From bugzilla at redhat.com Tue Nov 3 19:18:40 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Nov 2009 14:18:40 -0500 Subject: [RHSA-2009:1540-01] Important: kernel-rt security, bug fix, and enhancement update Message-ID: <200911031918.nA3JIeMv018390@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel-rt security, bug fix, and enhancement update Advisory ID: RHSA-2009:1540-01 Product: Red Hat Enterprise MRG for RHEL-5 Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1540.html Issue date: 2009-11-03 CVE Names: CVE-2009-1895 CVE-2009-2691 CVE-2009-2695 CVE-2009-2849 CVE-2009-2910 CVE-2009-3002 CVE-2009-3228 CVE-2009-3547 CVE-2009-3612 CVE-2009-3613 CVE-2009-3620 CVE-2009-3621 ===================================================================== 1. Summary: Updated kernel-rt packages that fix several security issues, multiple bugs, and add enhancements are now available for Red Hat Enterprise MRG 1.1. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: MRG Realtime for RHEL 5 Server - i386, noarch, x86_64 3. Description: The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2009-1895, Important) * a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important) * missing initialization flaws were found in getname() implementations in numerous network protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space. These flaws could lead to an information leak. (CVE-2009-3002, Important) * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) * a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could abuse this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important) * NULL pointer dereference flaws were found in the r128 driver in the Linux kernel. Checks to test if the Concurrent Command Engine state was initialized were missing in private IOCTL functions. An attacker could use these flaws to cause a local denial of service or escalate their privileges. (CVE-2009-3620, Important) * Kees Cook and Steve Beattie discovered a race condition in the /proc code in the Linux kernel. This could lead to information in the "/proc/[pid]/maps" and "/proc/[pid]/smaps" files being leaked to users (who would otherwise not have access to this information) during ELF loading. This could help a local attacker bypass the ASLR security feature. (CVE-2009-2691, Moderate) * a NULL pointer dereference flaw was found in the md driver in the Linux kernel. If the suspend_lo or suspend_hi file in "/sys/" is modified when the disk array is inactive, it could lead to a local denial of service or privilege escalation. By default, only root can write to these two files. (CVE-2009-2849, Moderate) * an information leak was found in the Linux kernel. On AMD64 systems, 32-bit processes could access and read certain 64-bit registers by temporarily switching themselves to 64-bit mode. (CVE-2009-2910, Moderate) * padding data in several core network structures was not initialized properly before being sent to user-space, possibly leading to information leaks. (CVE-2009-3228, CVE-2009-3612, Moderate) * the unix_stream_connect() function in the Linux kernel did not check if a UNIX domain socket was in the shutdown state. This could lead to a deadlock. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2009-3621, Moderate) These updated packages also include bug fixes and enhancements. Users are directed to the Realtime Security Update Release Notes for version 1.1 for information on these changes, which will be available shortly from: http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/ Users should upgrade to these updated packages, which contain backported patches to correct these issues and add enhancements. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 511171 - CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID 516171 - CVE-2009-2691 kernel: /proc/$pid/maps visible during initial setuid ELF loading 517830 - CVE-2009-2695 kernel: SELinux and mmap_min_addr 518132 - CVE-2009-2849 kernel: md: NULL pointer deref when accessing suspend_* sysfs attributes 518160 - [FOCUS] Boot hang with x3950 using MRG's -108 kernel 519305 - CVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks 520990 - CVE-2009-3228 kernel: tc: uninitialised kernel memory leak 521999 - ip_tables: connlimit match: invalid size 32 != 24 522359 - MRG 1.1 SMI remeidation support for HS22 and Rackmounts 522501 - Turn off IPX protocol module 522503 - Turn off AppleTalk protocol module in realtime kernel 523986 - kernel: ipt_recent: sanity check hit count [mrg-1] 526788 - CVE-2009-2910 kernel: x86_64 32 bit process register leak 528139 - FTRACE: check for failure for all conversions, tracing: correct module boundaries for ftrace_release 528868 - CVE-2009-3612 kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7 529137 - CVE-2009-3613 kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500 529597 - CVE-2009-3620 kernel: r128 IOCTL NULL pointer dereferences when CCE state is uninitialised 529626 - CVE-2009-3621 kernel: AF_UNIX: Fix deadlock on connecting to shutdown socket 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: MRG Realtime for RHEL 5 Server: Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/RHEMRG/SRPMS/kernel-rt-2.6.24.7-137.el5rt.src.rpm i386: kernel-rt-2.6.24.7-137.el5rt.i686.rpm kernel-rt-debug-2.6.24.7-137.el5rt.i686.rpm kernel-rt-debug-debuginfo-2.6.24.7-137.el5rt.i686.rpm kernel-rt-debug-devel-2.6.24.7-137.el5rt.i686.rpm kernel-rt-debuginfo-2.6.24.7-137.el5rt.i686.rpm kernel-rt-debuginfo-common-2.6.24.7-137.el5rt.i686.rpm kernel-rt-devel-2.6.24.7-137.el5rt.i686.rpm kernel-rt-trace-2.6.24.7-137.el5rt.i686.rpm kernel-rt-trace-debuginfo-2.6.24.7-137.el5rt.i686.rpm kernel-rt-trace-devel-2.6.24.7-137.el5rt.i686.rpm kernel-rt-vanilla-2.6.24.7-137.el5rt.i686.rpm kernel-rt-vanilla-debuginfo-2.6.24.7-137.el5rt.i686.rpm kernel-rt-vanilla-devel-2.6.24.7-137.el5rt.i686.rpm noarch: kernel-rt-doc-2.6.24.7-137.el5rt.noarch.rpm x86_64: kernel-rt-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-debug-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-debug-debuginfo-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-debug-devel-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-debuginfo-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-debuginfo-common-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-devel-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-trace-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-trace-debuginfo-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-trace-devel-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-vanilla-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-vanilla-debuginfo-2.6.24.7-137.el5rt.x86_64.rpm kernel-rt-vanilla-devel-2.6.24.7-137.el5rt.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2691 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621 http://www.redhat.com/security/updates/classification/#important http://kbase.redhat.com/faq/docs/DOC-18042 http://kbase.redhat.com/faq/docs/DOC-17866 http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_MRG/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK8IH9XlSAg2UNWIIRAoXjAKC8JqO1mR+ZMWpACdn/M13k/mUAYACeJIFP G87fP0mndnWlj6GTX9t3IP0= =emIg -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 3 19:19:05 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Nov 2009 14:19:05 -0500 Subject: [RHSA-2009:1541-01] Important: kernel security update Message-ID: <200911031919.nA3JJ6Em011166@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2009:1541-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1541.html Issue date: 2009-11-03 CVE Names: CVE-2009-3547 ===================================================================== 1. Summary: Updated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, noarch, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, noarch, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) Users should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm i386: kernel-2.6.9-89.0.16.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm kernel-devel-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm kernel-smp-2.6.9-89.0.16.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm ia64: kernel-2.6.9-89.0.16.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm kernel-devel-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.16.EL.noarch.rpm ppc: kernel-2.6.9-89.0.16.EL.ppc64.rpm kernel-2.6.9-89.0.16.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-89.0.16.EL.ppc64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.ppc64iseries.rpm kernel-devel-2.6.9-89.0.16.EL.ppc64.rpm kernel-devel-2.6.9-89.0.16.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-89.0.16.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.ppc64.rpm s390: kernel-2.6.9-89.0.16.EL.s390.rpm kernel-debuginfo-2.6.9-89.0.16.EL.s390.rpm kernel-devel-2.6.9-89.0.16.EL.s390.rpm s390x: kernel-2.6.9-89.0.16.EL.s390x.rpm kernel-debuginfo-2.6.9-89.0.16.EL.s390x.rpm kernel-devel-2.6.9-89.0.16.EL.s390x.rpm x86_64: kernel-2.6.9-89.0.16.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm i386: kernel-2.6.9-89.0.16.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm kernel-devel-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm kernel-smp-2.6.9-89.0.16.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm noarch: kernel-doc-2.6.9-89.0.16.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.16.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm i386: kernel-2.6.9-89.0.16.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm kernel-devel-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm kernel-smp-2.6.9-89.0.16.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm ia64: kernel-2.6.9-89.0.16.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm kernel-devel-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.16.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.16.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kernel-2.6.9-89.0.16.EL.src.rpm i386: kernel-2.6.9-89.0.16.EL.i686.rpm kernel-debuginfo-2.6.9-89.0.16.EL.i686.rpm kernel-devel-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-2.6.9-89.0.16.EL.i686.rpm kernel-hugemem-devel-2.6.9-89.0.16.EL.i686.rpm kernel-smp-2.6.9-89.0.16.EL.i686.rpm kernel-smp-devel-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-2.6.9-89.0.16.EL.i686.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.i686.rpm ia64: kernel-2.6.9-89.0.16.EL.ia64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.ia64.rpm kernel-devel-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-2.6.9-89.0.16.EL.ia64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.ia64.rpm noarch: kernel-doc-2.6.9-89.0.16.EL.noarch.rpm x86_64: kernel-2.6.9-89.0.16.EL.x86_64.rpm kernel-debuginfo-2.6.9-89.0.16.EL.x86_64.rpm kernel-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-2.6.9-89.0.16.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-2.6.9-89.0.16.EL.x86_64.rpm kernel-smp-devel-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-2.6.9-89.0.16.EL.x86_64.rpm kernel-xenU-devel-2.6.9-89.0.16.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK8IIWXlSAg2UNWIIRAhnTAKDAIW2wY9rsrTf5AZ5W/yfcrRkXpACfZ1z/ 6Pjd/8SmOp+hrl6LG/cxpjw= =u4kB -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 3 19:54:25 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Nov 2009 14:54:25 -0500 Subject: [RHSA-2009:1548-01] Important: kernel security and bug fix update Message-ID: <200911031954.nA3JsPCi026559@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2009:1548-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1548.html Issue date: 2009-11-03 CVE Names: CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important) * a NULL pointer dereference flaw was found in the eCryptfs implementation in the Linux kernel. A local attacker could use this flaw to cause a local denial of service or escalate their privileges. (CVE-2009-2908, Important) * a flaw was found in the NFSv4 implementation. The kernel would do an unnecessary permission check after creating a file. This check would usually fail and leave the file with the permission bits set to random values. Note: This is a server-side only issue. (CVE-2009-3286, Important) * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) * a flaw was found in the Realtek r8169 Ethernet driver in the Linux kernel. pci_unmap_single() presented a memory leak that could lead to IOMMU space exhaustion and a system crash. An attacker on the local network could abuse this flaw by using jumbo frames for large amounts of network traffic. (CVE-2009-3613, Important) * missing initialization flaws were found in the Linux kernel. Padding data in several core network structures was not initialized properly before being sent to user-space. These flaws could lead to information leaks. (CVE-2009-3228, Moderate) Bug fixes: * with network bonding in the "balance-tlb" or "balance-alb" mode, the primary setting for the primary slave device was lost when said device was brought down. Bringing the slave back up did not restore the primary setting. (BZ#517971) * some faulty serial device hardware caused systems running the kernel-xen kernel to take a very long time to boot. (BZ#524153) * a caching bug in nfs_readdir() may have caused NFS clients to see duplicate files or not see all files in a directory. (BZ#526960) * the RHSA-2009:1243 update removed the mpt_msi_enable option, preventing certain scripts from running. This update adds the option back. (BZ#526963) * an iptables rule with the recent module and a hit count value greater than the ip_pkt_list_tot parameter (the default is 20), did not have any effect over packets, as the hit count could not be reached. (BZ#527434) * a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#527436) * a kernel panic occurred in certain conditions after reconfiguring a tape drive's block size. (BZ#528133) * when using the Linux Virtual Server (LVS) in a master and backup configuration, and propagating active connections on the master to the backup, the connection timeout value on the backup was hard-coded to 180 seconds, meaning connection information on the backup was soon lost. This could prevent the successful failover of connections. The timeout value can now be set via "ipvsadm --set". (BZ#528645) * a bug in nfs4_do_open_expired() could have caused the reclaimer thread on an NFSv4 client to enter an infinite loop. (BZ#529162) * MSI interrupts may not have been delivered for r8169 based network cards that have MSI interrupts enabled. This bug only affected certain systems. (BZ#529366) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 517830 - CVE-2009-2695 kernel: SELinux and mmap_min_addr 517971 - A bond's preferred primary setting is lost after bringing down and up of the primary slave. [rhel-5.4.z] 520990 - CVE-2009-3228 kernel: tc: uninitialised kernel memory leak 524153 - dom0 freeze during kernel startup [rhel-5.4.z] 524520 - CVE-2009-3286 kernel: O_EXCL creates on NFSv4 are broken 526960 - [NetApp 5.5 bug] nfs_readdir() may fail to return all the files in the directory [rhel-5.4.z] 526963 - [RFE] Re-enable "mpt_msi_enable" option in RHEL5 [rhel-5.4.z] 527434 - kernel: ipt_recent: sanity check hit count [rhel-5.4.z] 527436 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-5.4.z] 527534 - CVE-2009-2908 kernel ecryptfs NULL pointer dereference 528133 - kernel panics from list corruption when using a tape drive connected through cciss adapter [rhel-5.4.z] 528645 - LVS master and backup director - Synchronised connections on backup director have unsuitable timeout value [rhel-5.4.z] 529137 - CVE-2009-3613 kernel: flood ping cause out-of-iommu error and panic when mtu larger than 1500 529162 - NFSv4 reclaimer thread in an infinite loop [rhel-5.4.z] 529366 - r8169 stopping all activity until the link is reset [rhel-5.4.z] 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-164.6.1.el5.src.rpm i386: kernel-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-devel-2.6.18-164.6.1.el5.i686.rpm kernel-debug-2.6.18-164.6.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-debug-devel-2.6.18-164.6.1.el5.i686.rpm kernel-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.i686.rpm kernel-devel-2.6.18-164.6.1.el5.i686.rpm kernel-headers-2.6.18-164.6.1.el5.i386.rpm kernel-xen-2.6.18-164.6.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-xen-devel-2.6.18-164.6.1.el5.i686.rpm noarch: kernel-doc-2.6.18-164.6.1.el5.noarch.rpm x86_64: kernel-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-164.6.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.x86_64.rpm kernel-devel-2.6.18-164.6.1.el5.x86_64.rpm kernel-headers-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-164.6.1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-164.6.1.el5.src.rpm i386: kernel-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-PAE-devel-2.6.18-164.6.1.el5.i686.rpm kernel-debug-2.6.18-164.6.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-debug-devel-2.6.18-164.6.1.el5.i686.rpm kernel-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.i686.rpm kernel-devel-2.6.18-164.6.1.el5.i686.rpm kernel-headers-2.6.18-164.6.1.el5.i386.rpm kernel-xen-2.6.18-164.6.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-164.6.1.el5.i686.rpm kernel-xen-devel-2.6.18-164.6.1.el5.i686.rpm ia64: kernel-2.6.18-164.6.1.el5.ia64.rpm kernel-debug-2.6.18-164.6.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.ia64.rpm kernel-debug-devel-2.6.18-164.6.1.el5.ia64.rpm kernel-debuginfo-2.6.18-164.6.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.ia64.rpm kernel-devel-2.6.18-164.6.1.el5.ia64.rpm kernel-headers-2.6.18-164.6.1.el5.ia64.rpm kernel-xen-2.6.18-164.6.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-164.6.1.el5.ia64.rpm kernel-xen-devel-2.6.18-164.6.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-164.6.1.el5.noarch.rpm ppc: kernel-2.6.18-164.6.1.el5.ppc64.rpm kernel-debug-2.6.18-164.6.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-164.6.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-164.6.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.ppc64.rpm kernel-devel-2.6.18-164.6.1.el5.ppc64.rpm kernel-headers-2.6.18-164.6.1.el5.ppc.rpm kernel-headers-2.6.18-164.6.1.el5.ppc64.rpm kernel-kdump-2.6.18-164.6.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-164.6.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-164.6.1.el5.ppc64.rpm s390x: kernel-2.6.18-164.6.1.el5.s390x.rpm kernel-debug-2.6.18-164.6.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.s390x.rpm kernel-debug-devel-2.6.18-164.6.1.el5.s390x.rpm kernel-debuginfo-2.6.18-164.6.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.s390x.rpm kernel-devel-2.6.18-164.6.1.el5.s390x.rpm kernel-headers-2.6.18-164.6.1.el5.s390x.rpm kernel-kdump-2.6.18-164.6.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-164.6.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-164.6.1.el5.s390x.rpm x86_64: kernel-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-164.6.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-164.6.1.el5.x86_64.rpm kernel-devel-2.6.18-164.6.1.el5.x86_64.rpm kernel-headers-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-164.6.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-164.6.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 http://www.redhat.com/security/updates/classification/#important http://kbase.redhat.com/faq/docs/DOC-18042 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK8IpWXlSAg2UNWIIRAorwAJ94I3XDKIjWTcPPmd6hz0tpmGgGGACeOfy5 6YsSrDhfRfXghrgxCwLGySg= =T+fA -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 3 20:07:09 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Nov 2009 15:07:09 -0500 Subject: [RHSA-2009:1549-01] Moderate: wget security update Message-ID: <200911032007.nA3K79QM026470@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: wget security update Advisory ID: RHSA-2009:1549-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1549.html Issue date: 2009-11-03 CVE Names: CVE-2009-3490 ===================================================================== 1. Summary: An updated wget package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: GNU Wget is a file retrieval utility that can use HTTP, HTTPS, and FTP. Daniel Stenberg reported that Wget is affected by the previously published "null prefix attack", caused by incorrect handling of NULL characters in X.509 certificates. If an attacker is able to get a carefully-crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate during a man-in-the-middle attack and potentially confuse Wget into accepting it by mistake. (CVE-2009-3490) Wget users should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 520454 - CVE-2009-3490 wget: incorrect verification of SSL certificate with NUL in name 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/wget-1.10.2-0.30E.1.src.rpm i386: wget-1.10.2-0.30E.1.i386.rpm wget-debuginfo-1.10.2-0.30E.1.i386.rpm ia64: wget-1.10.2-0.30E.1.ia64.rpm wget-debuginfo-1.10.2-0.30E.1.ia64.rpm ppc: wget-1.10.2-0.30E.1.ppc.rpm wget-debuginfo-1.10.2-0.30E.1.ppc.rpm s390: wget-1.10.2-0.30E.1.s390.rpm wget-debuginfo-1.10.2-0.30E.1.s390.rpm s390x: wget-1.10.2-0.30E.1.s390x.rpm wget-debuginfo-1.10.2-0.30E.1.s390x.rpm x86_64: wget-1.10.2-0.30E.1.x86_64.rpm wget-debuginfo-1.10.2-0.30E.1.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/wget-1.10.2-0.30E.1.src.rpm i386: wget-1.10.2-0.30E.1.i386.rpm wget-debuginfo-1.10.2-0.30E.1.i386.rpm x86_64: wget-1.10.2-0.30E.1.x86_64.rpm wget-debuginfo-1.10.2-0.30E.1.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/wget-1.10.2-0.30E.1.src.rpm i386: wget-1.10.2-0.30E.1.i386.rpm wget-debuginfo-1.10.2-0.30E.1.i386.rpm ia64: wget-1.10.2-0.30E.1.ia64.rpm wget-debuginfo-1.10.2-0.30E.1.ia64.rpm x86_64: wget-1.10.2-0.30E.1.x86_64.rpm wget-debuginfo-1.10.2-0.30E.1.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/wget-1.10.2-0.30E.1.src.rpm i386: wget-1.10.2-0.30E.1.i386.rpm wget-debuginfo-1.10.2-0.30E.1.i386.rpm ia64: wget-1.10.2-0.30E.1.ia64.rpm wget-debuginfo-1.10.2-0.30E.1.ia64.rpm x86_64: wget-1.10.2-0.30E.1.x86_64.rpm wget-debuginfo-1.10.2-0.30E.1.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/wget-1.10.2-1.el4_8.1.src.rpm i386: wget-1.10.2-1.el4_8.1.i386.rpm wget-debuginfo-1.10.2-1.el4_8.1.i386.rpm ia64: wget-1.10.2-1.el4_8.1.ia64.rpm wget-debuginfo-1.10.2-1.el4_8.1.ia64.rpm ppc: wget-1.10.2-1.el4_8.1.ppc.rpm wget-debuginfo-1.10.2-1.el4_8.1.ppc.rpm s390: wget-1.10.2-1.el4_8.1.s390.rpm wget-debuginfo-1.10.2-1.el4_8.1.s390.rpm s390x: wget-1.10.2-1.el4_8.1.s390x.rpm wget-debuginfo-1.10.2-1.el4_8.1.s390x.rpm x86_64: wget-1.10.2-1.el4_8.1.x86_64.rpm wget-debuginfo-1.10.2-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/wget-1.10.2-1.el4_8.1.src.rpm i386: wget-1.10.2-1.el4_8.1.i386.rpm wget-debuginfo-1.10.2-1.el4_8.1.i386.rpm x86_64: wget-1.10.2-1.el4_8.1.x86_64.rpm wget-debuginfo-1.10.2-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/wget-1.10.2-1.el4_8.1.src.rpm i386: wget-1.10.2-1.el4_8.1.i386.rpm wget-debuginfo-1.10.2-1.el4_8.1.i386.rpm ia64: wget-1.10.2-1.el4_8.1.ia64.rpm wget-debuginfo-1.10.2-1.el4_8.1.ia64.rpm x86_64: wget-1.10.2-1.el4_8.1.x86_64.rpm wget-debuginfo-1.10.2-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/wget-1.10.2-1.el4_8.1.src.rpm i386: wget-1.10.2-1.el4_8.1.i386.rpm wget-debuginfo-1.10.2-1.el4_8.1.i386.rpm ia64: wget-1.10.2-1.el4_8.1.ia64.rpm wget-debuginfo-1.10.2-1.el4_8.1.ia64.rpm x86_64: wget-1.10.2-1.el4_8.1.x86_64.rpm wget-debuginfo-1.10.2-1.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/wget-1.11.4-2.el5_4.1.src.rpm i386: wget-1.11.4-2.el5_4.1.i386.rpm wget-debuginfo-1.11.4-2.el5_4.1.i386.rpm x86_64: wget-1.11.4-2.el5_4.1.x86_64.rpm wget-debuginfo-1.11.4-2.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/wget-1.11.4-2.el5_4.1.src.rpm i386: wget-1.11.4-2.el5_4.1.i386.rpm wget-debuginfo-1.11.4-2.el5_4.1.i386.rpm ia64: wget-1.11.4-2.el5_4.1.ia64.rpm wget-debuginfo-1.11.4-2.el5_4.1.ia64.rpm ppc: wget-1.11.4-2.el5_4.1.ppc.rpm wget-debuginfo-1.11.4-2.el5_4.1.ppc.rpm s390x: wget-1.11.4-2.el5_4.1.s390x.rpm wget-debuginfo-1.11.4-2.el5_4.1.s390x.rpm x86_64: wget-1.11.4-2.el5_4.1.x86_64.rpm wget-debuginfo-1.11.4-2.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3490 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK8I1gXlSAg2UNWIIRAkhiAJ9G7NAAAyezeAfk90wBMdwyoYanmwCePmVv wXnW/shlTbeL1R94mzOP3wk= =WIO1 -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 3 22:21:19 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 3 Nov 2009 17:21:19 -0500 Subject: [RHSA-2009:1550-01] Important: kernel security and bug fix update Message-ID: <200911032221.nA3MLJ5i026296@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2009:1550-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1550.html Issue date: 2009-11-03 CVE Names: CVE-2008-5029 CVE-2008-5300 CVE-2009-1337 CVE-2009-1385 CVE-2009-1895 CVE-2009-2848 CVE-2009-3002 CVE-2009-3547 ===================================================================== 1. Summary: Updated kernel packages that fix several security issues and multiple bugs are now available for Red Hat Enterprise Linux 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: * when fput() was called to close a socket, the __scm_destroy() function in the Linux kernel could make indirect recursive calls to itself. This could, potentially, lead to a denial of service issue. (CVE-2008-5029, Important) * the sendmsg() function in the Linux kernel did not block during UNIX socket garbage collection. This could, potentially, lead to a local denial of service. (CVE-2008-5300, Important) * the exit_notify() function in the Linux kernel did not properly reset the exit signal if a process executed a set user ID (setuid) application before exiting. This could allow a local, unprivileged user to elevate their privileges. (CVE-2009-1337, Important) * a flaw was found in the Intel PRO/1000 network driver in the Linux kernel. Frames with sizes near the MTU of an interface may be split across multiple hardware receive descriptors. Receipt of such a frame could leak through a validation check, leading to a corruption of the length check. A remote attacker could use this flaw to send a specially-crafted packet that would cause a denial of service or code execution. (CVE-2009-1385, Important) * the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags were not cleared when a setuid or setgid program was executed. A local, unprivileged user could use this flaw to bypass the mmap_min_addr protection mechanism and perform a NULL pointer dereference attack, or bypass the Address Space Layout Randomization (ASLR) security feature. (CVE-2009-1895, Important) * it was discovered that, when executing a new process, the clear_child_tid pointer in the Linux kernel is not cleared. If this pointer points to a writable portion of the memory of the new program, the kernel could corrupt four bytes of memory, possibly leading to a local denial of service or privilege escalation. (CVE-2009-2848, Important) * missing initialization flaws were found in getname() implementations in the IrDA sockets, AppleTalk DDP protocol, NET/ROM protocol, and ROSE protocol implementations in the Linux kernel. Certain data structures in these getname() implementations were not initialized properly before being copied to user-space. These flaws could lead to an information leak. (CVE-2009-3002, Important) * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) Bug fixes: * this update adds the mmap_min_addr tunable and restriction checks to help prevent unprivileged users from creating new memory mappings below the minimum address. This can help prevent the exploitation of NULL pointer dereference bugs. Note that mmap_min_addr is set to zero (disabled) by default for backwards compatibility. (BZ#512642) * a bridge reference count problem in IPv6 has been fixed. (BZ#457010) * enforce null-termination of user-supplied arguments to setsockopt(). (BZ#505514) * the gcc flag "-fno-delete-null-pointer-checks" was added to the kernel build options. This prevents gcc from optimizing out NULL pointer checks after the first use of a pointer. NULL pointer bugs are often exploited by attackers. Keeping these checks is a safety measure. (BZ#511185) * a check has been added to the IPv4 code to make sure that rt is not NULL, to help prevent future bugs in functions that call ip_append_data() from being exploitable. (BZ#520300) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 457010 - ipv6: use timer pending to fix bridge reference count problem [rhel-3.9] 470201 - CVE-2008-5029 kernel: Unix sockets kernel panic 473259 - CVE-2008-5300 kernel: fix soft lockups/OOM issues with unix socket garbage collector 493771 - CVE-2009-1337 kernel: exit_notify: kill the wrong capable(CAP_KILL) check 502981 - CVE-2009-1385 kernel: e1000_clean_rx_irq() denial of service 505514 - kernel: ensure devname passed to SO_BINDTODEVICE is NULL-terminated [rhel-3] 511171 - CVE-2009-1895 kernel: personality: fix PER_CLEAR_ON_SETID 511185 - kernel: build with -fno-delete-null-pointer-checks [rhel-3] 512642 - kernel: security: implement mmap_min_addr infrastructure [rhel-3] 515423 - CVE-2009-2848 kernel: execve: must clear current->clear_child_tid 519305 - CVE-2009-3001, CVE-2009-3002 kernel: numerous getname() infoleaks 520300 - kernel: ipv4: make ip_append_data() handle NULL routing table [rhel-3] 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/kernel-2.4.21-63.EL.src.rpm i386: kernel-2.4.21-63.EL.athlon.rpm kernel-2.4.21-63.EL.i686.rpm kernel-BOOT-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.athlon.rpm kernel-debuginfo-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.i686.rpm kernel-doc-2.4.21-63.EL.i386.rpm kernel-hugemem-2.4.21-63.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-63.EL.i686.rpm kernel-smp-2.4.21-63.EL.athlon.rpm kernel-smp-2.4.21-63.EL.i686.rpm kernel-smp-unsupported-2.4.21-63.EL.athlon.rpm kernel-smp-unsupported-2.4.21-63.EL.i686.rpm kernel-source-2.4.21-63.EL.i386.rpm kernel-unsupported-2.4.21-63.EL.athlon.rpm kernel-unsupported-2.4.21-63.EL.i686.rpm ia64: kernel-2.4.21-63.EL.ia64.rpm kernel-debuginfo-2.4.21-63.EL.ia64.rpm kernel-doc-2.4.21-63.EL.ia64.rpm kernel-source-2.4.21-63.EL.ia64.rpm kernel-unsupported-2.4.21-63.EL.ia64.rpm ppc: kernel-2.4.21-63.EL.ppc64iseries.rpm kernel-2.4.21-63.EL.ppc64pseries.rpm kernel-debuginfo-2.4.21-63.EL.ppc64.rpm kernel-debuginfo-2.4.21-63.EL.ppc64iseries.rpm kernel-debuginfo-2.4.21-63.EL.ppc64pseries.rpm kernel-doc-2.4.21-63.EL.ppc64.rpm kernel-source-2.4.21-63.EL.ppc64.rpm kernel-unsupported-2.4.21-63.EL.ppc64iseries.rpm kernel-unsupported-2.4.21-63.EL.ppc64pseries.rpm s390: kernel-2.4.21-63.EL.s390.rpm kernel-debuginfo-2.4.21-63.EL.s390.rpm kernel-doc-2.4.21-63.EL.s390.rpm kernel-source-2.4.21-63.EL.s390.rpm kernel-unsupported-2.4.21-63.EL.s390.rpm s390x: kernel-2.4.21-63.EL.s390x.rpm kernel-debuginfo-2.4.21-63.EL.s390x.rpm kernel-doc-2.4.21-63.EL.s390x.rpm kernel-source-2.4.21-63.EL.s390x.rpm kernel-unsupported-2.4.21-63.EL.s390x.rpm x86_64: kernel-2.4.21-63.EL.ia32e.rpm kernel-2.4.21-63.EL.x86_64.rpm kernel-debuginfo-2.4.21-63.EL.ia32e.rpm kernel-debuginfo-2.4.21-63.EL.x86_64.rpm kernel-doc-2.4.21-63.EL.x86_64.rpm kernel-smp-2.4.21-63.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-63.EL.x86_64.rpm kernel-source-2.4.21-63.EL.x86_64.rpm kernel-unsupported-2.4.21-63.EL.ia32e.rpm kernel-unsupported-2.4.21-63.EL.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/kernel-2.4.21-63.EL.src.rpm i386: kernel-2.4.21-63.EL.athlon.rpm kernel-2.4.21-63.EL.i686.rpm kernel-BOOT-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.athlon.rpm kernel-debuginfo-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.i686.rpm kernel-doc-2.4.21-63.EL.i386.rpm kernel-hugemem-2.4.21-63.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-63.EL.i686.rpm kernel-smp-2.4.21-63.EL.athlon.rpm kernel-smp-2.4.21-63.EL.i686.rpm kernel-smp-unsupported-2.4.21-63.EL.athlon.rpm kernel-smp-unsupported-2.4.21-63.EL.i686.rpm kernel-source-2.4.21-63.EL.i386.rpm kernel-unsupported-2.4.21-63.EL.athlon.rpm kernel-unsupported-2.4.21-63.EL.i686.rpm x86_64: kernel-2.4.21-63.EL.ia32e.rpm kernel-2.4.21-63.EL.x86_64.rpm kernel-debuginfo-2.4.21-63.EL.ia32e.rpm kernel-debuginfo-2.4.21-63.EL.x86_64.rpm kernel-doc-2.4.21-63.EL.x86_64.rpm kernel-smp-2.4.21-63.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-63.EL.x86_64.rpm kernel-source-2.4.21-63.EL.x86_64.rpm kernel-unsupported-2.4.21-63.EL.ia32e.rpm kernel-unsupported-2.4.21-63.EL.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/kernel-2.4.21-63.EL.src.rpm i386: kernel-2.4.21-63.EL.athlon.rpm kernel-2.4.21-63.EL.i686.rpm kernel-BOOT-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.athlon.rpm kernel-debuginfo-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.i686.rpm kernel-doc-2.4.21-63.EL.i386.rpm kernel-hugemem-2.4.21-63.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-63.EL.i686.rpm kernel-smp-2.4.21-63.EL.athlon.rpm kernel-smp-2.4.21-63.EL.i686.rpm kernel-smp-unsupported-2.4.21-63.EL.athlon.rpm kernel-smp-unsupported-2.4.21-63.EL.i686.rpm kernel-source-2.4.21-63.EL.i386.rpm kernel-unsupported-2.4.21-63.EL.athlon.rpm kernel-unsupported-2.4.21-63.EL.i686.rpm ia64: kernel-2.4.21-63.EL.ia64.rpm kernel-debuginfo-2.4.21-63.EL.ia64.rpm kernel-doc-2.4.21-63.EL.ia64.rpm kernel-source-2.4.21-63.EL.ia64.rpm kernel-unsupported-2.4.21-63.EL.ia64.rpm x86_64: kernel-2.4.21-63.EL.ia32e.rpm kernel-2.4.21-63.EL.x86_64.rpm kernel-debuginfo-2.4.21-63.EL.ia32e.rpm kernel-debuginfo-2.4.21-63.EL.x86_64.rpm kernel-doc-2.4.21-63.EL.x86_64.rpm kernel-smp-2.4.21-63.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-63.EL.x86_64.rpm kernel-source-2.4.21-63.EL.x86_64.rpm kernel-unsupported-2.4.21-63.EL.ia32e.rpm kernel-unsupported-2.4.21-63.EL.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/kernel-2.4.21-63.EL.src.rpm i386: kernel-2.4.21-63.EL.athlon.rpm kernel-2.4.21-63.EL.i686.rpm kernel-BOOT-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.athlon.rpm kernel-debuginfo-2.4.21-63.EL.i386.rpm kernel-debuginfo-2.4.21-63.EL.i686.rpm kernel-doc-2.4.21-63.EL.i386.rpm kernel-hugemem-2.4.21-63.EL.i686.rpm kernel-hugemem-unsupported-2.4.21-63.EL.i686.rpm kernel-smp-2.4.21-63.EL.athlon.rpm kernel-smp-2.4.21-63.EL.i686.rpm kernel-smp-unsupported-2.4.21-63.EL.athlon.rpm kernel-smp-unsupported-2.4.21-63.EL.i686.rpm kernel-source-2.4.21-63.EL.i386.rpm kernel-unsupported-2.4.21-63.EL.athlon.rpm kernel-unsupported-2.4.21-63.EL.i686.rpm ia64: kernel-2.4.21-63.EL.ia64.rpm kernel-debuginfo-2.4.21-63.EL.ia64.rpm kernel-doc-2.4.21-63.EL.ia64.rpm kernel-source-2.4.21-63.EL.ia64.rpm kernel-unsupported-2.4.21-63.EL.ia64.rpm x86_64: kernel-2.4.21-63.EL.ia32e.rpm kernel-2.4.21-63.EL.x86_64.rpm kernel-debuginfo-2.4.21-63.EL.ia32e.rpm kernel-debuginfo-2.4.21-63.EL.x86_64.rpm kernel-doc-2.4.21-63.EL.x86_64.rpm kernel-smp-2.4.21-63.EL.x86_64.rpm kernel-smp-unsupported-2.4.21-63.EL.x86_64.rpm kernel-source-2.4.21-63.EL.x86_64.rpm kernel-unsupported-2.4.21-63.EL.ia32e.rpm kernel-unsupported-2.4.21-63.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5029 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5300 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1895 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3002 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://www.redhat.com/security/updates/classification/#important http://kbase.redhat.com/faq/docs/DOC-17866 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK8KzSXlSAg2UNWIIRArWtAJ92slWmSRS3oiyIP72ioK2CImFXuQCfQd/v xKcJ+uoh5n3q0tv76k8JjhU= =opMk -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 9 15:54:37 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Nov 2009 10:54:37 -0500 Subject: [RHSA-2009:1526-02] Low: Red Hat Enterprise Linux 3 - 1-Year End Of Life Notice Message-ID: <200911091554.nA9Fsck4010942@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Low: Red Hat Enterprise Linux 3 - 1-Year End Of Life Notice Advisory ID: RHSA-2009:1526-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1526.html Issue date: 2009-11-09 ===================================================================== 1. Summary: This is the 1-year notification of the End Of Life plans for Red Hat Enterprise Linux 3. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: In accordance with the Red Hat Enterprise Linux Errata Support Policy, the regular 7 year life-cycle of Red Hat Enterprise Linux 3 will end on October 31, 2010. After this date, Red Hat will discontinue the regular subscription services for Red Hat Enterprise Linux 3. Therefore, new bug fix, enhancement, and security errata updates, as well as technical support services will no longer be available for the following products: * Red Hat Enterprise Linux AS 3 * Red Hat Enterprise Linux ES 3 * Red Hat Enterprise Linux WS 3 * Red Hat Enterprise Linux Extras 3 * Red Hat Desktop 3 * Red Hat Global File System 3 * Red Hat Cluster Suite 3 Customers still running production workloads on Red Hat Enterprise Linux 3 are advised to begin planning the upgrade to Red Hat Enterprise Linux 5. Active subscribers of Red Hat Enterprise Linux already have access to all currently maintained versions of Red Hat Enterprise Linux, as part of their subscription without additional fees. For customers who are unable to migrate off Red Hat Enterprise Linux 3 before its end-of-life date, Red Hat may offer a limited, optional extension program. For more information, contact your Red Hat sales representative or channel partner. Details of the Red Hat Enterprise Linux life-cycle can be found on the Red Hat website: http://www.redhat.com/security/updates/errata/ 4. Solution: This errata contains an updated redhat-release package, that adds a new file to "/usr/share/doc/", which contains this end of life notice. 5. Bugs fixed (http://bugzilla.redhat.com/): 531220 - Send Out RHEL 3 1-Year EOL Notice 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/redhat-release-3AS-13.9.7.src.rpm i386: redhat-release-3AS-13.9.7.i386.rpm redhat-release-debuginfo-3AS-13.9.7.i386.rpm ia64: redhat-release-3AS-13.9.7.ia64.rpm redhat-release-debuginfo-3AS-13.9.7.ia64.rpm ppc: redhat-release-3AS-13.9.7.ppc.rpm redhat-release-debuginfo-3AS-13.9.7.ppc.rpm s390: redhat-release-3AS-13.9.7.s390.rpm redhat-release-debuginfo-3AS-13.9.7.s390.rpm s390x: redhat-release-3AS-13.9.7.s390x.rpm redhat-release-debuginfo-3AS-13.9.7.s390x.rpm x86_64: redhat-release-3AS-13.9.7.x86_64.rpm redhat-release-debuginfo-3AS-13.9.7.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/redhat-release-3Desktop-13.9.7.src.rpm i386: redhat-release-3Desktop-13.9.7.i386.rpm redhat-release-debuginfo-3Desktop-13.9.7.i386.rpm x86_64: redhat-release-3Desktop-13.9.7.x86_64.rpm redhat-release-debuginfo-3Desktop-13.9.7.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/redhat-release-3ES-13.9.7.src.rpm i386: redhat-release-3ES-13.9.7.i386.rpm redhat-release-debuginfo-3ES-13.9.7.i386.rpm ia64: redhat-release-3ES-13.9.7.ia64.rpm redhat-release-debuginfo-3ES-13.9.7.ia64.rpm x86_64: redhat-release-3ES-13.9.7.x86_64.rpm redhat-release-debuginfo-3ES-13.9.7.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/redhat-release-3WS-13.9.7.src.rpm i386: redhat-release-3WS-13.9.7.i386.rpm redhat-release-debuginfo-3WS-13.9.7.i386.rpm ia64: redhat-release-3WS-13.9.7.ia64.rpm redhat-release-debuginfo-3WS-13.9.7.ia64.rpm x86_64: redhat-release-3WS-13.9.7.x86_64.rpm redhat-release-debuginfo-3WS-13.9.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://www.redhat.com/security/updates/classification/#low 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+DsyXlSAg2UNWIIRAkcOAJ45lQqnnn894jTtNMN0YFsSXNTeAACfbIpZ gSvMQB3GC3rC2wZrmX2o+Ig= =Hr8G -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 9 16:18:03 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Nov 2009 11:18:03 -0500 Subject: [RHSA-2009:1560-01] Critical: java-1.6.0-sun security update Message-ID: <200911091618.nA9GI3g5031966@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2009:1560-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1560.html Issue date: 2009-11-09 CVE Names: CVE-2009-2409 CVE-2009-3728 CVE-2009-3729 CVE-2009-3865 CVE-2009-3866 CVE-2009-3867 CVE-2009-3868 CVE-2009-3869 CVE-2009-3871 CVE-2009-3872 CVE-2009-3873 CVE-2009-3874 CVE-2009-3875 CVE-2009-3876 CVE-2009-3877 CVE-2009-3879 CVE-2009-3880 CVE-2009-3881 CVE-2009-3882 CVE-2009-3883 CVE-2009-3884 CVE-2009-3886 ===================================================================== 1. Summary: Updated java-1.6.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Description: The Sun 1.6.0 Java release includes the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 6 Runtime Environment and the Sun Java 6 Software Development Kit. These vulnerabilities are summarized on the "Advance notification of Security Updates for Java SE" page from Sun Microsystems, listed in the References section. (CVE-2009-2409, CVE-2009-3728, CVE-2009-3729, CVE-2009-3865, CVE-2009-3866, CVE-2009-3867, CVE-2009-3868, CVE-2009-3869, CVE-2009-3871, CVE-2009-3872, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3886) Users of java-1.6.0-sun should upgrade to these updated packages, which correct these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky) 530053 - CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem (6862968) 530057 - CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503) 530061 - CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877 530062 - CVE-2009-3869 OpenJDK JRE AWT setDifflCM stack overflow (6872357) 530063 - CVE-2009-3871 OpenJDK JRE AWT setBytePixels heap overflow (6872358) 530067 - CVE-2009-3874 OpenJDK ImageI/O JPEG heap overflow (6874643) 530098 - CVE-2009-3728 OpenJDK ICC_Profile file existence detection information leak (6631533) 530173 - CVE-2009-3881 OpenJDK resurrected classloaders can still have children (6636650) 530175 - CVE-2009-3882 CVE-2009-3883 OpenJDK information leaks in mutable variables (6657026,6657138) 530296 - CVE-2009-3880 OpenJDK UI logging information leakage(6664512) 530297 - CVE-2009-3879 OpenJDK GraphicsConfiguration information leak(6822057) 530300 - CVE-2009-3884 OpenJDK zoneinfo file existence information leak (6824265) 532904 - CVE-2009-3729 JRE TrueType font parsing crash (6815780) 532906 - CVE-2009-3872 JRE JPEG JFIF Decoder issue (6862969) 532914 - CVE-2009-3886 JRE REGRESSION:have problem to run JNLP app and applets with signed Jar files (6870531) 533211 - CVE-2009-3865 java-1.6.0-sun: ACE in JRE Deployment Toolkit (6869752) 533212 - CVE-2009-3866 java-1.6.0-sun: Privilege escalation in the Java Web Start Installer (6872824) 533214 - CVE-2009-3867 java-1.5.0-sun, java-1.6.0-sun: Stack-based buffer overflow via a long file: URL argument (6854303) 533215 - CVE-2009-3868 java-1.5.0-sun, java-1.6.0-sun: Privilege escalation via crafted image file due improper color profiles parsing (6862970) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.1.el4.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.1.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: java-1.6.0-sun-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.2.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.2.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: java-1.6.0-sun-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.2.el5.i586.rpm x86_64: java-1.6.0-sun-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-demo-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-devel-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.i586.rpm java-1.6.0-sun-plugin-1.6.0.17-1jpp.2.el5.x86_64.rpm java-1.6.0-sun-src-1.6.0.17-1jpp.2.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3729 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3865 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3866 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3872 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3886 http://www.redhat.com/security/updates/classification/#critical http://blogs.sun.com/security/entry/advance_notification_of_security_updates6 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+ECyXlSAg2UNWIIRAkULAJ9TTJw8p1/11xdnQQXISeLnHPR1nQCeL0DD 4PNMBtBUYrX43aL30kry0Dc= =joCY -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 9 16:18:19 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Nov 2009 11:18:19 -0500 Subject: [RHSA-2009:1561-01] Important: libvorbis security update Message-ID: <200911091618.nA9GIJkT032012@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: libvorbis security update Advisory ID: RHSA-2009:1561-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1561.html Issue date: 2009-11-09 CVE Names: CVE-2009-3379 ===================================================================== 1. Summary: Updated libvorbis packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The libvorbis packages contain runtime libraries for use in programs that support Ogg Vorbis. Ogg Vorbis is a fully open, non-proprietary, patent-and royalty-free, general-purpose compressed audio format. Multiple flaws were found in the libvorbis library. A specially-crafted Ogg Vorbis media format file (Ogg) could cause an application using libvorbis to crash or, possibly, execute arbitrary code when opened. (CVE-2009-3379) Users of libvorbis should upgrade to these updated packages, which contain backported patches to correct these issues. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 531765 - CVE-2009-3379 libvorbis: security fixes mentioned in MFSA 2009-63 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/libvorbis-1.0-12.el3.src.rpm i386: libvorbis-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-devel-1.0-12.el3.i386.rpm ia64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.ia64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.ia64.rpm libvorbis-devel-1.0-12.el3.ia64.rpm ppc: libvorbis-1.0-12.el3.ppc.rpm libvorbis-1.0-12.el3.ppc64.rpm libvorbis-debuginfo-1.0-12.el3.ppc.rpm libvorbis-debuginfo-1.0-12.el3.ppc64.rpm libvorbis-devel-1.0-12.el3.ppc.rpm s390: libvorbis-1.0-12.el3.s390.rpm libvorbis-debuginfo-1.0-12.el3.s390.rpm libvorbis-devel-1.0-12.el3.s390.rpm s390x: libvorbis-1.0-12.el3.s390.rpm libvorbis-1.0-12.el3.s390x.rpm libvorbis-debuginfo-1.0-12.el3.s390.rpm libvorbis-debuginfo-1.0-12.el3.s390x.rpm libvorbis-devel-1.0-12.el3.s390x.rpm x86_64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.x86_64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.x86_64.rpm libvorbis-devel-1.0-12.el3.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/libvorbis-1.0-12.el3.src.rpm i386: libvorbis-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-devel-1.0-12.el3.i386.rpm x86_64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.x86_64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.x86_64.rpm libvorbis-devel-1.0-12.el3.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/libvorbis-1.0-12.el3.src.rpm i386: libvorbis-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-devel-1.0-12.el3.i386.rpm ia64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.ia64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.ia64.rpm libvorbis-devel-1.0-12.el3.ia64.rpm x86_64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.x86_64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.x86_64.rpm libvorbis-devel-1.0-12.el3.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/libvorbis-1.0-12.el3.src.rpm i386: libvorbis-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-devel-1.0-12.el3.i386.rpm ia64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.ia64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.ia64.rpm libvorbis-devel-1.0-12.el3.ia64.rpm x86_64: libvorbis-1.0-12.el3.i386.rpm libvorbis-1.0-12.el3.x86_64.rpm libvorbis-debuginfo-1.0-12.el3.i386.rpm libvorbis-debuginfo-1.0-12.el3.x86_64.rpm libvorbis-devel-1.0-12.el3.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/libvorbis-1.1.0-3.el4_8.3.src.rpm i386: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-devel-1.1.0-3.el4_8.3.i386.rpm ia64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.ia64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.ia64.rpm libvorbis-devel-1.1.0-3.el4_8.3.ia64.rpm ppc: libvorbis-1.1.0-3.el4_8.3.ppc.rpm libvorbis-1.1.0-3.el4_8.3.ppc64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.ppc.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.ppc64.rpm libvorbis-devel-1.1.0-3.el4_8.3.ppc.rpm s390: libvorbis-1.1.0-3.el4_8.3.s390.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.s390.rpm libvorbis-devel-1.1.0-3.el4_8.3.s390.rpm s390x: libvorbis-1.1.0-3.el4_8.3.s390.rpm libvorbis-1.1.0-3.el4_8.3.s390x.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.s390.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.s390x.rpm libvorbis-devel-1.1.0-3.el4_8.3.s390x.rpm x86_64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-devel-1.1.0-3.el4_8.3.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/libvorbis-1.1.0-3.el4_8.3.src.rpm i386: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-devel-1.1.0-3.el4_8.3.i386.rpm x86_64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-devel-1.1.0-3.el4_8.3.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/libvorbis-1.1.0-3.el4_8.3.src.rpm i386: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-devel-1.1.0-3.el4_8.3.i386.rpm ia64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.ia64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.ia64.rpm libvorbis-devel-1.1.0-3.el4_8.3.ia64.rpm x86_64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-devel-1.1.0-3.el4_8.3.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/libvorbis-1.1.0-3.el4_8.3.src.rpm i386: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-devel-1.1.0-3.el4_8.3.i386.rpm ia64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.ia64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.ia64.rpm libvorbis-devel-1.1.0-3.el4_8.3.ia64.rpm x86_64: libvorbis-1.1.0-3.el4_8.3.i386.rpm libvorbis-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.i386.rpm libvorbis-debuginfo-1.1.0-3.el4_8.3.x86_64.rpm libvorbis-devel-1.1.0-3.el4_8.3.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libvorbis-1.1.2-3.el5_4.4.src.rpm i386: libvorbis-1.1.2-3.el5_4.4.i386.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm x86_64: libvorbis-1.1.2-3.el5_4.4.i386.rpm libvorbis-1.1.2-3.el5_4.4.x86_64.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/libvorbis-1.1.2-3.el5_4.4.src.rpm i386: libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm libvorbis-devel-1.1.2-3.el5_4.4.i386.rpm x86_64: libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.x86_64.rpm libvorbis-devel-1.1.2-3.el5_4.4.i386.rpm libvorbis-devel-1.1.2-3.el5_4.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/libvorbis-1.1.2-3.el5_4.4.src.rpm i386: libvorbis-1.1.2-3.el5_4.4.i386.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm libvorbis-devel-1.1.2-3.el5_4.4.i386.rpm ia64: libvorbis-1.1.2-3.el5_4.4.ia64.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.ia64.rpm libvorbis-devel-1.1.2-3.el5_4.4.ia64.rpm ppc: libvorbis-1.1.2-3.el5_4.4.ppc.rpm libvorbis-1.1.2-3.el5_4.4.ppc64.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.ppc.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.ppc64.rpm libvorbis-devel-1.1.2-3.el5_4.4.ppc.rpm libvorbis-devel-1.1.2-3.el5_4.4.ppc64.rpm s390x: libvorbis-1.1.2-3.el5_4.4.s390.rpm libvorbis-1.1.2-3.el5_4.4.s390x.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.s390.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.s390x.rpm libvorbis-devel-1.1.2-3.el5_4.4.s390.rpm libvorbis-devel-1.1.2-3.el5_4.4.s390x.rpm x86_64: libvorbis-1.1.2-3.el5_4.4.i386.rpm libvorbis-1.1.2-3.el5_4.4.x86_64.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.i386.rpm libvorbis-debuginfo-1.1.2-3.el5_4.4.x86_64.rpm libvorbis-devel-1.1.2-3.el5_4.4.i386.rpm libvorbis-devel-1.1.2-3.el5_4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379 http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+EDEXlSAg2UNWIIRAtmUAJ9fQdHjZTq5Pp3zeGNHdUtadAekeQCfZb8A E3lehMRaGDMmZaU1zZ+1CZE= =q+o+ -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 9 16:19:00 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Nov 2009 11:19:00 -0500 Subject: [RHSA-2009:1562-01] Important: tomcat security update Message-ID: <200911091619.nA9GJ0VM029256@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2009:1562-01 Product: Red Hat Application Server Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1562.html Issue date: 2009-11-09 CVE Names: CVE-2007-5333 CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0781 CVE-2009-0783 ===================================================================== 1. Summary: Updated tomcat packages that fix several security issues are now available for Red Hat Application Server v2. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Application Server v2 4AS - noarch Red Hat Application Server v2 4ES - noarch Red Hat Application Server v2 4WS - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the Red Hat Security Advisory RHSA-2007:0876 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks. (CVE-2007-5333) Note: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: With this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the "/etc/tomcat5/catalina.properties" file: org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false It was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially-crafted requests that would cause an information leak. (CVE-2008-5515) A flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially-crafted requests that would cause a temporary denial of service. (CVE-2009-0033) It was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580) A cross-site scripting (XSS) flaw was found in the examples calendar application. With some web browsers, remote attackers could use this flaw to inject arbitrary web script or HTML via the "time" parameter. (CVE-2009-0781) It was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783) Users of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 427766 - CVE-2007-5333 Improve cookie parsing for tomcat5 489028 - CVE-2009-0781 tomcat: XSS in Apache Tomcat calendar application 493381 - CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection 503978 - CVE-2009-0580 tomcat6 Information disclosure in authentication classes 504153 - CVE-2009-0783 tomcat XML parser information disclosure 504753 - CVE-2008-5515 tomcat request dispatcher information disclosure vulnerability 6. Package List: Red Hat Application Server v2 4AS: Source: ftp://updates.redhat.com/enterprise/4AS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.16.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.16.noarch.rpm Red Hat Application Server v2 4ES: Source: ftp://updates.redhat.com/enterprise/4ES/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.16.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.16.noarch.rpm Red Hat Application Server v2 4WS: Source: ftp://updates.redhat.com/enterprise/4WS/en/RHAPS/SRPMS/tomcat5-5.5.23-0jpp_4rh.16.src.rpm noarch: tomcat5-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-admin-webapps-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jasper-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-jsp-2.0-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-servlet-2.4-api-javadoc-5.5.23-0jpp_4rh.16.noarch.rpm tomcat5-webapps-5.5.23-0jpp_4rh.16.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0781 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+EDsXlSAg2UNWIIRAolpAKChUOOcxUReZmt5M5JqEhXrV3vQcwCfVb80 YkPP5TTexXJnOdMyr4CF1As= =S/Qn -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 9 16:19:19 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 9 Nov 2009 11:19:19 -0500 Subject: [RHSA-2009:1563-01] Important: tomcat security update Message-ID: <200911091619.nA9GJJI3004437@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: tomcat security update Advisory ID: RHSA-2009:1563-01 Product: Red Hat Developer Suite v.3 Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1563.html Issue date: 2009-11-09 CVE Names: CVE-2007-5333 CVE-2008-5515 CVE-2009-0033 CVE-2009-0580 CVE-2009-0783 ===================================================================== 1. Summary: Updated tomcat packages that fix several security issues are now available for Red Hat Developer Suite 3. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Developer Suite v.3 (AS v.4) - noarch 3. Description: Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the Red Hat Security Advisory RHSA-2008:0195 did not address all possible flaws in the way Tomcat handles certain characters and character sequences in cookie values. A remote attacker could use this flaw to obtain sensitive information, such as session IDs, and then use this information for session hijacking attacks. (CVE-2007-5333) Note: The fix for the CVE-2007-5333 flaw changes the default cookie processing behavior: With this update, version 0 cookies that contain values that must be quoted to be valid are automatically changed to version 1 cookies. To reactivate the previous, but insecure behavior, add the following entry to the "/etc/tomcat5/catalina.properties" file: org.apache.tomcat.util.http.ServerCookie.VERSION_SWITCH=false It was discovered that request dispatchers did not properly normalize user requests that have trailing query strings, allowing remote attackers to send specially-crafted requests that would cause an information leak. (CVE-2008-5515) A flaw was found in the way the Tomcat AJP (Apache JServ Protocol) connector processes AJP connections. An attacker could use this flaw to send specially-crafted requests that would cause a temporary denial of service. (CVE-2009-0033) It was discovered that the error checking methods of certain authentication classes did not have sufficient error checking, allowing remote attackers to enumerate (via brute force methods) usernames registered with applications running on Tomcat when FORM-based authentication was used. (CVE-2009-0580) It was discovered that web applications containing their own XML parsers could replace the XML parser Tomcat uses to parse configuration files. A malicious web application running on a Tomcat instance could read or, potentially, modify the configuration and XML-based data of other web applications deployed on the same Tomcat instance. (CVE-2009-0783) Users of Tomcat should upgrade to these updated packages, which contain backported patches to resolve these issues. Tomcat must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 427766 - CVE-2007-5333 Improve cookie parsing for tomcat5 493381 - CVE-2009-0033 tomcat6 Denial-Of-Service with AJP connection 503978 - CVE-2009-0580 tomcat6 Information disclosure in authentication classes 504153 - CVE-2009-0783 tomcat XML parser information disclosure 504753 - CVE-2008-5515 tomcat request dispatcher information disclosure vulnerability 6. Package List: Red Hat Developer Suite v.3 (AS v.4): Source: tomcat5-5.5.23-0jpp_18rh.src.rpm noarch: tomcat5-5.5.23-0jpp_18rh.noarch.rpm tomcat5-common-lib-5.5.23-0jpp_18rh.noarch.rpm tomcat5-jasper-5.5.23-0jpp_18rh.noarch.rpm tomcat5-jsp-2.0-api-5.5.23-0jpp_18rh.noarch.rpm tomcat5-server-lib-5.5.23-0jpp_18rh.noarch.rpm tomcat5-servlet-2.4-api-5.5.23-0jpp_18rh.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5333 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0033 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0580 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0783 http://tomcat.apache.org/security-5.html http://www.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+ED7XlSAg2UNWIIRAsvkAJ9y7NvY0i86Pnqqv857OCEuq83d7ACgutDn e1VwWeOlaJjeguT84VkI+t4= =aQmx -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 10 19:52:51 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Nov 2009 14:52:51 -0500 Subject: [RHSA-2009:1571-01] Critical: java-1.5.0-sun security update Message-ID: <200911101952.nAAJqpsO026071@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.5.0-sun security update Advisory ID: RHSA-2009:1571-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1571.html Issue date: 2009-11-10 CVE Names: CVE-2009-2409 CVE-2009-3728 CVE-2009-3873 CVE-2009-3876 CVE-2009-3877 CVE-2009-3879 CVE-2009-3880 CVE-2009-3881 CVE-2009-3882 CVE-2009-3883 CVE-2009-3884 ===================================================================== 1. Summary: Updated java-1.5.0-sun packages that correct several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Description: The Sun 1.5.0 Java release includes the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. This update fixes several vulnerabilities in the Sun Java 5 Runtime Environment and the Sun Java 5 Software Development Kit. These vulnerabilities are summarized on the "Advance notification of Security Updates for Java SE" page from Sun Microsystems, listed in the References section. (CVE-2009-2409, CVE-2009-3728, CVE-2009-3873, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884) Note: This is the final update for the java-1.5.0-sun packages, as the Sun Java SE Release family 5.0 has now reached End of Service Life. The next update will remove the java-1.5.0-sun packages. An alternative to Sun Java SE 5.0 is the Java 2 Technology Edition of the IBM Developer Kit for Linux, which is available from the Extras and Supplementary channels on the Red Hat Network. For users of applications that are capable of using the Java 6 runtime, the OpenJDK open source JDK is included in Red Hat Enterprise Linux 5 (since 5.3) and is supported by Red Hat. Users of java-1.5.0-sun should upgrade to these updated packages, which correct these issues. All running instances of Sun Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky) 530053 - CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem (6862968) 530061 - CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877 530098 - CVE-2009-3728 OpenJDK ICC_Profile file existence detection information leak (6631533) 530173 - CVE-2009-3881 OpenJDK resurrected classloaders can still have children (6636650) 530175 - CVE-2009-3882 CVE-2009-3883 OpenJDK information leaks in mutable variables (6657026,6657138) 530296 - CVE-2009-3880 OpenJDK UI logging information leakage(6664512) 530297 - CVE-2009-3879 OpenJDK GraphicsConfiguration information leak(6822057) 530300 - CVE-2009-3884 OpenJDK zoneinfo file existence information leak (6824265) 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el4.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el4.x86_64.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el5.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: java-1.5.0-sun-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el5.i586.rpm x86_64: java-1.5.0-sun-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-demo-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-devel-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-jdbc-1.5.0.22-1jpp.1.el5.x86_64.rpm java-1.5.0-sun-plugin-1.5.0.22-1jpp.1.el5.i586.rpm java-1.5.0-sun-src-1.5.0.22-1jpp.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://www.redhat.com/security/updates/classification/#critical https://sunsolve.sun.com/search/document.do?assetkey=118666 http://blogs.sun.com/security/entry/advance_notification_of_security_updates6 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+cR8XlSAg2UNWIIRApoTAKCnQ6tIgxuyFJeLljjeJJaG6uk8lwCgm4ND cfg1o8sZX4Sd2SzEwX9PNo8= =sSsD -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 10 19:54:04 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 10 Nov 2009 14:54:04 -0500 Subject: [RHSA-2009:1572-02] Moderate: 4Suite security update Message-ID: <200911101954.nAAJs40d026291@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: 4Suite security update Advisory ID: RHSA-2009:1572-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1572.html Issue date: 2009-11-10 CVE Names: CVE-2009-3720 ===================================================================== 1. Summary: An updated 4Suite package that fixes one security issue is now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The 4Suite package contains XML-related tools and libraries for Python, including 4DOM, 4XSLT, 4XPath, 4RDF, and 4XPointer. A buffer over-read flaw was found in the way 4Suite's XML parser handles malformed UTF-8 sequences when processing XML files. A specially-crafted XML file could cause applications using the 4Suite library to crash while parsing the file. (CVE-2009-3720) Note: In Red Hat Enterprise Linux 3, this flaw only affects a non-default configuration of the 4Suite package: configurations where the beta version of the cDomlette module is enabled. All 4Suite users should upgrade to this updated package, which contains a backported patch to correct this issue. After installing the updated package, applications using the 4Suite XML-related tools and libraries must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 531697 - CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/4Suite-0.11.1-15.src.rpm i386: 4Suite-0.11.1-15.i386.rpm 4Suite-debuginfo-0.11.1-15.i386.rpm ia64: 4Suite-0.11.1-15.ia64.rpm 4Suite-debuginfo-0.11.1-15.ia64.rpm ppc: 4Suite-0.11.1-15.ppc.rpm 4Suite-debuginfo-0.11.1-15.ppc.rpm s390: 4Suite-0.11.1-15.s390.rpm 4Suite-debuginfo-0.11.1-15.s390.rpm s390x: 4Suite-0.11.1-15.s390x.rpm 4Suite-debuginfo-0.11.1-15.s390x.rpm x86_64: 4Suite-0.11.1-15.x86_64.rpm 4Suite-debuginfo-0.11.1-15.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/4Suite-0.11.1-15.src.rpm i386: 4Suite-0.11.1-15.i386.rpm 4Suite-debuginfo-0.11.1-15.i386.rpm x86_64: 4Suite-0.11.1-15.x86_64.rpm 4Suite-debuginfo-0.11.1-15.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/4Suite-0.11.1-15.src.rpm i386: 4Suite-0.11.1-15.i386.rpm 4Suite-debuginfo-0.11.1-15.i386.rpm ia64: 4Suite-0.11.1-15.ia64.rpm 4Suite-debuginfo-0.11.1-15.ia64.rpm x86_64: 4Suite-0.11.1-15.x86_64.rpm 4Suite-debuginfo-0.11.1-15.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/4Suite-0.11.1-15.src.rpm i386: 4Suite-0.11.1-15.i386.rpm 4Suite-debuginfo-0.11.1-15.i386.rpm ia64: 4Suite-0.11.1-15.ia64.rpm 4Suite-debuginfo-0.11.1-15.ia64.rpm x86_64: 4Suite-0.11.1-15.x86_64.rpm 4Suite-debuginfo-0.11.1-15.x86_64.rpm Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/4Suite-1.0-3.el4_8.1.src.rpm i386: 4Suite-1.0-3.el4_8.1.i386.rpm 4Suite-debuginfo-1.0-3.el4_8.1.i386.rpm ia64: 4Suite-1.0-3.el4_8.1.ia64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.ia64.rpm ppc: 4Suite-1.0-3.el4_8.1.ppc.rpm 4Suite-debuginfo-1.0-3.el4_8.1.ppc.rpm s390: 4Suite-1.0-3.el4_8.1.s390.rpm 4Suite-debuginfo-1.0-3.el4_8.1.s390.rpm s390x: 4Suite-1.0-3.el4_8.1.s390x.rpm 4Suite-debuginfo-1.0-3.el4_8.1.s390x.rpm x86_64: 4Suite-1.0-3.el4_8.1.x86_64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/4Suite-1.0-3.el4_8.1.src.rpm i386: 4Suite-1.0-3.el4_8.1.i386.rpm 4Suite-debuginfo-1.0-3.el4_8.1.i386.rpm x86_64: 4Suite-1.0-3.el4_8.1.x86_64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/4Suite-1.0-3.el4_8.1.src.rpm i386: 4Suite-1.0-3.el4_8.1.i386.rpm 4Suite-debuginfo-1.0-3.el4_8.1.i386.rpm ia64: 4Suite-1.0-3.el4_8.1.ia64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.ia64.rpm x86_64: 4Suite-1.0-3.el4_8.1.x86_64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/4Suite-1.0-3.el4_8.1.src.rpm i386: 4Suite-1.0-3.el4_8.1.i386.rpm 4Suite-debuginfo-1.0-3.el4_8.1.i386.rpm ia64: 4Suite-1.0-3.el4_8.1.ia64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.ia64.rpm x86_64: 4Suite-1.0-3.el4_8.1.x86_64.rpm 4Suite-debuginfo-1.0-3.el4_8.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+cSsXlSAg2UNWIIRAsomAJ99uDIN5K+gwRUjs3t9527/FZYn0gCgtMrj oNymkHXX51lPsr1bJothAKM= =MdPt -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 11 22:13:37 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Nov 2009 17:13:37 -0500 Subject: [RHSA-2009:1579-02] Moderate: httpd security update Message-ID: <200911112213.nABMDbtJ011712@int-mx03.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2009:1579-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1579.html Issue date: 2009-11-11 CVE Names: CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 ===================================================================== 1. Summary: Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation. (CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information: http://kbase.redhat.com/faq/docs/DOC-20491 A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) All httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply 522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header 533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation 6. Package List: Red Hat Enterprise Linux AS version 3: Source: ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/httpd-2.0.46-77.ent.src.rpm i386: httpd-2.0.46-77.ent.i386.rpm httpd-debuginfo-2.0.46-77.ent.i386.rpm httpd-devel-2.0.46-77.ent.i386.rpm mod_ssl-2.0.46-77.ent.i386.rpm ia64: httpd-2.0.46-77.ent.ia64.rpm httpd-debuginfo-2.0.46-77.ent.ia64.rpm httpd-devel-2.0.46-77.ent.ia64.rpm mod_ssl-2.0.46-77.ent.ia64.rpm ppc: httpd-2.0.46-77.ent.ppc.rpm httpd-debuginfo-2.0.46-77.ent.ppc.rpm httpd-devel-2.0.46-77.ent.ppc.rpm mod_ssl-2.0.46-77.ent.ppc.rpm s390: httpd-2.0.46-77.ent.s390.rpm httpd-debuginfo-2.0.46-77.ent.s390.rpm httpd-devel-2.0.46-77.ent.s390.rpm mod_ssl-2.0.46-77.ent.s390.rpm s390x: httpd-2.0.46-77.ent.s390x.rpm httpd-debuginfo-2.0.46-77.ent.s390x.rpm httpd-devel-2.0.46-77.ent.s390x.rpm mod_ssl-2.0.46-77.ent.s390x.rpm x86_64: httpd-2.0.46-77.ent.x86_64.rpm httpd-debuginfo-2.0.46-77.ent.x86_64.rpm httpd-devel-2.0.46-77.ent.x86_64.rpm mod_ssl-2.0.46-77.ent.x86_64.rpm Red Hat Desktop version 3: Source: ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/httpd-2.0.46-77.ent.src.rpm i386: httpd-2.0.46-77.ent.i386.rpm httpd-debuginfo-2.0.46-77.ent.i386.rpm httpd-devel-2.0.46-77.ent.i386.rpm mod_ssl-2.0.46-77.ent.i386.rpm x86_64: httpd-2.0.46-77.ent.x86_64.rpm httpd-debuginfo-2.0.46-77.ent.x86_64.rpm httpd-devel-2.0.46-77.ent.x86_64.rpm mod_ssl-2.0.46-77.ent.x86_64.rpm Red Hat Enterprise Linux ES version 3: Source: ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/httpd-2.0.46-77.ent.src.rpm i386: httpd-2.0.46-77.ent.i386.rpm httpd-debuginfo-2.0.46-77.ent.i386.rpm httpd-devel-2.0.46-77.ent.i386.rpm mod_ssl-2.0.46-77.ent.i386.rpm ia64: httpd-2.0.46-77.ent.ia64.rpm httpd-debuginfo-2.0.46-77.ent.ia64.rpm httpd-devel-2.0.46-77.ent.ia64.rpm mod_ssl-2.0.46-77.ent.ia64.rpm x86_64: httpd-2.0.46-77.ent.x86_64.rpm httpd-debuginfo-2.0.46-77.ent.x86_64.rpm httpd-devel-2.0.46-77.ent.x86_64.rpm mod_ssl-2.0.46-77.ent.x86_64.rpm Red Hat Enterprise Linux WS version 3: Source: ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/httpd-2.0.46-77.ent.src.rpm i386: httpd-2.0.46-77.ent.i386.rpm httpd-debuginfo-2.0.46-77.ent.i386.rpm httpd-devel-2.0.46-77.ent.i386.rpm mod_ssl-2.0.46-77.ent.i386.rpm ia64: httpd-2.0.46-77.ent.ia64.rpm httpd-debuginfo-2.0.46-77.ent.ia64.rpm httpd-devel-2.0.46-77.ent.ia64.rpm mod_ssl-2.0.46-77.ent.ia64.rpm x86_64: httpd-2.0.46-77.ent.x86_64.rpm httpd-debuginfo-2.0.46-77.ent.x86_64.rpm httpd-devel-2.0.46-77.ent.x86_64.rpm mod_ssl-2.0.46-77.ent.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-31.el5_4.2.src.rpm i386: httpd-2.2.3-31.el5_4.2.i386.rpm httpd-debuginfo-2.2.3-31.el5_4.2.i386.rpm mod_ssl-2.2.3-31.el5_4.2.i386.rpm x86_64: httpd-2.2.3-31.el5_4.2.x86_64.rpm httpd-debuginfo-2.2.3-31.el5_4.2.x86_64.rpm mod_ssl-2.2.3-31.el5_4.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/httpd-2.2.3-31.el5_4.2.src.rpm i386: httpd-debuginfo-2.2.3-31.el5_4.2.i386.rpm httpd-devel-2.2.3-31.el5_4.2.i386.rpm httpd-manual-2.2.3-31.el5_4.2.i386.rpm x86_64: httpd-debuginfo-2.2.3-31.el5_4.2.i386.rpm httpd-debuginfo-2.2.3-31.el5_4.2.x86_64.rpm httpd-devel-2.2.3-31.el5_4.2.i386.rpm httpd-devel-2.2.3-31.el5_4.2.x86_64.rpm httpd-manual-2.2.3-31.el5_4.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/httpd-2.2.3-31.el5_4.2.src.rpm i386: httpd-2.2.3-31.el5_4.2.i386.rpm httpd-debuginfo-2.2.3-31.el5_4.2.i386.rpm httpd-devel-2.2.3-31.el5_4.2.i386.rpm httpd-manual-2.2.3-31.el5_4.2.i386.rpm mod_ssl-2.2.3-31.el5_4.2.i386.rpm ia64: httpd-2.2.3-31.el5_4.2.ia64.rpm httpd-debuginfo-2.2.3-31.el5_4.2.ia64.rpm httpd-devel-2.2.3-31.el5_4.2.ia64.rpm httpd-manual-2.2.3-31.el5_4.2.ia64.rpm mod_ssl-2.2.3-31.el5_4.2.ia64.rpm ppc: httpd-2.2.3-31.el5_4.2.ppc.rpm httpd-debuginfo-2.2.3-31.el5_4.2.ppc.rpm httpd-debuginfo-2.2.3-31.el5_4.2.ppc64.rpm httpd-devel-2.2.3-31.el5_4.2.ppc.rpm httpd-devel-2.2.3-31.el5_4.2.ppc64.rpm httpd-manual-2.2.3-31.el5_4.2.ppc.rpm mod_ssl-2.2.3-31.el5_4.2.ppc.rpm s390x: httpd-2.2.3-31.el5_4.2.s390x.rpm httpd-debuginfo-2.2.3-31.el5_4.2.s390.rpm httpd-debuginfo-2.2.3-31.el5_4.2.s390x.rpm httpd-devel-2.2.3-31.el5_4.2.s390.rpm httpd-devel-2.2.3-31.el5_4.2.s390x.rpm httpd-manual-2.2.3-31.el5_4.2.s390x.rpm mod_ssl-2.2.3-31.el5_4.2.s390x.rpm x86_64: httpd-2.2.3-31.el5_4.2.x86_64.rpm httpd-debuginfo-2.2.3-31.el5_4.2.i386.rpm httpd-debuginfo-2.2.3-31.el5_4.2.x86_64.rpm httpd-devel-2.2.3-31.el5_4.2.i386.rpm httpd-devel-2.2.3-31.el5_4.2.x86_64.rpm httpd-manual-2.2.3-31.el5_4.2.x86_64.rpm mod_ssl-2.2.3-31.el5_4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://www.redhat.com/security/updates/classification/#moderate http://kbase.redhat.com/faq/docs/DOC-20491 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+zb/XlSAg2UNWIIRAmwYAKC0f8RduYXFgbsf6oC7QCyjT2bvRACff3ty zuZc7hPPvh0QopUIr2V974o= =Go9J -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 11 22:13:53 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 11 Nov 2009 17:13:53 -0500 Subject: [RHSA-2009:1580-02] Moderate: httpd security update Message-ID: <200911112213.nABMDrwp008394@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: httpd security update Advisory ID: RHSA-2009:1580-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1580.html Issue date: 2009-11-11 CVE Names: CVE-2009-1891 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 ===================================================================== 1. Summary: Updated httpd packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The Apache HTTP Server is a popular Web server. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation. (CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation. Refer to the following Knowledgebase article for further information: http://kbase.redhat.com/faq/docs/DOC-20491 A denial of service flaw was found in the Apache mod_deflate module. This module continued to compress large files until compression was complete, even if the network connection that requested the content was closed before compression completed. This would cause mod_deflate to consume large amounts of CPU if mod_deflate was enabled for a large file. (CVE-2009-1891) A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV or PASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) All httpd users should upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 509125 - CVE-2009-1891 httpd: possible temporary DoS (CPU consumption) in mod_deflate 521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply 522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header 533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/httpd-2.0.52-41.ent.6.src.rpm i386: httpd-2.0.52-41.ent.6.i386.rpm httpd-debuginfo-2.0.52-41.ent.6.i386.rpm httpd-devel-2.0.52-41.ent.6.i386.rpm httpd-manual-2.0.52-41.ent.6.i386.rpm httpd-suexec-2.0.52-41.ent.6.i386.rpm mod_ssl-2.0.52-41.ent.6.i386.rpm ia64: httpd-2.0.52-41.ent.6.ia64.rpm httpd-debuginfo-2.0.52-41.ent.6.ia64.rpm httpd-devel-2.0.52-41.ent.6.ia64.rpm httpd-manual-2.0.52-41.ent.6.ia64.rpm httpd-suexec-2.0.52-41.ent.6.ia64.rpm mod_ssl-2.0.52-41.ent.6.ia64.rpm ppc: httpd-2.0.52-41.ent.6.ppc.rpm httpd-debuginfo-2.0.52-41.ent.6.ppc.rpm httpd-devel-2.0.52-41.ent.6.ppc.rpm httpd-manual-2.0.52-41.ent.6.ppc.rpm httpd-suexec-2.0.52-41.ent.6.ppc.rpm mod_ssl-2.0.52-41.ent.6.ppc.rpm s390: httpd-2.0.52-41.ent.6.s390.rpm httpd-debuginfo-2.0.52-41.ent.6.s390.rpm httpd-devel-2.0.52-41.ent.6.s390.rpm httpd-manual-2.0.52-41.ent.6.s390.rpm httpd-suexec-2.0.52-41.ent.6.s390.rpm mod_ssl-2.0.52-41.ent.6.s390.rpm s390x: httpd-2.0.52-41.ent.6.s390x.rpm httpd-debuginfo-2.0.52-41.ent.6.s390x.rpm httpd-devel-2.0.52-41.ent.6.s390x.rpm httpd-manual-2.0.52-41.ent.6.s390x.rpm httpd-suexec-2.0.52-41.ent.6.s390x.rpm mod_ssl-2.0.52-41.ent.6.s390x.rpm x86_64: httpd-2.0.52-41.ent.6.x86_64.rpm httpd-debuginfo-2.0.52-41.ent.6.x86_64.rpm httpd-devel-2.0.52-41.ent.6.x86_64.rpm httpd-manual-2.0.52-41.ent.6.x86_64.rpm httpd-suexec-2.0.52-41.ent.6.x86_64.rpm mod_ssl-2.0.52-41.ent.6.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/httpd-2.0.52-41.ent.6.src.rpm i386: httpd-2.0.52-41.ent.6.i386.rpm httpd-debuginfo-2.0.52-41.ent.6.i386.rpm httpd-devel-2.0.52-41.ent.6.i386.rpm httpd-manual-2.0.52-41.ent.6.i386.rpm httpd-suexec-2.0.52-41.ent.6.i386.rpm mod_ssl-2.0.52-41.ent.6.i386.rpm x86_64: httpd-2.0.52-41.ent.6.x86_64.rpm httpd-debuginfo-2.0.52-41.ent.6.x86_64.rpm httpd-devel-2.0.52-41.ent.6.x86_64.rpm httpd-manual-2.0.52-41.ent.6.x86_64.rpm httpd-suexec-2.0.52-41.ent.6.x86_64.rpm mod_ssl-2.0.52-41.ent.6.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/httpd-2.0.52-41.ent.6.src.rpm i386: httpd-2.0.52-41.ent.6.i386.rpm httpd-debuginfo-2.0.52-41.ent.6.i386.rpm httpd-devel-2.0.52-41.ent.6.i386.rpm httpd-manual-2.0.52-41.ent.6.i386.rpm httpd-suexec-2.0.52-41.ent.6.i386.rpm mod_ssl-2.0.52-41.ent.6.i386.rpm ia64: httpd-2.0.52-41.ent.6.ia64.rpm httpd-debuginfo-2.0.52-41.ent.6.ia64.rpm httpd-devel-2.0.52-41.ent.6.ia64.rpm httpd-manual-2.0.52-41.ent.6.ia64.rpm httpd-suexec-2.0.52-41.ent.6.ia64.rpm mod_ssl-2.0.52-41.ent.6.ia64.rpm x86_64: httpd-2.0.52-41.ent.6.x86_64.rpm httpd-debuginfo-2.0.52-41.ent.6.x86_64.rpm httpd-devel-2.0.52-41.ent.6.x86_64.rpm httpd-manual-2.0.52-41.ent.6.x86_64.rpm httpd-suexec-2.0.52-41.ent.6.x86_64.rpm mod_ssl-2.0.52-41.ent.6.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/httpd-2.0.52-41.ent.6.src.rpm i386: httpd-2.0.52-41.ent.6.i386.rpm httpd-debuginfo-2.0.52-41.ent.6.i386.rpm httpd-devel-2.0.52-41.ent.6.i386.rpm httpd-manual-2.0.52-41.ent.6.i386.rpm httpd-suexec-2.0.52-41.ent.6.i386.rpm mod_ssl-2.0.52-41.ent.6.i386.rpm ia64: httpd-2.0.52-41.ent.6.ia64.rpm httpd-debuginfo-2.0.52-41.ent.6.ia64.rpm httpd-devel-2.0.52-41.ent.6.ia64.rpm httpd-manual-2.0.52-41.ent.6.ia64.rpm httpd-suexec-2.0.52-41.ent.6.ia64.rpm mod_ssl-2.0.52-41.ent.6.ia64.rpm x86_64: httpd-2.0.52-41.ent.6.x86_64.rpm httpd-debuginfo-2.0.52-41.ent.6.x86_64.rpm httpd-devel-2.0.52-41.ent.6.x86_64.rpm httpd-manual-2.0.52-41.ent.6.x86_64.rpm httpd-suexec-2.0.52-41.ent.6.x86_64.rpm mod_ssl-2.0.52-41.ent.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3095 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555 http://www.redhat.com/security/updates/classification/#moderate http://kbase.redhat.com/faq/docs/DOC-20491 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK+zcXXlSAg2UNWIIRAmhLAJ9+HITyv4ZwC5nF35t2XMmgf5AG6gCgjTdd lcPWpMmXTzMisGRs8R20I4M= =Gnpp -----END PGP SIGNATURE----- From bugzilla at redhat.com Thu Nov 12 18:18:53 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Thu, 12 Nov 2009 13:18:53 -0500 Subject: [RHSA-2009:1582-01] Critical: java-1.6.0-ibm security update Message-ID: <200911121818.nACIIr7M026002@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.6.0-ibm security update Advisory ID: RHSA-2009:1582-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1582.html Issue date: 2009-11-12 CVE Names: CVE-2009-2625 CVE-2009-2670 CVE-2009-2671 CVE-2009-2672 CVE-2009-2673 CVE-2009-2674 CVE-2009-2675 CVE-2009-2676 ===================================================================== 1. Summary: Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - i386, x86_64 RHEL Supplementary (v. 5 server) - i386, ppc, s390x, x86_64 Red Hat Desktop version 4 Extras - i386, x86_64 Red Hat Enterprise Linux AS version 4 Extras - i386, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4 Extras - i386, x86_64 Red Hat Enterprise Linux WS version 4 Extras - i386, x86_64 3. Description: The IBM 1.6.0 Java release includes the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment and the IBM Java 2 Software Development Kit. These vulnerabilities are summarized on the IBM "Security alerts" page listed in the References section. (CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676) All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM 1.6.0 SR6 Java release. All running instances of IBM Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 512896 - CVE-2009-2670 OpenJDK Untrusted applet System properties access (6738524) 512907 - CVE-2009-2671 CVE-2009-2672 OpenJDK Proxy mechanism information leaks (6801071) 512914 - CVE-2009-2673 OpenJDK proxy mechanism allows non-authorized socket connections (6801497) 512915 - CVE-2009-2674 Java Web Start Buffer JPEG processing integer overflow (6823373) 512920 - CVE-2009-2675 Java Web Start Buffer unpack200 processing integer overflow (6830335) 512921 - CVE-2009-2625 OpenJDK: XML parsing Denial-Of-Service (6845701) 515890 - CVE-2009-2676 JRE applet launcher vulnerability 6. Package List: Red Hat Enterprise Linux AS version 4 Extras: i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.i386.rpm ppc: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.ppc64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.ppc.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.ppc64.rpm s390: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.s390.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.s390.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.s390.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.s390.rpm s390x: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.s390x.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.s390x.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.s390x.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.x86_64.rpm Red Hat Desktop version 4 Extras: i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4 Extras: i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4 Extras: i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el4.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el4.x86_64.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el4.x86_64.rpm RHEL Desktop Supplementary (v. 5 client): i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.i386.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.x86_64.rpm RHEL Supplementary (v. 5 server): i386: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.i386.rpm ppc: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.ppc64.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.ppc64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.ppc64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.ppc64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.ppc64.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.ppc.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.ppc64.rpm s390x: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.s390.rpm java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.s390x.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.s390x.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.s390.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.s390x.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.s390.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.s390x.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.s390.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.s390x.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.s390.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.s390x.rpm x86_64: java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-accessibility-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-demo-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-devel-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-javacomm-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-jdbc-1.6.0.6-1jpp.3.el5.x86_64.rpm java-1.6.0-ibm-plugin-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.i386.rpm java-1.6.0-ibm-src-1.6.0.6-1jpp.3.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2670 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2672 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2673 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2674 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2675 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2676 http://www.redhat.com/security/updates/classification/#critical http://www.ibm.com/developerworks/java/jdk/alerts/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFK/FF7XlSAg2UNWIIRAmMKAJ4qG25rRF9h0keB9NGktSZRXSJhpgCfaE5r WhZBveo5TWf9sWuf2IIgIsY= =qy0W -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 16 15:52:30 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 16 Nov 2009 10:52:30 -0500 Subject: [RHSA-2009:1584-01] Important: java-1.6.0-openjdk security update Message-ID: <200911161552.nAGFqUeS015244@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: java-1.6.0-openjdk security update Advisory ID: RHSA-2009:1584-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1584.html Issue date: 2009-11-16 CVE Names: CVE-2009-2409 CVE-2009-3728 CVE-2009-3869 CVE-2009-3871 CVE-2009-3873 CVE-2009-3874 CVE-2009-3875 CVE-2009-3876 CVE-2009-3877 CVE-2009-3879 CVE-2009-3880 CVE-2009-3881 CVE-2009-3882 CVE-2009-3883 CVE-2009-3884 ===================================================================== 1. Summary: Updated java-1.6.0-openjdk packages that fix several security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. The Java Runtime Environment (JRE) contains the software and tools that users need to run applications written using the Java programming language. An integer overflow flaw and buffer overflow flaws were found in the way the JRE processed image files. An untrusted applet or application could use these flaws to extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the applet or application. (CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874) An information leak was found in the JRE. An untrusted applet or application could use this flaw to extend its privileges, allowing it to read and write local files, as well as to execute local applications with the privileges of the user running the applet or application. (CVE-2009-3881) It was discovered that the JRE still accepts certificates with MD2 hash signatures, even though MD2 is no longer considered a cryptographically strong algorithm. This could make it easier for an attacker to create a malicious certificate that would be treated as trusted by the JRE. With this update, the JRE disables the use of the MD2 algorithm inside signatures by default. (CVE-2009-2409) A timing attack flaw was found in the way the JRE processed HMAC digests. This flaw could aid an attacker using forged digital signatures to bypass authentication checks. (CVE-2009-3875) Two denial of service flaws were found in the JRE. These could be exploited in server-side application scenarios that process DER-encoded (Distinguished Encoding Rules) data. (CVE-2009-3876, CVE-2009-3877) An information leak was found in the way the JRE handled color profiles. An attacker could use this flaw to discover the existence of files outside of the color profiles directory. (CVE-2009-3728) A flaw in the JRE with passing arrays to the X11GraphicsDevice API was found. An untrusted applet or application could use this flaw to access and modify the list of supported graphics configurations. This flaw could also lead to sensitive information being leaked to unprivileged code. (CVE-2009-3879) It was discovered that the JRE passed entire objects to the logging API. This could lead to sensitive information being leaked to either untrusted or lower-privileged code from an attacker-controlled applet which has access to the logging API and is therefore able to manipulate (read and/or call) the passed objects. (CVE-2009-3880) Potential information leaks were found in various mutable static variables. These could be exploited in application scenarios that execute untrusted scripting code. (CVE-2009-3882, CVE-2009-3883) An information leak was found in the way the TimeZone.getTimeZone method was handled. This method could load time zone files that are outside of the [JRE_HOME]/lib/zi/ directory, allowing a remote attacker to probe the local file system. (CVE-2009-3884) Note: The flaws concerning applets in this advisory, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881 and CVE-2009-3884, can only be triggered in java-1.6.0-openjdk by calling the "appletviewer" application. All users of java-1.6.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 510197 - CVE-2009-2409 deprecate MD2 in SSL cert validation (Kaminsky) 530053 - CVE-2009-3873 OpenJDK JPEG Image Writer quantization problem (6862968) 530057 - CVE-2009-3875 OpenJDK MessageDigest.isEqual introduces timing attack vulnerabilities (6863503) 530061 - CVE-2009-3876 OpenJDK ASN.1/DER input stream parser denial of service (6864911) CVE-2009-3877 530062 - CVE-2009-3869 OpenJDK JRE AWT setDifflCM stack overflow (6872357) 530063 - CVE-2009-3871 OpenJDK JRE AWT setBytePixels heap overflow (6872358) 530067 - CVE-2009-3874 OpenJDK ImageI/O JPEG heap overflow (6874643) 530098 - CVE-2009-3728 OpenJDK ICC_Profile file existence detection information leak (6631533) 530173 - CVE-2009-3881 OpenJDK resurrected classloaders can still have children (6636650) 530175 - CVE-2009-3882 CVE-2009-3883 OpenJDK information leaks in mutable variables (6657026,6657138) 530296 - CVE-2009-3880 OpenJDK UI logging information leakage(6664512) 530297 - CVE-2009-3879 OpenJDK GraphicsConfiguration information leak(6822057) 530300 - CVE-2009-3884 OpenJDK zoneinfo file existence information leak (6824265) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.src.rpm i386: java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.i386.rpm java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.i386.rpm x86_64: java-1.6.0-openjdk-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-debuginfo-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-demo-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-devel-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-javadoc-1.6.0.0-1.7.b09.el5.x86_64.rpm java-1.6.0-openjdk-src-1.6.0.0-1.7.b09.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2409 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3871 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3873 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3874 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3875 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3876 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3877 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3880 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3881 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3882 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3883 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3884 http://www.redhat.com/security/updates/classification/#important http://blogs.sun.com/security/entry/advance_notification_of_security_updates6 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLAXUeXlSAg2UNWIIRAvmLAJ9PWshPNP+NNBHdHun60+HomuWmxwCfT4lc PbIVgG8m8W70pLuSl/kC/Hc= =895T -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 16 15:52:55 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 16 Nov 2009 10:52:55 -0500 Subject: [RHSA-2009:1585-01] Moderate: samba3x security and bug fix update Message-ID: <200911161552.nAGFqtke020348@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: samba3x security and bug fix update Advisory ID: RHSA-2009:1585-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1585.html Issue date: 2009-11-16 CVE Names: CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 ===================================================================== 1. Summary: Updated samba3x packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5 Supplementary. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Supplementary (v. 5 client) - x86_64 RHEL Supplementary (v. 5 server) - x86_64 3. Description: Samba is a suite of programs used by machines to share files, printers, and other information. These samba3x packages provide Samba 3.3, which is a Technology Preview for Red Hat Enterprise Linux 5. These packages cannot be installed in parallel with the samba packages. Note: Technology Previews are not intended for production use. A denial of service flaw was found in the Samba smbd daemon. An authenticated, remote user could send a specially-crafted response that would cause an smbd child process to enter an infinite loop. An authenticated, remote user could use this flaw to exhaust system resources by opening multiple CIFS sessions. (CVE-2009-2906) An uninitialized data access flaw was discovered in the smbd daemon when using the non-default "dos filemode" configuration option in "smb.conf". An authenticated, remote user with write access to a file could possibly use this flaw to change an access control list for that file, even when such access should have been denied. (CVE-2009-1888) A flaw was discovered in the way Samba handled users without a home directory set in the back-end password database (e.g. "/etc/passwd"). If a share for the home directory of such a user was created (e.g. using the automated "[homes]" share), any user able to access that share could see the whole file system, possibly bypassing intended access restrictions. (CVE-2009-2813) The mount.cifs program printed CIFS passwords as part of its debug output when running in verbose mode. When mount.cifs had the setuid bit set, a local, unprivileged user could use this flaw to disclose passwords from a file that would otherwise be inaccessible to that user. Note: mount.cifs from the samba3x packages distributed by Red Hat does not have the setuid bit set. This flaw only affected systems where the setuid bit was manually set by an administrator. (CVE-2009-2948) This update also fixes the following bugs: * the samba3x packages contained missing and conflicting license information. License information was missing for the libtalloc, libtdb, and tdb-tools packages. The samba3x-common package provided a COPYING file; however, it stated the license was GPLv2, while RPM metadata stated the licenses were either GPLv3 or LGPLv3. This update adds the correct licensing information to the samba3x-common, libsmbclient, libtalloc, libtdb, and tdb-tools packages. (BZ#528633) * the upstream Samba version in the samba3x packages distributed with the RHEA-2009:1399 update contained broken implementations of the Netlogon credential chain and SAMR access checks security subsystems. This prevented Samba from acting as a domain controller: Client systems could not join the domain; users could not authenticate; and systems could not access the user and group list. (BZ#524551) * this update resolves interoperability issues with Windows 7 and Windows Server 2008 R2. (BZ#529022) These packages upgrade Samba from version 3.3.5 to version 3.3.8. Refer to the Samba Release Notes for a list of changes between versions: http://samba.org/samba/history/ Users of samba3x should upgrade to these updated packages, which resolve these issues. After installing this update, the smb service will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 506996 - CVE-2009-1888 Samba improper file access 523752 - CVE-2009-2813 Samba: Share restriction bypass via home-less directory user account(s) 524551 - samba3x 3.3.4 is broken as domain controller 526074 - CVE-2009-2948 samba: information disclosure in suid mount.cifs 526645 - CVE-2009-2906 samba: infinite loop flaw in smbd on unexpected oplock break notification reply 528633 - License problem for Samba3X in x86_64 supplementary image 529022 - Interoperation with Windows 7 and Windows 2008 (R2) broken 6. Package List: RHEL Desktop Supplementary (v. 5 client): Source: samba3x-3.3.8-0.46.el5.src.rpm x86_64: libsmbclient-3.0.34-46.el5.x86_64.rpm libsmbclient-devel-3.0.34-46.el5.x86_64.rpm libtalloc-1.2.0-46.el5.x86_64.rpm libtalloc-devel-1.2.0-46.el5.x86_64.rpm libtdb-1.1.2-46.el5.x86_64.rpm libtdb-devel-1.1.2-46.el5.x86_64.rpm samba3x-3.3.8-0.46.el5.x86_64.rpm samba3x-client-3.3.8-0.46.el5.x86_64.rpm samba3x-common-3.3.8-0.46.el5.x86_64.rpm samba3x-debuginfo-3.3.8-0.46.el5.x86_64.rpm samba3x-doc-3.3.8-0.46.el5.x86_64.rpm samba3x-domainjoin-gui-3.3.8-0.46.el5.x86_64.rpm samba3x-swat-3.3.8-0.46.el5.x86_64.rpm samba3x-winbind-3.3.8-0.46.el5.x86_64.rpm samba3x-winbind-devel-3.3.8-0.46.el5.x86_64.rpm tdb-tools-1.1.2-46.el5.x86_64.rpm RHEL Supplementary (v. 5 server): Source: samba3x-3.3.8-0.46.el5.src.rpm x86_64: libsmbclient-3.0.34-46.el5.x86_64.rpm libsmbclient-devel-3.0.34-46.el5.x86_64.rpm libtalloc-1.2.0-46.el5.x86_64.rpm libtalloc-devel-1.2.0-46.el5.x86_64.rpm libtdb-1.1.2-46.el5.x86_64.rpm libtdb-devel-1.1.2-46.el5.x86_64.rpm samba3x-3.3.8-0.46.el5.x86_64.rpm samba3x-client-3.3.8-0.46.el5.x86_64.rpm samba3x-common-3.3.8-0.46.el5.x86_64.rpm samba3x-debuginfo-3.3.8-0.46.el5.x86_64.rpm samba3x-doc-3.3.8-0.46.el5.x86_64.rpm samba3x-domainjoin-gui-3.3.8-0.46.el5.x86_64.rpm samba3x-swat-3.3.8-0.46.el5.x86_64.rpm samba3x-winbind-3.3.8-0.46.el5.x86_64.rpm samba3x-winbind-devel-3.3.8-0.46.el5.x86_64.rpm tdb-tools-1.1.2-46.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1888 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2813 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2948 http://www.redhat.com/security/updates/classification/#moderate http://www.redhat.com/support/policy/soc/production/preview_scope/ http://samba.org/samba/history/ 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLAXVEXlSAg2UNWIIRAjWRAJ4nUZBFKne6TS8w/O2yv8VHUaCuYACgr8u/ 7etek5nMkxXoqWDRfT10wbw= =yoNV -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 17 15:30:13 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Nov 2009 10:30:13 -0500 Subject: [RHSA-2009:1587-01] Important: kernel security and bug fix update Message-ID: <200911171530.nAHFUhev008188@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2009:1587-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1587.html Issue date: 2009-11-17 CVE Names: CVE-2009-2695 CVE-2009-3547 ===================================================================== 1. Summary: Updated kernel packages that fix multiple security issues and various bugs are now available for Red Hat Enterprise Linux 5.3 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5.3.z server) - i386, ia64, noarch, ppc, s390x, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a system with SELinux enforced was more permissive in allowing local users in the unconfined_t domain to map low memory areas even if the mmap_min_addr restriction was enabled. This could aid in the local exploitation of NULL pointer dereference bugs. (CVE-2009-2695, Important) * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) This update also fixes the following bugs: * a caching bug in nfs_readdir() has been resolved. This may have caused parts of directory listings to become stale, as they came from cached data when they should not have, possibly causing NFS clients to see duplicate files or not see all files in a directory. (BZ#526959) * a bug prevented the pciehp driver from detecting PCI Express hot plug slots on some systems. (BZ#530381) * when a process attempted to read from a page that had first been accessed by writing to part of it (via write(2)), the NFS client needed to flush the modified portion of the page out to the server, and then read the entire page back in. This flush caused performance issues. (BZ#521243) * a deadlock was found in the cciss driver. In rare cases, this caused an NMI lockup during boot. Messages such as "cciss: controller cciss[x] failed, stopping." and "cciss[x]: controller not responding." may have been displayed on the console. (BZ#525728) Users should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 517830 - CVE-2009-2695 kernel: SELinux and mmap_min_addr 521243 - Read/Write NFS I/O performance degraded by FLUSH_STABLE page flushing [rhel-5.3.z] 525728 - cciss: spinlock deadlock causes NMI on HP systems [rhel-5.3.z] 526959 - [NetApp 5.5 bug] nfs_readdir() may fail to return all the files in the directory [rhel-5.3.z] 530381 - [5.3] PCIe hotplug slot detection failure [rhel-5.3.z] 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: Red Hat Enterprise Linux (v. 5.3.z server): Source: kernel-2.6.18-128.11.1.el5.src.rpm i386: kernel-2.6.18-128.11.1.el5.i686.rpm kernel-PAE-2.6.18-128.11.1.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-128.11.1.el5.i686.rpm kernel-PAE-devel-2.6.18-128.11.1.el5.i686.rpm kernel-debug-2.6.18-128.11.1.el5.i686.rpm kernel-debug-debuginfo-2.6.18-128.11.1.el5.i686.rpm kernel-debug-devel-2.6.18-128.11.1.el5.i686.rpm kernel-debuginfo-2.6.18-128.11.1.el5.i686.rpm kernel-debuginfo-common-2.6.18-128.11.1.el5.i686.rpm kernel-devel-2.6.18-128.11.1.el5.i686.rpm kernel-headers-2.6.18-128.11.1.el5.i386.rpm kernel-xen-2.6.18-128.11.1.el5.i686.rpm kernel-xen-debuginfo-2.6.18-128.11.1.el5.i686.rpm kernel-xen-devel-2.6.18-128.11.1.el5.i686.rpm ia64: kernel-2.6.18-128.11.1.el5.ia64.rpm kernel-debug-2.6.18-128.11.1.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-128.11.1.el5.ia64.rpm kernel-debug-devel-2.6.18-128.11.1.el5.ia64.rpm kernel-debuginfo-2.6.18-128.11.1.el5.ia64.rpm kernel-debuginfo-common-2.6.18-128.11.1.el5.ia64.rpm kernel-devel-2.6.18-128.11.1.el5.ia64.rpm kernel-headers-2.6.18-128.11.1.el5.ia64.rpm kernel-xen-2.6.18-128.11.1.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-128.11.1.el5.ia64.rpm kernel-xen-devel-2.6.18-128.11.1.el5.ia64.rpm noarch: kernel-doc-2.6.18-128.11.1.el5.noarch.rpm ppc: kernel-2.6.18-128.11.1.el5.ppc64.rpm kernel-debug-2.6.18-128.11.1.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-128.11.1.el5.ppc64.rpm kernel-debug-devel-2.6.18-128.11.1.el5.ppc64.rpm kernel-debuginfo-2.6.18-128.11.1.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-128.11.1.el5.ppc64.rpm kernel-devel-2.6.18-128.11.1.el5.ppc64.rpm kernel-headers-2.6.18-128.11.1.el5.ppc.rpm kernel-headers-2.6.18-128.11.1.el5.ppc64.rpm kernel-kdump-2.6.18-128.11.1.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-128.11.1.el5.ppc64.rpm kernel-kdump-devel-2.6.18-128.11.1.el5.ppc64.rpm s390x: kernel-2.6.18-128.11.1.el5.s390x.rpm kernel-debug-2.6.18-128.11.1.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-128.11.1.el5.s390x.rpm kernel-debug-devel-2.6.18-128.11.1.el5.s390x.rpm kernel-debuginfo-2.6.18-128.11.1.el5.s390x.rpm kernel-debuginfo-common-2.6.18-128.11.1.el5.s390x.rpm kernel-devel-2.6.18-128.11.1.el5.s390x.rpm kernel-headers-2.6.18-128.11.1.el5.s390x.rpm kernel-kdump-2.6.18-128.11.1.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-128.11.1.el5.s390x.rpm kernel-kdump-devel-2.6.18-128.11.1.el5.s390x.rpm x86_64: kernel-2.6.18-128.11.1.el5.x86_64.rpm kernel-debug-2.6.18-128.11.1.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-128.11.1.el5.x86_64.rpm kernel-debug-devel-2.6.18-128.11.1.el5.x86_64.rpm kernel-debuginfo-2.6.18-128.11.1.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-128.11.1.el5.x86_64.rpm kernel-devel-2.6.18-128.11.1.el5.x86_64.rpm kernel-headers-2.6.18-128.11.1.el5.x86_64.rpm kernel-xen-2.6.18-128.11.1.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-128.11.1.el5.x86_64.rpm kernel-xen-devel-2.6.18-128.11.1.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://www.redhat.com/security/updates/classification/#important http://kbase.redhat.com/faq/docs/DOC-18042 http://kbase.redhat.com/faq/docs/DOC-20481 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLAsF1XlSAg2UNWIIRAn+QAJ9q1QgWep6/0FTG7iUtndIobPJ4JQCfQc5Y w5sHJL3QjRPyUPl6yzMMs08= =EUzh -----END PGP SIGNATURE----- From bugzilla at redhat.com Tue Nov 17 15:31:37 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 17 Nov 2009 10:31:37 -0500 Subject: [RHSA-2009:1588-02] Important: kernel security update Message-ID: <200911171531.nAHFVbqd008357@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Important: kernel security update Advisory ID: RHSA-2009:1588-02 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1588.html Issue date: 2009-11-17 CVE Names: CVE-2009-3547 ===================================================================== 1. Summary: Updated kernel packages that fix security issues are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4.7.z - i386, ia64, noarch, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux ES version 4.7.z - i386, ia64, noarch, x86_64 3. Description: The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * a NULL pointer dereference flaw was found in each of the following functions in the Linux kernel: pipe_read_open(), pipe_write_open(), and pipe_rdwr_open(). When the mutex lock is not held, the i_pipe pointer could be released by other processes before it is used to update the pipe's reader and writer counters. This could lead to a local denial of service or privilege escalation. (CVE-2009-3547, Important) Users should upgrade to these updated packages, which contain a backported patch to correct these issues. The system must be rebooted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 530490 - CVE-2009-3547 kernel: fs: pipe.c null pointer dereference 6. Package List: Red Hat Enterprise Linux AS version 4.7.z: Source: kernel-2.6.9-78.0.28.EL.src.rpm i386: kernel-2.6.9-78.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.28.EL.i686.rpm kernel-devel-2.6.9-78.0.28.EL.i686.rpm kernel-hugemem-2.6.9-78.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.28.EL.i686.rpm kernel-smp-2.6.9-78.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.28.EL.i686.rpm kernel-xenU-2.6.9-78.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.28.EL.i686.rpm ia64: kernel-2.6.9-78.0.28.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.28.EL.ia64.rpm kernel-devel-2.6.9-78.0.28.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.28.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.28.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.28.EL.noarch.rpm ppc: kernel-2.6.9-78.0.28.EL.ppc64.rpm kernel-2.6.9-78.0.28.EL.ppc64iseries.rpm kernel-debuginfo-2.6.9-78.0.28.EL.ppc64.rpm kernel-debuginfo-2.6.9-78.0.28.EL.ppc64iseries.rpm kernel-devel-2.6.9-78.0.28.EL.ppc64.rpm kernel-devel-2.6.9-78.0.28.EL.ppc64iseries.rpm kernel-largesmp-2.6.9-78.0.28.EL.ppc64.rpm kernel-largesmp-devel-2.6.9-78.0.28.EL.ppc64.rpm s390: kernel-2.6.9-78.0.28.EL.s390.rpm kernel-debuginfo-2.6.9-78.0.28.EL.s390.rpm kernel-devel-2.6.9-78.0.28.EL.s390.rpm s390x: kernel-2.6.9-78.0.28.EL.s390x.rpm kernel-debuginfo-2.6.9-78.0.28.EL.s390x.rpm kernel-devel-2.6.9-78.0.28.EL.s390x.rpm x86_64: kernel-2.6.9-78.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.28.EL.x86_64.rpm kernel-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-smp-2.6.9-78.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.28.EL.x86_64.rpm Red Hat Enterprise Linux ES version 4.7.z: Source: kernel-2.6.9-78.0.28.EL.src.rpm i386: kernel-2.6.9-78.0.28.EL.i686.rpm kernel-debuginfo-2.6.9-78.0.28.EL.i686.rpm kernel-devel-2.6.9-78.0.28.EL.i686.rpm kernel-hugemem-2.6.9-78.0.28.EL.i686.rpm kernel-hugemem-devel-2.6.9-78.0.28.EL.i686.rpm kernel-smp-2.6.9-78.0.28.EL.i686.rpm kernel-smp-devel-2.6.9-78.0.28.EL.i686.rpm kernel-xenU-2.6.9-78.0.28.EL.i686.rpm kernel-xenU-devel-2.6.9-78.0.28.EL.i686.rpm ia64: kernel-2.6.9-78.0.28.EL.ia64.rpm kernel-debuginfo-2.6.9-78.0.28.EL.ia64.rpm kernel-devel-2.6.9-78.0.28.EL.ia64.rpm kernel-largesmp-2.6.9-78.0.28.EL.ia64.rpm kernel-largesmp-devel-2.6.9-78.0.28.EL.ia64.rpm noarch: kernel-doc-2.6.9-78.0.28.EL.noarch.rpm x86_64: kernel-2.6.9-78.0.28.EL.x86_64.rpm kernel-debuginfo-2.6.9-78.0.28.EL.x86_64.rpm kernel-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-largesmp-2.6.9-78.0.28.EL.x86_64.rpm kernel-largesmp-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-smp-2.6.9-78.0.28.EL.x86_64.rpm kernel-smp-devel-2.6.9-78.0.28.EL.x86_64.rpm kernel-xenU-2.6.9-78.0.28.EL.x86_64.rpm kernel-xenU-devel-2.6.9-78.0.28.EL.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://www.redhat.com/security/updates/classification/#important http://kbase.redhat.com/faq/docs/DOC-20481 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLAsHPXlSAg2UNWIIRAnrUAJ4kZabgvSp+lrl8C90AgZpxkYp25gCgo4KI DDCDA11FNUHQsUDt6VPn4Bg= =yPx5 -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 18 12:55:12 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Wed, 18 Nov 2009 07:55:12 -0500 Subject: [RHSA-2009:1595-01] Moderate: cups security update Message-ID: <200911181255.nAICtHHj002285@int-mx08.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: cups security update Advisory ID: RHSA-2009:1595-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1595.html Issue date: 2009-11-18 CVE Names: CVE-2009-2820 CVE-2009-3553 ===================================================================== 1. Summary: Updated cups packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - x86_64 3. Description: The Common UNIX Printing System (CUPS) provides a portable printing layer for UNIX operating systems. A use-after-free flaw was found in the way CUPS handled references in its file descriptors-handling interface. A remote attacker could, in a specially-crafted way, query for the list of current print jobs for a specific printer, leading to a denial of service (cupsd crash). (CVE-2009-3553) Several cross-site scripting (XSS) flaws were found in the way the CUPS web server interface processed HTML form content. If a remote attacker could trick a local user who is logged into the CUPS web interface into visiting a specially-crafted HTML page, the attacker could retrieve and potentially modify confidential CUPS administration data. (CVE-2009-2820) Red Hat would like to thank Aaron Sigel of Apple Product Security for responsibly reporting the CVE-2009-2820 issue. Users of cups are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the update, the cupsd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 529833 - CVE-2009-2820 cups: Several XSS flaws in forms processed by CUPS web interface 530111 - CVE-2009-3553 cups: Use-after-free (crash) due improper reference counting in abstract file descriptors handling interface 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/cups-1.3.7-11.el5_4.4.src.rpm x86_64: cups-1.3.7-11.el5_4.4.x86_64.rpm cups-debuginfo-1.3.7-11.el5_4.4.i386.rpm cups-debuginfo-1.3.7-11.el5_4.4.x86_64.rpm cups-libs-1.3.7-11.el5_4.4.i386.rpm cups-libs-1.3.7-11.el5_4.4.x86_64.rpm cups-lpd-1.3.7-11.el5_4.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/cups-1.3.7-11.el5_4.4.src.rpm x86_64: cups-debuginfo-1.3.7-11.el5_4.4.i386.rpm cups-debuginfo-1.3.7-11.el5_4.4.x86_64.rpm cups-devel-1.3.7-11.el5_4.4.i386.rpm cups-devel-1.3.7-11.el5_4.4.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/cups-1.3.7-11.el5_4.4.src.rpm i386: cups-1.3.7-11.el5_4.4.i386.rpm cups-debuginfo-1.3.7-11.el5_4.4.i386.rpm cups-devel-1.3.7-11.el5_4.4.i386.rpm cups-libs-1.3.7-11.el5_4.4.i386.rpm cups-lpd-1.3.7-11.el5_4.4.i386.rpm ia64: cups-1.3.7-11.el5_4.4.ia64.rpm cups-debuginfo-1.3.7-11.el5_4.4.i386.rpm cups-debuginfo-1.3.7-11.el5_4.4.ia64.rpm cups-devel-1.3.7-11.el5_4.4.ia64.rpm cups-libs-1.3.7-11.el5_4.4.i386.rpm cups-libs-1.3.7-11.el5_4.4.ia64.rpm cups-lpd-1.3.7-11.el5_4.4.ia64.rpm ppc: cups-1.3.7-11.el5_4.4.ppc.rpm cups-debuginfo-1.3.7-11.el5_4.4.ppc.rpm cups-debuginfo-1.3.7-11.el5_4.4.ppc64.rpm cups-devel-1.3.7-11.el5_4.4.ppc.rpm cups-devel-1.3.7-11.el5_4.4.ppc64.rpm cups-libs-1.3.7-11.el5_4.4.ppc.rpm cups-libs-1.3.7-11.el5_4.4.ppc64.rpm cups-lpd-1.3.7-11.el5_4.4.ppc.rpm s390x: cups-1.3.7-11.el5_4.4.s390x.rpm cups-debuginfo-1.3.7-11.el5_4.4.s390.rpm cups-debuginfo-1.3.7-11.el5_4.4.s390x.rpm cups-devel-1.3.7-11.el5_4.4.s390.rpm cups-devel-1.3.7-11.el5_4.4.s390x.rpm cups-libs-1.3.7-11.el5_4.4.s390.rpm cups-libs-1.3.7-11.el5_4.4.s390x.rpm cups-lpd-1.3.7-11.el5_4.4.s390x.rpm x86_64: cups-1.3.7-11.el5_4.4.x86_64.rpm cups-debuginfo-1.3.7-11.el5_4.4.i386.rpm cups-debuginfo-1.3.7-11.el5_4.4.x86_64.rpm cups-devel-1.3.7-11.el5_4.4.i386.rpm cups-devel-1.3.7-11.el5_4.4.x86_64.rpm cups-libs-1.3.7-11.el5_4.4.i386.rpm cups-libs-1.3.7-11.el5_4.4.x86_64.rpm cups-lpd-1.3.7-11.el5_4.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2820 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3553 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLA+6dXlSAg2UNWIIRApCAAKCb4pVeXJBZPjxrsL27K5RwcVcweACfZjiS SEuMtBxc6GOnTiP5ePfAaaU= =Otyl -----END PGP SIGNATURE----- From bugzilla at redhat.com Wed Nov 25 00:03:02 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Tue, 24 Nov 2009 19:03:02 -0500 Subject: [RHSA-2009:1601-01] Critical: kdelibs security update Message-ID: <200911250003.nAP032j6002776@int-mx04.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: kdelibs security update Advisory ID: RHSA-2009:1601-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1601.html Issue date: 2009-11-24 CVE Names: CVE-2009-0689 ===================================================================== 1. Summary: Updated kdelibs packages that fix one security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: The kdelibs packages provide libraries for the K Desktop Environment (KDE). A buffer overflow flaw was found in the kdelibs string to floating point conversion routines. A web page containing malicious JavaScript could crash Konqueror or, potentially, execute arbitrary code with the privileges of the user running Konqueror. (CVE-2009-0689) Users should upgrade to these updated packages, which contain a backported patch to correct this issue. The desktop must be restarted (log out, then log back in) for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 539784 - CVE-2009-0689 kdelibs remote array overrun 6. Package List: Red Hat Enterprise Linux AS version 4: Source: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm i386: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm ia64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.ia64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm ppc: kdelibs-3.3.1-17.el4_8.1.ppc.rpm kdelibs-3.3.1-17.el4_8.1.ppc64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.ppc.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.ppc64.rpm kdelibs-devel-3.3.1-17.el4_8.1.ppc.rpm s390: kdelibs-3.3.1-17.el4_8.1.s390.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.s390.rpm kdelibs-devel-3.3.1-17.el4_8.1.s390.rpm s390x: kdelibs-3.3.1-17.el4_8.1.s390.rpm kdelibs-3.3.1-17.el4_8.1.s390x.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.s390.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.s390x.rpm kdelibs-devel-3.3.1-17.el4_8.1.s390x.rpm x86_64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm i386: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm x86_64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm i386: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm ia64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.ia64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm x86_64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: Source: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/kdelibs-3.3.1-17.el4_8.1.src.rpm i386: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-devel-3.3.1-17.el4_8.1.i386.rpm ia64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.ia64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.ia64.rpm kdelibs-devel-3.3.1-17.el4_8.1.ia64.rpm x86_64: kdelibs-3.3.1-17.el4_8.1.i386.rpm kdelibs-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.i386.rpm kdelibs-debuginfo-3.3.1-17.el4_8.1.x86_64.rpm kdelibs-devel-3.3.1-17.el4_8.1.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm i386: kdelibs-3.5.4-25.el5_4.1.i386.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm x86_64: kdelibs-3.5.4-25.el5_4.1.i386.rpm kdelibs-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm i386: kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm x86_64: kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kdelibs-3.5.4-25.el5_4.1.src.rpm i386: kdelibs-3.5.4-25.el5_4.1.i386.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.i386.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm ia64: kdelibs-3.5.4-25.el5_4.1.ia64.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.ia64.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.ia64.rpm kdelibs-devel-3.5.4-25.el5_4.1.ia64.rpm ppc: kdelibs-3.5.4-25.el5_4.1.ppc.rpm kdelibs-3.5.4-25.el5_4.1.ppc64.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.ppc.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.ppc.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.ppc64.rpm kdelibs-devel-3.5.4-25.el5_4.1.ppc.rpm kdelibs-devel-3.5.4-25.el5_4.1.ppc64.rpm s390x: kdelibs-3.5.4-25.el5_4.1.s390.rpm kdelibs-3.5.4-25.el5_4.1.s390x.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.s390x.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.s390.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.s390x.rpm kdelibs-devel-3.5.4-25.el5_4.1.s390.rpm kdelibs-devel-3.5.4-25.el5_4.1.s390x.rpm x86_64: kdelibs-3.5.4-25.el5_4.1.i386.rpm kdelibs-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-apidocs-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.i386.rpm kdelibs-debuginfo-3.5.4-25.el5_4.1.x86_64.rpm kdelibs-devel-3.5.4-25.el5_4.1.i386.rpm kdelibs-devel-3.5.4-25.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0689 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLDHQUXlSAg2UNWIIRApbsAKCkJt9H3OLAK7ijC4KYpKRdEtx5HQCgwlwV PCy3KpXsQxQkZHtJ0x0oViI= =KdlG -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 30 15:42:01 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Nov 2009 10:42:01 -0500 Subject: [RHSA-2009:1615-01] Moderate: xerces-j2 security update Message-ID: <200911301542.nAUFg1Xj014212@int-mx02.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: xerces-j2 security update Advisory ID: RHSA-2009:1615-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1615.html Issue date: 2009-11-30 CVE Names: CVE-2009-2625 ===================================================================== 1. Summary: Updated xerces-j2 packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The xerces-j2 packages provide the Apache Xerces2 Java Parser, a high-performance XML parser. A Document Type Definition (DTD) defines the legal syntax (and also which elements can be used) for certain types of files, such as XML files. A flaw was found in the way the Apache Xerces2 Java Parser processed the SYSTEM identifier in DTDs. A remote attacker could provide a specially-crafted XML file, which once parsed by an application using the Apache Xerces2 Java Parser, would lead to a denial of service (application hang due to excessive CPU use). (CVE-2009-2625) Users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the Apache Xerces2 Java Parser must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 512921 - CVE-2009-2625 OpenJDK: XML parsing Denial-Of-Service (6845701) 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xerces-j2-2.7.1-7jpp.2.el5_4.2.src.rpm i386: xerces-j2-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.i386.rpm x86_64: xerces-j2-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/xerces-j2-2.7.1-7jpp.2.el5_4.2.src.rpm i386: xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.i386.rpm x86_64: xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/xerces-j2-2.7.1-7jpp.2.el5_4.2.src.rpm i386: xerces-j2-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.i386.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.i386.rpm ia64: xerces-j2-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.ia64.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.ia64.rpm ppc: xerces-j2-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.ppc.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.ppc.rpm s390x: xerces-j2-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.s390x.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.s390x.rpm x86_64: xerces-j2-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-debuginfo-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-demo-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-apis-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-impl-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-other-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-javadoc-xni-2.7.1-7jpp.2.el5_4.2.x86_64.rpm xerces-j2-scripts-2.7.1-7jpp.2.el5_4.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2625 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLE+e8XlSAg2UNWIIRArj1AJ9D7XYdGZq4f5t3oRZAS2QlvaOq9QCfRGc6 WQuAHppwz6F5zbI46BHKpec= =ezs7 -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 30 15:43:37 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Nov 2009 10:43:37 -0500 Subject: [RHSA-2009:1619-01] Moderate: dstat security update Message-ID: <200911301543.nAUFhbQO021424@int-mx01.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: dstat security update Advisory ID: RHSA-2009:1619-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1619.html Issue date: 2009-11-30 CVE Names: CVE-2009-3894 ===================================================================== 1. Summary: An updated dstat package that fixes one security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux (v. 5 server) - noarch Red Hat Enterprise Linux Desktop (v. 5 client) - noarch 3. Description: Dstat is a versatile replacement for the vmstat, iostat, and netstat tools. Dstat can be used for performance tuning tests, benchmarks, and troubleshooting. Robert Buchholz of the Gentoo Security Team reported a flaw in the Python module search path used in dstat. If a local attacker could trick a local user into running dstat from a directory containing a Python script that is named like an importable module, they could execute arbitrary code with the privileges of the user running dstat. (CVE-2009-3894) All dstat users should upgrade to this updated package, which contains a backported patch to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 538459 - CVE-2009-3894 dstat insecure module search path 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/dstat-0.6.6-3.el5_4.1.src.rpm noarch: dstat-0.6.6-3.el5_4.1.noarch.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/dstat-0.6.6-3.el5_4.1.src.rpm noarch: dstat-0.6.6-3.el5_4.1.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3894 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLE+gYXlSAg2UNWIIRAr8iAJ4sJyTH6JKXhhVQ6BmqZQB614VWcgCdEbd0 pdjTrNWrUgFaLQWp0EhGX1U= =FRhK -----END PGP SIGNATURE----- From bugzilla at redhat.com Mon Nov 30 15:44:11 2009 From: bugzilla at redhat.com (bugzilla at redhat.com) Date: Mon, 30 Nov 2009 10:44:11 -0500 Subject: [RHSA-2009:1620-01] Moderate: bind security update Message-ID: <200911301544.nAUFiBsr005386@int-mx05.intmail.prod.int.phx2.redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: bind security update Advisory ID: RHSA-2009:1620-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2009-1620.html Issue date: 2009-11-30 CVE Names: CVE-2009-4022 ===================================================================== 1. Summary: Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. Michael Sinatra discovered that BIND was incorrectly caching responses without performing proper DNSSEC validation, when those responses were received during the resolution of a recursive client query that requested DNSSEC records but indicated that checking should be disabled. A remote attacker could use this flaw to bypass the DNSSEC validation check and perform a cache poisoning attack if the target BIND server was receiving such client queries. (CVE-2009-4022) All BIND users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the BIND daemon (named) will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 538744 - CVE-2009-4022 bind: cache poisoning using not validated DNSSEC responses 6. Package List: Red Hat Enterprise Linux Desktop (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-4.P1.el5_4.1.src.rpm i386: bind-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm bind-sdb-9.3.6-4.P1.el5_4.1.i386.rpm bind-utils-9.3.6-4.P1.el5_4.1.i386.rpm x86_64: bind-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm bind-libs-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-sdb-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-utils-9.3.6-4.P1.el5_4.1.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/bind-9.3.6-4.P1.el5_4.1.src.rpm i386: bind-chroot-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.i386.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.i386.rpm x86_64: bind-chroot-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-devel-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.x86_64.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/bind-9.3.6-4.P1.el5_4.1.src.rpm i386: bind-9.3.6-4.P1.el5_4.1.i386.rpm bind-chroot-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm bind-sdb-9.3.6-4.P1.el5_4.1.i386.rpm bind-utils-9.3.6-4.P1.el5_4.1.i386.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.i386.rpm ia64: bind-9.3.6-4.P1.el5_4.1.ia64.rpm bind-chroot-9.3.6-4.P1.el5_4.1.ia64.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.ia64.rpm bind-devel-9.3.6-4.P1.el5_4.1.ia64.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.ia64.rpm bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm bind-libs-9.3.6-4.P1.el5_4.1.ia64.rpm bind-sdb-9.3.6-4.P1.el5_4.1.ia64.rpm bind-utils-9.3.6-4.P1.el5_4.1.ia64.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.ia64.rpm ppc: bind-9.3.6-4.P1.el5_4.1.ppc.rpm bind-chroot-9.3.6-4.P1.el5_4.1.ppc.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.ppc.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.ppc64.rpm bind-devel-9.3.6-4.P1.el5_4.1.ppc.rpm bind-devel-9.3.6-4.P1.el5_4.1.ppc64.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.ppc.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.ppc64.rpm bind-libs-9.3.6-4.P1.el5_4.1.ppc.rpm bind-libs-9.3.6-4.P1.el5_4.1.ppc64.rpm bind-sdb-9.3.6-4.P1.el5_4.1.ppc.rpm bind-utils-9.3.6-4.P1.el5_4.1.ppc.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.ppc.rpm s390x: bind-9.3.6-4.P1.el5_4.1.s390x.rpm bind-chroot-9.3.6-4.P1.el5_4.1.s390x.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.s390.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.s390x.rpm bind-devel-9.3.6-4.P1.el5_4.1.s390.rpm bind-devel-9.3.6-4.P1.el5_4.1.s390x.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.s390.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.s390x.rpm bind-libs-9.3.6-4.P1.el5_4.1.s390.rpm bind-libs-9.3.6-4.P1.el5_4.1.s390x.rpm bind-sdb-9.3.6-4.P1.el5_4.1.s390x.rpm bind-utils-9.3.6-4.P1.el5_4.1.s390x.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.s390x.rpm x86_64: bind-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-chroot-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.i386.rpm bind-debuginfo-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-devel-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.i386.rpm bind-libbind-devel-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-libs-9.3.6-4.P1.el5_4.1.i386.rpm bind-libs-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-sdb-9.3.6-4.P1.el5_4.1.x86_64.rpm bind-utils-9.3.6-4.P1.el5_4.1.x86_64.rpm caching-nameserver-9.3.6-4.P1.el5_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://www.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/security/team/contact/ Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFLE+gvXlSAg2UNWIIRAoVvAJ97KKl22lEjAyY2wJhZRmXdLKtf1ACgrdST pRdevA9aKHNBnl92F8QK8tg= =fgMX -----END PGP SIGNATURE-----