008-0006 ===================================================================== 1. Summary: An updated X.Org libXfont package that fixes a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The libXfont package contains the X.Org X11 libXfont runtime library. A heap based buffer overflow flaw was found in the way the X.Org server handled malformed font files. A malicious local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. (CVE-2008-0006) Users of X.Org libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 428044 - CVE-2008-0006 Xorg / XFree86 PCF font parser buffer overflow 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libXfont-1.2.2-1.0.3.el5_1.src.rpm i386: libXfont-1.2.2-1.0.3.el5_1.i386.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm x86_64: libXfont-1.2.2-1.0.3.el5_1.i386.rpm libXfont-1.2.2-1.0.3.el5_1.x86_64.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libXfont-1.2.2-1.0.3.el5_1.src.rpm i386: libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm libXfont-devel-1.2.2-1.0.3.el5_1.i386.rpm x86_64: libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.x86_64.rpm libXfont-devel-1.2.2-1.0.3.el5_1.i386.rpm libXfont-devel-1.2.2-1.0.3.el5_1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libXfont-1.2.2-1.0.3.el5_1.src.rpm i386: libXfont-1.2.2-1.0.3.el5_1.i386.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm libXfont-devel-1.2.2-1.0.3.el5_1.i386.rpm ia64: libXfont-1.2.2-1.0.3.el5_1.ia64.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.ia64.rpm libXfont-devel-1.2.2-1.0.3.el5_1.ia64.rpm ppc: libXfont-1.2.2-1.0.3.el5_1.ppc.rpm libXfont-1.2.2-1.0.3.el5_1.ppc64.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.ppc.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.ppc64.rpm libXfont-devel-1.2.2-1.0.3.el5_1.ppc.rpm libXfont-devel-1.2.2-1.0.3.el5_1.ppc64.rpm s390x: libXfont-1.2.2-1.0.3.el5_1.s390.rpm libXfont-1.2.2-1.0.3.el5_1.s390x.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.s390.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.s390x.rpm libXfont-devel-1.2.2-1.0.3.el5_1.s390.rpm libXfont-devel-1.2.2-1.0.3.el5_1.s390x.rpm x86_64: libXfont-1.2.2-1.0.3.el5_1.i386.rpm libXfont-1.2.2-1.0.3.el5_1.x86_64.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.i386.rpm libXfont-debuginfo-1.2.2-1.0.3.el5_1.x86_64.rpm libXfont-devel-1.2.2-1.0.3.el5_1.i386.rpm libXfont-devel-1.2.2-1.0.3.el5_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHj78PXlSAg2UNWIIRAiGsAJ9H8a/kQ8YMALs4x/HP5aYj2fvxhwCeIZbu 7EsEncl92WPsBQelEOQLkGU= =nKFc -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jan 18 09:45:17 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 18 Jan 2008 04:45:17 -0500 Subject: [RHSA-2008:0029-01] Important: XFree86 security update Message-ID: <200801180945.m0I9jH10005695@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: XFree86 security update Advisory ID: RHSA-2008:0029-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0029.html Issue date: 2008-01-18 CVE Names: CVE-2007-4568 CVE-2007-4990 CVE-2007-5958 CVE-2007-6427 CVE-2007-6428 CVE-2007-6429 CVE-2008-0006 ===================================================================== 1. Summary: Updated XFree86 packages that fix several security issues are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64 Red Hat Linux Advanced Workstation 2.1 - ia64 Red Hat Enterprise Linux ES version 2.1 - i386 Red Hat Enterprise Linux WS version 2.1 - i386 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: XFree86 is an implementation of the X Window System, which provides the core functionality for the Linux graphical desktop. Two integer overflow flaws were found in the XFree86 server's EVI and MIT-SHM modules. A malicious authorized client could exploit these issues to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the XFree86 server. (CVE-2007-6429) A heap based buffer overflow flaw was found in the way the XFree86 server handled malformed font files. A malicious local user could exploit this issue to potentially execute arbitrary code with the privileges of the XFree86 server. (CVE-2008-0006) A memory corruption flaw was found in the XFree86 server's XInput extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially execute arbitrary code with root privileges on the XFree86 server. (CVE-2007-6427) An information disclosure flaw was found in the XFree86 server's TOG-CUP extension. A malicious authorized client could exploit this issue to cause a denial of service (crash), or potentially view arbitrary memory content within the XFree86 server's address space. (CVE-2007-6428) An integer and heap overflow flaw were found in the X.org font server, xfs. A user with the ability to connect to the font server could have been able to cause a denial of service (crash), or potentially execute arbitrary code with the permissions of the font server. (CVE-2007-4568, CVE-2007-4990) A flaw was found in the XFree86 server's XC-SECURITY extension, that could have allowed a local user to verify the existence of an arbitrary file, even in directories that are not normally accessible to that user. (CVE-2007-5958) Users of XFree86 are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 281921 - CVE-2007-4568 xfs integer overflow in the build_range function 322961 - CVE-2007-4990 xfs heap overflow in the swap_char2b function 391841 - CVE-2007-5958 Xorg / XFree86 file existence disclosure vulnerability 413721 - CVE-2007-6429 xorg / xfree86: integer overflow in EVI extension 413741 - CVE-2007-6429 xorg / xfree86: integer overflow in MIT-SHM extension 413791 - CVE-2007-6428 xorg / xfree86: information disclosure via TOG-CUP extension 413811 - CVE-2007-6427 xorg / xfree86: memory corruption via XInput extension 428044 - CVE-2008-0006 Xorg / XFree86 PCF font parser buffer overflow 6. Package List: Red Hat Enterprise Linux AS (Advanced Server) version 2.1 : Source: ftp://updates.redhat.com/enterprise/2.1AS/en/os/SRPMS/XFree86-4.1.0-85.EL.src.rpm i386: XFree86-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-4.1.0-85.EL.i386.rpm XFree86-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-Xnest-4.1.0-85.EL.i386.rpm XFree86-Xvfb-4.1.0-85.EL.i386.rpm XFree86-cyrillic-fonts-4.1.0-85.EL.i386.rpm XFree86-devel-4.1.0-85.EL.i386.rpm XFree86-doc-4.1.0-85.EL.i386.rpm XFree86-libs-4.1.0-85.EL.i386.rpm XFree86-tools-4.1.0-85.EL.i386.rpm XFree86-twm-4.1.0-85.EL.i386.rpm XFree86-xdm-4.1.0-85.EL.i386.rpm XFree86-xf86cfg-4.1.0-85.EL.i386.rpm XFree86-xfs-4.1.0-85.EL.i386.rpm ia64: XFree86-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-4.1.0-85.EL.ia64.rpm XFree86-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-Xnest-4.1.0-85.EL.ia64.rpm XFree86-Xvfb-4.1.0-85.EL.ia64.rpm XFree86-cyrillic-fonts-4.1.0-85.EL.ia64.rpm XFree86-devel-4.1.0-85.EL.ia64.rpm XFree86-doc-4.1.0-85.EL.ia64.rpm XFree86-libs-4.1.0-85.EL.ia64.rpm XFree86-tools-4.1.0-85.EL.ia64.rpm XFree86-twm-4.1.0-85.EL.ia64.rpm XFree86-xdm-4.1.0-85.EL.ia64.rpm XFree86-xfs-4.1.0-85.EL.ia64.rpm Red Hat Linux Advanced Workstation 2.1: Source: ftp://updates.redhat.com/enterprise/2.1AW/en/os/SRPMS/XFree86-4.1.0-85.EL.src.rpm ia64: XFree86-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-4.1.0-85.EL.ia64.rpm XFree86-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-85.EL.ia64.rpm XFree86-Xnest-4.1.0-85.EL.ia64.rpm XFree86-Xvfb-4.1.0-85.EL.ia64.rpm XFree86-cyrillic-fonts-4.1.0-85.EL.ia64.rpm XFree86-devel-4.1.0-85.EL.ia64.rpm XFree86-doc-4.1.0-85.EL.ia64.rpm XFree86-libs-4.1.0-85.EL.ia64.rpm XFree86-tools-4.1.0-85.EL.ia64.rpm XFree86-twm-4.1.0-85.EL.ia64.rpm XFree86-xdm-4.1.0-85.EL.ia64.rpm XFree86-xfs-4.1.0-85.EL.ia64.rpm Red Hat Enterprise Linux ES version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1ES/en/os/SRPMS/XFree86-4.1.0-85.EL.src.rpm i386: XFree86-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-4.1.0-85.EL.i386.rpm XFree86-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-Xnest-4.1.0-85.EL.i386.rpm XFree86-Xvfb-4.1.0-85.EL.i386.rpm XFree86-cyrillic-fonts-4.1.0-85.EL.i386.rpm XFree86-devel-4.1.0-85.EL.i386.rpm XFree86-doc-4.1.0-85.EL.i386.rpm XFree86-libs-4.1.0-85.EL.i386.rpm XFree86-tools-4.1.0-85.EL.i386.rpm XFree86-twm-4.1.0-85.EL.i386.rpm XFree86-xdm-4.1.0-85.EL.i386.rpm XFree86-xf86cfg-4.1.0-85.EL.i386.rpm XFree86-xfs-4.1.0-85.EL.i386.rpm Red Hat Enterprise Linux WS version 2.1: Source: ftp://updates.redhat.com/enterprise/2.1WS/en/os/SRPMS/XFree86-4.1.0-85.EL.src.rpm i386: XFree86-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-4.1.0-85.EL.i386.rpm XFree86-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.1.0-85.EL.i386.rpm XFree86-Xnest-4.1.0-85.EL.i386.rpm XFree86-Xvfb-4.1.0-85.EL.i386.rpm XFree86-cyrillic-fonts-4.1.0-85.EL.i386.rpm XFree86-devel-4.1.0-85.EL.i386.rpm XFree86-doc-4.1.0-85.EL.i386.rpm XFree86-libs-4.1.0-85.EL.i386.rpm XFree86-tools-4.1.0-85.EL.i386.rpm XFree86-twm-4.1.0-85.EL.i386.rpm XFree86-xdm-4.1.0-85.EL.i386.rpm XFree86-xf86cfg-4.1.0-85.EL.i386.rpm XFree86-xfs-4.1.0-85.EL.i386.rpm Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/XFree86-4.3.0-125.EL.src.rpm i386: XFree86-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-4.3.0-125.EL.i386.rpm XFree86-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Xnest-4.3.0-125.EL.i386.rpm XFree86-Xvfb-4.3.0-125.EL.i386.rpm XFree86-base-fonts-4.3.0-125.EL.i386.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-doc-4.3.0-125.EL.i386.rpm XFree86-font-utils-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-data-4.3.0-125.EL.i386.rpm XFree86-sdk-4.3.0-125.EL.i386.rpm XFree86-syriac-fonts-4.3.0-125.EL.i386.rpm XFree86-tools-4.3.0-125.EL.i386.rpm XFree86-truetype-fonts-4.3.0-125.EL.i386.rpm XFree86-twm-4.3.0-125.EL.i386.rpm XFree86-xauth-4.3.0-125.EL.i386.rpm XFree86-xdm-4.3.0-125.EL.i386.rpm XFree86-xfs-4.3.0-125.EL.i386.rpm ia64: XFree86-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-4.3.0-125.EL.ia64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.ia64.rpm XFree86-Xnest-4.3.0-125.EL.ia64.rpm XFree86-Xvfb-4.3.0-125.EL.ia64.rpm XFree86-base-fonts-4.3.0-125.EL.ia64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.ia64.rpm XFree86-devel-4.3.0-125.EL.ia64.rpm XFree86-doc-4.3.0-125.EL.ia64.rpm XFree86-font-utils-4.3.0-125.EL.ia64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.ia64.rpm XFree86-libs-data-4.3.0-125.EL.ia64.rpm XFree86-sdk-4.3.0-125.EL.ia64.rpm XFree86-syriac-fonts-4.3.0-125.EL.ia64.rpm XFree86-tools-4.3.0-125.EL.ia64.rpm XFree86-truetype-fonts-4.3.0-125.EL.ia64.rpm XFree86-twm-4.3.0-125.EL.ia64.rpm XFree86-xauth-4.3.0-125.EL.ia64.rpm XFree86-xdm-4.3.0-125.EL.ia64.rpm XFree86-xfs-4.3.0-125.EL.ia64.rpm ppc: XFree86-100dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-4.3.0-125.EL.ppc.rpm XFree86-75dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.ppc.rpm XFree86-Mesa-libGL-4.3.0-125.EL.ppc.rpm XFree86-Mesa-libGL-4.3.0-125.EL.ppc64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.ppc.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.ppc64.rpm XFree86-Xnest-4.3.0-125.EL.ppc.rpm XFree86-Xvfb-4.3.0-125.EL.ppc.rpm XFree86-base-fonts-4.3.0-125.EL.ppc.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.ppc.rpm XFree86-devel-4.3.0-125.EL.ppc.rpm XFree86-devel-4.3.0-125.EL.ppc64.rpm XFree86-doc-4.3.0-125.EL.ppc.rpm XFree86-font-utils-4.3.0-125.EL.ppc.rpm XFree86-libs-4.3.0-125.EL.ppc.rpm XFree86-libs-4.3.0-125.EL.ppc64.rpm XFree86-libs-data-4.3.0-125.EL.ppc.rpm XFree86-sdk-4.3.0-125.EL.ppc.rpm XFree86-syriac-fonts-4.3.0-125.EL.ppc.rpm XFree86-tools-4.3.0-125.EL.ppc.rpm XFree86-truetype-fonts-4.3.0-125.EL.ppc.rpm XFree86-twm-4.3.0-125.EL.ppc.rpm XFree86-xauth-4.3.0-125.EL.ppc.rpm XFree86-xdm-4.3.0-125.EL.ppc.rpm XFree86-xfs-4.3.0-125.EL.ppc.rpm s390: XFree86-100dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-4.3.0-125.EL.s390.rpm XFree86-75dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.s390.rpm XFree86-Mesa-libGL-4.3.0-125.EL.s390.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.s390.rpm XFree86-Xnest-4.3.0-125.EL.s390.rpm XFree86-Xvfb-4.3.0-125.EL.s390.rpm XFree86-base-fonts-4.3.0-125.EL.s390.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.s390.rpm XFree86-devel-4.3.0-125.EL.s390.rpm XFree86-font-utils-4.3.0-125.EL.s390.rpm XFree86-libs-4.3.0-125.EL.s390.rpm XFree86-libs-data-4.3.0-125.EL.s390.rpm XFree86-syriac-fonts-4.3.0-125.EL.s390.rpm XFree86-tools-4.3.0-125.EL.s390.rpm XFree86-truetype-fonts-4.3.0-125.EL.s390.rpm XFree86-twm-4.3.0-125.EL.s390.rpm XFree86-xauth-4.3.0-125.EL.s390.rpm XFree86-xdm-4.3.0-125.EL.s390.rpm XFree86-xfs-4.3.0-125.EL.s390.rpm s390x: XFree86-100dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-4.3.0-125.EL.s390x.rpm XFree86-75dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.s390x.rpm XFree86-Mesa-libGL-4.3.0-125.EL.s390.rpm XFree86-Mesa-libGL-4.3.0-125.EL.s390x.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.s390.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.s390x.rpm XFree86-Xnest-4.3.0-125.EL.s390x.rpm XFree86-Xvfb-4.3.0-125.EL.s390x.rpm XFree86-base-fonts-4.3.0-125.EL.s390x.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.s390x.rpm XFree86-devel-4.3.0-125.EL.s390.rpm XFree86-devel-4.3.0-125.EL.s390x.rpm XFree86-font-utils-4.3.0-125.EL.s390x.rpm XFree86-libs-4.3.0-125.EL.s390.rpm XFree86-libs-4.3.0-125.EL.s390x.rpm XFree86-libs-data-4.3.0-125.EL.s390x.rpm XFree86-syriac-fonts-4.3.0-125.EL.s390x.rpm XFree86-tools-4.3.0-125.EL.s390x.rpm XFree86-truetype-fonts-4.3.0-125.EL.s390x.rpm XFree86-twm-4.3.0-125.EL.s390x.rpm XFree86-xauth-4.3.0-125.EL.s390x.rpm XFree86-xdm-4.3.0-125.EL.s390x.rpm XFree86-xfs-4.3.0-125.EL.s390x.rpm x86_64: XFree86-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-4.3.0-125.EL.x86_64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.x86_64.rpm XFree86-Xnest-4.3.0-125.EL.x86_64.rpm XFree86-Xvfb-4.3.0-125.EL.x86_64.rpm XFree86-base-fonts-4.3.0-125.EL.x86_64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.x86_64.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.x86_64.rpm XFree86-doc-4.3.0-125.EL.x86_64.rpm XFree86-font-utils-4.3.0-125.EL.x86_64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.x86_64.rpm XFree86-libs-data-4.3.0-125.EL.x86_64.rpm XFree86-sdk-4.3.0-125.EL.x86_64.rpm XFree86-syriac-fonts-4.3.0-125.EL.x86_64.rpm XFree86-tools-4.3.0-125.EL.x86_64.rpm XFree86-truetype-fonts-4.3.0-125.EL.x86_64.rpm XFree86-twm-4.3.0-125.EL.x86_64.rpm XFree86-xauth-4.3.0-125.EL.x86_64.rpm XFree86-xdm-4.3.0-125.EL.x86_64.rpm XFree86-xfs-4.3.0-125.EL.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/XFree86-4.3.0-125.EL.src.rpm i386: XFree86-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-4.3.0-125.EL.i386.rpm XFree86-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Xnest-4.3.0-125.EL.i386.rpm XFree86-Xvfb-4.3.0-125.EL.i386.rpm XFree86-base-fonts-4.3.0-125.EL.i386.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-doc-4.3.0-125.EL.i386.rpm XFree86-font-utils-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-data-4.3.0-125.EL.i386.rpm XFree86-sdk-4.3.0-125.EL.i386.rpm XFree86-syriac-fonts-4.3.0-125.EL.i386.rpm XFree86-tools-4.3.0-125.EL.i386.rpm XFree86-truetype-fonts-4.3.0-125.EL.i386.rpm XFree86-twm-4.3.0-125.EL.i386.rpm XFree86-xauth-4.3.0-125.EL.i386.rpm XFree86-xdm-4.3.0-125.EL.i386.rpm XFree86-xfs-4.3.0-125.EL.i386.rpm x86_64: XFree86-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-4.3.0-125.EL.x86_64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.x86_64.rpm XFree86-Xnest-4.3.0-125.EL.x86_64.rpm XFree86-Xvfb-4.3.0-125.EL.x86_64.rpm XFree86-base-fonts-4.3.0-125.EL.x86_64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.x86_64.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.x86_64.rpm XFree86-doc-4.3.0-125.EL.x86_64.rpm XFree86-font-utils-4.3.0-125.EL.x86_64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.x86_64.rpm XFree86-libs-data-4.3.0-125.EL.x86_64.rpm XFree86-sdk-4.3.0-125.EL.x86_64.rpm XFree86-syriac-fonts-4.3.0-125.EL.x86_64.rpm XFree86-tools-4.3.0-125.EL.x86_64.rpm XFree86-truetype-fonts-4.3.0-125.EL.x86_64.rpm XFree86-twm-4.3.0-125.EL.x86_64.rpm XFree86-xauth-4.3.0-125.EL.x86_64.rpm XFree86-xdm-4.3.0-125.EL.x86_64.rpm XFree86-xfs-4.3.0-125.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/XFree86-4.3.0-125.EL.src.rpm i386: XFree86-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-4.3.0-125.EL.i386.rpm XFree86-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Xnest-4.3.0-125.EL.i386.rpm XFree86-Xvfb-4.3.0-125.EL.i386.rpm XFree86-base-fonts-4.3.0-125.EL.i386.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-doc-4.3.0-125.EL.i386.rpm XFree86-font-utils-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-data-4.3.0-125.EL.i386.rpm XFree86-sdk-4.3.0-125.EL.i386.rpm XFree86-syriac-fonts-4.3.0-125.EL.i386.rpm XFree86-tools-4.3.0-125.EL.i386.rpm XFree86-truetype-fonts-4.3.0-125.EL.i386.rpm XFree86-twm-4.3.0-125.EL.i386.rpm XFree86-xauth-4.3.0-125.EL.i386.rpm XFree86-xdm-4.3.0-125.EL.i386.rpm XFree86-xfs-4.3.0-125.EL.i386.rpm ia64: XFree86-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-4.3.0-125.EL.ia64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.ia64.rpm XFree86-Xnest-4.3.0-125.EL.ia64.rpm XFree86-Xvfb-4.3.0-125.EL.ia64.rpm XFree86-base-fonts-4.3.0-125.EL.ia64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.ia64.rpm XFree86-devel-4.3.0-125.EL.ia64.rpm XFree86-doc-4.3.0-125.EL.ia64.rpm XFree86-font-utils-4.3.0-125.EL.ia64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.ia64.rpm XFree86-libs-data-4.3.0-125.EL.ia64.rpm XFree86-sdk-4.3.0-125.EL.ia64.rpm XFree86-syriac-fonts-4.3.0-125.EL.ia64.rpm XFree86-tools-4.3.0-125.EL.ia64.rpm XFree86-truetype-fonts-4.3.0-125.EL.ia64.rpm XFree86-twm-4.3.0-125.EL.ia64.rpm XFree86-xauth-4.3.0-125.EL.ia64.rpm XFree86-xdm-4.3.0-125.EL.ia64.rpm XFree86-xfs-4.3.0-125.EL.ia64.rpm x86_64: XFree86-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-4.3.0-125.EL.x86_64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.x86_64.rpm XFree86-Xnest-4.3.0-125.EL.x86_64.rpm XFree86-Xvfb-4.3.0-125.EL.x86_64.rpm XFree86-base-fonts-4.3.0-125.EL.x86_64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.x86_64.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.x86_64.rpm XFree86-doc-4.3.0-125.EL.x86_64.rpm XFree86-font-utils-4.3.0-125.EL.x86_64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.x86_64.rpm XFree86-libs-data-4.3.0-125.EL.x86_64.rpm XFree86-sdk-4.3.0-125.EL.x86_64.rpm XFree86-syriac-fonts-4.3.0-125.EL.x86_64.rpm XFree86-tools-4.3.0-125.EL.x86_64.rpm XFree86-truetype-fonts-4.3.0-125.EL.x86_64.rpm XFree86-twm-4.3.0-125.EL.x86_64.rpm XFree86-xauth-4.3.0-125.EL.x86_64.rpm XFree86-xdm-4.3.0-125.EL.x86_64.rpm XFree86-xfs-4.3.0-125.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/XFree86-4.3.0-125.EL.src.rpm i386: XFree86-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-4.3.0-125.EL.i386.rpm XFree86-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Xnest-4.3.0-125.EL.i386.rpm XFree86-Xvfb-4.3.0-125.EL.i386.rpm XFree86-base-fonts-4.3.0-125.EL.i386.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-doc-4.3.0-125.EL.i386.rpm XFree86-font-utils-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-data-4.3.0-125.EL.i386.rpm XFree86-sdk-4.3.0-125.EL.i386.rpm XFree86-syriac-fonts-4.3.0-125.EL.i386.rpm XFree86-tools-4.3.0-125.EL.i386.rpm XFree86-truetype-fonts-4.3.0-125.EL.i386.rpm XFree86-twm-4.3.0-125.EL.i386.rpm XFree86-xauth-4.3.0-125.EL.i386.rpm XFree86-xdm-4.3.0-125.EL.i386.rpm XFree86-xfs-4.3.0-125.EL.i386.rpm ia64: XFree86-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-4.3.0-125.EL.ia64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.ia64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.ia64.rpm XFree86-Xnest-4.3.0-125.EL.ia64.rpm XFree86-Xvfb-4.3.0-125.EL.ia64.rpm XFree86-base-fonts-4.3.0-125.EL.ia64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.ia64.rpm XFree86-devel-4.3.0-125.EL.ia64.rpm XFree86-doc-4.3.0-125.EL.ia64.rpm XFree86-font-utils-4.3.0-125.EL.ia64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.ia64.rpm XFree86-libs-data-4.3.0-125.EL.ia64.rpm XFree86-sdk-4.3.0-125.EL.ia64.rpm XFree86-syriac-fonts-4.3.0-125.EL.ia64.rpm XFree86-tools-4.3.0-125.EL.ia64.rpm XFree86-truetype-fonts-4.3.0-125.EL.ia64.rpm XFree86-twm-4.3.0-125.EL.ia64.rpm XFree86-xauth-4.3.0-125.EL.ia64.rpm XFree86-xdm-4.3.0-125.EL.ia64.rpm XFree86-xfs-4.3.0-125.EL.ia64.rpm x86_64: XFree86-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-4.3.0-125.EL.x86_64.rpm XFree86-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-14-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-15-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-2-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-100dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-ISO8859-9-75dpi-fonts-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGL-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGL-4.3.0-125.EL.x86_64.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.i386.rpm XFree86-Mesa-libGLU-4.3.0-125.EL.x86_64.rpm XFree86-Xnest-4.3.0-125.EL.x86_64.rpm XFree86-Xvfb-4.3.0-125.EL.x86_64.rpm XFree86-base-fonts-4.3.0-125.EL.x86_64.rpm XFree86-cyrillic-fonts-4.3.0-125.EL.x86_64.rpm XFree86-devel-4.3.0-125.EL.i386.rpm XFree86-devel-4.3.0-125.EL.x86_64.rpm XFree86-doc-4.3.0-125.EL.x86_64.rpm XFree86-font-utils-4.3.0-125.EL.x86_64.rpm XFree86-libs-4.3.0-125.EL.i386.rpm XFree86-libs-4.3.0-125.EL.x86_64.rpm XFree86-libs-data-4.3.0-125.EL.x86_64.rpm XFree86-sdk-4.3.0-125.EL.x86_64.rpm XFree86-syriac-fonts-4.3.0-125.EL.x86_64.rpm XFree86-tools-4.3.0-125.EL.x86_64.rpm XFree86-truetype-fonts-4.3.0-125.EL.x86_64.rpm XFree86-twm-4.3.0-125.EL.x86_64.rpm XFree86-xauth-4.3.0-125.EL.x86_64.rpm XFree86-xdm-4.3.0-125.EL.x86_64.rpm XFree86-xfs-4.3.0-125.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4568 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4990 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5958 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6427 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6428 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6429 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0006 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHkHUaXlSAg2UNWIIRAsWOAJ4yuuBVV6DB7D/VFFSSNYmApXJa+QCglPmV SYgK3pw215j2kedxLX9Qjz4= =uNBq -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jan 21 08:49:18 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Jan 2008 03:49:18 -0500 Subject: [RHSA-2008:0058-01] Moderate: wireshark security update Message-ID: <200801210849.m0L8nI2X005811@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: wireshark security update Advisory ID: RHSA-2008:0058-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0058.html Issue date: 2008-01-21 CVE Names: CVE-2007-6111 CVE-2007-6112 CVE-2007-6113 CVE-2007-6114 CVE-2007-6115 CVE-2007-6116 CVE-2007-6117 CVE-2007-6118 CVE-2007-6119 CVE-2007-6120 CVE-2007-6121 CVE-2007-6438 CVE-2007-6439 CVE-2007-6441 CVE-2007-6450 CVE-2007-6451 ===================================================================== 1. Summary: Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6112, CVE-2007-6114, CVE-2007-6115, CVE-2007-6117) Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-6111, CVE-2007-6113, CVE-2007-6116, CVE-2007-6118, CVE-2007-6119, CVE-2007-6120, CVE-2007-6121, CVE-2007-6438, CVE-2007-6439, CVE-2007-6441, CVE-2007-6450, CVE-2007-6451) As well, Wireshark switched from using net-snmp to libsmi, which is included in this errata. Users of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 397251 - CVE-2007-6111 wireshark mp3 and ncp flaws 397271 - CVE-2007-6112 wireshark ppp flaws 397281 - CVE-2007-6113 wireshark DNP3 flaws 397291 - CVE-2007-6114 wireshark SSL and OS/400 trace flaws 397311 - CVE-2007-6115 wireshark ANSI MAP flaws 397321 - CVE-2007-6116 wireshark firebird/interbase flaws 397331 - CVE-2007-6117 wireshark HTTP dissector flaws 397341 - CVE-2007-6118 wireshark MEGACO dissector flaws 397351 - CVE-2007-6119 wireshark DCP ETSI dissector flaws 397361 - CVE-2007-6120 wireshark Bluetooth SDP dissector flaws 397371 - CVE-2007-6121 wireshark RPC Portmap flaws 426335 - Please consider adding libsmi to distro 426336 - Please consider adding libsmi to distro 427249 - CVE-2007-6438 wireshark SMB dissector crash 427251 - CVE-2007-6439 wireshark IPv6 and USB dissector crash 427252 - CVE-2007-6441 wireshark WiMAX dissector possible crash 427253 - CVE-2007-6450 wireshark RPL dissector crash 427254 - CVE-2007-6451 wireshark CIP dissector crash 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libsmi-0.4.5-2.el4.src.rpm ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/wireshark-0.99.7-1.el4.src.rpm i386: libsmi-0.4.5-2.el4.i386.rpm libsmi-debuginfo-0.4.5-2.el4.i386.rpm libsmi-devel-0.4.5-2.el4.i386.rpm wireshark-0.99.7-1.el4.i386.rpm wireshark-debuginfo-0.99.7-1.el4.i386.rpm wireshark-gnome-0.99.7-1.el4.i386.rpm ia64: libsmi-0.4.5-2.el4.ia64.rpm libsmi-debuginfo-0.4.5-2.el4.ia64.rpm libsmi-devel-0.4.5-2.el4.ia64.rpm wireshark-0.99.7-1.el4.ia64.rpm wireshark-debuginfo-0.99.7-1.el4.ia64.rpm wireshark-gnome-0.99.7-1.el4.ia64.rpm ppc: libsmi-0.4.5-2.el4.ppc.rpm libsmi-debuginfo-0.4.5-2.el4.ppc.rpm libsmi-devel-0.4.5-2.el4.ppc.rpm wireshark-0.99.7-1.el4.ppc.rpm wireshark-debuginfo-0.99.7-1.el4.ppc.rpm wireshark-gnome-0.99.7-1.el4.ppc.rpm s390: libsmi-0.4.5-2.el4.s390.rpm libsmi-debuginfo-0.4.5-2.el4.s390.rpm libsmi-devel-0.4.5-2.el4.s390.rpm wireshark-0.99.7-1.el4.s390.rpm wireshark-debuginfo-0.99.7-1.el4.s390.rpm wireshark-gnome-0.99.7-1.el4.s390.rpm s390x: libsmi-0.4.5-2.el4.s390x.rpm libsmi-debuginfo-0.4.5-2.el4.s390x.rpm libsmi-devel-0.4.5-2.el4.s390x.rpm wireshark-0.99.7-1.el4.s390x.rpm wireshark-debuginfo-0.99.7-1.el4.s390x.rpm wireshark-gnome-0.99.7-1.el4.s390x.rpm x86_64: libsmi-0.4.5-2.el4.x86_64.rpm libsmi-debuginfo-0.4.5-2.el4.x86_64.rpm libsmi-devel-0.4.5-2.el4.x86_64.rpm wireshark-0.99.7-1.el4.x86_64.rpm wireshark-debuginfo-0.99.7-1.el4.x86_64.rpm wireshark-gnome-0.99.7-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libsmi-0.4.5-2.el4.src.rpm ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/wireshark-0.99.7-1.el4.src.rpm i386: libsmi-0.4.5-2.el4.i386.rpm libsmi-debuginfo-0.4.5-2.el4.i386.rpm libsmi-devel-0.4.5-2.el4.i386.rpm wireshark-0.99.7-1.el4.i386.rpm wireshark-debuginfo-0.99.7-1.el4.i386.rpm wireshark-gnome-0.99.7-1.el4.i386.rpm x86_64: libsmi-0.4.5-2.el4.x86_64.rpm libsmi-debuginfo-0.4.5-2.el4.x86_64.rpm libsmi-devel-0.4.5-2.el4.x86_64.rpm wireshark-0.99.7-1.el4.x86_64.rpm wireshark-debuginfo-0.99.7-1.el4.x86_64.rpm wireshark-gnome-0.99.7-1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libsmi-0.4.5-2.el4.src.rpm ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/wireshark-0.99.7-1.el4.src.rpm i386: libsmi-0.4.5-2.el4.i386.rpm libsmi-debuginfo-0.4.5-2.el4.i386.rpm libsmi-devel-0.4.5-2.el4.i386.rpm wireshark-0.99.7-1.el4.i386.rpm wireshark-debuginfo-0.99.7-1.el4.i386.rpm wireshark-gnome-0.99.7-1.el4.i386.rpm ia64: libsmi-0.4.5-2.el4.ia64.rpm libsmi-debuginfo-0.4.5-2.el4.ia64.rpm libsmi-devel-0.4.5-2.el4.ia64.rpm wireshark-0.99.7-1.el4.ia64.rpm wireshark-debuginfo-0.99.7-1.el4.ia64.rpm wireshark-gnome-0.99.7-1.el4.ia64.rpm x86_64: libsmi-0.4.5-2.el4.x86_64.rpm libsmi-debuginfo-0.4.5-2.el4.x86_64.rpm libsmi-devel-0.4.5-2.el4.x86_64.rpm wireshark-0.99.7-1.el4.x86_64.rpm wireshark-debuginfo-0.99.7-1.el4.x86_64.rpm wireshark-gnome-0.99.7-1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libsmi-0.4.5-2.el4.src.rpm ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/wireshark-0.99.7-1.el4.src.rpm i386: libsmi-0.4.5-2.el4.i386.rpm libsmi-debuginfo-0.4.5-2.el4.i386.rpm libsmi-devel-0.4.5-2.el4.i386.rpm wireshark-0.99.7-1.el4.i386.rpm wireshark-debuginfo-0.99.7-1.el4.i386.rpm wireshark-gnome-0.99.7-1.el4.i386.rpm ia64: libsmi-0.4.5-2.el4.ia64.rpm libsmi-debuginfo-0.4.5-2.el4.ia64.rpm libsmi-devel-0.4.5-2.el4.ia64.rpm wireshark-0.99.7-1.el4.ia64.rpm wireshark-debuginfo-0.99.7-1.el4.ia64.rpm wireshark-gnome-0.99.7-1.el4.ia64.rpm x86_64: libsmi-0.4.5-2.el4.x86_64.rpm libsmi-debuginfo-0.4.5-2.el4.x86_64.rpm libsmi-devel-0.4.5-2.el4.x86_64.rpm wireshark-0.99.7-1.el4.x86_64.rpm wireshark-debuginfo-0.99.7-1.el4.x86_64.rpm wireshark-gnome-0.99.7-1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libsmi-0.4.5-2.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/wireshark-0.99.7-1.el5.src.rpm i386: libsmi-0.4.5-2.el5.i386.rpm libsmi-debuginfo-0.4.5-2.el5.i386.rpm libsmi-devel-0.4.5-2.el5.i386.rpm wireshark-0.99.7-1.el5.i386.rpm wireshark-debuginfo-0.99.7-1.el5.i386.rpm x86_64: libsmi-0.4.5-2.el5.x86_64.rpm libsmi-debuginfo-0.4.5-2.el5.x86_64.rpm libsmi-devel-0.4.5-2.el5.x86_64.rpm wireshark-0.99.7-1.el5.x86_64.rpm wireshark-debuginfo-0.99.7-1.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/wireshark-0.99.7-1.el5.src.rpm i386: wireshark-debuginfo-0.99.7-1.el5.i386.rpm wireshark-gnome-0.99.7-1.el5.i386.rpm x86_64: wireshark-debuginfo-0.99.7-1.el5.x86_64.rpm wireshark-gnome-0.99.7-1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libsmi-0.4.5-2.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/wireshark-0.99.7-1.el5.src.rpm i386: libsmi-0.4.5-2.el5.i386.rpm libsmi-debuginfo-0.4.5-2.el5.i386.rpm libsmi-devel-0.4.5-2.el5.i386.rpm wireshark-0.99.7-1.el5.i386.rpm wireshark-debuginfo-0.99.7-1.el5.i386.rpm wireshark-gnome-0.99.7-1.el5.i386.rpm ia64: libsmi-0.4.5-2.el5.ia64.rpm libsmi-debuginfo-0.4.5-2.el5.ia64.rpm libsmi-devel-0.4.5-2.el5.ia64.rpm wireshark-0.99.7-1.el5.ia64.rpm wireshark-debuginfo-0.99.7-1.el5.ia64.rpm wireshark-gnome-0.99.7-1.el5.ia64.rpm ppc: libsmi-0.4.5-2.el5.ppc.rpm libsmi-debuginfo-0.4.5-2.el5.ppc.rpm libsmi-devel-0.4.5-2.el5.ppc.rpm wireshark-0.99.7-1.el5.ppc.rpm wireshark-debuginfo-0.99.7-1.el5.ppc.rpm wireshark-gnome-0.99.7-1.el5.ppc.rpm s390x: libsmi-0.4.5-2.el5.s390x.rpm libsmi-debuginfo-0.4.5-2.el5.s390x.rpm libsmi-devel-0.4.5-2.el5.s390x.rpm wireshark-0.99.7-1.el5.s390x.rpm wireshark-debuginfo-0.99.7-1.el5.s390x.rpm wireshark-gnome-0.99.7-1.el5.s390x.rpm x86_64: libsmi-0.4.5-2.el5.x86_64.rpm libsmi-debuginfo-0.4.5-2.el5.x86_64.rpm libsmi-devel-0.4.5-2.el5.x86_64.rpm wireshark-0.99.7-1.el5.x86_64.rpm wireshark-debuginfo-0.99.7-1.el5.x86_64.rpm wireshark-gnome-0.99.7-1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6111 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6112 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6116 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6119 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6438 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6439 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6441 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451 http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHlFyHXlSAg2UNWIIRAl6cAJ9goJMOzjUYq3kS2BO9ftiFuOxr8ACfbUp5 JAlIjaqCaaJLpTan06LiyE4= =vovz -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jan 21 09:35:28 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Jan 2008 04:35:28 -0500 Subject: [RHSA-2008:0059-01] Moderate: wireshark security update Message-ID: <200801210935.m0L9ZSYU012972@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: wireshark security update Advisory ID: RHSA-2008:0059-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0059.html Issue date: 2008-01-21 CVE Names: CVE-2007-3389 CVE-2007-3390 CVE-2007-3391 CVE-2007-3392 CVE-2007-3393 CVE-2007-6113 CVE-2007-6114 CVE-2007-6115 CVE-2007-6117 CVE-2007-6118 CVE-2007-6120 CVE-2007-6121 CVE-2007-6450 CVE-2007-6451 ===================================================================== 1. Summary: Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. Several flaws were found in Wireshark. Wireshark could crash or possibly execute arbitrary code as the user running Wireshark if it read a malformed packet off the network. (CVE-2007-6114, CVE-2007-6115, CVE-2007-6117) Several denial of service bugs were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off the network. (CVE-2007-3389, CVE-2007-3390, CVE-2007-3391, CVE-2007-3392, CVE-2007-3392, CVE-2007-3393, CVE-2007-6113, CVE-2007-6118, CVE-2007-6120, CVE-2007-6121, CVE-2007-6450, CVE-2007-6451) As well, Wireshark switched from using net-snmp to libsmi, which is included in this errata. Users of wireshark should upgrade to these updated packages, which contain Wireshark version 0.99.7, and resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 245796 - CVE-2007-3389 Wireshark crashes when inspecting HTTP traffic 245797 - CVE-2007-3391 Wireshark loops infinitely when inspecting DCP ETSI traffic 245798 - CVE-2007-3392 Wireshark loops infinitely when inspecting SSL traffic 246221 - CVE-2007-3393 Wireshark corrupts the stack when inspecting BOOTP traffic 246225 - CVE-2007-3390 Wireshark crashes when inspecting iSeries traffic 246229 - CVE-2007-3392 Wireshark crashes when inspecting MMS traffic 397281 - CVE-2007-6113 wireshark DNP3 flaws 397291 - CVE-2007-6114 wireshark SSL and OS/400 trace flaws 397311 - CVE-2007-6115 wireshark ANSI MAP flaws 397331 - CVE-2007-6117 wireshark HTTP dissector flaws 397341 - CVE-2007-6118 wireshark MEGACO dissector flaws 397361 - CVE-2007-6120 wireshark Bluetooth SDP dissector flaws 397371 - CVE-2007-6121 wireshark RPC Portmap flaws 426337 - Wireshare rebase requires new libsmi package adding to rhel3 427253 - CVE-2007-6450 wireshark RPL dissector crash 427254 - CVE-2007-6451 wireshark CIP dissector crash 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libsmi-0.4.5-3.el3.src.rpm ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/wireshark-0.99.7-EL3.1.src.rpm i386: libsmi-0.4.5-3.el3.i386.rpm libsmi-debuginfo-0.4.5-3.el3.i386.rpm libsmi-devel-0.4.5-3.el3.i386.rpm wireshark-0.99.7-EL3.1.i386.rpm wireshark-debuginfo-0.99.7-EL3.1.i386.rpm wireshark-gnome-0.99.7-EL3.1.i386.rpm ia64: libsmi-0.4.5-3.el3.ia64.rpm libsmi-debuginfo-0.4.5-3.el3.ia64.rpm libsmi-devel-0.4.5-3.el3.ia64.rpm wireshark-0.99.7-EL3.1.ia64.rpm wireshark-debuginfo-0.99.7-EL3.1.ia64.rpm wireshark-gnome-0.99.7-EL3.1.ia64.rpm ppc: libsmi-0.4.5-3.el3.ppc.rpm libsmi-debuginfo-0.4.5-3.el3.ppc.rpm libsmi-devel-0.4.5-3.el3.ppc.rpm wireshark-0.99.7-EL3.1.ppc.rpm wireshark-debuginfo-0.99.7-EL3.1.ppc.rpm wireshark-gnome-0.99.7-EL3.1.ppc.rpm s390: libsmi-0.4.5-3.el3.s390.rpm libsmi-debuginfo-0.4.5-3.el3.s390.rpm libsmi-devel-0.4.5-3.el3.s390.rpm wireshark-0.99.7-EL3.1.s390.rpm wireshark-debuginfo-0.99.7-EL3.1.s390.rpm wireshark-gnome-0.99.7-EL3.1.s390.rpm s390x: libsmi-0.4.5-3.el3.s390x.rpm libsmi-debuginfo-0.4.5-3.el3.s390x.rpm libsmi-devel-0.4.5-3.el3.s390x.rpm wireshark-0.99.7-EL3.1.s390x.rpm wireshark-debuginfo-0.99.7-EL3.1.s390x.rpm wireshark-gnome-0.99.7-EL3.1.s390x.rpm x86_64: libsmi-0.4.5-3.el3.x86_64.rpm libsmi-debuginfo-0.4.5-3.el3.x86_64.rpm libsmi-devel-0.4.5-3.el3.x86_64.rpm wireshark-0.99.7-EL3.1.x86_64.rpm wireshark-debuginfo-0.99.7-EL3.1.x86_64.rpm wireshark-gnome-0.99.7-EL3.1.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libsmi-0.4.5-3.el3.src.rpm ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/wireshark-0.99.7-EL3.1.src.rpm i386: libsmi-0.4.5-3.el3.i386.rpm libsmi-debuginfo-0.4.5-3.el3.i386.rpm libsmi-devel-0.4.5-3.el3.i386.rpm wireshark-0.99.7-EL3.1.i386.rpm wireshark-debuginfo-0.99.7-EL3.1.i386.rpm wireshark-gnome-0.99.7-EL3.1.i386.rpm x86_64: libsmi-0.4.5-3.el3.x86_64.rpm libsmi-debuginfo-0.4.5-3.el3.x86_64.rpm libsmi-devel-0.4.5-3.el3.x86_64.rpm wireshark-0.99.7-EL3.1.x86_64.rpm wireshark-debuginfo-0.99.7-EL3.1.x86_64.rpm wireshark-gnome-0.99.7-EL3.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libsmi-0.4.5-3.el3.src.rpm ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/wireshark-0.99.7-EL3.1.src.rpm i386: libsmi-0.4.5-3.el3.i386.rpm libsmi-debuginfo-0.4.5-3.el3.i386.rpm libsmi-devel-0.4.5-3.el3.i386.rpm wireshark-0.99.7-EL3.1.i386.rpm wireshark-debuginfo-0.99.7-EL3.1.i386.rpm wireshark-gnome-0.99.7-EL3.1.i386.rpm ia64: libsmi-0.4.5-3.el3.ia64.rpm libsmi-debuginfo-0.4.5-3.el3.ia64.rpm libsmi-devel-0.4.5-3.el3.ia64.rpm wireshark-0.99.7-EL3.1.ia64.rpm wireshark-debuginfo-0.99.7-EL3.1.ia64.rpm wireshark-gnome-0.99.7-EL3.1.ia64.rpm x86_64: libsmi-0.4.5-3.el3.x86_64.rpm libsmi-debuginfo-0.4.5-3.el3.x86_64.rpm libsmi-devel-0.4.5-3.el3.x86_64.rpm wireshark-0.99.7-EL3.1.x86_64.rpm wireshark-debuginfo-0.99.7-EL3.1.x86_64.rpm wireshark-gnome-0.99.7-EL3.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libsmi-0.4.5-3.el3.src.rpm ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/wireshark-0.99.7-EL3.1.src.rpm i386: libsmi-0.4.5-3.el3.i386.rpm libsmi-debuginfo-0.4.5-3.el3.i386.rpm libsmi-devel-0.4.5-3.el3.i386.rpm wireshark-0.99.7-EL3.1.i386.rpm wireshark-debuginfo-0.99.7-EL3.1.i386.rpm wireshark-gnome-0.99.7-EL3.1.i386.rpm ia64: libsmi-0.4.5-3.el3.ia64.rpm libsmi-debuginfo-0.4.5-3.el3.ia64.rpm libsmi-devel-0.4.5-3.el3.ia64.rpm wireshark-0.99.7-EL3.1.ia64.rpm wireshark-debuginfo-0.99.7-EL3.1.ia64.rpm wireshark-gnome-0.99.7-EL3.1.ia64.rpm x86_64: libsmi-0.4.5-3.el3.x86_64.rpm libsmi-debuginfo-0.4.5-3.el3.x86_64.rpm libsmi-devel-0.4.5-3.el3.x86_64.rpm wireshark-0.99.7-EL3.1.x86_64.rpm wireshark-debuginfo-0.99.7-EL3.1.x86_64.rpm wireshark-gnome-0.99.7-EL3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3391 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3392 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3393 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6113 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6114 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6115 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6117 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6118 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6120 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6121 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6450 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6451 http://www.wireshark.org/docs/relnotes/wireshark-0.99.7.html http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHlGdXXlSAg2UNWIIRAkDUAKCBpR3dJYe6U39tZViXyHXeq9dsmwCfZTdk jI/URTMF2Yhq/Q2Z0xbZ2Oc= =ucIE -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Jan 21 09:37:29 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 21 Jan 2008 04:37:29 -0500 Subject: [RHSA-2008:0009-01] Moderate: httpd security update Message-ID: <200801210937.m0L9bTCY013081@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2008:0009-01 Product: Red Hat Application Stack Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0009.html Issue date: 2008-01-21 CVE Names: CVE-2007-5000 CVE-2007-6388 CVE-2007-6421 CVE-2007-6422 CVE-2008-0005 ===================================================================== 1. Summary: Updated Apache httpd packages that correct several security issues are now available for Red Hat Application Stack v2. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, x86_64 3. Description: The Apache HTTP Server is a popular and freely-available Web server. These updated httpd packages resolve the following security issues: A flaw was found in the mod_imagemap module. On sites where mod_imagemap was enabled and an imagemap file was publicly available, a cross-site scripting attack was possible. (CVE-2007-5000) A flaw was found in the mod_status module. On sites where mod_status was enabled and the status pages were publicly accessible, a cross-site scripting attack was possible. (CVE-2007-6388) A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, a cross-site scripting attack against an authorized user was possible. (CVE-2007-6421) A flaw was found in the mod_proxy_balancer module. On sites where mod_proxy_balancer was enabled, an authorized user could send a carefully crafted request that would cause the Apache child process handling that request to crash. This could lead to a denial of service if using a threaded Multi-Processing Module. (CVE-2007-6422) A flaw was found in the mod_proxy_ftp module. On sites where mod_proxy_ftp was enabled and a forward proxy was configured, a cross-site scripting attack was possible against browsers which do not correctly derive the response character set following the rules in RFC 2616. (CVE-2008-0005) Users of httpd should upgrade to these updated packages, which contain backported patches to correct these issues. Users should restart httpd after installing this update. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 419931 - CVE-2007-5000 mod_imagemap XSS 427228 - CVE-2007-6388 apache mod_status cross-site scripting 427229 - CVE-2007-6421 httpd mod_proxy_balancer cross-site scripting 427230 - CVE-2007-6422 httpd mod_proxy_balancer crash 427739 - CVE-2008-0005 mod_proxy_ftp XSS 6. Package List: Red Hat Application Stack v2 for Enterprise Linux (v.5): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHWAS/SRPMS/httpd-2.2.4-9.el5s2.src.rpm i386: httpd-2.2.4-9.el5s2.i386.rpm httpd-debuginfo-2.2.4-9.el5s2.i386.rpm httpd-devel-2.2.4-9.el5s2.i386.rpm httpd-manual-2.2.4-9.el5s2.i386.rpm mod_ssl-2.2.4-9.el5s2.i386.rpm x86_64: httpd-2.2.4-9.el5s2.x86_64.rpm httpd-debuginfo-2.2.4-9.el5s2.i386.rpm httpd-debuginfo-2.2.4-9.el5s2.x86_64.rpm httpd-devel-2.2.4-9.el5s2.i386.rpm httpd-devel-2.2.4-9.el5s2.x86_64.rpm httpd-manual-2.2.4-9.el5s2.x86_64.rpm mod_ssl-2.2.4-9.el5s2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5000 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0005 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHlGfRXlSAg2UNWIIRAkt5AKCW7qsZBohWNbrrypotgGZYm9qhXgCdFyGl F7bbGztZDmBq6N1jmTIwOD8= =ani9 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Jan 23 15:23:38 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 23 Jan 2008 10:23:38 -0500 Subject: [RHSA-2008:0089-01] Important: kernel security and bug fix update Message-ID: <200801231523.m0NFNcUX032466@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2008:0089-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0089.html Issue date: 2008-01-23 CVE Names: CVE-2007-3104 CVE-2007-5904 CVE-2007-6206 CVE-2007-6416 CVE-2008-0001 ===================================================================== 1. Summary: Updated kernel packages that fix several security issues and several bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These new kernel packages fix the following security issues: A flaw was found in the virtual filesystem (VFS). An unprivileged local user could truncate directories to which they had write permission; this could render the contents of the directory inaccessible. (CVE-2008-0001, Important) A flaw was found in the Xen PAL emulation on Intel 64 platforms. A guest Hardware-assisted virtual machine (HVM) could read the arbitrary physical memory of the host system, which could make information available to unauthorized users. (CVE-2007-6416, Important) A flaw was found in the way core dump files were created. If a local user can get a root-owned process to dump a core file into a directory, which the user has write access to, they could gain read access to that core file, potentially containing sensitive information. (CVE-2007-6206, Moderate) A buffer overflow flaw was found in the CIFS virtual file system. A remote,authenticated user could issue a request that could lead to a denial of service. (CVE-2007-5904, Moderate) A flaw was found in the "sysfs_readdir" function. A local user could create a race condition which would cause a denial of service (kernel oops). (CVE-2007-3104, Moderate) As well, these updated packages fix the following bugs: * running the "strace -f" command caused strace to hang, without displaying information about child processes. * unmounting an unresponsive, interruptable NFS mount, for example, one mounted with the "intr" option, may have caused a system crash. * a bug in the s2io.ko driver prevented VLAN devices from being added. Attempting to add a device to a VLAN, for example, running the "vconfig add [device-name] [vlan-id]" command caused vconfig to fail. * tux used an incorrect open flag bit. This caused problems when building packages in a chroot environment, such as mock, which is used by the koji build system. Red Hat Enterprise Linux 5 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 245777 - CVE-2007-3104 Null pointer to an inode in a dentry can cause an oops in sysfs_readdir [rhel-5.1.z] 372701 - CVE-2007-5904 Buffer overflow in CIFS VFS 396861 - CVE-2007-6206 Issue with core dump owner 412091 - [RHEL5 U1] [ia64] Kernel test failing under limited memory 414041 - NFS: System crashes trying to force umount a unresponsive, interruptible mount, which holds references to silly renamed files. 424181 - RHEL5.1 beta: System hung during warm boot-cycling test 425381 - CVE-2007-6416 [RHEL 5.2] [XEN/IA64] Security: vulnerability of copy_to_user in PAL emulation 426289 - [REG][5.1] VLAN add operation fail on s2io.ko driver(Neterion 10GbE card driver), 427994 - CVE-2007-3104 Null pointer to an inode in a dentry can cause an oops in sysfs_readdir 428791 - CVE-2008-0001 kernel: filesystem corruption by unprivileged user via directory truncation 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-53.1.6.el5.src.rpm i386: kernel-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-devel-2.6.18-53.1.6.el5.i686.rpm kernel-debug-2.6.18-53.1.6.el5.i686.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-debug-devel-2.6.18-53.1.6.el5.i686.rpm kernel-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.i686.rpm kernel-devel-2.6.18-53.1.6.el5.i686.rpm kernel-headers-2.6.18-53.1.6.el5.i386.rpm kernel-xen-2.6.18-53.1.6.el5.i686.rpm kernel-xen-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-xen-devel-2.6.18-53.1.6.el5.i686.rpm noarch: kernel-doc-2.6.18-53.1.6.el5.noarch.rpm x86_64: kernel-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-devel-2.6.18-53.1.6.el5.x86_64.rpm kernel-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.x86_64.rpm kernel-devel-2.6.18-53.1.6.el5.x86_64.rpm kernel-headers-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-devel-2.6.18-53.1.6.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-53.1.6.el5.src.rpm i386: kernel-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-PAE-devel-2.6.18-53.1.6.el5.i686.rpm kernel-debug-2.6.18-53.1.6.el5.i686.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-debug-devel-2.6.18-53.1.6.el5.i686.rpm kernel-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.i686.rpm kernel-devel-2.6.18-53.1.6.el5.i686.rpm kernel-headers-2.6.18-53.1.6.el5.i386.rpm kernel-xen-2.6.18-53.1.6.el5.i686.rpm kernel-xen-debuginfo-2.6.18-53.1.6.el5.i686.rpm kernel-xen-devel-2.6.18-53.1.6.el5.i686.rpm ia64: kernel-2.6.18-53.1.6.el5.ia64.rpm kernel-debug-2.6.18-53.1.6.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.ia64.rpm kernel-debug-devel-2.6.18-53.1.6.el5.ia64.rpm kernel-debuginfo-2.6.18-53.1.6.el5.ia64.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.ia64.rpm kernel-devel-2.6.18-53.1.6.el5.ia64.rpm kernel-headers-2.6.18-53.1.6.el5.ia64.rpm kernel-xen-2.6.18-53.1.6.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-53.1.6.el5.ia64.rpm kernel-xen-devel-2.6.18-53.1.6.el5.ia64.rpm noarch: kernel-doc-2.6.18-53.1.6.el5.noarch.rpm ppc: kernel-2.6.18-53.1.6.el5.ppc64.rpm kernel-debug-2.6.18-53.1.6.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.ppc64.rpm kernel-debug-devel-2.6.18-53.1.6.el5.ppc64.rpm kernel-debuginfo-2.6.18-53.1.6.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.ppc64.rpm kernel-devel-2.6.18-53.1.6.el5.ppc64.rpm kernel-headers-2.6.18-53.1.6.el5.ppc.rpm kernel-headers-2.6.18-53.1.6.el5.ppc64.rpm kernel-kdump-2.6.18-53.1.6.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-53.1.6.el5.ppc64.rpm kernel-kdump-devel-2.6.18-53.1.6.el5.ppc64.rpm s390x: kernel-2.6.18-53.1.6.el5.s390x.rpm kernel-debug-2.6.18-53.1.6.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.s390x.rpm kernel-debug-devel-2.6.18-53.1.6.el5.s390x.rpm kernel-debuginfo-2.6.18-53.1.6.el5.s390x.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.s390x.rpm kernel-devel-2.6.18-53.1.6.el5.s390x.rpm kernel-headers-2.6.18-53.1.6.el5.s390x.rpm x86_64: kernel-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-debug-devel-2.6.18-53.1.6.el5.x86_64.rpm kernel-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-53.1.6.el5.x86_64.rpm kernel-devel-2.6.18-53.1.6.el5.x86_64.rpm kernel-headers-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-53.1.6.el5.x86_64.rpm kernel-xen-devel-2.6.18-53.1.6.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3104 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5904 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6416 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0001 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHl1vwXlSAg2UNWIIRArj/AJ9qp2MaYvZQs7WpwkZjmT94jdG/OACgs5wt hasLy+ttzbmAZwdfFx5N4ns= =s3Zs -----END PGP SIGNATURE----- From bugzilla at redhat.com Fri Jan 25 13:30:23 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Fri, 25 Jan 2008 08:30:23 -0500 Subject: [RHSA-2008:0090-01] Important: icu security update Message-ID: <200801251330.m0PDUNGF017732@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: icu security update Advisory ID: RHSA-2008:0090-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0090.html Issue date: 2008-01-25 CVE Names: CVE-2007-4770 CVE-2007-4771 ===================================================================== 1. Summary: Updated icu packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The International Components for Unicode (ICU) library provides robust and full-featured Unicode services. Will Drewry reported multiple flaws in the way libicu processed certain malformed regular expressions. If an application linked against ICU, such as OpenOffice.org, processed a carefully crafted regular expression, it may be possible to execute arbitrary code as the user running the application. (CVE-2007-4770, CVE-2007-4771) All users of icu should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 429023 - CVE-2007-4770 libicu poor back reference validation 429025 - CVE-2007-4771 libicu incomplete interval handling 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/icu-3.6-5.11.1.src.rpm i386: icu-3.6-5.11.1.i386.rpm icu-debuginfo-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.i386.rpm libicu-doc-3.6-5.11.1.i386.rpm x86_64: icu-3.6-5.11.1.x86_64.rpm icu-debuginfo-3.6-5.11.1.i386.rpm icu-debuginfo-3.6-5.11.1.x86_64.rpm libicu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.x86_64.rpm libicu-doc-3.6-5.11.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/icu-3.6-5.11.1.src.rpm i386: icu-debuginfo-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.i386.rpm x86_64: icu-debuginfo-3.6-5.11.1.i386.rpm icu-debuginfo-3.6-5.11.1.x86_64.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/icu-3.6-5.11.1.src.rpm i386: icu-3.6-5.11.1.i386.rpm icu-debuginfo-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-doc-3.6-5.11.1.i386.rpm ia64: icu-3.6-5.11.1.ia64.rpm icu-debuginfo-3.6-5.11.1.ia64.rpm libicu-3.6-5.11.1.ia64.rpm libicu-devel-3.6-5.11.1.ia64.rpm libicu-doc-3.6-5.11.1.ia64.rpm ppc: icu-3.6-5.11.1.ppc.rpm icu-debuginfo-3.6-5.11.1.ppc.rpm icu-debuginfo-3.6-5.11.1.ppc64.rpm libicu-3.6-5.11.1.ppc.rpm libicu-3.6-5.11.1.ppc64.rpm libicu-devel-3.6-5.11.1.ppc.rpm libicu-devel-3.6-5.11.1.ppc64.rpm libicu-doc-3.6-5.11.1.ppc.rpm s390x: icu-3.6-5.11.1.s390x.rpm icu-debuginfo-3.6-5.11.1.s390.rpm icu-debuginfo-3.6-5.11.1.s390x.rpm libicu-3.6-5.11.1.s390.rpm libicu-3.6-5.11.1.s390x.rpm libicu-devel-3.6-5.11.1.s390.rpm libicu-devel-3.6-5.11.1.s390x.rpm libicu-doc-3.6-5.11.1.s390x.rpm x86_64: icu-3.6-5.11.1.x86_64.rpm icu-debuginfo-3.6-5.11.1.i386.rpm icu-debuginfo-3.6-5.11.1.x86_64.rpm libicu-3.6-5.11.1.i386.rpm libicu-3.6-5.11.1.x86_64.rpm libicu-devel-3.6-5.11.1.i386.rpm libicu-devel-3.6-5.11.1.x86_64.rpm libicu-doc-3.6-5.11.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4770 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4771 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHmeRoXlSAg2UNWIIRAsWHAJ4o/9tBo1emcfedGVcnXIkM1zIDfQCfXvDq lbgtGUWpzF5777jATFN2/GA= =fxta -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Jan 31 18:36:11 2008 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 31 Jan 2008 13:36:11 -0500 Subject: [RHSA-2008:0055-01] Important: kernel security and bug fix update Message-ID: <200801311836.m0VIaBGr002488@pobox.devel.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2008:0055-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2008-0055.html Issue date: 2008-01-31 CVE Names: CVE-2007-4130 CVE-2007-5500 CVE-2007-6063 CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0001 ===================================================================== 1. Summary: Updated kernel packages that fix several security issues and a bug in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. These updated kernel packages fix the following security issues: A flaw was found in the virtual filesystem (VFS). A local unprivileged user could truncate directories to which they had write permission; this could render the contents of the directory inaccessible. (CVE-2008-0001, Important) A flaw was found in the implementation of ptrace. A local unprivileged user could trigger this flaw and possibly cause a denial of service (system hang). (CVE-2007-5500, Important) A flaw was found in the way the Red Hat Enterprise Linux 4 kernel handled page faults when a CPU used the NUMA method for accessing memory on Itanium architectures. A local unprivileged user could trigger this flaw and cause a denial of service (system panic). (CVE-2007-4130, Important) A possible NULL pointer dereference was found in the chrp_show_cpuinfo function when using the PowerPC architecture. This may have allowed a local unprivileged user to cause a denial of service (crash). (CVE-2007-6694, Moderate) A flaw was found in the way core dump files were created. If a local user can get a root-owned process to dump a core file into a directory, which the user has write access to, they could gain read access to that core file. This could potentially grant unauthorized access to sensitive information. (CVE-2007-6206, Moderate) Two buffer overflow flaws were found in the Linux kernel ISDN subsystem. A local unprivileged user could use these flaws to cause a denial of service. (CVE-2007-6063, CVE-2007-6151, Moderate) As well, these updated packages fix the following bug: * when moving volumes that contain multiple segments, and a mirror segment is not the first in the mapping table, running the "pvmove /dev/[device] /dev/[device]" command caused a kernel panic. A "kernel: Unable to handle kernel paging request at virtual address [address]" error was logged by syslog. Red Hat Enterprise Linux 4 users are advised to upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 179665 - CVE-2007-4130 panic caused by set_mempolicy with MPOL_BIND 382161 - CVE-2007-5500 kernel hang via userspace PTRACE+waitid 392101 - CVE-2007-6063 Linux Kernel isdn_net_setcfg buffer overflow 396751 - CVE-2007-6694 /proc/cpuinfo DoS on some ppc machines 396861 - CVE-2007-6206 Issue with core dump owner 425111 - CVE-2007-6151 I4L: fix isdn_ioctl memory issue 428637 - pvmove causes kernel panic 428791 - CVE-2008-0001 kernel: filesystem corruption by unprivileged user via directory truncation 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm i386: kernel-2.6.9-67.0.4.EL.i686.rpm kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm kernel-devel-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm kernel-smp-2.6.9-67.0.4.EL.i686.rpm kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm ia64: kernel-2.6.9-67.0.4.EL.ia64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm kernel-devel-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm noarch: kernel-doc-2.6.9-67.0.4.EL.noarch.rpm ppc: kernel-2.6.9-67.0.4.EL.ppc64.rpm kernel-2.6.9-67.0.4.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-67.0.4.EL.ppc64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.ppc64iseries.rpm kernel-devel-2.6.9-67.0.4.EL.ppc64.rpm kernel-devel-2.6.9-67.0.4.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-67.0.4.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.ppc64.rpm s390: kernel-2.6.9-67.0.4.EL.s390.rpm kernel-debuginfo-2.6.9-67.0.4.EL.s390.rpm kernel-devel-2.6.9-67.0.4.EL.s390.rpm s390x: kernel-2.6.9-67.0.4.EL.s390x.rpm kernel-debuginfo-2.6.9-67.0.4.EL.s390x.rpm kernel-devel-2.6.9-67.0.4.EL.s390x.rpm x86_64: kernel-2.6.9-67.0.4.EL.x86_64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm i386: kernel-2.6.9-67.0.4.EL.i686.rpm kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm kernel-devel-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm kernel-smp-2.6.9-67.0.4.EL.i686.rpm kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm noarch: kernel-doc-2.6.9-67.0.4.EL.noarch.rpm x86_64: kernel-2.6.9-67.0.4.EL.x86_64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm i386: kernel-2.6.9-67.0.4.EL.i686.rpm kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm kernel-devel-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm kernel-smp-2.6.9-67.0.4.EL.i686.rpm kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm ia64: kernel-2.6.9-67.0.4.EL.ia64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm kernel-devel-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm noarch: kernel-doc-2.6.9-67.0.4.EL.noarch.rpm x86_64: kernel-2.6.9-67.0.4.EL.x86_64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-67.0.4.EL.src.rpm i386: kernel-2.6.9-67.0.4.EL.i686.rpm kernel-debuginfo-2.6.9-67.0.4.EL.i686.rpm kernel-devel-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-2.6.9-67.0.4.EL.i686.rpm kernel-hugemem-devel-2.6.9-67.0.4.EL.i686.rpm kernel-smp-2.6.9-67.0.4.EL.i686.rpm kernel-smp-devel-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-2.6.9-67.0.4.EL.i686.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.i686.rpm ia64: kernel-2.6.9-67.0.4.EL.ia64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.ia64.rpm kernel-devel-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-2.6.9-67.0.4.EL.ia64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.ia64.rpm noarch: kernel-doc-2.6.9-67.0.4.EL.noarch.rpm x86_64: kernel-2.6.9-67.0.4.EL.x86_64.rpm kernel-debuginfo-2.6.9-67.0.4.EL.x86_64.rpm kernel-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-2.6.9-67.0.4.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-2.6.9-67.0.4.EL.x86_64.rpm kernel-smp-devel-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-2.6.9-67.0.4.EL.x86_64.rpm kernel-xenU-devel-2.6.9-67.0.4.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4130 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5500 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6063 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6151 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6206 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6694 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0001 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2008 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFHohUYXlSAg2UNWIIRAvgXAJ0X3teoSMZAR5GVFafJnCyqwdN7bQCdF5e7 Ad8v5oCkVcDypRRLOHRADtg= =Xgk6 -----END PGP SIGNATURE-----